Otway–Rees protocol

About: Otway–Rees protocol is a research topic. Over the lifetime, 1975 publications have been published within this topic receiving 40569 citations.

Safely composing security protocols

Abstract: Security protocols are small programs that are executed in hostile environments. Many results and tools have been developed to formally analyze the security of a protocol. However even when a protocol has been proved secure, there is absolutely no guarantee if the protocol is executed in an environment where other protocols, possibly sharing some common identities and keys like public keys or long-term symmetric keys, are executed. In this paper, we show that whenever a protocol is secure, it remains secure even in an environment where arbitrary protocols are executed, provided each encryption contains some tag identifying each protocol, like e.g. the name of the protocol.

Robust authentication and key agreement protocol for net-generation wireless networks

Abstract: Embodiments of the invention may be used to provide an authentication and key agreement protocol that is more robust against base station, replay and other attacks compared to previously known systems. The nonce-based authentication and key agreement protocol provides security against such attacks while avoiding the problems that arise in systems that use sequence number counters on the home environment and mobile station-sides. In an embodiment, a nonce that is transmitted from the user to the home environment through the serving network, as well as subsequent values for the nonce that are derived from the initial nonce, are used as indices for authentication vectors.

Zero-Knowledge Authentication Protocol Based on Alternative Mode in RFID Systems

Abstract: As radio frequency identification (RFID) applications become ubiquitous, security and privacy issues have been addressed with universal acceptances. This paper proposes a lightweight Zero-Knowledge Authentication Protocol (ZKAP) based on alternative mode to address such severe problems. In ZKAP, dual zero-knowledge proofs are randomly chosen to provide anonymity and mutual authentication without revealing any sensitive identifiers. Pseudo-random flags and access lists employed for quick search and check ensure high efficiency and scalability. Meanwhile, formal proof model based on reasonable mathematical assumptions is established to prove the adaptive completeness, soundness and zero-knowledgeness, and the attack models are adopted to analyze the resilience and resistance for malicious attacks. It indicates that ZKAP owns no obvious design defects theoretically and is robust enough to resist major attacks (e.g., forgery, replay, Man-in-the-Middle, and tracking). The protocol is attractive and appropriate for low-cost and resource-restricted RFID systems.

Multi-Party Trust Computation in Decentralized Environments

Abstract: In this paper, we describe a decentralized privacy- preserving protocol for securely casting trust ratings in distributed reputation systems Our protocol allows n participants to cast their votes in a way that preserves the privacy of individual values against both internal and external attacks The protocol is coupled with an extensive theoretical analysis in which we formally prove that our protocol is resistant to collusion against as many as n-1 corrupted nodes in the semi-honest model The behavior of our protocol is tested in a real P2P network by measuring its communication delay and processing overhead The experimental results uncover the advantages of our protocol over previous works in the area; without sacrificing security, our decentralized protocol is shown to be almost one order of magnitude faster than the previous best protocol for providing anonymous feedback

CompChall: addressing password guessing attacks

Abstract: Even though passwords are the most convenient means of authentication, they bring along themselves the threat of dictionary attacks. Dictionary attacks may be of two kinds: online and offline. While offline dictionary attacks are possible only if the adversary is able to collect data for a successful protocol execution by eavesdropping on the communication channel and can be successfully countered using public key cryptography, online dictionary attacks can be performed by anyone and there is no satisfactory solution to counter them. This paper presents a new authentication protocol which is called CompChall (computational challenge). The proposed protocol uses only one way hash functions as the building blocks and attempts to eliminate online dictionary attacks by implementing a challenge-response system. This challenge-response system is designed in a fashion that it does not pose any difficulty to a genuine user but is time consuming and computationally intensive for an adversary trying to launch a large number of login requests per unit time as in the case of an online dictionary attack. The protocol is stateless and thus less vulnerable to DoS (Denial of Service) attacks.