To see the other types of publications on this topic, follow the link: Security protocol.
Journal articles on the topic 'Security protocol'
Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles
Consult the top 50 journal articles for your research on the topic 'Security protocol.'
Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.
You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.
Browse journal articles on a wide variety of disciplines and organise your bibliography correctly.
1
Younes, Osama, and Umar Albalawi. "Securing Session Initiation Protocol." Sensors 22, no. 23 (November 23, 2022): 9103. http://dx.doi.org/10.3390/s22239103.
Full textAbstract:
The session initiation protocol (SIP) is widely used for multimedia communication as a signaling protocol for managing, establishing, maintaining, and terminating multimedia sessions among participants. However, SIP is exposed to a variety of security threats. To overcome the security flaws of SIP, it needs to support a number of security services: authentication, confidentiality, and integrity. Few solutions have been introduced in the literature to secure SIP, which can support these security services. Most of them are based on internet security standards and have many drawbacks. This work introduces a new protocol for securing SIP called secure-SIP (S-SIP). S-SIP consists of two protocols: the SIP authentication (A-SIP) protocol and the key management and protection (KP-SIP) protocol. A-SIP is a novel mutual authentication protocol. KP-SIP is used to secure SIP signaling messages and exchange session keys among entities. It provides different security services for SIP: integrity, confidentiality, and key management. A-SIP is based on the secure remote password (SRP) protocol, which is one of standard password-based authentication protocols supported by the transport layer security (TLS) standard. However, A-SIP is more secure and efficient than SRP because it covers its security flaws and weaknesses, which are illustrated and proven in this work. Through comprehensive informal and formal security analyses, we demonstrate that S-SIP is secure and can address SIP vulnerabilities. In addition, the proposed protocols were compared with many related protocols in terms of security and performance. It was found that the proposed protocols are more secure and have better performance.
2
Sabeeruddin, Shaik. "Comparative Analysis of Network Security Controls in the Modern Era." INTERNATIONAL JOURNAL OF INNOVATIVE RESEARCH AND CREATIVE TECHNOLOGY 8, no. 6 (December 9, 2022): 1–7. https://doi.org/10.5281/zenodo.14866540.
Full textAbstract:
In the current Digital world, to protect Data and provide secure communication internally and externally, Network security Protocols like Transport Layer Security (TLS), Internet Security Protocol (IPsec), and Hypertext Transfer Protocol Secure (HTTPS) play a crucial role in maintaining Security. This Research paper analyses the comparison of these protocols and explains their Functions, Use cases, and Limitations. This case study provides insights and explains the importance of these protocols in maintaining Security and protecting confidentiality, Integrity, and Availability. By Evaluating each protocol's Characteristics and Operational Frameworks, the research further explains their impacts on Internet security standards.
3
Sharma, Garima, and Harish Mittal. "SS7 Signaling Protocol ? Security." International Journal of Scientific Engineering and Research 4, no. 5 (May 27, 2016): 31–34. https://doi.org/10.70729/ijser15811.
Full text
4
Rekha, H., and M. Siddappa. "Model Checking M2M and Centralised IOT authentication Protocols." Journal of Physics: Conference Series 2161, no. 1 (January 1, 2022): 012042. http://dx.doi.org/10.1088/1742-6596/2161/1/012042.
Full textAbstract:
Abstract It is very difficult to develop a perfect security protocol for communication over the IoT network and developing a reliable authentication protocol requires a detailed understanding of cryptography. To ensure the reliability of security protocols of IoT, the validation method is not a good choice because of its several disadvantages and limitations. To prove the high reliability of Cryptographic Security Protocols(CSP) for IoT networks, the functional correctness of security protocols must be proved secure mathematically. Using the Formal Verification technique we can prove the functional correctness of IoT security protocols by providing the proofs mathematically. In this work, The CoAP Machine to Machine authentication protocol and centralied IoT network Authentication Protocol RADIUS is formally verified using the well-known verification technique known as model checking technique and we have used the Scyther model checker for the verification of security properties of the respective protocols. The abstract protocol models of the IoT authentication protocols were specified in the security protocol description language and the security requirements of the authentication protocols were specified as claim events.
5
Günther, Felix. "Modeling advanced security aspects of key exchange and secure channel protocols." it - Information Technology 62, no. 5-6 (December 16, 2020): 287–93. http://dx.doi.org/10.1515/itit-2020-0029.
Full textAbstract:
AbstractSecure connections are at the heart of today’s Internet infrastructure, protecting the confidentiality, authenticity, and integrity of communication. Achieving these security goals is the responsibility of cryptographic schemes, more specifically two main building blocks of secure connections. First, a key exchange protocol is run to establish a shared secret key between two parties over a, potentially, insecure connection. Then, a secure channel protocol uses that shared key to securely transport the actual data to be exchanged. While security notions for classical designs of these components are well-established, recently developed and standardized major Internet security protocols like Google’s QUIC protocol and the Transport Layer Security (TLS) protocol version 1.3 introduce novel features for which supporting security theory is lacking.In my dissertation [20], which this article summarizes, I studied these novel and advanced design aspects, introducing enhanced security models and analyzing the security of deployed protocols. For key exchange protocols, my thesis introduces a new model for multi-stage key exchange to capture that recent designs for secure connections establish several cryptographic keys for various purposes and with differing levels of security. It further introduces a formalism for key confirmation, reflecting a long-established practical design criteria which however was lacking a comprehensive formal treatment so far. For secure channels, my thesis captures the cryptographic subtleties of streaming data transmission through a revised security model and approaches novel concepts to frequently update key material for enhanced security through a multi-key channel notion. These models are then applied to study (and confirm) the security of the QUIC and TLS 1.3 protocol designs.
6
Nam, Junghyun, Kim-Kwang Raymond Choo, Minkyu Park, Juryon Paik, and Dongho Won. "On the Security of a Simple Three-Party Key Exchange Protocol without Server’s Public Keys." Scientific World Journal 2014 (2014): 1–7. http://dx.doi.org/10.1155/2014/479534.
Full textAbstract:
Authenticated key exchange protocols are of fundamental importance in securing communications and are now extensively deployed for use in various real-world network applications. In this work, we reveal major previously unpublished security vulnerabilities in the password-based authenticated three-party key exchange protocol according to Lee and Hwang (2010): (1) the Lee-Hwang protocol is susceptible to a man-in-the-middle attack and thus fails to achieve implicit key authentication; (2) the protocol cannot protect clients’ passwords against an offline dictionary attack; and (3) the indistinguishability-based security of the protocol can be easily broken even in the presence of a passive adversary. We also propose an improved password-based authenticated three-party key exchange protocol that addresses the security vulnerabilities identified in the Lee-Hwang protocol.
7
Amin, Ruhul, SK Hafizul Islam, Muhammad Khurram Khan, Arijit Karati, Debasis Giri, and Saru Kumari. "A Two-Factor RSA-Based Robust Authentication System for Multiserver Environments." Security and Communication Networks 2017 (2017): 1–15. http://dx.doi.org/10.1155/2017/5989151.
Full textAbstract:
The concept of two-factor multiserver authentication protocol was developed to avoid multiple number of registrations using multiple smart-cards and passwords. Recently, a variety of two-factor multiserver authentication protocols have been developed. It is observed that the existing RSA-based multiserver authentication protocols are not suitable in terms of computation complexities and security attacks. To provide lower complexities and security resilience against known attacks, this article proposes a two-factor (password and smart-card) user authentication protocol with the RSA cryptosystem for multiserver environments. The comprehensive security discussion proved that the known security attacks are eliminated in our protocol. Besides, our protocol supports session key agreement and mutual authentication between the application server and the user. We analyze the proof of correctness of the mutual authentication and freshness of session key using the BAN logic model. The experimental outcomes obtained through simulation of the Automated Validation of Internet Security Protocols and Applications (AVISPA) S/W show that our protocol is secured. We consider the computation, communication, and storage costs and the comparative explanations show that our protocol is flexible and efficient compared with protocols. In addition, our protocol offers security resilience against known attacks and provides lower computation complexities than existing protocols. Additionally, the protocol offers password change facility to the authorized user.
