Deploying a new security protocol is expensive. This encourages system designers to look for ways of re-using existing infrastructure. When security protocols and components are re-used, it is critical to re-examine the security of the resulting system as a whole. For example, it has become a standard paradigm to run a legacy client authentication protocol within a secure tunnel. The commonest ...

Handover security and efficiency have become more and more important in modern wireless network designs. In this paper, we propose a new protocol using the one-time key for user authentication. The proposed protocol can support both intra-domain and interdomain authentications efficiently. Our protocol requires five messages for intra-domain initial authentication; three for subsequent authenti...

This paper specifies a two-step migration towards a stronger authentication in the Session Initiation Protocol. First, we add support for a Password Authenticated Key Exchange algorithm that can function as a drop-in replacement for the widely adopted Digest Access Authentication mechanism. This new authentication mechanism adds support for mutual authentication, is considered stronger and can ...

This paper identifies the current limitations of electronic remote authentication systems and presents a new remote authentication system that addresses these limitations. Examples of these limitations can be easily observed in everyday life. Some more common examples include: credit card theft, identity theft, insurance fraud and hacking of private computer networks. Our proposed solution incl...

Deniable authentication protocol is a new authentication mechanism in secure computer communication, which not only enables an intended receiver to identify the source of a received message but also prevents a third party from identifying the source of the message. In this paper, based on the Diffie-Hellman algorithm, we propose a new simple deniable authentication protocol from a provably secu...

For portable communication systems, the delegation-based authentication protocol provides efficient subsequent login authentication, data confidentiality, user privacy protection, and non-repudiation. However, in all proposed protocols, the non-repudiation of mobile users is based on an unreasonable assumption that home location registers are always trusted. To weaken this assumption and enhanc...

Recently, Jung et al. proposed a robust conditional privacy-preserving authentication protocol in vehicle ad-hoc networks. However, Jung et al.’s authentication protocol cannot provide unlinkage and mutual authentication during the communications between the vehicles and the road-side infrastructure units. In this paper, we propose an improved privacy-preserving mutual authentication protocol f...

Recently, with the appearance of smart cards, many user authentication protocols using smart card have been proposed to mitigate the vulnerabilities in user authentication process. In 2004, Das et al. proposed a ID-based user authentication protocol that is secure against ID-theft and replay attack using smart card. In 2009, Wang et al. showed that Das et al.’s protocol is not secure to randoml...

The authentication key exchange protocol enables communication participants to authenticate each other and agree on the session key over an insecure public network. Recently, a three-party authentication key exchange protocol based on Elliptic curve cryptograph is proposed. In this paper, we improve the three-party encrypted key exchange protocol by bilinear maps. The proposed threeparty authen...