Otway–Rees protocol

About: Otway–Rees protocol is a research topic. Over the lifetime, 1975 publications have been published within this topic receiving 40569 citations.

Passive cryptanalysis of the unconditionally secure authentication protocol for RFID systems

Abstract: Recently, Alomair et al. proposed the first UnConditionally Secure mutual authentication protocol for low-cost RFID systems(UCSRFID). The security of the UCS-RFID relies on five dynamic secret keys which are updated at every protocol run using a fresh random number (nonce) secretly transmitted from a reader to tags. Our results show that, at the highest security level of the protocol (security parameter= 256), inferring a nonce is feasible with the probability of 0.99 by eavesdropping(observing) about 90 runs of the protocol. Finding a nonce enables a passive attacker to recover all five secret keys of the protocol. To do so, we propose a three-phase probabilistic approach in this paper. Our attack recovers the secret keys with a probability that increases by accessing more protocol runs. We also show that tracing a tag using this protocol is also possible even with less runs of the protocol.

Security Analysis and Improvement of Secure and Dynamic Clustering Protocol

Abstract: In this paper, we analyze a secure and dynamic clustering protocol SecDEACH. Through analysis, we show that the protocol is vulnerable to the wormhole attack since it does not consider the verification of the neighbor nodes within its radio range. We give a wormhole attack to the protocol and propose an improved version which can keep the frame of the SecDEACH protocol and overcome the security shortages. Finally, we make an analysis of the improved protocol and conclude the paper.

Universally Composable Secure Mutual Password-authenticated Key Exchange Protocol

Abstract: )To solve the problem that mutual authentication is lacked in many existing Password-authenticated Key Exchange(PAKE) protocol, this paper proposes an Universally Composable(UC) secure Mutual Password-authenticated Key Exchange(MPAKE) protocol. An ideal function of PAKE protocol with mutual authentication is defined, the mutual authentication between entities is described explicitly in the defined function, and a new protocol which achieves the ideal function is constructed based on the Joint state UC(JUC) model. So the shared parameters can be used to facilitate the protocol between entities. The new protocol can realize mutual authentication based on password and a session key can also be negotiated. The emulator and its operations are constructed, and its indistinguishability is analyzed. Thus the constructed new PAKE protocol with mutual authentication is proved to be UC secure and simple structure, and the security of protocol is realized when running in parallel in any multi-party environment.

Anonymity in Network Connections for Mobile Communication

Abstract: This thesis summarizes an existing protocol, that we have chosen to call the Token Key Agreement protocol. It then goes on to introduce two new protocols we have chosen to name the Symmetric Key Agreement protocol and the Asymmetric Key Agreement protocol. We are working within the UC framework, and as such introduce ideal functionalities and protocol descriptions for the protocols. For the first protocol we also introduce a simulated adversary. Further, the paper includes an overview of the security offered by the three protocols.

An Improved ID-Based Authentication and Key Distribution Protocol

Abstract: It has been pointed out that the Shieh-Yang-Sun ID-based authentication and key distribution protocol is vulnerable to the replay attack and the unknown key share attack We further demonstrate that the protocol is vulnerable to the forgery attack, too In addition, we describe an improved protocol that has better resistance ability to these attacks