Remote user authentication based on passwords over untrusted networks is the conventional method of authentication in the Internet and mobile communication environment. Typical secure remote user access solutions rely on pre-established secure cryptographic keys, publickey infrastructure, or secure hardware. In this paper, we present secure password-based protocols for remote user authenticatio...

As low-cost RFIDs with limited resources will dominate most of the RFID market, it is imperative to design lightweight RFID authentication protocols for these low-cost RFIDs. However, most of existing RFID authentication protocols either suffer from some security weaknesses or require costly operations that are not available on low-cost tags. In this paper, we analyze the security vulnerabiliti...

Wireless Sensor Networks (WSNs) are susceptible to various attacks as they are placed in hostile environments. Several security and authentication mechanisms are proposed for in terms of key exchange mechanisms, handshake protocols, and other routing protocols. The proposed triple key based broadcast authentication protocol is compared with the several other existing security schemes in WSN. Th...

Mobile WiMAX (Worldwide Interoperability Microwave Access) requires the re-authentication of mobile stations as they change from one base station to another. IEEE 802.16e uses the Extensible Authentication Protocol (EAP) for authentication and key management. This requires about 1000 ms, therefore, it could not support mobile WiMAX applications such as video conference. In the present paper, we...

Authentication and secrecy have been widely investigated in security protocols. They are closely related to each other and variants of definitions have been proposed, which focus on the concepts of corresponding assertion and key distribution. This paper proposes an onthe-fly model checking method based on the pushdown system to verify the authentication of recursive protocols with an unbounded...

In this paper we present a fault-tolerant and intrusion-tolerant authentication server. This server is composed of several sites, each one managed by a different security administrator. We describe the registration and authentication protocols based on smartcards. Those protocols have been implemented by using Bull CP8 MP smartcards. We show how to make them secure in spite of possible failures...

Currently there are no Internet access authentication protocols available that are lightweight, can be carried over arbitrary access networks, and are flexible enough to be used in all the likely future ubiquitous mobility access contexts. This article proposes the PANA/GSM authentication protocol for heterogeneous network access as a step towards filling this gap. A security analysis of the PA...

PROTECTING PRIVACY AND ENSURING SECURITY OF RFID SYSTEMS USING PRIVATE AUTHENTICATION PROTOCOLS Md. Endadul Hoque Marquette University, 2010 Radio Frequency IDentification (RFID) systems have been studied as an emerging technology for automatic identification of objects and assets in various applications ranging from inventory tracking to point of sale applications and from healthcare applicati...

In 2001, Canetti and Krawczyk proposed a security model (CKmodel) for authentication protocols. They also gave an indistinguishabilitybased definition for key exchange protocols. Since then the model has almost exclusively been used for analyzing key exchange protocols, although it can be applied to authentication protocols in general. The model not only captures a large class of attacks but al...

Web-based single sign-on describes a class of protocols where a user signs into a web site with the authentication provided as a service by a third party. In exchange for the increased complexity of the authentication procedure, SSO makes it convenient for users to authenticate themselves to many different web sites (relying parties), using just a single account at an identity provider such as ...