Home About us Contact
|
Home About us Contact | ||
|
|
||
Authentication Protocol (authentication + protocol)
Selected AbstractsA new privacy and authentication protocol for end-to-end mobile usersINTERNATIONAL JOURNAL OF COMMUNICATION SYSTEMS, Issue 9 2003Cheng-Chi Lee Abstract In this papecr, we propose a new privacy and authentication scheme for end-to-end mobile users. There are three goals in our scheme. The first allows two end-to-end mobile users to communicate privately each other. The second allows two end-to-end mobile users to distribute a session key simply. The third allows two end-to-end mobile users to mutually authenticate. Copyright © 2003 John Wiley & Sons, Ltd. [source] CDMA 1x Ev-DO securityBELL LABS TECHNICAL JOURNAL, Issue 4 2007Semyon Mizikovsky CDMA 1x evolution,data optimized (1x EV-DO) is defined in the TIA/EIA IS-856 and IS-835 standards. The security of 1x EV-DO offers authentication, integrity, and encryption capabilities. 1x EV-DO supports authentication of the access terminal (AT) to authorize access to the wireless network, as well as authentication of a subscription to authorize access to the Internet Protocol (IP) network. The system also provides session security via re-authenticating the AT during a session to prevent 1x EV-DO session hijacking and to protect integrity of the user packets. This paper will outline security threats to the 1x EV-DO system, security algorithms, authentication and authorization procedures, and ciphering procedures. The 1x EV-DO security will be detailed here for key exchange, authentication, and encryption functions by supporting the following protocols: security protocol, key exchange protocol, authentication protocol, and encryption protocol. Finally, a summary of 1x EV-DO security evolution will be presented © 2007 Alcatel-Lucent. [source] A scheme for authentication and dynamic key exchange in wireless networksBELL LABS TECHNICAL JOURNAL, Issue 2 2002Uri Blumenthal Despite significant shortcomings in the initial security architecture, 802.11 wireless LANs have experienced explosive growth in recent years. Ongoing work in IEEE standards bodies is currently attempting to fix these shortcomings. One specific topic that has received extensive attention is how to enable these networks to authenticate users and to dynamically establish per-user per-session cryptographic keys. The IEEE 802.1x Port-Based Access Control standard, which formalizes a new EAP-over-LAN (EAPOL) protocol, has emerged as the preferred way to achieve this. The EAPOL protocol employs the extensible authentication protocol (EAP), standardized by the Internet Engineering Task Force, to allow the use of existing and new authentication methods and authentication, authorization, and accounting (AAA) infrastructure. In this paper we present a new EAP scheme,called shared key exchange (SKE),suitable for use in 802.11 private or public access wireless LANs. The scheme relies on secure pre-shared secret keys in wireless LAN mobile nodes devices and AAA servers. When instantiated with relatively minor changes to RADIUS and EAP,the resulting protocol is provably secure and offers a full set of security features. A second, simplified protocol results from minimal modifications to existing RADIUS and EAP standards, but it provides a lower level of security. Both protocols efficiently support roaming scenarios wherein an end user roams across different networks and requires frequent re-authentication with low latency. The protocols can easily be extended to support migration to new AAA protocols such as DIAMETER. © 2002 Lucent Technologies Inc. [source] A public-key based authentication and key establishment protocol coupled with a client puzzleJOURNAL OF THE AMERICAN SOCIETY FOR INFORMATION SCIENCE AND TECHNOLOGY, Issue 9 2003M.C. Lee Network Denial-of-Service (DoS) attacks, which exhaust server resources and network bandwidth, can cause the target servers to be unable to provide proper services to the legitimate users and in some cases render the target systems inoperable and/or the target networks inaccessible. DoS attacks have now become a serious and common security threat to the Internet community. Public Key Infrastructure (PKI) has long been incorporated in various authentication protocols to facilitate verifying the identities of the communicating parties. The use of PKI has, however, an inherent problem as it involves expensive computational operations such as modular exponentiation. An improper deployment of the public-key operations in a protocol could create an opportunity for DoS attackers to exhaust the server's resources. This paper presents a public-key based authentication and key establishment protocol coupled with a sophisticated client puzzle, which together provide a versatile solution for possible DoS attacks and various other common attacks during an authentication process. Besides authentication, the protocol also supports a joint establishment of a session key by both the client and the server, which protects the session communications after the mutual authentication. The proposed protocol has been validated using a formal logic theory and has been shown, through security analysis, to be able to resist, besides DoS attacks, various other common attacks. [source] | ||||||||||