8
He, Xudong, Jiabing Liu, Chin-Tser Huang, Dejun Wang, and Bo Meng. "A Security Analysis Method of Security Protocol Implementation Based on Unpurified Security Protocol Trace and Security Protocol Implementation Ontology." IEEE Access 7 (2019): 131050–67. http://dx.doi.org/10.1109/access.2019.2940512.
Full text
9
Ko, Yongho, Jiyoon Kim, Daniel Gerbi Duguma, Philip Virgil Astillo, Ilsun You, and Giovanni Pau. "Drone Secure Communication Protocol for Future Sensitive Applications in Military Zone." Sensors 21, no. 6 (March 15, 2021): 2057. http://dx.doi.org/10.3390/s21062057.
Full textAbstract:
Unmanned Aerial Vehicle (UAV) plays a paramount role in various fields, such as military, aerospace, reconnaissance, agriculture, and many more. The development and implementation of these devices have become vital in terms of usability and reachability. Unfortunately, as they become widespread and their demand grows, they are becoming more and more vulnerable to several security attacks, including, but not limited to, jamming, information leakage, and spoofing. In order to cope with such attacks and security threats, a proper design of robust security protocols is indispensable. Although several pieces of research have been carried out with this regard, there are still research gaps, particularly concerning UAV-to-UAV secure communication, support for perfect forward secrecy, and provision of non-repudiation. Especially in a military scenario, it is essential to solve these gaps. In this paper, we studied the security prerequisites of the UAV communication protocol, specifically in the military setting. More importantly, a security protocol (with two sub-protocols), that serves in securing the communication between UAVs, and between a UAV and a Ground Control Station, is proposed. This protocol, apart from the common security requirements, achieves perfect forward secrecy and non-repudiation, which are essential to a secure military communication. The proposed protocol is formally and thoroughly verified by using the BAN-logic (Burrow-Abadi-Needham logic) and Scyther tool, followed by performance evaluation and implementation of the protocol on a real UAV. From the security and performance evaluation, it is indicated that the proposed protocol is superior compared to other related protocols while meeting confidentiality, integrity, mutual authentication, non-repudiation, perfect forward secrecy, perfect backward secrecy, response to DoS (Denial of Service) attacks, man-in-the-middle protection, and D2D (Drone-to-Drone) security.
10
Wang, Ying Lian, and Jun Yao Ye. "Research on Applied-Information Technology in Hierarchical Network Security Protocols Designing Based on Public Key." Advanced Materials Research 951 (May 2014): 169–72. http://dx.doi.org/10.4028/www.scientific.net/amr.951.169.
Full textAbstract:
This paper proposed an applied-information technology in hierarchical network security protocols designing model based on public key, the designing of the protocols is to be completed in several layers. Each sub-protocol achieved a sub-goal that it should complete, and provided data interface to a higher sub-protocol. And then merged the sub-protocol of each layer, to complete the protocols designing. In the previous research, the security of the protocol in applied-information technology was always regarded as a whole, which caused the protocols designing to be tremendous complexity. The hierarchical model in applied-information technology simplifies the process of security protocols designing, and make the protocols designing more clear or less cost, the security proof more simpler.
11
Du, Jinze, Chengtai Gao, and Tao Feng. "Formal Safety Assessment and Improvement of DDS Protocol for Industrial Data Distribution Service." Future Internet 15, no. 1 (December 31, 2022): 24. http://dx.doi.org/10.3390/fi15010024.
Full textAbstract:
The Data Distribution Service (DDS) for real-time systems is an industrial Internet communication protocol. Due to its distributed high reliability and the ability to transmit device data communication in real-time, it has been widely used in industry, medical care, transportation, and national defense. With the wide application of various protocols, protocol security has become a top priority. There are many studies on protocol security, but these studies lack a formal security assessment of protocols. Based on the above status, this paper evaluates and improves the security of the DDS protocol using a model detection method combining the Dolev–Yao attack model and the Coloring Petri Net (CPN) theory. Because of the security loopholes in the original protocol, a timestamp was introduced into the original protocol, and the shared key establishment process in the original protocol lacked fairness and consistency. We adopted a new establishment method to establish the shared secret and re-verified its security. The results show that the overall security of the protocol has been improved by 16.7% while effectively preventing current replay attack.
12
Amit Singh and Dr. Devendra Singh. "Genetic Algorithm-Based Secure Routing Protocol for Wireless Sensor Networks." International Research Journal on Advanced Engineering Hub (IRJAEH) 1, no. 01 (December 20, 2023): 46–52. http://dx.doi.org/10.47392/irjaeh.2023.007.
Full textAbstract:
In a wireless sensor network (WSN), security threats are prevalent as a result of the network's distributed nature and resource limitations. This paper proposes a secure routing protocol for WSNs based on Genetic Algorithms (GA). The protocol utilizes GA to optimize secure route selection while considering network lifetime and energy efficiency. To showcase the efficiency of the suggested protocol, we present a case study, provide a detailed algorithmic representation, and evaluate its performance through extensive simulations. The results showcase the protocol's ability to enhance security and improve network performance, including increased packet delivery ratio, reduced energy consumption, and robustness against attacks. The proposed GA-based secure routing protocol offers a promising approach to address the unique security challenges of WSNs, contributing to the development of secure and efficient communication frameworks for various applications. Additionally, we highlight the significance of incorporating genetic algorithms into secure routing protocols as a means to optimize route selection in WSNs. By leveraging the evolutionary nature of genetic algorithms, our proposed protocol adapts to dynamic network conditions and effectively balances security requirements with energy efficiency and network lifetime considerations. The case study, algorithmic representation, and comprehensive simulation results validate the protocol's ability to enhance security while maintaining robust network performance. This study contributes to the advancement of secure routing in WSNs, offering a viable solution to mitigate security threats and ensure reliable communication in resource-constrained environments.
13
Ding, Xia Jun, Xiao Dan Jiang, and Yue Zhai Zheng. "The Research and Implementation of E-Commerce Secure Payment Protocol." Advanced Materials Research 267 (June 2011): 74–79. http://dx.doi.org/10.4028/www.scientific.net/amr.267.74.
Full textAbstract:
To implement e-commerce, the key issue is to ensure that the security of system on entire business process, primarily through encryption, security, security agreement to guarantee the e-commerce network security. The security protocol mainly used Secure Sockets Layer Protocol and Secure Electronic Transaction. In this paper, after analysis two kinds of protocol and the security technology used in the protocol, put forward a small scale enterprise e-commerce transaction system design of network security protocols, which play a reference role to small and medium enterprises engaged in electronic commerce and transaction security.
14
Galchynsky, Leonid, and Valeriia Korolova. "ASSESSMENT OF THE SECURITY OF WIRELESS NETWORKS IN AN URBAN ENVIRONMENT, TAKING INTO ACCOUNT THE USE OF SECURITY PROTOCOLS." Інфокомунікаційні та комп’ютерні технології, no. 2(6) (2023): 9–21. http://dx.doi.org/10.36994/2788-5518-2023-02-06-01.
