Otway–Rees protocol

About: Otway–Rees protocol is a research topic. Over the lifetime, 1975 publications have been published within this topic receiving 40569 citations.

Cryptanalysis of smart-card-based password authenticated key agreement protocol for session initiation protocol of Zhang et al.

Abstract: As the core signaling protocol for multimedia services, such as voice over internet protocol, the session initiation protocol SIP is receiving much attention and its security is becoming increasingly important. It is critical to develop a roust user authentication protocol for SIP. The original authentication protocol is not strong enough to provide acceptable security level, and a number of authentication protocols have been proposed to strengthen the security. Recently, Zhang et al. proposed an efficient and flexible smart-card-based password authenticated key agreement protocol for SIP. They claimed that the protocol enjoys many unique properties and can withstand various attacks. However, we demonstrate that the scheme by Zhang et al. is insecure against the malicious insider impersonation attack. Specifically, a malicious user can impersonate other users registered with the same server. We also proposed an effective fix to remedy the flaw, which remedies the security flaw without sacrificing the efficiency. The lesson learned is that the authenticators must be closely coupled with the identity, and we should prevent the identity from being separated from the authenticators in the future design of two-factor authentication protocols. Copyright © 2014 John Wiley & Sons, Ltd.

The improved Bostrom-Felbinger protocol against attacks without eavesdropping

Abstract: In this paper, by introducing the additional classical information and taking advantage of the property of quantum entanglement swapping of two photon pairs instead of the property of quantum entanglement of a photon pair, the Bostrom-Felbinger protocol [Phys. Rev. Lett. 89, 187902 (2002)] is improved. In the improved protocol, when the photon travels from the message receiver's site to the message sender's site, any attack can be detected in the control mode. Moreover, it is deterministically successful to transmit the secret messages in the message mode. The security of the present improved protocol against the eavesdropping is ensured by the Bostrom-Felbinger protocol, and besides, the attacks proposed by Cai [Phys. Rev. Lett. 90, 109801 (2003)] to attack the Bostrom-Felbinger protocol without eavesdropping can be prevented.

An efficient and secure RFID authentication protocol using elliptic curve cryptography

Abstract: Radio frequency identification (RFID) is a relatively new technology widely deployed in many applications. Due to several advantages of the technology including decreased costs and increased speed, different organizations and industries show interest in it, and its application range is gradually developing. Some of the main problems of RFID are security and privacy. The implementation of authentication protocols is a flexible and effective way to solve these problems. Several authentication protocols of RFID are based on hash functions or symmetric cryptography. According to the small size of the key, efficient computations, and high security in the elliptic curve cryptography (ECC), its use has increased. Recently some certain ECC-based authentication protocols have been represented. In this paper, a RFID authentication protocol is presented using ECC for mutual authentication to overcome weaknesses of the existing authentication protocols. It has been shown that the proposed protocol satisfies security requirements of RFID authentication protocol and prevents different attacks on RFID systems. Also, the proposed authentication protocol has been analyzed in terms of computational costs, communication costs, and storage requirements. The results revealed that the proposed authentication protocol is an appropriate model for RFID tags with limited resources.

An optimal non-interactive message authentication protocol

Abstract: Vaudenay recently proposed a message authentication protocol which is interactive and based on short authenticated strings (SAS). We study here SAS-based non-interactive message authentication protocols (NIMAP). We start by the analysis of two popular non-interactive message authentication protocols. The first one is based on a collision-resistant hash function and was presented by Balfanz et al. The second protocol is based on a universal hash function family and was proposed by Gehrmann, Mitchell, and Nyberg. It uses much less authenticated bits but requires a stronger authenticated channel. We propose a protocol which can achieve the same security as the first protocol but using less authenticated bits, without any stronger communication model, and without requiring a hash function to be collision-resistant. Finally, we demonstrate the optimality of our protocol.