This work deals with the security challenges in authentication protocols employing volatile biometric features, where the authentication is indeed a comparison between a fresh biometric template and that enrolled during the enrollment phase. We propose a security model for biometric-based authentication protocols by assuming that the biometric features to be public. Extra attention is paid to t...

Radio Frequency Identification (RFID) technology is an automated identification technology which is widely used to identify and track all kind of objects. However, it is a challenging task to design an authentication protocol because of the limited resource of Lightweight RFID tags. Recently, a lightweight RFID authentication protocol and an ownership transfer of RFID tags are presented by Kuls...

An emerging direction for authenticating people is the adoption of biometric authentication systems. Biometric credentials are becoming increasingly popular as a mean of authenticating people due to the wide rage of advantages that they provide with respect to classical authentication methods (e.g., password-based authentication). The most characteristic feature of this authentication method is...

We propose new authentication protocols to support fast handover in IEEE 802.11-based wireless mesh networks. The authentication server does not need to be involved in the handover authentication process. Instead, mesh access points directly authenticate mobile clients using tickets, avoiding multi-hop wireless communications in order to minimize the authentication delay. Numerical analysis and...

Multi-Factor Authentication (MFA), often coupled with Key Exchange (KE), offers very strong protection for secure communication and has been recommended by many major governmental and industrial bodies for use in highly sensitive applications. Instantiations of the MFA concept vary in practice and in the research literature and various efforts in designing secure MFA protocols have proven unsuc...

Various published authentication protocols that employ symmetric cryptographic algorithms are examined. A number of misconceptions found in the speciication, design and implementation of these protocols are revealed. Some misconceptions are considered responsible for deenite security aws, while others are shown to cause weaknesses which may help in attacks on the cryptographic mechanisms. We id...

Tel: 886+(0)5-2721001 ext.2017 Abstract Recently, Yoon et al. and Cao et al. propose two deniable authentication protocols respectively. They both claim that their protocols can achieve the deniable property. However, in this paper, we will point out that their protocols each suffers from some malicious attacks. After that, we propose a new identity-based deniable authentication protocol on pai...

Using the language of event orderings and event classes, and using a type of atoms to represent nonces, keys, signatures, and ciphertexts, we give an axiomatization of a theory in which authentication protocols can be formally defined and strong authentication properties proven. This theory is inspired by PCL, the protocol composition logic defined by Datta, Derek, Mitchell, and Roy. We develop...

Zero-knowledge authentication protocols are an alternative to authentication protocols based on public key cryptography. Low processing and memory consumption make them especially suitable for implementation in smart card microprocessors, which are severely limited in processing power and memory space. This paper describes a design and implementation of a software library providing smart card a...

A deniable authentication protocol enables a receiver to identify the true source of a given message, but not to prove the identity of the sender to a third party. This property is very useful for providing secure negotiation over the Internet. Consequently, many interactive and non-interactive deniable authentication protocols have been proposed. However, the interactive manner makes deniable ...