scispace - formally typeset
Search or ask a question
Topic

Otway–Rees protocol

About: Otway–Rees protocol is a research topic. Over the lifetime, 1975 publications have been published within this topic receiving 40569 citations.


Papers
More filters
Proceedings ArticleDOI
01 Jul 2017
TL;DR: This paper applies Communicating Sequential Processes (CSP) to model the security protocol, and uses the model checker Process Analysis Toolkit (PAT) to automatically simulate the developed model, and shows that a risk may exist in this security protocol.
Abstract: The security protocol is proposed as a security solution for end-to-end communication between smart grid applications in the EU FP7 project C-DAX. Since the importance and widespread use of the security protocol, it is of great significance to formally analyze and verify relevant security properties of this security protocol. In this paper, we apply Communicating Sequential Processes (CSP) to model the security protocol. Further, we use the model checker Process Analysis Toolkit (PAT) to automatically simulate the developed model, and verify whether the model caters for the specification and relevant secure properties, e.g. reachability of the fake goal. Our modeling and verification show that a risk may exist in the security protocol.
Proceedings ArticleDOI
14 Dec 2013
TL;DR: The concepts such as the key freshness, the key sharing and the public key ownership are discussed, and the parameters describing these beliefs are defined, and security protocol formalization based on belief is proposed.
Abstract: In order to solve the problem which is easy to be overlooked in designing the security protocol, this paper discusses the concepts such as the key freshness, the key sharing and the public key ownership. This paper defines the parameters describing these beliefs, and then proposes security protocol formalization based on belief. Use the method to design security protocols, which can improve the ability of anti-attack to the security protocol.
Book ChapterDOI
14 Sep 2012
TL;DR: This paper analyzes vulnerabilities of EAP-AKA, and proposes a new authentication and key agreement protocol based on certificateless public key cryptography in Trusted Network Connect (TNC) architecture that combines D-H key exchange algorithm to overcome several vulnerabilities and provides strong security mutual-authentication between requestor and responder.
Abstract: The incorporation of The Third Generation (3G) networks with Wireless Local Area Networks (WLAN) is an inevitable outcome of mobile communication and wireless network development, and provides high quality services and anywhere-anytime connectivity to mobile users. To provide secure and trusted 3G-WLAN network, Extensible Authentication Protocol-Authentication and Key Agreement (EAP-AKA) is now used. However, EAP-AKA have several vulnerabilities, which can induce security threaten and lower efficiency of 3G-WLAN. Therefore, this paper analyzes vulnerabilities of EAP-AKA firstly, and proposes a new authentication and key agreement protocol based on certificateless public key cryptography in Trusted Network Connect (TNC) architecture. The proposed protocol combines D-H key exchange algorithm to overcome several vulnerabilities and provides strong security mutual-authentication between requestor and responder. Compared with other protocols based on public key cryptosystem with certificates, our protocol can also provide lightweight bandwidth consumption and high-level security.
Proceedings ArticleDOI
15 Dec 2007
TL;DR: This work creatively uses both asymmetric-key and symmetric-keys algorithms to make the protocol more security and suffice severe resource constraints, limited computation, memory, and communication capacities.
Abstract: We present a security protocol for ubiquitous computing. It provides data authentication, and data freshness besides unobtrusiveness that is the essential property of ubiquitous computing. We creatively use both asymmetric-key and symmetric-key algorithms to make the protocol more security and suffice severe resource constraints, limited computation, memory, and communication capacities.
Proceedings ArticleDOI
19 Dec 2008
TL;DR: The mechanism of MTPsec is discussed, the security of KE protocol is analyzed, and it is shown that the modified protocol can offer the secure authentications between the initiator and the responder.
Abstract: Mobile core network uses signaling system no. 7 (SS7) as its signaling system. SS7 takes charge of call setup, roaming, teardown messages, database queries and so on, and becomes the important goals of the attackers or the stealers as there is a large number of userpsilas information, such as identity, location, and service, contained in signaling messages. The use of MTPsec at MTP3 layer in SS7 protocol stack is a good solution to provide secure protection for signaling messages in 3G core network. MTPsec consists of key exchange (KE) protocol and authentication header (AH) protocol. However, some leaks in KE protocol make the core network face serious threats. In this paper, we firstly discuss the mechanism of MTPsec, analyze the security of KE protocol, and then point out that the flaw in KE may cause ldquoman-in-middle attackrdquo. Secondly, we propose a possible modification to prevent the MTPsec protocol from the attacks. Finally, we use BAN logic to make formal analysis on the security of the original and the modified authentication protocols in KE, respectively. It is shown that the modified protocol can offer the secure authentications between the initiator and the responder.

Network Information
Related Topics (5)
Server
79.5K papers, 1.4M citations
86% related
Encryption
98.3K papers, 1.4M citations
86% related
Wireless ad hoc network
49K papers, 1.1M citations
85% related
Mobile computing
51.3K papers, 1M citations
84% related
Wireless sensor network
142K papers, 2.4M citations
84% related
Performance
Metrics
No. of papers in the topic in previous years
YearPapers
20239
202236
20211
20194
201812
201795