Authentication protocols based on low-bandwidth unspoofable channels: A comparative survey

Authors:
L. H. Nguyen;A. W. Roscoe
Affiliations:
(Correspd. Oxford University Computing Laboratory, Wolfson Building, Parks Road, Oxford, OX1 3QD, UK. Tel.: +44 7821 540971/ Fax: +44 1865 273839/ E-mails: hn2503@gmail.com, Long.Nguyen@comlab.ox. ...;Oxford University Computing Laboratory, Wolfson Building, Parks Road, Oxford, UK
Venue:
Journal of Computer Security
Year:
2011

Citing 32
Cited 9

On the design of S-boxes

Lecture notes in computer sciences; 218 on Advances in cryptology---CRYPTO 85
The computational complexity of universal hashing

STOC '90 Proceedings of the twenty-second annual ACM symposium on Theory of computing
Entity authentication and key distribution

CRYPTO '93 Proceedings of the 13th annual international cryptology conference on Advances in cryptology
On families of hash functions via geometric codes and concatenation

CRYPTO '93 Proceedings of the 13th annual international cryptology conference on Advances in cryptology
Handbook of Applied Cryptography

Handbook of Applied Cryptography
Universal Hashing and Authentication Codes

CRYPTO '91 Proceedings of the 11th Annual International Cryptology Conference on Advances in Cryptology
LFSR-based Hashing and Authentication

CRYPTO '94 Proceedings of the 14th Annual International Cryptology Conference on Advances in Cryptology
The Cocaine Auction Protocol: On the Power of Anonymous Broadcast

IH '99 Proceedings of the Third International Workshop on Information Hiding
The Resurrecting Duckling: Security Issues for Ad-hoc Wireless Networks

Proceedings of the 7th International Workshop on Security Protocols
Secure Device Pairing based on a Visual Channel (Short Paper)

SP '06 Proceedings of the 2006 IEEE Symposium on Security and Privacy
Bootstrapping multi-party ad-hoc security

Proceedings of the 2006 ACM symposium on Applied computing
Loud and Clear: Human-Verifiable Authentication Based on Audio

ICDCS '06 Proceedings of the 26th IEEE International Conference on Distributed Computing Systems
Cryptography: An Introduction

Cryptography: An Introduction
A Human-Verifiable Authentication Protocol Using Visible Laser Light

ARES '07 Proceedings of the The Second International Conference on Availability, Reliability and Security
Multichannel Security Protocols

IEEE Pervasive Computing
Authenticating ad hoc networks by comparison of short digests

Information and Computation
Secret-Ballot Receipts: True Voter-Verifiable Elections

IEEE Security and Privacy
Seeing-Is-Believing: using camera phones for human-verifiable authentication

International Journal of Security and Networks
Comparison-Based Key Exchange and the Security of the Numeric Comparison Mode in Bluetooth v2.1

CT-RSA '09 Proceedings of the The Cryptographers' Track at the RSA Conference 2009 on Topics in Cryptology
New hash functions for message authentication

EUROCRYPT'95 Proceedings of the 14th annual international conference on Theory and application of cryptographic techniques
Security associations in personal networks: a comparative analysis

ESAS'07 Proceedings of the 4th European conference on Security and privacy in ad-hoc and sensor networks
Usability analysis of secure pairing methods

FC'07/USEC'07 Proceedings of the 11th International Conference on Financial cryptography and 1st International conference on Usable Security
Multi-channel protocols

Proceedings of the 13th international conference on Security protocols
An optimal non-interactive message authentication protocol

CT-RSA'06 Proceedings of the 2006 The Cryptographers' Track at the RSA conference on Topics in Cryptology
Secure communications over insecure channels based on short authenticated strings

CRYPTO'05 Proceedings of the 25th annual international conference on Advances in Cryptology
Ephemeral pairing on anonymous networks

SPC'05 Proceedings of the Second international conference on Security in Pervasive Computing
Exploiting empirical engagement in authentication protocol design

SPC'05 Proceedings of the Second international conference on Security in Pervasive Computing
SAS-Based authenticated key agreement

PKC'06 Proceedings of the 9th international conference on Theory and Practice of Public-Key Cryptography
Polling with physical envelopes: a rigorous analysis of a human-centric protocol

EUROCRYPT'06 Proceedings of the 24th annual international conference on The Theory and Applications of Cryptographic Techniques
Efficient mutual data authentication using manually authenticated strings

CANS'06 Proceedings of the 5th international conference on Cryptology and Network Security
Ad hoc security associations for groups

ESAS'06 Proceedings of the Third European conference on Security and Privacy in Ad-Hoc and Sensor Networks
On the cardinality of systematic authentication codes via error-correcting codes

IEEE Transactions on Information Theory

Mobile electronic identity: securing payment on mobile phones

WISTP'11 Proceedings of the 5th IFIP WG 11.2 international conference on Information security theory and practice: security and privacy of mobile devices in wireless communication
Rational distance-bounding protocols over noisy channel

Proceedings of the 4th international conference on Security of information and networks
Body sensor network key distribution using human interactive channels

Proceedings of the 4th International Symposium on Applied Sciences in Biomedical and Communication Technologies
Actor-Network procedures

ICDCIT'12 Proceedings of the 8th international conference on Distributed Computing and Internet Technology
Short-Output universal hash functions and their use in fast and secure data authentication

FSE'12 Proceedings of the 19th international conference on Fast Software Encryption
Secure ad hoc trust initialization and key management in wireless body area networks

ACM Transactions on Sensor Networks (TOSN)
Social networks for importing and exporting security

Proceedings of the 17th Monterey conference on Large-Scale Complex IT Systems: development, operation and management
Chorus: scalable in-band trust establishment for multiple constrained devices over the insecure wireless channel

Proceedings of the sixth ACM conference on Security and privacy in wireless and mobile networks
Reverse Authentication in Financial Transactions and Identity Management

Mobile Networks and Applications

Quantified Score

Hi-index	0.00

Visualization

Abstract

One of the main challenges in pervasive computing is how we can establish secure communication over an untrusted high-bandwidth network without any initial knowledge or a Public Key Infrastructure. An approach studied by a number of researchers is building security though human work creating a low-bandwidth empirical (or authentication) channel where the transmitted information is authentic and cannot be faked or modified. In this paper, we give an analytical survey of authentication protocols of this type. We start with non-interactive authentication schemes, and then move on to analyse a number of strategies used to build interactive pair-wise and group protocols that minimise the human work relative to the amount of security obtained as well as optimising the computation processing. In studying these protocols, we will discover that their security is underlined by the idea of commitment before knowledge, which is refined by two protocol design principles introduced in this survey.