In this paper we present PDM (Password Derived Moduli), a new approach to strong password-based protocols usable either for mutual authentication or for downloading security information such as the user’s private key. We describe how the properties desirable for strong password mutual authentication differ from the properties desirable for credentials download. In particular, a protocol used so...

Radio frequency identification technology is becoming ubiquitous, and as an unfortunate side effect, more and more authentication solutions come with more security issues. In former contributions, the authors introduced a solely hash-based secure authentication algorithm that is capable of providing protection against most of the well-known attacks and performs exceptionally well even in very l...

Multi-Factor Authentication (MFA), often coupled with Key Exchange (KE), offers very strong protection for secure communication and has been recommended by many major governmental and industrial bodies for use in highly sensitive applications. Over the past few years many companies started to offer various MFA services to their users and this trend is ongoing. The MFAKE protocol framework prese...

Message authentication and key exchange are two of the most basic tasks of cryptography. Solutions based on public-key infrastructure (PKI) are prevalent. Still, the state of the art in composable security analysis of PKI-based authentication and key exchange is somewhat unsatisfactory. Specifically, existing treatments either (a) make the unrealistic assumption that the PKI is accessible only ...

We extend the -calculus and the spi-calculus with two primitives that guarantee authentication. They enable us to abstract from various implementations/specifications of authentication, and to obtain idealized protocols which are “secure by construction”. The main underlying idea, originally proposed in [14] for entity authentication, is to use the locations of processes in order to check who i...

Entity authentication becomes ubiquitously necessary in pervasive computing environments. We provide taxonomy of entity authentication between keys and locks. Based on the discussion, we propose a novel authentication approach for pervasive computing environments. A person uses a single device, the Master Key, which aggregates all his digital keys for entity authentication. The Master Key initi...

In [28], Schneider applies CSP to the modelling and analysis of authentication protocols and develops a general proof strategy for verifying authentication properties. This paper shows how the PVS theorem prover can provide e ective mechanical support to the approach.

In this paper, we present a efficient security protocol analyzer to verify cryptographic security protocols. Our analyzer verifies security protocols based on notions of provable security. The analyzer only checks whether the core properties of security protocols satisfy the notions, making it faster than previous tools. The analyzer automatically checks whether authentication and key distribut...

Wireless technologies such as the Wireless Local Area Network (WLAN), the Worldwide Interoperability for Micro wave Access (Wi-MAX), and the Third-Generation (3G) mobile communications system complement each other to support a variety of services suited for the home, urban, and global environments. As roaming users expect a seamless handover (HO) experience when switching from one wireless netw...

The security of the previous quantum key distribution (QKD) protocols, which is guaranteed by the nature of physics law, is based on the legitimate users. However, impersonation of the legitimate communicators by eavesdroppers, in practice, will be inevitable. In fact, the previous QKD protocols is un secure without authentication in practical communication. In this paper, we proposed an improv...