Full textAbstract:
This paper presents the results of a study of assessing the level of security of wireless networks in an urban environment on the example of Kyiv. An analysis of factors affecting the level of security, in particular encryption, authentication and integrity, which affect the level of the mechanism for protecting wireless network traffic, in particular the types of protocols WER, WPA, WPA2 and WPA3, depending on the attack models, is carried out. Protocol vulnerabilities are shown in the context of different protocol configurations. The security advantage of one type of protocol over another is determined. Based on the data from public databases, the current number of wireless networks and the corresponding shares of security protocols on a global scale are determined. An automated study of wireless network security based on the Wardriving methodology in the urban environment of Kyiv was conducted, which was used to obtain data on the types of security protocols in a passive mode. The scan results showed the absence of the use of both the outdated WEP protocol and the newest WPA3 protocol. As a result of scan data processing, the shares of different types of security protocols were determined. Moreover, the scanning methodology allowed us to obtain a wider range of security protocol types than the classic values of WEP, WPA, WPA2 or WPA3, and options for using standards that provide encryption, authentication and integrity. Based on a two-stage procedure, an interval scale for assessing the security level of each type of protocol was built. At the first stage, the protocols were grouped by certain levels of protection, and then ranked within the allocated interval according to the advantages of the standards used, which allowed us to obtain an ordinal scale for assessing the security level of a protocol type. Next, the expert assessment of each type of protocol was determined, which allows for the transition to an interval assessment scale. Based on this scale and the determined shares of protocol types in this sample of scans, an assessment of the level of security of networks in the urban environment of Kyiv was obtained.
15
Zhang, Ke, Kai Xu, and Fushan Wei. "A Provably Secure Anonymous Authenticated Key Exchange Protocol Based on ECC for Wireless Sensor Networks." Wireless Communications and Mobile Computing 2018 (July 16, 2018): 1–9. http://dx.doi.org/10.1155/2018/2484268.
Full textAbstract:
In wireless sensor networks, users sometimes need to retrieve real-time data directly from the sensor nodes. Many authentication protocols are proposed to address the security and privacy aspects of this scenario. However, these protocols still have security loopholes and fail to provide strong user anonymity. In order to overcome these shortcomings, we propose an anonymous authenticated key exchange protocol based on Elliptic Curves Cryptography (ECC). The novel protocol provides strong user anonymity such that even the gateway node and the sensor nodes do not know the real identity of the user. The security of the proposed protocol is conducted in a well-defined security model under the CDH assumption. Compared with other related protocols, our protocol is efficient in terms of communication and enjoys stronger security. The only disadvantage is that our protocol consumes more computation resources due to the usage of asymmetric cryptography mechanisms to realize strong anonymity. Consequently, our protocol is suitable for applications which require strong anonymity and high security in wireless sensor networks.
16
Wu, Fusheng, Huanguo Zhang, Wengqing Wang, Jianwei Jia, and Shi Yuan. "A New Method to Analyze the Security of Protocol Implementations Based on Ideal Trace." Security and Communication Networks 2017 (2017): 1–15. http://dx.doi.org/10.1155/2017/7042835.
Full textAbstract:
The security analysis of protocols on theory level cannot guarantee the security of protocol implementations. To solve this problem, researchers have done a lot, and many achievements have been reached in this field, such as model extraction and code generation. However, the existing methods do not take the security of protocol implementations into account. In this paper, we have proposed to exploit the traces of function return values to analyze the security of protocol implementations at the source code level. Taking classic protocols into consideration, for example (like the Needham-Schroeder protocol and the Diffie-Hellman protocol, which cannot resist man-in-the-middle attacks), we have analyzed man-in-the-middle attacks during the protocol implementations and have carried out experiments. It has been shown in the experiments that our new method works well. Different from other methods of analyzing the security of protocol implementations in the literatures, our new method can avoid some flaws of program languages (like C language memory access, pointer analysis, etc.) and dynamically analyze the security of protocol implementations.
17
Liu, Shanpeng, Xiong Li, Fan Wu, Junguo Liao, Jin Wang, and Dingbao Lin. "A Novel Authentication Protocol with Strong Security for Roaming Service in Global Mobile Networks." Electronics 8, no. 9 (August 26, 2019): 939. http://dx.doi.org/10.3390/electronics8090939.
Full textAbstract:
In today’s society, Global Mobile Networks (GLOMONETs) have become an important network infrastructure that provides seamless roaming service for mobile users when they leave their home network. Authentication is an essential mechanism for secure communication among the mobile user, home network, and foreign network in GLOMONET. Recently, Madhusudhan and Shashidhara presented a lightweight authentication protocol for roaming application in GLOMONET. However, we found their protocol not only has design flaws, but is also vulnerable to many attacks. To address these weaknesses, this paper proposes a novel authentication protocol with strong security for GLOMONET based on previous work. The fuzzy verifier technique makes the protocol free from smart card breach attack, while achieving the feature of local password change. Moreover, the computational intractability of the Discrete Logarithm Problem (DLP) guarantees the security of the session key. The security of the protocol is verified by the ProVerif tool. Compared with other related protocols, our protocol achieves a higher level of security at the expense of small increases in computational cost and communication cost. Therefore, it is more suitable for securing the roaming application in GLOMONET.
18
Bala, Suman, Gaurav Sharma, Hmani Bansal, and Tarunpreet Bhatia. "On the Security of Authenticated Group Key Agreement Protocols." Scalable Computing: Practice and Experience 20, no. 1 (March 9, 2019): 93–99. http://dx.doi.org/10.12694/scpe.v20i1.1440.
Full textAbstract:
The group key agreement protocol enables to derive a shared session key for the remote members to communicate securely. Recently, several attempts are made to utilize group key agreement protocols for secure multicasting in Internet of Things. This paper contributes to identify the security vulnerabilities in the existing protocols, to avoid them in future constructions. The protocols presented by Gupta and Biswas have been found insecure to ephemeral secret key leakage (ESL) attack and also, malicious insiders can impersonate an honest participant. Additionally, the protocol presented by Tan is also ESL-insecure. We also present a fix to the Tan's protocol to make it secure.
19
Feng, Tao, Taining Chen, and Xiang Gong. "Formal Security Analysis of ISA100.11a Standard Protocol Based on Colored Petri Net Tool." Information 15, no. 2 (February 18, 2024): 118. http://dx.doi.org/10.3390/info15020118.
Full textAbstract:
This paper presents a formal security analysis of the ISA100.11a standard protocol using the Colored Petri Net (CPN) modeling approach. Firstly, we establish a security threat model for the ISA100.11a protocol and provide a detailed description and analysis of the identified security threats. Secondly, we use the CPN tool to model the protocol formally and conduct model checking and security analysis. Finally, we analyze and discuss the results of the model checking, which demonstrate that the ISA100.11a standard protocol may have vulnerabilities when certain security threats exist, and provide some suggestions to enhance the security of the protocol. This research provides a certain level of security assurance for the ISA100.11a standard protocol and serves as a reference for similar security research on protocols.
20
Lu, Jintian, Lili Yao, Xudong He, Chintser Huang, Dejun Wang, and Bo Meng. "A Security Analysis Method for Security Protocol Implementations Based on Message Construction." Applied Sciences 8, no. 12 (December 8, 2018): 2543. http://dx.doi.org/10.3390/app8122543.
Full textAbstract:
Security protocols are integral to the protection of cyberspace against malicious attacks. Therefore, it is important to be confident in the security of a security protocol. In previous years, people have worked on security of security protocol abstract specification. However, in recent years, people have found that this is not enough and have begun focusing on security protocol implementation. In order to evaluate the security of security protocol implementations, in this paper, firstly, we proposed the Message Construction to Security Protocol Implementation (MCSPI), a message construction method based on application programming interface (API) traces, which automatically generates the constructed client valid request messages. Then, we presented the Security Analysis Scheme (SAS), a security analysis scheme that generates an abstract model of a security protocol server. Next, we proposed a security analysis method to evaluate the security of security protocol implementations on the basis of constructed client request messages generated with MCSPI, corresponding to the server-side response message and server-side abstract model produced by SAS. Finally, we implemented the Security Protocol Implementation Analysis (SPIA) tool to generate client valid request messages and a server-side abstract model to assist in evaluating security protocol implementations. In our experiments, we tested Tencent QQ mail system version 2017 and RSAAuth system and found that RSAAuth is vulnerable and its server has only security checks for user password, while Tencent QQ mail system version 2017 is more secure and has strong security restrictions at server-side besides security checks for user password.
