A Mutual Authentication Protocol with Resynchronisation Capability for Mobile Satellite Communications

2011 ◽  
Vol 5 (1) ◽  
pp. 33-49 ◽  
Author(s):  
Ioana Lasc ◽  
Reiner Dojen ◽  
Tom Coffey
Keyword(s):  
Denial Of Service ◽  
Mutual Authentication ◽  
Security Analysis ◽  
Service Condition ◽  
Satellite Communications ◽  
Authentication Protocol ◽  
Security Protocol ◽  
New Type ◽  
Mobile Satellite ◽  
Mutual Authentication Protocol

Many peer-to-peer security protocols proposed for wireless communications use one-time shared secrets for authentication purposes. This paper analyses online update mechanisms for one-time shared secrets. A new type of attack against update mechanisms, called desynchronisation attack, is introduced. This type of attack may lead to a permanent denial of service condition. A case study demonstrates the effectiveness of desynchronisation attacks against a security protocol for mobile satellite communications. A new mutual authentication protocol for satellite communications, incorporating a resynchronisation capability, is proposed to counter the disruptive effects of desynchronisation attacks. The new protocol has an esynchronisation phase that is initiated whenever desynchronisation is suspected. Thus, the possibility of causing permanent denial of service conditions by mounting desynchronisation attacks is eliminated. A security analysis of the proposed protocol establishes its resistance against attacks like replay attacks, dictionary attacks, and desynchronisation attacks.

A Mutual Authentication Protocol with Resynchronisation Capability for Mobile Satellite Communications

2013 ◽  
pp. 35-51
Author(s):  
Ioana Lasc ◽  
Reiner Dojen ◽  
Tom Coffey
Keyword(s):  
Denial Of Service ◽  
Mutual Authentication ◽  
Security Analysis ◽  
Service Condition ◽  
Satellite Communications ◽  
Authentication Protocol ◽  
Security Protocol ◽  
New Type ◽  
Mobile Satellite ◽  
Mutual Authentication Protocol

Many peer-to-peer security protocols proposed for wireless communications use one-time shared secrets for authentication purposes. This paper analyses online update mechanisms for one-time shared secrets. A new type of attack against update mechanisms, called desynchronisation attack, is introduced. This type of attack may lead to a permanent denial of service condition. A case study demonstrates the effectiveness of desynchronisation attacks against a security protocol for mobile satellite communications. A new mutual authentication protocol for satellite communications, incorporating a resynchronisation capability, is proposed to counter the disruptive effects of desynchronisation attacks. The new protocol has an esynchronisation phase that is initiated whenever desynchronisation is suspected. Thus, the possibility of causing permanent denial of service conditions by mounting desynchronisation attacks is eliminated. A security analysis of the proposed protocol establishes its resistance against attacks like replay attacks, dictionary attacks, and desynchronisation attacks.

scholarly journals IoT Device Security: Challenging “A Lightweight RFID Mutual Authentication Protocol Based on Physical Unclonable Function”

Sensors ◽  
2018 ◽  
Vol 18 (12) ◽  
pp. 4444 ◽  
Author(s):  
Ygal Bendavid ◽  
Nasour Bagheri ◽  
Masoumeh Safkhani ◽  
Samad Rostampour
Keyword(s):  
Radio Frequency Identification ◽  
Mutual Authentication ◽  
Security Analysis ◽  
Authentication Protocol ◽  
Security Protocol ◽  
Physical Unclonable Function ◽  
Security Risks ◽  
Processing Power ◽  
Frequency Identification ◽  
Mutual Authentication Protocol

With the exponential increase of Internet of things (IoT) connected devices, important security risks are raised as any device could be used as an attack channel. This preoccupation is particularly important with devices featuring limited processing power and memory capabilities for security purposes. In line with this idea, Xu et al. (2018) proposed a lightweight Radio Frequency Identification (RFID) mutual authentication protocol based on Physical Unclonable Function (PUF)—ensuring mutual tag-reader verification and preventing clone attacks. While Xu et al. claim that their security protocol is efficient to protect RFID systems, we found it still vulnerable to a desynchronization attack and to a secret disclosure attack. Hence, guidelines for the improvements to the protocol are also suggested, for instance by changing the structure of the messages to avoid trivial attacks. In addition, we provide an explicit protocol for which our formal and informal security analysis have found no weaknesses.

scholarly journals Lightweight and Anonymous Mutual Authentication Protocol for IoT Devices With Physical Unclonable Functions

2021 ◽  
Author(s):  
Jin Meng ◽  
Xufeng Zhang ◽  
Tengfei Cao ◽  
Yong Xie
Keyword(s):  
Mutual Authentication ◽  
Security Analysis ◽  
Authentication Protocol ◽  
Communication Overhead ◽  
It Use ◽  
Fuzzy Extractor ◽  
Physical Unclonable Functions ◽  
Production Methods ◽  
Iot Devices ◽  
Mutual Authentication Protocol

Abstract The past few years have seen the topic of Internet of Things (IoT) rush into the forefront of various industries, which is changing people’s conventional production methods and lifestyles. Connected to the Internet, the physical devices could be as fluffy as kids’ teddy bears or as balky as driverless cars. However, the security related to the IoT is faced with some serious challenges simultaneously. Confronted with these issues, we propose a mutual authentication protocol for devices in the IoT system. It is lightweight that just hash functions, XORs as well as PUFs are utilized and there is no need to store plenty of pseudo-identities. Furthermore, not only does it use the reverse fuzzy extractor to acclimatize to the noisy environment, but it also introduces the supplementary sub-protocol to enhance the resistance to the desynchronization attack. Besides, the security analysis based on the improved BAN logic by Mao and Boyd presents the higher security and reliability of the proposed protocol, and the performance analysis shows its more comprehensive functions as well as lower computation and communication overhead.

