Password-based protocols for authenticated key exchange (AKE) are designed to work despite the use of passwords drawn from a space so small that an adversary might well enumerate, off line, all possible passwords. While several such protocols have been suggested, the underlying theory has been lagging. We begin by defining a model for this problem, one rich enough to deal with password guessing...

We propose a generic modelling technique that can be used to extend existing frameworks for theoretical security analysis in order to capture the use of timestamps. We apply this technique to two of the most popular models adopted in literature (Bellare-Rogaway and Canetti-Krawczyk). We analyse previous results obtained using these models in light of the proposed extensions, and demonstrate the...

We propose cryptographic protocols for electronic payment transactions over the Internet. Three essential requirements are met. (1) Security: this consists of entity authentication of each party involved, message integrity protection, strong non-repudiation on payment order and high degree of fault tolerance. (2) Economy: a payment transaction will be completed with the involvement of the conve...

This technical report describes a method for biometric identification based user authentication in distributed environments, which makes use of Trusted Platforms combined with Smart Cards and Trusted Biometric Readers for providing a trusted biometric system. With this authentication method, a user can establish a trust relationship with a Biometric Reader (via integrity checking), and the user...

Delegation is the process wherein an entity Alice designates an entity Bob to speak on her behalf. In password-based security systems, delegation is easy: Alice gives Bob her password. In the real world, endusers find this feature rather useful. However, security officers find it infuriating: by sharing her password, Alice gives all of her privileges to Bob, who then becomes indistinguishable f...

This paper proposes novel concepts and architectures for location-aware seamless authentication and roaming in the new interworking system between third-generation (3G) mobile networks and wireless local area networks (WLANs) where local mobility movements (micromobility) are handled together with global movements (macro-mobility). We introduce location as a key context in secure roaming mechan...

Location tracking technologies are penetrating increasingly in industrial environments. Several challenges arise when people or mobile assets are tracked. Security is one of the main problems that location tracking poses. In this position paper we want to address the long-term authentication and accountability of location tracking history information or path. In order to accomplish this, we gen...

Dynamic group Diffie-Hellman protocols for Authenticated Key Exchange (AKE) are designed to work in a scenario in which the group membership is not known in advance but where parties may join and may also leave the multicast group at any given time. While several schemes have been proposed to deal with this scenario no formal treatment for this cryptographic problem has ever been suggested. In ...

In today’s world most of the communication is done using electronic media. Data Security plays a vital role in such communication. Hence, there is a need to protect data from malicious attacks. Cryptography is the study of mathematical techniques related to aspects of information security such as confidentiality, data integrity, entity authentication and data origin authentication. In data and ...

An attribute is a particular property of an entity, such as a role, access identity, group, or clearance. If attributes are provided integrity, authentication, and con dentiality, Web servers can then trust these secure attributes and use them for many purposes, such as access control, authorization, authentication, and electronic transactions. In this paper, we present a comprehensive approach...