21
Lu, Yaohua, and Gangyi Ding. "Quantum Secure Multi-Party Summation with Graph State." Entropy 26, no. 1 (January 17, 2024): 80. http://dx.doi.org/10.3390/e26010080.
Full textAbstract:
Quantum secure multi-party summation (QSMS) is a fundamental problem in quantum secure multi-party computation (QSMC), wherein multiple parties compute the sum of their data without revealing them. This paper proposes a novel QSMS protocol based on graph state, which offers enhanced security, usability, and flexibility compared to existing methods. The protocol leverages the structural advantages of graph state and employs random graph state structures and random encryption gate operations to provide stronger security. Additionally, the stabilizer of the graph state is utilized to detect eavesdroppers and channel noise without the need for decoy bits. The protocol allows for the arbitrary addition and deletion of participants, enabling greater flexibility. Experimental verification is conducted to demonstrate the security, effectiveness, and practicality of the proposed protocols. The correctness and security of the protocols are formally proven. The QSMS method based on graph state introduces new opportunities for QSMC. It highlights the potential of leveraging quantum graph state technology to securely and efficiently solve various multi-party computation problems.
22
Chen, Xiaojuan, and Huiwen Deng. "Efficient Verification of Cryptographic Protocols with Dynamic Epistemic Logic." Applied Sciences 10, no. 18 (September 21, 2020): 6577. http://dx.doi.org/10.3390/app10186577.
Full textAbstract:
The security of cryptographic protocols has always been an important issue. Although there are various verification schemes of protocols in the literature, efficiently and accurately verifying cryptographic protocols is still a challenging research task. In this work, we develop a formal method based on dynamic epistemic logic to analyze and describe cryptographic protocols. In particular, we adopt the action model to depict the execution process of the protocol. To verify the security, the intruder’s actions are analyzed. We model exactly the protocol applying our formal language and give the verification models according to the security requirements of this cryptographic protocol. With analysis and proof on a selected example, we show the usefulness of our method. The result indicates that the selected protocol meets the security requirements.
23
Kang, Burong, Xinyu Meng, Lei Zhang, and Yinxia Sun. "Nonce-Based Key Agreement Protocol Against Bad Randomness." International Journal of Foundations of Computer Science 30, no. 04 (June 2019): 619–33. http://dx.doi.org/10.1142/s0129054119400161.
Full textAbstract:
Most of the existing cryptographic schemes, e.g., key agreement protocol, call for good randomness. Otherwise, the security of these cryptographic schemes cannot be fully guaranteed. Nonce-based cryptosystem is recently introduced to improve the security of public key encryption and digital signature schemes by ensuring security when randomness fails. In this paper, we first investigate the security of key agreement protocols when randomness fails. Then we define the security model for nonce-based key agreement protocols and propose a nonce-based key agreement protocol that protects against bad randomness. The new protocol is proven to be secure in our proposed security model.
24
He, Lei, Yong Gan, Na Na Li, and Tao Zhang. "A Revised Serverless Authentication Protocol with Forward Security for RFID." Applied Mechanics and Materials 29-32 (August 2010): 2267–72. http://dx.doi.org/10.4028/www.scientific.net/amm.29-32.2267.
Full textAbstract:
Information security problem has become one of the hottest issues in RFID system. More and more researchers begin to study how to provide security protection in the RFID system. In the paper, we mainly research lightweight authentication protocols in RFID system. Firstly, we analyze some protocols. Secondly, we introduce a serverless authentication protocol for RFID system and analyze its security. We find it does not provide forward security. Thirdly, we propose a revised serverless authentication protocol with forward security. It provides two-way authentication and privacy protection, resists tracking and cloning attack as well as the original protocol. Moreover, it provides forward security protection and resists desynchronization attack. For the efficiency, its computational complexity is at the same level with the protocol proposed by Tan et al.
25
Bella, Giampaolo. "What is Correctness of Security Protocols?" JUCS - Journal of Universal Computer Science 14, no. (12) (June 28, 2008): 2083–106. https://doi.org/10.3217/jucs-014-12-2083.
Full textAbstract:
As soon as major protocol flaws were discovered empirically - a good luck that is not older than the early 1990s -- this title question came up to the world. It was soon realised that some notion of formal correctness was necessary to substantiate the confidence derived from informal analyses. But protocol correctness was born in a decade when security in general was only beginning to ferment. Security protocols aim at a large variety of goals. This is partly due to the increasing domains where the protocols are finding an application, such as secure access to localarea network services, secure e-mail, e-commerce, public-key registration at certification authorities and so on. Also, several interpretations are possible about each goal. Clearly, it is impossible to study protocol correctness profitably without a universal and unambiguous interpretation of its goals. What may be typical of security problems is that it is at least as important to state a detailed and appropriate model of threats that a secure system is meant to withstand. This has been a second and significant source of perhaps useless debates around many protocols. These are certain to be some of the reasons why dozens of papers appeared about one, now popular, protocol attack in just a few years of the second half of the last decade. One of the protocol designers firmly refused those "findings" because his protocol had been conceived within a different threat model -- and perhaps for different goals -- from the one that the publications had been constructed upon. It seems obvious that an ant may survive under a single sheet of paper but certainly will not under a hard-back bulky book. It should be clarified what an ant and a bulky book precisely are. With particular attention to similar issues, this position paper discusses some findings of the author's in the area of protocol formal analysis. Their significance mostly is methodical rather than specific for particular protocols. The paper then outlines the author's favourite tool, the Inductive Method, and concludes with a few open problems.
26
Xiao, Meihua, Weiwei Song, Ke Yang, Ri OuYang, and Hanyu Zhao. "Formal Analysis of the Security Protocol with Timestamp Using SPIN." Computational Intelligence and Neuroscience 2022 (August 23, 2022): 1–11. http://dx.doi.org/10.1155/2022/2420590.
Full textAbstract:
The verification of security protocols is an important basis for network security. Now, some security protocols add timestamps to messages to defend against replay attacks by network intruders. Therefore, verifying the security properties of protocols with timestamps is of great significance to ensure network security. However, previous formal analysis method of such protocols often extracted timestamps into random numbers in order to simplify the model before modeling and verification, which probably cause time-dependent security properties that are ignored. To solve this problem, a method for verifying security protocols with timestamps using model checking technique is proposed in this paper. To preserve the time-dependent properties of the protocol, Promela (process meta language) is utilized to define global clock representing the protocol system time, timer representing message transmission time, and the clock function representing the passage of time; in addition, a mechanism for checking timestamps in messages is built using Promela. To mitigate state space explosion in model checking, we propose a vulnerable channel priority method of using Promela to build intruder model. We take the famous WMF protocol as an example by modeling it with Promela and verifying it with model checker SPIN (Simple Promela Interpreter), and we have successfully found two attacks in the protocol. The results of our work can make some security schemes based on WMF protocol used in the Internet of things or other fields get security alerts. The results also show that our method is effective, and it can provide a direction for the analysis of other security protocols with timestamp in many fields.
27
Lu, Siqi, Qingdi Han, Xuyang Miao, and Yubo Liu. "Research on Security Protocol Analysis Tool SmartVerif." Journal of Physics: Conference Series 2132, no. 1 (December 1, 2021): 012022. http://dx.doi.org/10.1088/1742-6596/2132/1/012022.
