Otway–Rees protocol

About: Otway–Rees protocol is a research topic. Over the lifetime, 1975 publications have been published within this topic receiving 40569 citations.

Role-based authentication protocol

Abstract: The paper proposes a new role-based authentication protocol, which is different from identity-based authentication model. The protocol does not disclose any unique identifier that is bound to user's identity. By verifying user's role the protocol can convince service the user is valid and his role is acceptable. Protocol can achieve the goal of authentication and meet identity privacy requirement at the same time. Protocol analysis indicates the protocol is easy to cooperate with role-based authorization and is safer than multi-server authentication schema. Simulation proves the protocol satisfies both authentication and identity privacy requirements. Protocol is safe and easy to realize. Copyright © 2010 John Wiley & Sons, Ltd.

On the Security of a Lightweight Three-Factor-Based User Authentication Protocol for Wireless Sensor Networks

Abstract: AbstractIn 2020, Yu et al. proposed a secure, lightweight three-factors user authentication protocol named SLUA-WSA for wireless sensor networks. SLUA-WSA can effectively prevent security threats, ensure anonymity, untraceability, and mutual authentication. However, in this paper, we demonstrate that Yu et al.’s protocol is still vulnerable to known session-specific temporary information attacks.

Verification of a Function-based Security Authentication Protocol for Implantable Medical Devices

Abstract: Recent advancement of USN technology has lent itself to the evolving communication technology for implantable devices in the field of medical service. The wireless transmission section for communication between implantable medical devices and patients is a cause of concern over invasion of privacy, resulting from external attackers’ hacking and thus leakage of private medical information. In addition, any attempt to manipulate patients’ medical information could end up in serious medical issues. The present study proposes an authentication protocol safe against intruders’ attacks when RFID/USN technology is applied to implantable medical devices. Being safe against spoofing, information exposure and eavesdropping attacks, the proposed protocol is based on hash-function operation and adopts session keys and random numbers to prevent re-encryption. This paper verifies the security of the proposed protocol using the formal verification tool, Casper/FDR.

Session Initiation Protocol Attacks and Challenges

Abstract: In recent years, Session Initiation Protocol (SIP) has become widely used in current internet protocols. It is a text-based protocol much like Hyper Text Transport Protocol (HTTP) and Simple Mail Transport Protocol (SMTP). SIP is a strong enough signaling protocol on the internet for establishing, maintaining, and terminating session. In this paper the areas of security and attacks in SIP are discussed. We consider attacks from diverse related perspectives. The authentication schemes are compared, the representative existing solutions are highlighted, and several remaining research challenges are identified. Finally, the taxonomy of SIP threat will be presented.

Attack and Improvement of the Secure Password Authentication Protocol in Wireless Networks

Abstract: Password authentication protocols are widely used mechanisms to authenticate identities in networks. In 2006, Yoon et al. proposed a secure password authentication protocol in wireless networks that fixed the drawback of Ma et al.’s protocol. In this article we show that the Yoon et al.’s protocol is still vulnerable to the off-line password guessing attack. We propose an improvement to solve the problem. The improvement protocol is secure while the computation cost is the same with Yoon et al.’s protocol.