Otway–Rees protocol

About: Otway–Rees protocol is a research topic. Over the lifetime, 1975 publications have been published within this topic receiving 40569 citations.

TTP Based High-Efficient Multi-Key Exchange Protocol

Abstract: With a trusted-third-party (TTP)-based key exchange protocol, when a user would like to transmit a message to another user, the transmitted data are encrypted by a session key exchanged between the two ends of the corresponding connection with the help of the TTP. Up to present, due to the assistance of a TTP, this type of protocols has performed well in protecting messages delivered between two authorized users. Even this, inflexibility, unreliability, and inefficiency problems still exist in these previously proposed protocols. Therefore, in this paper, a multi-key exchange protocol, named the TTP-based high-efficient multi-key exchange protocol (THMEP), is proposed to provide users with a secure and efficient protocol, which employs the elliptic curve cryptography, a 2-D operation, and a current time encryption key, to exchange their session keys. The proposed protocol not only effectively hides important encryption parameters, but also achieves fully mutual authentication between a user and his/her trusted server. It can resist known-key, impersonation, replay, eavesdropping, and forgery attacks. Besides, the THMEP generates 40 session keys in a key exchange process, meaning the proposed protocol can support 40 sessions simultaneously. It also shortens the processing time, which is 3.78 times faster than that of a specific previous study. Its security level and performance are higher than those of the compared state-of-the-art protocols. In other words, the THMEP is very suitable for IoT applications.

Specifying Authentication Protocols Using Rewriting and Strategies

Abstract: Programming with rewrite rules and strategies has been already used for describing several computational logics. This paper describes the way the Needham-Schroeder Public-Key protocol is specified in ELAN, the system developed in Nancy to model and compute in the rewriting calculus. The protocol aims to establish a mutual authentication between an initiator and a responder that communicate via an insecure network. The protocol has been shown to be vulnerable and a correction has been proposed. The behavior of the agents and of the intruders as well as the security invariants the protocol should verify are naturally described by conditional rewrite rules whose application is controlled by strategies. Similar attacks to those already described in the literature have been discovered. We show how different strategies using the same set of rewrite rules can improve the efficiency in finding the attacks and we compare our results to existing approaches.

A Framework for the Study of Cryptographic Protocols

Abstract: We develop a simple model of computation under which to study the meaning of cryptographic protocol and security. We define a protocol as a mathematical object and security as a possible property of this object, Having formalized the concept of a secure protocol we study its general properties. We back up our contention that the model is reasonable by solving some well known cryptography problems within the framework of the model.

Authentication of a multiple protocol connection

Abstract: An apparatus is described herein. The apparatus includes a controller and a proxy entity. The controller is to detect a peripheral device and authenticate the peripheral device according to a first protocol. The proxy entity that is to configure the peripheral device in an operable protocol in response to the authentication.

Correct implementation of network protocols

Abstract: A number of issues combine to make network protocol development significantly more difficult than other areas of computer programming: problems with time, concurrency, and failures; interactions between the network protocol and its environment; and obstacles in developing the protocol over time. In order to address these issues, we introduce the Timed Abstract Protocol notation and the Austin Protocol Compiler. The Timed Abstract Protocol, or TAP, notation is a domain-specific formal language for describing asynchronous is suited for protocol design, comprehension, and correctness verification. The concrete execution model is suited for protocol implementation. We show that the two models are equivalent: that a protocol interpreted under the concrete model preserves the intended behavior of the protocol interpreted that transforms a protocol given in the Timed Abstract Protocol notation into executable C code and provides a runtime environment for the protocol. In order to demonstrate the effectiveness of the TAP notation and APC, we present implementations of a secure encryption key exchange protocol, a failure discovery protocol, and a Domain Name System server. While discussing the latter, we examine the performance of the APC implementation and show that it is comparable to two other DNS servers. The combination of the Timed Abstract Protocol notation and the Austin Protocol Compiler addresses the issues of network protocol development by allowing precise and verifiable descriptions of protocols which can be made executable easily, in order both to gain experimental experience and to provide reference implementations.