A Novel Stateless Authentication Protocol
نویسنده
چکیده
The value of authentication protocols which minimise (or even eliminate) the need for stored state in addressing DoS attacks is well-established — the seminal paper of Aura and Nikander [1] is of particular importance in this context. However, although there is now a substantial literature on this topic, it would seem that many aspects of stateless security protocols remain to be explored. In this paper we consider the design of a novel stateless authentication protocol which has certain implementation advantages. Specifically, neither party needs to maintain significant stored state. The protocol is developed as a series of refinements, at each step eliminating certain undesirable properties arising in previous steps.
منابع مشابه
A TESLA-based mutual authentication protocol for GSM networks
The widespread use of wireless cellular networks has made security an ever increasing concern. GSM is the most popular wireless cellular standard, but security is an issue. The most critical weakness in the GSM protocol is the use of one-way entity authentication, i.e., only the mobile station is authenticated by the network. This creates many security problems including vulnerability against m...
متن کاملSecure and Stateless RESTful Web Service Using ID-Based Encryption
REST protocol has gained great popularity as a communication in the various areas such as web service and IoT devices. However, the current RESTful web service has shortcomings in the authentication process. We developed an ID-based authentication algorithm to achieve a secure and stateless RESTful web service. ID-based authentication process allows a server to handle the client’s request by ac...
متن کاملA Stateless Network Architecture for Inter-Enterprise Authentication, Authorization and Accounting
Providing network infrastructure for authenti-cation, authorization and accounting (AAA) functionalities required by inter-enterprise business applications operating over the global Internet is a challenging problem. The infrastructure needs to support large numbers of clients and services, and also to provide secure resources sharing between applications and across organizations. This paper de...
متن کاملStateless connections
We describe a secure transformation of stateful connections or parts of them into stateless ones by attaching the state information to the messages. Secret-key cryptography is used for protection of integrity and con dentiality of the state data and the connections. The stateless protocols created in this way are more robust against denial of service resulting from high loads and resource exhau...
متن کاملAttribute-based Encryption for Attribute-based Authentication, Authorization, Storage, and Transmission in Distributed Storage Systems
Attribute-based encryption is a form of encryption which offers the capacity to encrypt data such that it is only accessible to individuals holding a satisfactory configuration of attributes. As cloud and distributed computing become more pervasive in both private and public spheres, attribute-based encryption holds potential to address the issue of achieving secure authentication, authorizatio...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2009