At ACM CCS 2008, Rasmussen and Čapkun introduced a distance-bounding protocol [22] (henceforth RČ protocol) where the prover and verifier use simultaneous transmissions and the verifier counts the delay between sending a challenge (starting with a hidden marker) and receiving the response. Thus, the verifier is able to compute an upper bound on the distance separating it and the prover. Distanc...

This note reports major previously unpublished security vulnerabilities in the password-only authenticated three-party key exchange protocol due to Lee and Hwang (Information Sciences, 180, 1702–1714, 2010): (1) the Lee-Hwang protocol is susceptible to a man-in-the-middle attack and thus fails to achieve implicit key authentication; (2) the protocol cannot protect clients’ passwords against an ...

In this article, an enhanced version of address resolution protocol (ARP) is proposed to prevent ARP poisoningbased man-in-the-middle (MITM) attacks in wired or wireless LAN environments. The proposed mechanism is based on the idea that when a node knows the correct MAC address for a given IP address, if it does not delete the mapping while the machine is alive, then MITM attack is not possible...

---------------------------------------------ABSTRACT---------------------------------------------Wireless LAN is the most commonly used everywhere nowadays. Wireless LAN is commonly used only because it is easy to use and maintain. We can access it easily ad work effectively with it. But because of higher availability of wireless LAN means its increased attacks, errors and challenges for any o...

S/Key(One-Time Password) system has vulnerabilities such as dictionary attack. In this paper, we propose a corrected S/Key system mixed with EKE to solve the man-in-the-middle attack. In addition, we specify a new S/Key system with Casper, verify its secrecy and authentication properties using CSP/FDR.

The HB problem first introduced by Blum and Hopper has been the basis for extremely lightweight authentication protocols for RFID tags [18, 19]. In this paper we introduce a variant of this problem which we call the strong HB problem. We analyze the strong HB problem and give some arguments that support its hardness. We then use the strong HB assumption in two applications of independent intere...

Routers in the Internet do not perform any verification of the source IP address contained in the packets, leading to the possibility of IP spoofing. The lack of such verification opens the door for a variety of vulnerabilities, including denial-of-service (DoS) and man-in-the-middle attacks. Currently proposed spoofing prevention approaches either focus on protecting only the target of such at...

In this paper, we propose an improved and efficient AKA protocol named “NS-AKA” to prevent the 3G UMTS networks from various attacks like man-in-the-middle attack, redirection attack, replay attack and active attacks in the corrupted UMTS networks. This protocol completely eliminates the need of synchronization between a mobile station and its home network, and protects the actual identity of e...

In [3] the authors give the first mathematical formalization of an unconditionally secure commitment scheme. Their construction has some similarities to one used to build authentication codes, so they raise the question whether there is some relation between commitment schemes and authentication schemes. They conjecture that authentication schemes with arbitration can be used, but they stress t...

In this paper, we present a dos attack detection system that uses multivariate correlation analysis (MCA) for accurate network traffic characterization by extracting the geometrical correlations between network traffic features. Our MCA-based dos attack detection system employs the principle of anomaly based detection in attack recognition. This makes our solution capable of detecting known and...