In a secure roaming scenario, a user U travels to a foreign network and communicates with a foreign server V securely so that no one other than U and V can obtain the messages exchanged between them. U may also want to travel anonymously so that no one including V can find out its identity or trace its whereabouts except its home server H . There have been many key establishment protocols propo...

An untraceable fair network payment protocol is proposed by Wang in Asiacrypt’03, which employs the existent techniques of the offline untraceable cash and a new technique called restrictive confirmation signature scheme (RCSS). It is claimed that the fair payment protocol has both the fairness such that the buyer obtains the digital goods if and only if the merchant gains the digital cash and ...

Proposed by the 3rd Generation Partnership Project (3GPP) as a standard for 3G and 4G mobile-network communications, the AKA protocol is meant to provide a mutually-authenticated key-exchange between clients and associated network servers. As a result AKA must guarantee the indistinguishability from random of the session keys (key-indistinguishability), as well as clientand server-impersonation...

This document consists of a description of attack methodologies and a collection of detailed attacks upon RFID protocols. It is meant to serve as a quick and easy reference and it will be updated as new attacks are found. Currently the only attacks on protocols shown in full detail are the authors’ original attacks with references to similar attacks on other protocols. The main security propert...

This paper focuses on the inherent trade-off between privacy and access control in Pervasive Computing Environments (PCEs). On one hand, service providers require user authentication and authorization for the provision of a service, while at the same time end users require untraceability and unlinkability for their transactions. There are also cases where the anonymity of a specific credential ...

The exchange of user-related sensitive data within a Pervasive Computing Environment (PCE) raises security and privacy concerns. On one hand, service providers require user authentication and authorization prior to the provision of a service, while at the same time users require anonymity, i.e., untraceability and unlinkability for their transactions. In this paper we discuss privacy and securi...

Internet is changing. The adoption of IPv6 is only one change. The number of mobile hosts connected to the network is increasing also due to the wide application of the wireless technology. In this scenario there are also new threats to user privacy. This paper analyzes how to protect the user privacy in a global view from the data link level up to the applications. In fact, several information...

A protocol is described which allows to send and receive messages anonymously using an arbitrary communication network, and it is proved to be unconditionally secure. This improves a result by DAVID CHAUM: The DC-net guarantees the same, but on the assumption of a reliable broadcast network. Since unconditionally secure Byzantine Agreement cannot be achieved, such a reliable broadcast network c...

The operations cost of authentication session is considered as strict indicator to evaluate the protocols side by with security requirements achievements in Near Field Communication (NFC) technology. secure protocol for NFC mobile payment systems (SAP-NFC) one recent that have proposed achieve high level features such fully mutual authentication, anonymity and untraceability. Moreover, SAP-NFC ...

To provide unlinkability for wireless sensor network, Jiang et al. proposed an efficient two factor user authentication scheme. The scheme provides some good aspects for wireless sensor network. However, this paper shows that Jiang et al.’s scheme has some security weaknesses and proposes an enhanced scheme to remove the weaknesses in Jiang et al.’s scheme. The proposed scheme does not use veri...