Full textAbstract:
Abstract Security protocols have been designed to protect the security of the network. However, many security protocols cannot guarantee absolute security in real applications. Therefore, security tests of the network protocol become particularly important. In this paper, firstly, we introduce SmartVerif, which is the first formal analysis tool to automatically verify the security of protocols through dynamic strategies. And then, we use SmartVerif to verify the pseudo-randomness of the encapsulated key of the Two-Pass AKE protocol, which was proposed by Liu’s in ASIACRYPT in 2020. Finally, we summary our work and show some limitations of SmartVerif. At the same time, we also point out the direction for future improvement of SmartVerif.
28
Oh, JiHyeon, SungJin Yu, JoonYoung Lee, SeungHwan Son, MyeongHyun Kim, and YoungHo Park. "A Secure and Lightweight Authentication Protocol for IoT-Based Smart Homes." Sensors 21, no. 4 (February 21, 2021): 1488. http://dx.doi.org/10.3390/s21041488.
Full textAbstract:
With the information and communication technologies (ICT) and Internet of Things (IoT) gradually advancing, smart homes have been able to provide home services to users. The user can enjoy a high level of comfort and improve his quality of life by using home services provided by smart devices. However, the smart home has security and privacy problems, since the user and smart devices communicate through an insecure channel. Therefore, a secure authentication protocol should be established between the user and smart devices. In 2020, Xiang and Zheng presented a situation-aware protocol for device authentication in smart grid-enabled smart home environments. However, we demonstrate that their protocol can suffer from stolen smart device, impersonation, and session key disclosure attacks and fails to provide secure mutual authentication. Therefore, we propose a secure and lightweight authentication protocol for IoT-based smart homes to resolve the security flaws of Xiang and Zheng’s protocol. We proved the security of the proposed protocol by performing informal and formal security analyses, using the real or random (ROR) model, Burrows–Abadi–Needham (BAN) logic, and the Automated Validation of Internet Security Protocols and Applications (AVISPA) tool. Moreover, we provide a comparison of performance and security properties between the proposed protocol and related existing protocols. We demonstrate that the proposed protocol ensures better security and lower computational costs than related protocols, and is suitable for practical IoT-based smart home environments.
29
Lv, Jiaxian, Yi Wang, Jinshu Su, Rongmao Chen, and Wenjun Wu. "Security of Auditing Protocols Against Subversion Attacks." International Journal of Foundations of Computer Science 31, no. 02 (February 2020): 193–206. http://dx.doi.org/10.1142/s0129054120500033.
Full textAbstract:
In 2013, the revelation of Edward Snowden rekindled cryptographic researchers’ interest in subversion attacks. Since then, many works have been carried out to explore the power of subversion attacks and feasible effective countermeasures as well. In this work, we investigate the study of subversion attacks against cloud auditing protocol, which has been well-known as useful primitive for secure cloud storage. We demonstrate that subverted auditing protocol enables the cloud server to recover secret information stored on the data owner side. Particularly, we first define an asymmetric subversion attack model for auditing protocol. This model serves as the principle for analyzing the undetectability and key recovery of subversion attacks against auditing protocols. We then show a general framework of asymmetric subversion attacks against auditing protocols with index-coefficient challenge. To illustrate the feasibility of our paradigm, several concrete auditing protocols are provided. As a feasible countermeasure, we propose a subversion-resilient auditing protocol with index-coefficient challenge.
30
Kolev, Kaloyan, and Yordan Shterev. "WIRELESS SECURITY ISSUES." ENVIRONMENT. TECHNOLOGIES. RESOURCES. Proceedings of the International Scientific and Practical Conference 4 (June 22, 2024): 150–54. http://dx.doi.org/10.17770/etr2024vol4.8186.
Full textAbstract:
Wireless home networks, for small organizations, as well as multi-user institutions and public networks need to be secured. This is a topical issue, especially since wireless protocols do not always provide good protection. The article aims to discuss the vulnerabilities and privacy security issues associated with wireless networks. The tools airmon-ng for monitoring, WireShark for snooping, aircrack-ng for dictionary pre-generation and also airodump-ng and aireplay-ng present in Kali Lunix were used. The results of attacks and penetration tests performed on an experimental wireless connection protected with WPA2 show the vulnerability of wireless networks protected with this protocol. Therefore, accelerated implementation of WPA3 protocol is imperative.
31
U., Pavan Kumar. "IMPLEMENTATION OF A SECURITY PROTOCOL FOR BLUETOOTH AND WI-FI." International Journal of Network Security & Its Applications (IJNSA) 5, no. 3 (May 27, 2013): 67–83. https://doi.org/10.5281/zenodo.4289544.
Full textAbstract:
This paper is mainly based on providing security to the wireless networks through which devices like Bluetooth gets connected. The Wi-Fi connections are also prone to various attacks these days. The protocols that are required to provide security to wireless networks can be implemented by creating a wireless scenario using the software Network Simulator. This paper illustrates a scenario to check the security protocol. As NS2 mainly has the implementation of routing protocols, a new protocol should be designed especially for security purpose. This is done by following many tutorials to get a minimum basic knowledge of NS2, C/C++ coding. The security feature followed in the paper is encryption/decryption of the data that is being exchanged. Data should be ensured as and then there will be a perfect implementation of the protocol. So, the paper throughout concentrates on adding a new security protocol to NS2 and implementation of that protocol by providing a wireless scenario.
32
Peng, She Qiang, and Long Wang. "Research on RFID Multi-Authentication Protocol Based on Hash Function." Applied Mechanics and Materials 427-429 (September 2013): 2403–7. http://dx.doi.org/10.4028/www.scientific.net/amm.427-429.2403.
Full textAbstract:
To address the security problems caused by the fake readers, and the weakness of low authentication protocol efficiency, a new RFID security authentication protocol based on Hash function is proposed. The security ability of the protocol is compared with other protocols' and is proved by doing the formal analysis. The theoretical analysis and formal proof is presented to prove the security ability of the protocol. Consequently, the result showed that the new protocol could protect the data privacy, achieve the data synchronization, prevent the tag from location tracking, avoid information reproduction, prevent clone and counterfeit and possess forward security ability which was useful for low-cost tags.
33
Xiao, Meihua, Yuqiong Chen, Zehuan Li, Quangang Chen, and Ruihan Xu. "Proving Mutual Authentication Property of Industrial Internet of Things Multi-Factor Authentication Protocol Based on Logic of Events." Electronics 13, no. 1 (December 30, 2023): 177. http://dx.doi.org/10.3390/electronics13010177.
Full textAbstract:
Security protocols are the basis of modern network communication, proving that the security problem of protocols is one of the hot research topics today. The data in industrial IoT are usually transmitted through insecure channels, which brings certain security risks. The Logic of Events is a formal method for proving the security properties of protocols based on event systems. The new theoretical extension is based on the Logic of Events theory, which proposes new event classes Compurte, TimeGap, Construct, and Reconstruct and an axiom AxiomRe and related inference rules for malicious attacks and security privacy issues in emerging protocols, as well as extending the matching descriptions of protocol behaviours in complex cryptographic algorithms and information sharing techniques for applications for the formal analysis of authentication protocols for the Industrial Internet of Things. Finally, formal analysis is carried out using the example of a secure multi-factor authentication protocol for the industrial IoT, which proves the security of the protocol.
34
Abu Dhailah, Hala, Eyad Taqieddin, and Abdallah Alma'aitah. "An Enhanced and Resource-Aware RFID Multitag Grouping Protocol." Security and Communication Networks 2019 (May 23, 2019): 1–15. http://dx.doi.org/10.1155/2019/6862052.
