Security protocols are a critical element of the infrastructures needed for secure communication and processing information. Before designing and analyzing protocols, it is important to reduce avoidable work. In this article, we presented the methods to prevent replay attacks [11] and attacks of the type flaw attacks on the protocols. We studied two types of attacks already mentioned. We presen...

Currently, many industrial initiatives focus on web-based applications. In this context an important requirement is that the user should only rely on a standard web browser. Hence the underlying security services also rely solely on a browser for interaction with the user. Browser-based identity federation is a prominent example of such a protocol. Unfortunately, very little is still known abou...

Many recent protocols for Authenticated Key Exchange have been proven correct in the CK, CK-HMQV, or eCK security models. The exact relation between the security models, and hence between the security guarantees provided by the protocols, is unclear. We show that the CK, CK-HMQV, and eCK security models are formally incomparable for a number of reasons. Second, we show that these models are als...

The paper surveyed and compared various secure routing protocols for the mobile ad hoc networks (MANETs). MANETs are vulnerable to various security threats because of its dynamic topology and selfconfigurable nature. Security attacks on ad hoc network routing protocols disrupt network performance and reliability. The paper significantly based on base routing protocol AODV and Secure protocol ba...

This memo describes the security protocols for IP version 4 (IPv4) and IP version 6 (IPv6) and the services that they provide. Each security protocol is specified in a separate document. This document also describes key management requirements for systems implementing these security protocols. This document is not an overall Security Architecture for the Internet; it addresses only IP-layer sec...

This memo describes the security protocols for IP version 4 (IPv4) and IP version 6 (IPv6) and the services that they provide. Each security protocol is specified in a separate document. This document also describes key management requirements for systems implementing these security protocols. This document is not an overall Security Architecture for the Internet; it addresses only IP-layer sec...

In this paper we provide an analytical survey on security issues that are relevant for group key exchange protocols. We start with the description of the security requirements that have been informally described in the literature and widely used to analyze security of earlier group key exchange protocols. Most of these definitions were originally stated for two-party protocols and then adapted ...

In this paper we consider the problem of verifying time–sensitive security protocols, where temporal aspects explicitly appear in the description. In previous work, we proposed Timed HLPSL, an extension of the specification language HLPSL (originally developed in the Avispa Project), where quantitative temporal aspects of security protocols can be specified. In this work, a model checking tool,...

To provide card holder authentication while they are conducting an electronic transaction using mobile devices, VISA and MasterCard independently proposed two electronic payment protocols: Visa 3D Secure and MasterCard Secure Code. The protocols use pre-registered passwords to provide card holder authentication and Secure Socket Layer/ Transport Layer Security (SSL/TLS) for data confidentiality...

Based on a concise domain analysis we develop a formal semantics of security protocols. Its main virtue is that it is a generic model, in the sense that it is parameterized over e.g. the intruder model. Further characteristics of the model are a straightforward handling of parallel execution of multiple protocols, locality of security claims, the binding of local constants to role instances, an...