We use ideas from game theory to transform two families of authentication protocols so that even if an intruder attacks a protocol, its payoff will still be lower than when it does not. This is particularly useful in resisting or discouraging a powerful and rational intruder (as present in military applications) who makes many attempts to break a protocol because (1) even if the intruder fails,...

Timestamp-based authentication and key establishment protocols have received a number of criticisms, despite their potential efficiency advantages. The purpose of this paper is to propose a novel timestamp management method which has the potential to increase the scope of applicability of such protocols. Since timestamp-based protocols typically involve one less message than challenge-response ...

Password authentication protocols range from complex public-key cryptosystems to simple hash-based password authentication schemes. One common feature of these protocols is that the user’s identity is transmitted in plain during the authentication process, which allows an attacker to monitor the user’s activities. In many cases, the user’s anonymity is a desirable security feature. In this pape...

In this paper we analyse a hybrid authentication protocol due to Chien and Jan, designed for use in large mobile networks. The proposed protocol consists of two sub-protocols, namely the intra-domain authentication protocol and the inter-domain authentication protocol, which are used depending on whether the user and the request service are located in the same domain. We show that both sub-prot...

Authentication protocols (including protocols that provide key establishment) are designed to work correctly in the presence of an adversary that can prompt honest principals to engage in an unbounded number of concurrent runs of the protocol. The amount of local state maintained by a single run of an authentication protocol is bounded. Intuitively, this suggests that there is a bound on the re...

Elliptic curve cryptography (ECC) is extensively used in various multifactor authentication protocols. In this work, various recent ECC-based authentication and key exchange protocols are subjected to threat modeling and static analysis to detect vulnerabilities and to enhance them to be more secure against threats. This work demonstrates how currently-used ECC-based protocols are vulnerable to...

Authentication protocols (including protocols that provide key establishment) are designed to work correctly in the presence of an adversary that can (1) perform an unbounded number of encryptions and tuplings while fabricating messages, and (2) prompt honest principals to engage in an unbounded number of concurrent runs of the protocol. The amount of local state maintained by a single run of a...

The past two decades have seen an enormous increase in the development and use of networked and distributed systems, providing increased functionality to the user and more efficient use of resources. To obtain the benefits of such systems parties will cooperate by exchanging messages over the network. The parties may be users, hosts or processes; they are generally referred to as principals in ...

This document defines protocols, procedures, and conventions to be employed by peers implementing the Generic Security Service Application Program Interface (GSS-API) when using the Extensible Authentication Protocol mechanism. Through the GS2 family of mechanisms defined in RFC 5801, these protocols also define how Simple Authentication and Security Layer (SASL) applications use the Extensible...