Full textAbstract:
Several grouping proof protocols were presented to meet the security requirements of Radio Frequency Identification Systems. Nevertheless, these protocols were shown to be vulnerable to various attacks. In this work, we cryptanalyze one of the newest grouping proof protocols. Through this analysis, we show the weaknesses of the protocol and launch a full-disclosure attack to disclose all secrets in the protocol. We show that the probability of success of the protocol is one and that increasing the length of the strings adds little complexity to the attack. We follow this by proposing an enhanced version of the protocol with better overall security. We show its efficiency by providing a security and performance analysis and comparing it with some of the existing protocols in the literature.
35
Liu, Defu, Guowu Yang, Yong Huang, and Jinzhao Wu. "Inductive Method for Evaluating RFID Security Protocols." Wireless Communications and Mobile Computing 2019 (April 11, 2019): 1–8. http://dx.doi.org/10.1155/2019/2138468.
Full textAbstract:
Authentication protocol verification is a difficult problem. The problem of “state space explosion” has always been inevitable in the field of verification. Using inductive characteristics, we combine mathematical induction and model detection technology to solve the problem of “state space explosion” in verifying the OSK protocol and VOSK protocol of RFID system. In this paper, the security and privacy of protocols in RFID systems are studied and analysed to verify the effectiveness of the combination of mathematical induction and model detection. We design a (r,s,t)-security experiment on the basis of privacy experiments in the RFID system according to the IND-CPA security standard in cryptography, using mathematical induction to validate the OSK protocol and VOSK protocol. Finally, the following conclusions are presented. The OSK protocol cannot resist denial of service attacks or replay attacks. The VOSK protocol cannot resist denial of service attacks but can resist replay attacks. When there is no limit on communication, the OSK protocol and VOSK protocol possess (r,s,t)-privacy; that is to say they can resist denial of service attacks.
36
Ang Soh, Zhen, and Swee Huay Heng. "Security and Privacy of Contact Tracing Protocols for COVID-19." Journal of Engineering Technology and Applied Physics 4, no. 1 (March 15, 2022): 30–34. http://dx.doi.org/10.33093/jetap.2022.4.1.5.
Full textAbstract:
Contact tracing is a way to track people who have been in contact with infected patients of COVID-19 and thereby effective control is achieved. Various countries have developed their own contact tracing applications which deploy the same or different protocol. It is of utmost importance to improve public awareness on the potential hidden risks of the respective protocols and applications and instill user confidence. The purpose of this research is to study the security and privacy of the existing contact tracing protocols to ensure that the security and privacy of users can be guaranteed. The protocols used by the applications include DP-3T protocol, TCN protocol, PEPP-PT protocol and BlueTrace protocol. The architecture of the protocols can be classified into centralised and decentralised architectures. In addition, the contact tracing applications in seven selected countries will be briefly analysed and compared. Some common user concerns are also outlined.
37
Song, Jiawen, Meihua Xiao, Tong Zhang, and Haoyang Zhou. "Proving authentication property of PUF-based mutual authentication protocol based on logic of events." Soft Computing 26, no. 2 (November 12, 2021): 841–52. http://dx.doi.org/10.1007/s00500-021-06163-9.
Full textAbstract:
AbstractPUF (Physical unclonable function) is a new hardware security primitive, and the research on PUFs is one of the emerging research focuses. For PUF-based mutual authentication protocols, a method to abstract the security properties of hardware by using logic of events is proposed, and the application aspects of logic of events are extended to protocols based on hardware security. With the interaction of PUF-based mutual authentication protocol formally described by logic of events, the basic sequences are constructed and the strong authentication property in protocol interaction process is verified. Based on the logic of events, the freshness of nonces is defined, and the persist rule is proposed according to the concept of freshness, which ensures the consistency of the protocol state and behavior predicate in the proof process, and reduces the complexity and redundancy in the protocol analysis process. Under reasonable assumptions, the security of the protocol is proven, and the fact that logic of events applies to PUF-based mutual authentication protocols is shown.
38
Thammarat, Chalee. "Efficient and Secure NFC Authentication for Mobile Payment Ensuring Fair Exchange Protocol." Symmetry 12, no. 10 (October 9, 2020): 1649. http://dx.doi.org/10.3390/sym12101649.
Full textAbstract:
The standard protocol of near field communication (NFC) has concentrated primarily on the speed of communication while ignoring security properties. Message between an NFC-enabled smartphone and a point of sale are exchanged over the air (OTA), which is a message considered an authentication request for payment, billing, ticketing, loyalty services, identification or access control. An attacker who has an antenna can intercept or manipulate the exchanged messages to take advantage of these. In order to solve this problem, many researchers have suggested authentication methods for NFC communications. However, these remain inadequate transaction security and fairness. In this paper, we will propose a technique that ensures mutual authentication, security properties, and strong fairness. Mutual authentication is a security property that prevents replay attacks and man-in-the-middle attacks. Both fair exchange and transaction security are also significant issues in electronic transactions with regards to creating trust among the parties participating in the transaction. The suggested protocol deploys a secure offline session key generation technique to increase transaction security and, importantly, make our protocol lightweight while maintaining the fairness property. Our analysis suggests that our protocol is more effective than others regarding transaction security, fairness, and lightweight protocol. The proposed protocol checks robustness and soundness using Burrows, Abadi and Needham (BAN) logic, the Scyther tool, and automated validation of internet security protocols and applications (AVISPA) that provide formal proofs for security protocols. Furthermore, our protocol can resolve disputes in case one party misbehaves.
39
Che, Xin, Yangyang Geng, Ge Zhang, and Mufeng Wang. "Fuzzing Technology Based on Information Theory for Industrial Proprietary Protocol." Electronics 12, no. 14 (July 11, 2023): 3041. http://dx.doi.org/10.3390/electronics12143041.
Full textAbstract:
With the rapid development of the Industrial Internet of Things (IIoT), programmable logic controllers (PLCs) are becoming increasingly intelligent, leading to improved productivity. However, this also brings about a growing number of security vulnerabilities. As a result, efficiently identifying potential security vulnerabilities in PLCs has become a crucial research topic for security researchers. This article proposes a method for fuzzing industrial proprietary protocols to effectively identify security vulnerabilities in PLCs’ proprietary protocols. The aim of this study is to develop a protocol fuzzing approach that can uncover security vulnerabilities in PLCs’ proprietary protocols. To achieve this, the article presents a protocol structure parsing algorithm specifically designed for PLC proprietary protocols, utilizing information theory. Additionally, a fuzzing case generation algorithm based on genetic algorithms is introduced to select test cases that adhere to the format specifications of the proprietary protocol while exhibiting a high degree of mutation. The research methodology consists of several steps. Firstly, the proposed protocol structure parsing algorithm is used to analyze two known industrial protocols, namely Modbus TCP and S7Comm. The parsing results obtained from the algorithm are then compared with the correct results to validate its effectiveness. Next, the protocol structure parsing algorithm is applied to analyze the proprietary protocol formats of two PLC models. Finally, based on the analysis results, the PLCs are subjected to fuzzing. Overall, the proposed protocol fuzzing approach, incorporating the protocol structure parsing algorithm and the fuzzing case generation algorithm, successfully identifies two denial-of-service vulnerabilities in the PLCs’ proprietary protocols. Notably, one of these vulnerabilities is a zero-day vulnerability, indicating that it was previously unknown and undisclosed.
40
Huo, Lin, Yi Lin Jiang, and Liang Qing Hu. "Research on Hash-Based Low-Cost RFID Security Authentication Protocol." Advanced Materials Research 846-847 (November 2013): 1524–30. http://dx.doi.org/10.4028/www.scientific.net/amr.846-847.1524.
Full textAbstract:
Because RFID does not require line of sight communication, low-cost and efficient operation with these outstanding advantages RFID are being widely used, followed by privacy and security vulnerabilities and other issues. Afterdescribe and analysis the facing security issues and the existing security protocols on the stage, proposed a low-cost RFID security authentication protocol based on hash function, this protocol use hash function and random numbers to ensure the safe and efficient control access between the tags and readers,and from the perspective of quantitative estimates the cost of tag. After setting up the idealized protocol model,by using the BAN logic formal analysis this protocol , and prove the security of protocol theoretically .
