Topic
Otway–Rees protocol
About: Otway–Rees protocol is a research topic. Over the lifetime, 1975 publications have been published within this topic receiving 40569 citations.
Papers published on a yearly basis
Papers
More filters
••
09 Jul 2003TL;DR: This work investigates how a certain component contributes to the task of achieving entity authentication and formalizes these principles in terms of rules for protocol parties and proves that protocols designed according to these rules will achieve entity authentication.
Abstract: We study the roles of message components in authentication protocols. In particular, we investigate how a certain component contributes to the task of achieving entity authentication. To this aim, we isolate a core set of roles that enables us to extract general principles that should be followed to avoid attacks. We then formalize these principles in terms of rules for protocol parties and we prove that protocols designed according to these rules will achieve entity authentication.
20 citations
••
TL;DR: An improved version of dynamic ID based authentication protocol is proposed, which covers all the identified weaknesses of Li et al.'s protocol and is more secure and efficient for practical multi-server environments.
Abstract: Due to the rapid growth of computer networks and service providing servers, many network environments have been becoming multi-server architecture and various multi-server authentication protocols have been proposed. In such an environment, a user can obtain different network services from multiple network servers without repeating registration to each server. Recently, Li et al. proposed a secure dynamic ID based authentication protocol for multi-server architecture using smart cards. They claimed that their protocol preserves mutual authentication and protected from several attacks. However, in this paper, we find that Li et al.'s protocol cannot provide the protection against leak-of-verifier attack, impersonation attack, session key disclosure attack and many logged-in users' attack. To remedy these security flaws, we propose an improved version of dynamic ID based authentication protocol, which covers all the identified weaknesses of Li et al.'s protocol and is more secure and efficient for practical multi-server environments.
20 citations
••
20 citations
••
17 Dec 2008TL;DR: In the proposed protocol, the authentication sever just needs to compute very limited times to find out the identifier of the RFID tag irrespective of the total number of the tags.
Abstract: With the increased popularity of RFID applications, various authentication protocols have been proposed to provide security and privacy for RFID tags. However, most protocols require a high computational cost in verifying the tagpsilas reply in the authentication server. This paper presents an efficient mutual authentication protocol using one-way functions only. In the proposed protocol, the authentication sever just needs to compute very limited times to find out the identifier of the RFID tag irrespective of the total number of the tags. Also, the response of the tag is changed in every authentication to avoid tag tracing. In addition, a challenge-response approach is performed to overcome tag cloning and replay attack. Furthermore, the proposed protocol is secure against eavesdropping, compromising attack, denial of service attack and other common attacks.
20 citations