Undoubtedly, GSM is the most important standard of the worldwide wireless communication in recent periods. The authentication protocol is the main component of the GSM architecture. However, there are several drawbacks found in the existing authentication protocol of GSM, such as bandwidth consumption between VLR and HLR, storage overhead in VLR, and the property that VLR cannot be authenticate...

This paper examines authentication protocols used for wireless communications, especially in the multi-operator environment, to see what security services they provide and how they do it. Weaknesses of each protocol and differences among them will also be discussed.

Radio frequency identification (RFID) has spread into many fields. Its security and privacy has received more and more attention. Based on traditional authentication protocols, some other branches related to practical applications have been introduced including server-less authentication and searching protocols. The server-less searching protocol is extended from server-less authentication prot...

Authentication protocols (including protocols that provide key establishment) are designed to work correctly in the presence of an adversary that can (1) perform an unbounded number of encryptions (and other operations) while fabricating messages, and (2) prompt honest principals to engage in an unbounded number of concurrent runs of the protocol. The amount of local state maintained by a singl...

A distance bounding protocol is a type of challenge-response protocol used to measure the distance of a responder (or prover) from an initiator (or verifier). The advantage of the protocol is that, assuming that the prover does not collude with anybody else, he cannot make himself appear any closer than he is. If he colludes with somebody else, he can only appear as close as his cohort. Distanc...

The Needham-Schroeder public-key protocol [NS78] has been already analyzed using several methodologies from model-checkers like FDR [Ros94] to approaches based on theorem proving like NRL [Mea96]. Although this protocol is simple it has been proved insecure only in 1995 by G. Lowe [Low95]. After the discover of the security problem and the correctness proof of a modified version in [Low96] seve...

This paper presents a general approach for analysis and verification of authentication properties using the theory of Communicating Sequential Processes (CSP). The paper aims to develop a specific theory appropriate to the analysis of authentication protocols, built on top of the general CSP semantic framework. This approach aims to combine the ability to express such protocols in a natural and...

Nowadays, identity-based client authentication (e.g., by username/ password) over SSL is the standard for user authentication on the Web. In particular, browser-based federated identity management (FIM) protocols prefer this technique to authenticate customers due to its user-convenience and lightweight access management. However, recent attacks known as phishing provide evidence that this auth...

With the advancement of technology, communications today should be secured by secret session key. A password-authenticated key agreement method is an interactive password based method to establish secret session keys. A number of protocols for Password based Authentication and Key Exchange (PAKE) is designed for the single server environment where each user shares a password with a server. Thes...

1 Preliminary versions of this paper appeared in [1, 2]. Summary It is preferable for authentication and key exchange protocols to be verified automatically and rapidly in accordance with security requirements. In order to meet these requirements, we proposed the security verification method (OKT method) for the aforementioned protocols based on Bellare et al.'s model (BPR model) and showed the...