41
Tambunan, Alexander Theo Philus, Adi Prijuna Lubis, and Syartika Anggraini. "Perancangan Sistem Keamanan File Transfer Protocol Dengan Secure Socket Layer Pada Server Centos 7." J-Com (Journal of Computer) 1, no. 2 (July 31, 2021): 95–102. http://dx.doi.org/10.33330/j-com.v2i1.1206.
Full textAbstract:
Abstract: An advancement in communication technology currently has an influence on developments in data management in the joints of life, making the need for a media center something a must in digital archive storage. Data will not always be stored in personal computers, but it would be better if there was a centralized data container to be a solution in storage media, in order to prevent data loss or data backup. The term network (network) is used when there are at least two or more devices that are connected to one another. To carry out data exchange in this network, a protocol is used that specifies how data is exchanged, and one of the most widely used protocols is the File Transfer Protocol (FTP). FTP is generally useful as a means of exchanging files or data in a network. The FTP protocol is not secure enough, because when data transfer there is no security to protect it. Therefore the FTP protocol is necessary for additional security, by implementing the SSL security protocol or Secure Socket Layer Security protecting the FTP protocol during data transfer. SSL certificates are used for the purpose of handling the security of data packets transmitted over the network system. When SSL is activated, the server and client when the connection occurs will be encrypted so that the data cannot be seen by others. Keywords: FTP; Network; Server; SSL Abstrak: Suatu Kemajuan teknologi komunikasi saat ini memiliki pengaruh terhadap perkembangan didalam pengelolaan data didalam sendi kehidupan, membuat kebutuhan akan media center menjadi sesuatu yang harus dalam penyimpanan arsip digital. Data tidak selamanya akan tersimpan di dalam personal computer saja tetapi akan lebih baik jika ada wadah data terpusat menjadi solusi dalam media penyimpanan, agar menjaga dari kehilangan data atau cadangan data. Istilah jaringan (network) dipakai apabila terdapat minimal dua atau lebih perangkat yang terhubungkan satu dengan yang lainnya. Untuk melaksanakn pertukaran data didalam jaringan ini, digunakan protocol yang menspesifikasikan bagaimana data dipertukarkan, dan salah satu protocol yang banyak digunakan adalah File Transfer Protocol (FTP). FTP umumnya bermanfaat sebagai sarana pertukaran file atau data dalam suatu network. Protokol FTP tidaklah cukup aman, dikarenakan ketika transfer data tidak ada keamanan untuk melindunginya. Maka dari itu protokol FTP perlu untuk penambahan keamanan, dengan menerapkan protokol keamanan SSL atau Secure Socket Layer Security melindungi protokol FTP pada saat transfer data. Sertifikat SSL dimanfaatkan untuk keperluan menangani keamanan paket data yang ditransmisikan melalui sistem jaringan. Ketika SSL diakatifkan, maka server dan client ketika terjadi koneksi akan ter enkripsi sehingga data yang ada tidak dapat untuk dilihat oleh orang lain. Kata kunci: FTP;Network; Server; SSL
42
M. M., Yusuf, Fumlack K. G., Caleb M., and Okpalaifeako L. C. "An Efficient Security Routing Protocol for Cloud-Based Networks Using Cisco Packet Tracer." British Journal of Computer, Networking and Information Technology 7, no. 2 (July 12, 2024): 49–67. http://dx.doi.org/10.52589/bjcnit-oyirlauk.
Full textAbstract:
In light of growing cloud computing usage, this study is designed and implemented on an efficient security routing protocol for cloud-based networks using Cisco Packet Tracer. Cloud computing's shared resources and dynamic scalability make cloud-based networks vulnerable to unwanted access, data breaches, and insider assaults, prompting the research. The research objectives are to identify and categorize security threats, evaluate existing security solutions, propose an enhanced security measures, and validate these solutions through simulations in Cisco Packet Tracer. A mixed-methods approach was adopted, integrating quantitative and qualitative research designs. Primary data were collected through surveys using Google form and network analysis tools within Cisco Packet Tracer, while secondary data is derived from a comprehensive literature review. The study employed a random sampling technique to select participants with relevant expertise in cloud security. Data analysis involved thematic analysis to identify patterns in the literature and content analysis to extract insights from survey responses. Statistical tests were used to analyze quantitative data, and network analysis was conducted on data obtained from Cisco Packet Tracer simulations. Key findings revealed that data breaches, unauthorized access, insider threats, malware, ransomware attacks, and Denial of Service (DoS) attacks were significant security concerns. The survey results indicated a consensus on the importance of specific features in efficient security routing protocols but also highlighted skepticism regarding the effectiveness of existing protocols. The proposed security measures, including the Three-Level Enabled Secret protocol, Encryption protocol, Secure Shell protocol (SSH), and various routing protocols such as EIGRP, RIP, BGP, and OSPF, Trunk protocol, switch-port security protocol were validated through simulations and showed effectiveness in mitigating security threats. The study has both theoretical and practical implications, contributing to the body of knowledge in cloud computing security and providing practical recommendations for organisations to strengthen their cloud security posture. Limitations include the simulation-based approach and the focus on specific security protocols, suggesting areas for further research in real-world implementation and integration with emerging technologies.
43
Tian, Yuan, Nanyijia Zhang, and Jian Li. "Two Novel Semi-Quantum Secure Direct Communication Protocols in IoT." Sensors 24, no. 24 (December 14, 2024): 7990. https://doi.org/10.3390/s24247990.
Full textAbstract:
As Internet of Things (IoT) technology continues to advance, there is a growing awareness of IoT security within the industry. Quantum communication technology can potentially significantly improve the communication security of IoT devices. Based on semi-quantum cryptography and utilizing single photons, this paper introduces two semi-quantum secure direct communication (SQSDC) protocols for use in smart door locks. Protocol 1 is more efficient, and the efficiency analysis shows that the communication efficiency is as high as 28.57%. Security analysis demonstrates the asymptotic security of the protocols, effectively resisting intercept–measure–resend attacks and entangle–measure attacks from potential eavesdroppers. The extended SQSDC protocol (protocol 2) builds upon protocol 1 by enabling a single qubit to transmit two bits of information, resulting in a double efficiency outcome.
44
Safkhani, Masoumeh, Nasour Bagheri, and Mahyar Shariat. "On the Security of Rotation Operation Based Ultra-Lightweight Authentication Protocols for RFID Systems." Future Internet 10, no. 9 (August 21, 2018): 82. http://dx.doi.org/10.3390/fi10090082.
Full textAbstract:
Passive Radio Frequency IDentification (RFID) tags are generally highly constrained and cannot support conventional encryption systems to meet the required security. Hence, designers of security protocols may try to achieve the desired security only using limited ultra-lightweight operations. In this paper, we show that the security of such protocols is not provided by using rotation functions. In the following, for an example, we investigate the security of an RFID authentication protocol that has been recently developed using rotation function named ULRAS, which stands for an Ultra-Lightweight RFID Authentication Scheme and show its security weaknesses. More precisely, we show that the ULRAS protocol is vulnerable against de-synchronization attack. The given attack has the success probability of almost ‘1’, with the complexity of only one session of the protocol. In addition, we show that the given attack can be used as a traceability attack against the protocol if the parameters’ lengths are an integer power of 2, e.g., 128. Moreover, we propose a new authentication protocol named UEAP, which stands for an Ultra-lightweight Encryption based Authentication Protocol, and then informally and formally, using Scyther tool, prove that the UEAP protocol is secure against all known active and passive attacks.
