Topic
Otway–Rees protocol
About: Otway–Rees protocol is a research topic. Over the lifetime, 1975 publications have been published within this topic receiving 40569 citations.
Papers published on a yearly basis
Papers
More filters
20 Jun 2007
TL;DR: The paper discusses the peculiarities of modern information systems, problems with traditional authentication protocols and introduces a new authentication protocol that allows transparent secure authentication in dynamic distributed information systems.
Abstract: The paper discusses the peculiarities of modern information systems, problems with traditional authentication protocols and introduces a new authentication protocol that allows transparent secure authentication in dynamic distributed information systems. Approaches to reasoning about authentication protocols are described and the proposed protocol is analyzed according to them.
11 Oct 2012
TL;DR: TLA, which is a powerful tool for formal analysis, is applied to analyze network protocols to detect vulnerabilities of a protocol effectively with the TLA, with the Kerberos protocol being taken as an example.
Abstract: Network protocol vulnerability detection is paramount to network security. Formalization provides an important way for vulnerability detection. In this paper, we apply TLA, which is a powerful tool for formal analysis, to analyze network protocols. An approach is proposed that aims to detect vulnerabilities of a protocol effectively with the TLA, with the Kerberos protocol being taken as an example. Firstly, roles for the protocol, especially those related to intruders, are created. Then actions of the roles are specified. Sessions among the roles are built. And environment parameters are set. A prototype program is developed to implement the approach, which covers the model and the detection properties of the protocol. Experiments show that our approach is effective and powerful in specifying and checking a protocol, and it is better than SPIN and SMV.
Journal Article•
TL;DR: This paper deals with the influence of using the SSL protocol on the response time to the query sent to the computer management system by a user located in The Wide Area Network.
Abstract: Information security is one of the essential issues in contemporary computer systems. One of the main risks appearing in the networks is to obtain the access to the transmitted data. There is no data encryption mechanism in the TCP/IP protocol standard. The SSL protocol is one of the known method to ensure the security of the transmitted data. Employing the SSL protocol is the universally accepted tool to grant security in the computer management systems. This paper deals with the influence of using the SSL protocol on the response time to the query sent to the computer management system by a user located in The Wide Area Network. The results of the measurement in the real environment are presented.
08 Dec 2022
TL;DR: In this article , the authors conducted a formal analysis of the protocol proposed by Datta using Scyther tool and later found an attack compromising the security of protocol i.e., man-in-the-middle attack and modified Datta's protocol to cope with this attack.
Abstract: The Internet as a communication medium has become a common thing in society. Communicating via the Internet requires a communication service where users are obliged to have an account. The login process to an account usually uses a password authentication protocol that is not provably secure. Datta offers Zero-Knowledge Password Authentication Protocol, an alternative protocol claimed to be safer. We conducted a formal analysis of the protocol proposed by Datta using Scyther tool and later found an attack compromising the security of the protocol i.e., man-in-the-middle attack. Furthermore, we modified Datta's protocol to cope with this attack.