Man-in-the-Middle in Tunnelled Authentication Protocols

2005 ◽  
pp. 28-41 ◽  
Author(s):  
N. Asokan ◽  
Valtteri Niemi ◽  
Kaisa Nyberg
Keyword(s):  
Authentication Protocols ◽  
Man In The Middle

scholarly journals A Protocol for Provably Secure Authentication of a Tiny Entity to a High Performance Computing One

2016 ◽  
Vol 2016 ◽  
pp. 1-9 ◽  
Author(s):  
Siniša Tomović ◽  
Miodrag J. Mihaljević ◽  
Aleksandar Perović ◽  
Zoran Ognjanović
Keyword(s):  
High Performance Computing ◽  
High Performance ◽  
Authentication Protocol ◽  
Authentication Protocols ◽  
Man In The Middle ◽  
Lpn Problem ◽  
Secure Authentication ◽  
Performance Computing ◽  
Specific Scenario ◽  
Provably Secure

The problem of developing authentication protocols dedicated to a specific scenario where an entity with limited computational capabilities should prove the identity to a computationally powerful Verifier is addressed. An authentication protocol suitable for the considered scenario which jointly employs the learning parity with noise (LPN) problem and a paradigm of random selection is proposed. It is shown that the proposed protocol is secure against active attacking scenarios and so called GRS man-in-the-middle (MIM) attacking scenarios. In comparison with the related previously reported authentication protocols the proposed one provides reduction of the implementation complexity and at least the same level of the cryptographic security.

scholarly journals A Novel Multiserver Authentication Protocol with Multifactors for Cloud Service

2018 ◽  
Vol 2018 ◽  
pp. 1-13 ◽  
Author(s):  
Jian Song ◽  
Guang-song Li ◽  
Bo-ru Xu ◽  
Chuan-gui Ma
Keyword(s):  
Smart Card ◽  
Cloud Service ◽  
Authentication Protocol ◽  
Authentication Protocols ◽  
Chaotic Mapping ◽  
Cryptographic Algorithm ◽  
Multifactor Authentication ◽  
Man In The Middle ◽  
Secret Keys ◽  
Weak Points

Secure and efficient authentication protocols are necessary for cloud service. Multifactor authentication protocols taking advantage of smart card, user’s password, and biometric, are more secure than password-based single-factor authentication protocols which are widely used in practice. However, most of the multiserver authentication protocols may have weak points, such as smart card loss attack, man-in-the-middle attack, anonymity, and high computation cost of authentication center. In order to overcome the above weaknesses, we propose a novel multiserver multifactor authentication protocol based on the Kerberos protocol using the extended Chebyshev chaotic mapping as a cryptographic algorithm. The proposed protocol achieves anonymity without sharing secret keys in advance and needs the user to register with the authentication center only once. Finally, we prove the security of the new protocol with BAN logic and compare it with other multifactor authentication protocols for multiserver environment. The results show that our proposed protocol is more secure and efficient and better for practical application.

scholarly journals Man-In-The-Middle Attack against Certain Authentication Protocols Revisited: Insights into the Approach and Performances Re-Evaluation

Electronics ◽  
2020 ◽  
Vol 9 (8) ◽  
pp. 1296
Author(s):  
Milica Knežević ◽  
Siniša Tomović ◽  
Miodrag J. Mihaljević
Keyword(s):  
Experimental Evaluation ◽  
Probability Distributions ◽  
Correct Result ◽  
Hamming Weight ◽  
Authentication Protocols ◽  
Man In The Middle ◽  
The One ◽  
Main Component

We address a class of authentication protocols called “HB” ones and the man-in-the-middle (MIM) attack, reported at the ASIACRYPT conference, called OOV-MIM (Ouafi-Overbeck-Vaudenay MIM). Analysis of the considered attack and its systematic experimental evaluation are given. It is shown that the main component of OOV-MIM, the algorithm for measuring the Hamming weight of noise vectors, outputs incorrect results as a consequence of the employed approximation of the probability distributions. The analysis reveals that, practically, the only scenario in which the OOV-MIM attack is effective is the one in which two incorrect estimations produced by the algorithm for measuring the Hamming weight, when coupled, give the correct result. This paper provides additional insights into the OOV-MIM and corrected claims about the performance/complexity showing that the performances of the considered attack have been overestimated, i.e., that the complexity of the attack has been underestimated. Particularly, the analysis points out the reasons for the incorrect claims and to the components of the attack that do not work as expected.

Research of Improved Network Access Authorization Mechanism Based on Elliptic Curve

2014 ◽  
Vol 519-520 ◽  
pp. 236-240
Author(s):  
Fei Wang ◽  
Yu Wang ◽  
Yuan Tian
Keyword(s):  
Privacy Protection ◽  
Wireless Lan ◽  
Mutual Authentication ◽  
Impersonation Attack ◽  
Network Access ◽  
Authentication Protocols ◽  
Authentication Mechanism ◽  
Man In The Middle ◽  
Access Authentication ◽  
Certification Requirements

Currently, the generic WLAN authentication protocols have the problem of low security intensity, or the problem of only one-way identification. It cannot completely adapt to the wireless LAN access certification requirements, under the condition of high security. The article analyzes the disadvantage of WAPI protocol, and then puts forward a kind of improved WLAN access authentication mechanism. It implements the mutual authentication, privacy protection, and also it can resist man-in-the-middle attack and impersonation attack. It fulfills the requirement of wireless terminals security access. The effect on security and efficiency is analyzed.

scholarly journals Analysis and Correction of the Attack against the LPN-Problem Based Authentication Protocols

Mathematics ◽  
2021 ◽  
Vol 9 (5) ◽  
pp. 573
Author(s):  
Siniša Tomović ◽  
Milica Knežević ◽  
Miodrag J. Mihaljević
Keyword(s):  
Limit Theorem ◽  
Probability Distributions ◽  
Bayesian Reasoning ◽  
Authentication Protocols ◽  
Root Cause ◽  
The Central Limit Theorem ◽  
Man In The Middle ◽  
Exact Distributions ◽  
Approximate Probability ◽  
Lpn Problem

This paper reconsiders a powerful man-in-the-middle attack against Random-HB# and HB# authentication protocols, two prominent representatives of the HB family of protocols, which are built based on the Learning Parity in Noise (LPN) problem. A recent empirical report pointed out that the attack does not meet the claimed precision and complexity. Performing a thorough theoretical and numerical re-evaluation of the attack, in this paper we identify the root cause of the detected problem, which lies in reasoning based on approximate probability distributions of the central attack events, that can not provide the required precision due to the inherent limitations in the use of the Central Limit Theorem for this particular application. We rectify the attack by employing adequate Bayesian reasoning, after establishing the exact distributions of these events, and overcome the mentioned limitations. We further experimentally confirm the correctness of the rectified attack and show that it satisfies the required, targeted accuracy and efficiency, unlike the original attack.

"Man-in-the-Middle."

1969 ◽  
Vol 1 (1) ◽  
pp. 89-90
Author(s):  
Robert W. Balentine
Keyword(s):  
Man In The Middle
Sign in / Sign up

Export Citation Format

Share Document