45
Li, Fu Lin, Jie Yang, Hong Wei Zhou, and Ying Liu. "A New Dynamic Protocol Analysis Model." Advanced Materials Research 765-767 (September 2013): 1761–65. http://dx.doi.org/10.4028/www.scientific.net/amr.765-767.1761.
Full textAbstract:
Traditional static analysis methods such as formal validation and theorem proving were used to analyze protocols security previously. These methods can not measure and evaluate actual security of protocols accurately for the setting and suppose are far from the actual conditions. This paper proposes a new dynamic protocol analysis model. The system based on the model can be used to active test in actual running conditions, analyze known protocols security, integrity, robustness, and analyze unknown protocols online, provide support for protocol designer. The systems structure, working flow and implementation of key modules are described. The experimental results validate the validity of the models design.
46
Sun, Xin, Piotr Kulicki, and Mirek Sopek. "Lottery and Auction on Quantum Blockchain." Entropy 22, no. 12 (December 5, 2020): 1377. http://dx.doi.org/10.3390/e22121377.
Full textAbstract:
This paper proposes a protocol for lottery and a protocol for auction on quantum Blockchain. Our protocol of lottery satisfies randomness, unpredictability, unforgeability, verifiability, decentralization and unconditional security. Our protocol of auction satisfies bid privacy, posterior privacy, bids’ binding, decentralization and unconditional security. Except quantum Blockchain, the main technique involved in both protocols is quantum bit commitment.
47
Huang, Chao, Bin Wang, Zhaoyang Bao, and Wenhao Qi. "2FAKA-C/S: A Robust Two-Factor Authentication and Key Agreement Protocol for C/S Data Transmission in Federated Learning." Applied Sciences 14, no. 15 (July 30, 2024): 6664. http://dx.doi.org/10.3390/app14156664.
Full textAbstract:
As a hot technology trend, the federated learning (FL) cleverly combines data utilization and privacy protection by processing data locally on the client and only sharing model parameters with the server, embodying an efficient and secure collaborative learning model between clients and aggregated Servers. During the process of uploading parameters in FL models, there is susceptibility to unauthorized access threats, which can result in training data leakage. To ensure data security during transmission, the Authentication and Key Agreement (AKA) protocols are proposed to authenticate legitimate users and safeguard training data. However, existing AKA protocols for client–server (C/S) architecture show security deficiencies, such as lack of user anonymity and susceptibility to password guessing attacks. In this paper, we propose a robust 2FAKA-C/S protocol based on ECC and Hash-chain technology. Our security analysis shows that the proposed protocol ensures the session keys are semantically secure and can effectively resist various attacks. The performance analysis indicates that the proposed protocol achieves a total running time of 62.644 ms and requires only 800 bits of communication overhead, showing superior computational efficiency and lower communication costs compared to existing protocols. In conclusion, the proposed protocol securely protects the training parameters in a federated learning environment and provides a reliable guarantee for data transmission.
48
Lee, JoonYoung, Jihyeon Oh, and Youngho Park. "A Secure and Anonymous Authentication Protocol Based on Three-Factor Wireless Medical Sensor Networks." Electronics 12, no. 6 (March 13, 2023): 1368. http://dx.doi.org/10.3390/electronics12061368.
Full textAbstract:
Wireless medical sensor networks (WMSNs), a type of wireless sensor network (WSN), have enabled medical professionals to identify patients’ health information in real time to identify and diagnose their conditions. However, since wireless communication is performed through an open channel, an attacker can steal or manipulate the transmitted and received information. Because these attacks are directly related to the patients’ lives, it is necessary to prevent these attacks upfront by providing the security of WMSN communication. Although authentication protocols are continuously developed to establish the security of WMSN communication, they are still vulnerable to attacks. Recently, Yuanbing et al. proposed a secure authentication scheme for WMSN. They emphasized that their protocol is able to resist various attacks and can ensure mutual authentication. Unfortunately, this paper demonstrates that Yuanbing et al.’s protocol is vulnerable to smart card stolen attacks, ID/password guessing attacks, and sensor node capture attacks. In order to overcome the weaknesses and effectiveness of existing studies and to ensure secure communication and user anonymity of WMSN, we propose a secure and anonymous authentication protocol. The proposed protocol can prevent sensor capture, guessing, and man-in-the-middle attacks. To demonstrate the security of the proposed protocol, we perform various formal and informal analyses using AVISPA tools, ROR models, and BAN logic. Additionally, we compare the security aspects with related protocols to prove that the proposed protocol has excellent security. We also prove the effectiveness of our proposed protocol compared with related protocols in computation and communication costs. Our protocol has low or comparable computation and communication costs compared to related protocols. Thus, our protocol can provide services in the WMSN environment.
49
Lee, Sangjun, Seunghwan Son, DeokKyu Kwon, Yohan Park, and Youngho Park. "A Secure and Efficient Authentication Scheme for Fog-Based Vehicular Ad Hoc Networks." Applied Sciences 15, no. 3 (January 25, 2025): 1229. https://doi.org/10.3390/app15031229.
Full textAbstract:
Recently, the application of fog-computing technology to vehicular ad hoc networks (VANETs) has rapidly advanced. Despite these advancements, challenges remain in ensuring efficient communication and security. Specifically, there are issues such as the high communication and computation load of authentications and insecure communication over public channels between fog nodes and vehicles. To address these problems, a lightweight and secure authenticated key agreement protocol for confidential communication is proposed. However, we found that the protocol does not offer perfect forward secrecy and is vulnerable to several attacks, such as privileged insider, ephemeral secret leakage, and stolen smart card attacks. Furthermore, their protocol excessively uses elliptic curve cryptography (ECC), resulting in delays in VANET environments where authentication occurs frequently. Therefore, this paper proposes a novel authentication protocol that outperforms other related protocols regarding security and performance. The proposed protocol reduced the usage frequency of ECC primarily using hash and exclusive OR operations. We analyzed the proposed protocol using informal and formal methods, including the real-or-random (RoR) model, Burrows–Abadi–Nikoogadam (BAN) logic, and automated validation of internet security protocols and applications (AVISPA) simulation to show that the proposed protocol is correct and secure against various attacks. Moreover, We compared the computational cost, communication cost, and security features of the proposed protocol with other related protocols and show that the proposed methods have better performance and security than other schemes. As a result, the proposed scheme is more secure and efficient for fog-based VANETs.
50
Nam, Junghyun, Kim-Kwang Raymond Choo, Juryon Paik, and Dongho Won. "Password-Only Authenticated Three-Party Key Exchange Proven Secure against Insider Dictionary Attacks." Scientific World Journal 2014 (2014): 1–15. http://dx.doi.org/10.1155/2014/802359.
Full textAbstract:
While a number of protocols for password-only authenticated key exchange (PAKE) in the 3-party setting have been proposed, it still remains a challenging task to prove the security of a 3-party PAKE protocol against insider dictionary attacks. To the best of our knowledge, there is no 3-party PAKE protocol that carries a formal proof, or even definition, of security against insider dictionary attacks. In this paper, we present the first 3-party PAKE protocol proven secure against both online and offline dictionary attacks as well as insider and outsider dictionary attacks. Our construct can be viewed as a protocol compiler that transforms any 2-party PAKE protocol into a 3-party PAKE protocol with 2 additional rounds of communication. We also present a simple and intuitive approach of formally modelling dictionary attacks in the password-only 3-party setting, which significantly reduces the complexity of proving the security of 3-party PAKE protocols against dictionary attacks. In addition, we investigate the security of the well-known 3-party PAKE protocol, called GPAKE, due to Abdalla et al. (2005, 2006), and demonstrate that the security of GPAKE against online dictionary attacks depends heavily on the composition of its two building blocks, namely a 2-party PAKE protocol and a 3-party key distribution protocol.