We describe a protocol design process, and illustrate its use by creating atspect, an Authentication Test-based Secure Protocol for Electronic Commerce Transactions. The design process is organized around the authentication tests, a method for protocol verification based on the strand space theory. The authentication tests dictate how randomly generated values such as nonces may be combined wit...

This document defines a master key used between a client of the Protocol for carrying Authentication for Network Access (PANA) and an enforcement point, for bootstrapping lower-layer ciphering. The master key is derived from the Master Session Key of the Extensible Authentication Protocol as a result of successful PANA authentication. The master key guarantees cryptographic independence among e...

Due to infrastructure – less networks and multi hop communication features of Mobile ad hoc network (MANET), every node in MANET has to cooperate with each other. Therefore, node security becomes one of the important research areas of MANET. The resources that provided to MANET nodes such as battery power, memory, and bandwidth are limited. As a result, developing a resource – aware node authen...

In this paper we introduce a robust re-authentication and key exchange protocol for IEEE 802.11 Wireless LANs. Based on an authentication protocol that we have previously published, we introduce a low computational complexity re-authentication and key exchange procedure that provides enhanced robustness in face of cryptographic attacks. This procedure accounts for the wireless media limitations...

This document defines a master key used between a client of the Protocol for carrying Authentication for Network Access (PANA) and an enforcement point, for bootstrapping lower-layer ciphering. The master key is derived from the Master Session Key of the Extensible Authentication Protocol as a result of successful PANA authentication. The master key guarantees cryptographic independence among e...

The Extensible Authentication Protocol (EAP) is a generic framework supporting multiple types of authentication methods. In systems where EAP is used for authentication, it is desirable to not repeat the entire EAP exchange with another authenticator. This document specifies extensions to EAP and the EAP keying hierarchy to support an EAP method-independent protocol for efficient re-authenticat...

This document defines protocols, procedures, and conventions to be employed by peers implementing the Generic Security Service Application Program Interface (GSS-API) when using the Extensible Authentication Protocol mechanism. Through the GS2 family of mechanisms defined in RFC 5801, these protocols also define how Simple Authentication and Security Layer (SASL) applications use the Extensible...

This paper describes a new protocol for authentication in ad-hoc networks. The protocol has been designed to meet specialized requirements of ad-hoc networks, such as lack of direct communication between nodes or need for revocable anonymity. At the same time, an ad-hoc authentication protocol must be resistant to spoofing, eavesdropping and playback, and man-in-the-middle attacks. The article ...

Ideally, security protocol implementations should be formally verified before they are deployed. However, this is not true in practice. Numerous high-profile vulnerabilities have been found in web authentication protocol implementations, especially in single-sign on (SSO) protocols implementations recently. Much of the prior work on authentication protocol verification has focused on theoretica...

Biometric authentication over public networks leads to a variety of privacy issues that needs to be addressed before it can become popular. The primary concerns are that the biometrics might reveal more information than the identity itself, as well as provide the ability to track users over an extended period of time. In this paper, we propose an authentication protocol that alleviates these co...