Design and Analysis of a New Mutual Authentication Protocol for RFID

2014 ◽  
Vol 1006-1007 ◽  
pp. 548-551
Author(s):  
Qi Fu ◽  
Jun Tan ◽  
Hong Li
Keyword(s):  
Random Number ◽  
Denial Of Service ◽  
Mutual Authentication ◽  
Authentication Protocol ◽  
Security Requirements ◽  
Protocol Security ◽  
Transmission Of Information ◽  
Mutual Authentication Protocol ◽  
Rfid Applications

This paper proposes a lightweight mutual authentication protocol for RFID. Based on the simple bit operations, it creates the random number N1 on the tag and the identifier RID on reader to protect the transmission of information, and proves the protocol security at the end. The results show that the proposed protocol can meet the security requirements of confidentiality, integrity, and traceability in RFID applications. Furthermore, the protocol can resist attacks of tracking, eavesdropping, retransmitting and the denial of service, which makes up the security defects mentioned on this paper.

scholarly journals SKINNY-Based RFID Lightweight Authentication Protocol

Sensors ◽  
2020 ◽  
Vol 20 (5) ◽  
pp. 1366 ◽  
Author(s):  
Liang Xiao ◽  
He Xu ◽  
Feng Zhu ◽  
Ruchuan Wang ◽  
Peng Li
Keyword(s):  
Radio Frequency Identification ◽  
Low Cost ◽  
Rapid Development ◽  
Denial Of Service ◽  
Mutual Authentication ◽  
Security Analysis ◽  
Authentication Protocol ◽  
Security Requirements ◽  
Iot Devices ◽  
Lightweight Authentication

With the rapid development of the Internet of Things and the popularization of 5G communication technology, the security of resource-constrained IoT devices such as Radio Frequency Identification (RFID)-based applications have received extensive attention. In traditional RFID systems, the communication channel between the tag and the reader is vulnerable to various threats, including denial of service, spoofing, and desynchronization. Thus, the confidentiality and integrity of the transmitted data cannot be guaranteed. In order to solve these security problems, in this paper, we propose a new RFID authentication protocol based on a lightweight block cipher algorithm, SKINNY, (short for LRSAS). Security analysis shows that the LRSAS protocol guarantees mutual authentication and is resistant to various attacks, such as desynchronization attacks, replay attacks, and tracing attacks. Performance evaluations show that the proposed solution is suitable for low-cost tags while meeting security requirements. This protocol reaches a balance between security requirements and costs.

scholarly journals Hash-Chain Fog/Edge: A Mode-Based Hash-Chain for Secured Mutual Authentication Protocol Using Zero-Knowledge Proofs in Fog/Edge

Sensors ◽  
2022 ◽  
Vol 22 (2) ◽  
pp. 607
Author(s):  
Mayuresh Sunil Pardeshi ◽  
Ruey-Kai Sheu ◽  
Shyan-Ming Yuan
Keyword(s):  
Denial Of Service ◽  
Mutual Authentication ◽  
Authentication Protocol ◽  
Security Requirements ◽  
Smart Devices ◽  
Property A ◽  
Zero Knowledge ◽  
Hash Chain ◽  
Iot Devices ◽  
Mutual Authentication Protocol

Authentication is essential for the prevention of various types of attacks in fog/edge computing. Therefore, a novel mode-based hash chain for secure mutual authentication is necessary to address the Internet of Things (IoT) devices’ vulnerability, as there have been several years of growing concerns regarding their security. Therefore, a novel model is designed that is stronger and effective against any kind of unauthorized attack, as IoT devices’ vulnerability is on the rise due to the mass production of IoT devices (embedded processors, camera, sensors, etc.), which ignore the basic security requirements (passwords, secure communication), making them vulnerable and easily accessible. Furthermore, crackable passwords indicate that the security measures taken are insufficient. As per the recent studies, several applications regarding its requirements are the IoT distributed denial of service attack (IDDOS), micro-cloud, secure university, Secure Industry 4.0, secure government, secure country, etc. The problem statement is formulated as the “design and implementation of dynamically interconnecting fog servers and edge devices using the mode-based hash chain for secure mutual authentication protocol”, which is stated to be an NP-complete problem. The hash-chain fog/edge implementation using timestamps, mode-based hash chaining, the zero-knowledge proof property, a distributed database/blockchain, and cryptography techniques can be utilized to establish the connection of smart devices in large numbers securely. The hash-chain fog/edge uses blockchain for identity management only, which is used to store the public keys in distributed ledger form, and all these keys are immutable. In addition, it has no overhead and is highly secure as it performs fewer calculations and requires minimum infrastructure. Therefore, we designed the hash-chain fog/edge (HCFE) protocol, which provides a novel mutual authentication scheme for effective session key agreement (using ZKP properties) with secure protocol communications. The experiment outcomes proved that the hash-chain fog/edge is more efficient at interconnecting various devices and competed favorably in the benchmark comparison.

Sign in / Sign up

Export Citation Format

Share Document