The rationale of authentication has been a topic of study for about a decade and a half. First attempts at formal analysis of authentication protocols were not using logics per se, but were certainly logical. Millen’s Interrogator [Mil84,MCF87] was a Prolog based tool specifically designed for authentication protocol analysis that functioned essentially as a special purpose model checker. Kemme...

Two-way identity authentication is the basis of secure communication in a distributed application environment. A trusted third party (TTP) is needed while PKI is not applicable, and the design of authentication protocols with TTP is a complicate and challenging task. This paper examines the characteristics of the security of authentication protocols with TTP, summarizes the essential factors of...

RFID (Radio Frequency IDentification) system has been widely used in our life, such as transport systems, passports, automotive, animal tracking, human implants, library, and so on. However, the RFID authentication protocols between RF (Radio Frequency) tags and the RF readers have been bring about various privacy problems that anonymity of the tags, tracking, eavesdropping, and so on. Many res...

We aim at extending IEEE 802.11s standards to implement fast hand-off to support real-time applications such as VoIP and audio/video conferencing. We propose a novel trust model that represents the trust relationships among the entities of a WMN, and new authentication protocols based on that model. A client and a mesh access point (MAP) mutually authenticate each other using one-hop communicat...

The privacy of efficient tree-based RFID authentication protocols is heavily dependent on the branching factor on the top layer. Indefinitely increasing the branching factor, however, is not a viable option. This paper proposes the alternate-tree walking scheme as well as two protocols to circumvent this problem. The privacy of the resulting protocols is shown to be comparable to that of linear...

Deniability enables protocol participants to deny their involvement after they have taken part in a particular protocol run. In this paper, we present the security analysis of a class of interactive deniable authentication protocols and a noninteractive one. For interactive protocols, we focus on a serial of pairings based protocols proposed by Chou et al and repaired by Lim et al. We point out...

The security of authentication protocols based on public key cryptography depends on the validity of the certificate. It is usually assumed that a well deployed PKI can guarantee the validity of certificates through mechanisms such as CRL or OCSP. In reality, such guarantee is not always assured. This paper describes an attack that exploits this certificate validity weakness and breaks some wel...

In this paper, we analyze the security vulnerabilities of a family of ultra-lightweight RFID mutual authentication protocols: LMAP [13], MAP [14] and EMAP [15], which are recently proposed by Peris-Lopez et al. We identify two effective attacks, namely de-synchronization attack and full-disclosure attack, against their protocols. The former permanently disables the authentication capability of ...

Several protocols for authentication using memory-constrained smart cards or tokens based on symmetric key cryptography are described. Key property of these protocols is that verification on the server can be performed in public based on (more or less) publicly known information. The protocols use a symmetric cipher in an asymmetric fashion: the verifier uses a verification key that cannot be u...

Password is the most commonly used authentication technique in smart card based authentication protocols. During communication, the static identity based authentication protocols leaks out the user’s authentication messages corresponding to static identity to the attacker. Therefore, the attacker can trace and identify the different requests belonging to the same user. On the other hand, the dy...