Identity Authentication Protocol Research Articles

A Quantum Protocol for (t,n)-Threshold Identity Authentication Based on Greenberger-Horne-Zeilinger States

A quantum protocol for (t,n)-threshold identity authentication based on Greenberger-Horne-Zeilinger states is presented. A trusted third party (TTP) can authenticate the users simultaneously when and only when t or more users among n apply for authentication. Compared with the previous multiparty simultaneous quantum identity authentication (MSQIA) protocols, the proposed scheme is more flexible and suitable for practical applications.

Rapid Identification Authentication Protocol for Mobile Nodes in Internet of Things with Privacy Protection

Mobile nodes in the Internet of things often move from one cluster to another, in which cryptography based protocols are required to provide rapid identification authentication and privacy protection. A single-step protocol was presented for the occasion that the mobile node joins a new cluster. The presented protocol contains a valid request message and an answer authentication message, which rapidly implements identification authentication and privacy protection. The protocol’s privacy protection properties were formalized in the applied pi calculus and security performance was analyzed. It is concluded that the proposed protocol can resist replay attack, eavesdropping attack, and tracking or location privacy attack. It satisfies both untraceability and forward privacy these two privacy protection properties. Compared with other single-step protocols such as basic hash protocol and OSK protocol, the proposed protocol has less communication overhead, more security and more privacy protection properties over these related protocols.

Design and Security Analysis of Mobile Identity Authentication Protocol

One Time Password (OTP) authentication mechanism has higher security by one time padding. It is implemented simply, cost less and needed no third-party notarization, and so it is more suitable for limited environment in mobile commerce. But OTP has some securities, which it couldn’t resist decimal attack and realize bidirectional identity authentication. Combined with Elliptic curve cryptosystem (ECC), it is presented a mobile identity authentication protocol (MIAP). Through formalized analysis method based on strand space, it is validated to have higher security.

Practical attacks and improvements to an efficient radio frequency identification authentication protocol

SUMMARYIn 2008, a scalable radio frequency identification (RFID) authentication protocol was proposed by Yanfei Liu to provide security and privacy for RFID tags. This protocol only needs O(1) time complexity to find out the identifier of the RFID tag irrespective of the total number of the tags in the system. Based on our analysis, however, a security flaw, which has gone unnoticed in the design of the protocol, makes the scheme vulnerable to tracking attack, tag impersonation attack, and desynchronization attack, if the attacker has the possibility to tamper with only one RFID tag. Because low‐cost devices are not tamper‐resistant, such an attack could be feasible, and we can apply the resulting attacks on authentication, untraceability, and desynchronization resistance of the protocol. To counteract such flaws, we revise the scheme with a stateful variant and also show that the proposed model requires less tag and server‐side computation. Copyright © 2011 John Wiley & Sons, Ltd.

Looking at a class of RFID APs through GNY logic

Radio Frequency Identification Authentication Protocols (RFID APs) are an active research topic and many protocols have been proposed. In this paper, we consider a class of recently proposed lightweight RFID authentication protocols: CRAP, LCAP, OHLCAP, O-TRAP, YA-TRAP, and YA-TRAP+, which are claimed to be resistant to conventional attacks and suitable for low cost RFID device scenarios. We examine them using GNY logic to determine whether they can be proved to have achieved their protocol goals. We show that most of them meet their goals, though some do not. Furthermore this approach enables us to identify similarities and subtle differences among these protocols. Finally, we offer guidelines on when it is necessary to use encryption rather than hash functions in the design of RFID authentication protocols.

Research on Kerberos identity authentication protocol based on hybrid system

Kerberos identity authentication protocol was analyzed in detail.According to its limitations,a new protocol about Kerberos based on hybrid system was proposed to improve the security and actual implementation performance of the system.Moreover,the problem that Kerberos authentication protocol maybe eavesdrop two-side communication conversations was solved in the system,thus inner attacks could be avoided.

Economical multiparty simultaneous quantum identity authentication based on Greenberger–Horne–Zeilinger states

A multiparty simultaneous quantum identity authentication protocol based on Greenberger–Horne–Zeilinger (GHZ) states is proposed. The multi-user can be authenticated by a trusted third party (TTP) simultaneously. Compared with the scheme proposed recently (Wang et al 2006 Chin. Phys. Lett. 23(9) 2360), the proposed scheme has the advantages of consuming fewer quantum and classical resources and lessening the difficulty and intensity of necessary operations.

Multiparty simultaneous quantum identity authentication with secret sharing

Two multiparty simultaneous quantum identity authentication (MSQIA) protocols based on secret sharing are presented. All the users can be authenticated by a trusted third party (TTP) simultaneously. In the first protocol, the TTP shares a random key K with all the users using quantum secret sharing. The ith share acts as the authentication key of the ith user. When it is necessary to perform MSQIA, the TTP generates a random number R secretly and sends a sequence of single photons encoded with K and R to all the users. According to his share, each user performs the corresponding unitary operations on the single photon sequence sequentially. At last, the TTP can judge whether the impersonator exists. The second protocol is a modified version with a circular structure. The two protocols can be efficiently used for MSQIA in a network. They are feasible with current technology.

A lightweight identity authentication protocol for wireless networks

Mobile and wireless communication networks have created a major breakthrough in new telecom applications and services. Unfortunately, wireless networking is a double edged sword. Ever since it introduced new factors such as mobility, the temptation for unauthorized access and eavesdropping has been a reality because an attacker could easily access the transport medium. For that and in order to defend against targeted attackers, wireless networks need to define robust and layered protection mechanisms. In this paper, we present a TLS-based protocol named Light-Transport Layer Security (TLS), a lightweight identity authentication protocol for access control and key calculation and distribution for both mobile clients (WAP, GPRS) and application servers. The performance and the efficiency of our proposed protocol were performed using two Java Card Smartcards and then analyzed and compared to other solutions. The results demonstrate that our protocol efficiently manages to reduce the computation times and the message load and transport during the authentication phase.

SOLA: lightweight security for access control in IEEE 802.11

The IEEE 802.11 wireless standard provides little support for secure access control. As a result, access control in IEEE 802.11 on a per packet basis requires a new and robust identity authentication protocol. The SOLA (Statistical One-Bit Lightweight Authentication) protocol is well suited in a wireless constrained environment because this protocol's communication overhead is extremely low: only one bit. Furthermore, SOLA fulfills the requirements of being secure, useful, cheap, and robust. The synchronization algorithm performs very well. SOLA also makes it easy to develop a framework to detect and respond to, for instance, denial-of-service attacks or an adversary who tries to guess the identity authentication bit for successive packets.