Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet-Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as refer...

The Exponential Challenge Response (XRC) and Dual Exponential Challenge Response (DCR) signature schemes are the building blocks of the HMQV protocol. We propose a complementary analysis of these schemes; on the basis of this analysis we show how impersonation and man in the middle attacks can be mounted against the HMQV protocol, when some session specific information leakages happen. We defin...

Ronald A. Gove 85.1 Some Basic Definitions....................................................... 1095 85.2 Some Historical Notes........................................................ 1096 85.3 The Basics of Modern Cryptography................................ 1098 85.4 Stream Ciphers.................................................................... 1099 85.5 Block Ciphers .....................

Man-in-the-Middle (MM) is not only a ubiquitous attack pattern in security, but also an important paradigm of network computation and economics. Recognizing ongoing MM-attacks is an important security task; modeling MM-interactions is an interesting task for semantics of computation. Traced monoidal categories are a natural framework for MM-modelling, as the trace structure provides a tool to h...

1 The authors gratefully acknowledge the support of the National Science Foundation under Grant number OCE-9505579 and OCE-9627160. The authors were members of the engineering and scientific staff of the 1996 Lucky Strike Cruise. Humphris and Fornari were the cruise chief scientists, and are with the WHOI Department of Geology and Geophysics. Van Dover is with the the West Coast National Unders...

We deal with the distribution of N points placed consecutively around the circle by a fixed angle of α. From the proof of Tony van Ravenstein [RAV88], we propose a detailed proof of the Steinhaus conjecture whose result is the following: the N points partition the circle into gaps of at most three different lengths. We study the mathematical notions required for the proof of this theorem reveal...

This paper presents a model for generating a MAC tag by injecting the input message directly into the internal state of a nonlinear filter generator. This model generalises a similar model for unkeyed hash functions proposed by Nakano et al. We develop a matrix representation for the accumulation phase of our model and use it to analyse the security of the model against man-in-the-middle forger...

Approaches against Phishing can be classified into modifications of the traditional PIN/TAN-authentication on the one hand and approaches that try to reduce the probability of a scammer being successful without changing the existing PIN/TAN-method on the other hand. We present a new approach, based on challenge-response-authentication. Since our proposal does not require any new hardware on the...

In 2003, Novikov and Kislev proposed a scheme for an authentication of the user from the remote autonomous object. Recently Yang et al. pointed out an evidence of man-in-middle attack. In this paper we show another evidence of man-in-middle-attack. We also pointed out that reflection attack can also be framed successfully on the scheme.

In this paper, we propose a new mechanism for counteracting ARP (Address Resolution Protocol) poisoning-based Man-in-the-Middle (MITM) attacks in a subnet, where wired and wireless nodes can coexist. The key idea is that even a new node can be protected from an ARP cache poisoning attack if the mapping between an IP and the corresponding MAC addresses is resolved through fair voting among neigh...