Topic
Otway–Rees protocol
About: Otway–Rees protocol is a research topic. Over the lifetime, 1975 publications have been published within this topic receiving 40569 citations.
Papers published on a yearly basis
Papers
More filters
TL;DR: This paper presents a remote user authentication protocol based on smart card which can deal with many kinds of attacks and is more suitable for the practical application.
Abstract: The authentication technology based on smart card and password is simple and effective, it can be applied to verify the remote user's legal identity and prevent unauthorized users to access resources in insecure network environment. Nowdays, many experts and scholars have put forward authentication schemes based on cryptography. However, the study found that these mechanisms are vulnerable to various malicious attacks and safety needs to be further improved. This paper presents a remote user authentication protocol based on smart card which can deal with many kinds of attacks. At the same time, the security and performance analysis of this scheme have been taken. Compared to other authentication mechanisms, our proposed scheme can withstand many kinds of malicious attacks and it is more suitable for the practical application.
01 Jan 2006
TL;DR: It is shown that the end-to-end security protocol for mobile communications with end-user identification authentication due to Zhou et al. has a serious flaw, it suffers from the impersonation attack and the protocol cannot achieve the claimed security.
Abstract: Summary In this paper, we show that the end-to-end security protocol for mobile communications with end-user identification authentication due to Zhou et al. [1] has a serious flaw, it suffers from the impersonation attack. The protocol cannot achieve the claimed security.
Journal Article•
TL;DR: An efficient password based authentication protocol for multiserver architecture that provides mutual authentication using user system and is based on Elliptic Curve Cryptography, therefore offers best security at a low cost.
Abstract: We have reached an era where desired web services are available over the networks by click of a button. In such a scenario, remote user authentication plays the most important role in identifying the legitimate users of a web service on the Internet. Researchers have proposed a number of password based authentication schemes which rely on single server for authentication. But, with tremendous advancements in technology, it is possible to engage multiple servers in authenticating their clients in order to achieve better security. In this paper, we propose an efficient password based authentication protocol for multiserver architecture. The protocol provides mutual authentication using user system and is based on Elliptic Curve Cryptography, therefore offers best security at a low cost. In 2011, Sood et al. proposed a multi-server architecture protocol using user systems. In this paper, we improve Sood et al. scheme by increasing its security and reducing the computation cost. The protocol is based on the concept of dynamic identity that uses a nonce based system and has no time synchronization problem.
20 Oct 2008
TL;DR: An on-the-fly model checking method based on the pushdown system to verify the authentication of recursive protocols with an unbounded number of principals and finds the recursive authentication protocol has a flaw in the sense of correspondence assertion.
Abstract: Authentication and secrecy have been widely investigated in security protocols. They are closely related to each other and variants of definitions have been proposed, which focus on the concepts of corresponding assertion and key distribution. This paper proposes an on-the-fly model checkingmethod based on the pushdown system to verify the authentication of recursive protocols with an unbounded number of principals. By experiments of the Maude implementation, we find the recursive authentication protocol, which was verified in the sense of (weak) key distribution, has a flaw in the sense of correspondence assertion.
01 Jan 2005
TL;DR: A password-based authentication and key exchange protocol suitable to construct a secure connection for regular communication security and to overcomethedrawback of password- based protocols causing by shortlength and randomness ofpassword is proposed.
Abstract: WLAN technologies arebecoming popular and thedevice arewidely usedeverywhere nowadays, somore attentions arepaidtowhenitcomestowireless security. Sincethecurrent security protocol inIEEE802.11 namely WiredEquivalent Privacy isknowntobequite insecure, the IEEE802.1x andIEEE802.11i wereproposed toresolve someproblems in802.11. However, the802.1x still havesome drawbacks andcouldbe hijacked through middleof communication session. In thispaper,we proposed a password-based authentication andkeyexchange protocol suitable to construct a secureconnection forregular communication security. To overcomethedrawbackof password-based protocols causing by shortlength and randomness ofpassword, theproposed protocol usesthe signature techniques ofECDSA andtheauthentication protocol SRPbasedonDiffie-Hellman keyexchange method. Keywords: WLAN,WEP,802.1x, SRP,ECDSA