In [10], we introduce a process calculus for describing security protocols and we propose a static and compositional analysis of entity authentication. In this paper we apply such a technique on well-known shared key authentication protocols. The analysis helps clarifying the protocol logics, suggests simplifications and reveals some attacks. Moreover we discuss how our analysis scales up to mu...

Authentication can serve both for assigning responsibility and for giving credit. Some authentication protocols are adequate for one purpose but not the other. This paper explains the distinction between responsibility and credit, through several examples, and discusses the role of this distinction in the design and analysis of protocols.

Physical unclonable functions have been shown to be a useful resource of randomness for implementing various cryptographic tasks including entity authentication. All the related authentication protocols that discussed in literature so far, either they are vulnerable an emulation attack, or limited short distances. Hence, quantum-safe remote over large distances remains open question. In first p...

Passwords are still the most widespread means for authenticating users, even though they have been shown to create huge security problems. This motivated use of additional authentication mechanisms in so-called multi-factor protocols. In this article, we define a detailed threat model kind protocol: While classical protocol analysis attackers control communication network, take into account tha...

The authentication of users in distributed systems poses special problems because users lack the ability to encrypt and decrypt. The same problems arise when users wish to delegate some of their authority to nodes, after mutual authentication. In most systems today, the user is forced to trust the node he wants to use. In a more satisfactory design, the user carries a smart-card with suucient c...