Otway–Rees protocol

About: Otway–Rees protocol is a research topic. Over the lifetime, 1975 publications have been published within this topic receiving 40569 citations.

A new authentication mechanism and key agreement protocol for SIP using identity-based cryptography

Abstract: The Session Initiation Protocol (SIP) protocol is commonly used to establish Voice over IP (VoIP) calls. IETF SIP standards do not specify a secure authentication process thus allowing malicious parties to impersonate other parties or to charge calls to other parties. This paper proposes an extension to the SIP protocol that uses an identity-based authentication mechanism and key agreement protocol. These extensions provide stronger cryptographic assurances for VoIP authentication and enable provably secure key agreement between users. The use of ID based cryptography means that a large Public Key Infrastructure (PKI) is not required thus making this protocol viable for large scale implementation.

A computational analysis of the Needham-Schroeder-(Lowe) protocol

Abstract: We provide the first computational analysis of the well known Needham-Schroeder-(Lowe) protocol. We show that Lowe's attack to the original protocol can naturally be cast to the computational framework. Then we prove that chosen-plaintext security for encryption schemes is not sufficient to ensure soundness of formal proofs with respect to the computational setting, by exhibiting an attack against the corrected version of the protocol implemented using an ElGamal encryption scheme. Our main result is a proof that, when implemented using an encryption scheme that satisfies indistinguishability under chosen-ciphertext attack, the Needham-Schroeder-Lowe protocol is indeed a secure mutual authentication protocol. The technicalities of our proof reveal new insights regarding the relation between formal and computational models for system security.

A simple logic for authentication protocol design

Abstract: The authors describe a simple logic. The logic uses the notion of channels that are generalisations of communication links with various security properties. The abstract nature of channels enables one to treat the protocol at a higher abstraction level than do most of the known logics for authentication, and thus, one can address the higher level functional properties of the system, without having to be concerned with the problems of the actual implementation. The major advantage of the proposed logic is its suitability for the design of authentication protocols. They give a set of synthetic rules that can be used by protocol designers to construct a protocol in a systematic way.

A Secure and Efficient Communication Scheme with Authenticated Key Establishment Protocol for Road Networks

Abstract: The authentication protocols are trusted components in a communication system in order to protect sensitive information against a malicious adversary in the road network environment by means of providing a variety of services including users' privacy and authentication. Authenticated key agreement protocol is a useful cryptographic primitive, which can be used to protect the confidentiality, integrity and authenticity for transmitted data over insecure networks. From the point of view of the management of pre-shared secrets, one of the advantages of three-party authenticated key agreement protocols is that they are more suitable for use in a network with large numbers of users compared with two-party authenticated key agreement protocols. Using smart cards is a practical, secure measure to protect the secret private keys of a user. In this paper, we introduce an Authentication key establishment protocol for IPv6-based Road networks. In this architecture, a mobile vehicle obtains a unique address from a neighbor mobile vehicle or a road side unit without duplicate address detection, and the leaving mobile vehicle's address space can be automatically reclaimed for reassignment. If the next mobile vehicle located is in transmission range, then the mobile vehicle forwards the packets; if not, then it carries the packets until meeting. The carry mostly occurs on sparsely populated road segments; with long carry distances having long end-to-end packet delays. On the other hand, we also describe a new authentication method based on a cryptographic protocol including a zero-knowledge proof that each node must use to convince another node on the possession of certain secret without revealing anything about it, which allows encrypted communication during authentication. The proposed protocol featured with the following characteristics: Firstly, it offers anonymous authentication: a message issuer can authenticate itself. Secondly, it provides confidential: the secrecy of the communication content can be protected. The address configuration scheme must lower the cost in order to enhance the scalability. Thirdly, it is efficient: it achieves low storage requirements, fast message verification and cost-effective identity tracking in case of a dispute. In this paper, we evaluate the performance of this protocol. The data results show that protocol effectively improves the address configuration performance and our scheme is secure against passive and active attacks. Our scheme provides high security along with low computational and communication costs. As a result, our scheme is practically suitable for mobile devices in the road network environment as compared to other related schemes in the literature.

A Mutual Authentication Framework for Wireless Medical Sensor Networks

Abstract: Wireless medical sensor networks (WMSN) comprise of distributed sensors, which can sense human physiological signs and monitor the health condition of the patient. It is observed that providing privacy to the patient's data is an important issue and can be challenging. The information passing is done via the public channel in WMSN. Thus, the patient, sensitive information can be obtained by eavesdropping or by unauthorized use of handheld devices which the health professionals use in monitoring the patient. Therefore, there is an essential need of restricting the unauthorized access to the patient's medical information. Hence, the efficient authentication scheme for the healthcare applications is needed to preserve the privacy of the patients' vital signs. To ensure secure and authorized communication in WMSN, we design a symmetric key based authentication protocol for WMSN environment. The proposed protocol uses only computationally efficient operations to achieve lightweight attribute. We analyze the security of the proposed protocol. We use a formal security proof algorithm to show the scheme security against known attacks. We also use the Automated Validation of Internet Security Protocols and Applications (AVISPA) simulator to show protocol secure against man-in-the-middle attack and replay attack. Additionally, we adopt an informal analysis to discuss the key attributes of the proposed scheme. From the formal proof of security, we can see that an attacker has a negligible probability of breaking the protocol security. AVISPA simulator also demonstrates the proposed scheme security against active attacks, namely, man-in-the-middle attack and replay attack. Additionally, through the comparison of computational efficiency and security attributes with several recent results, proposed scheme seems to be battered.