ACM SIGOPS Operating Systems Review
Efficient and timely mutual authentication
ACM SIGOPS Operating Systems Review
Practical uses of synchronized clocks in distributed systems
PODC '91 Proceedings of the tenth annual ACM symposium on Principles of distributed computing
A security risk of depending on synchronized clocks
ACM SIGOPS Operating Systems Review
A nonce-based protocol for multiple authentications
ACM SIGOPS Operating Systems Review
Authentication and authenticated key exchanges
Designs, Codes and Cryptography
A note on the use of timestamps as nonces
ACM SIGOPS Operating Systems Review
On key distribution protocols for repeated authentication
ACM SIGOPS Operating Systems Review
Timestamps in key distribution protocols
Communications of the ACM
Using encryption for authentication in large networks of computers
Communications of the ACM
KryptoKnight Authentication and Key Distribution System
ESORICS '92 Proceedings of the Second European Symposium on Research in Computer Security
On the properties of cryptographic protocols and the weaknesses of the BAN-like logics
ACM SIGOPS Operating Systems Review
On a session key compromise problem in [KC95] protocol
ACM SIGOPS Operating Systems Review
A Class of Flexible and Efficient Key Management Protocols
CSFW '96 Proceedings of the 9th IEEE workshop on Computer Security Foundations
A hybrid authentication protocol for large mobile network
Journal of Systems and Software
Cryptanalysis of a hybrid authentication protocol for large mobile networks
Journal of Systems and Software
Modeling and Analysis of Security Protocols Using Role Based Specifications and Petri Nets
PETRI NETS '08 Proceedings of the 29th international conference on Applications and Theory of Petri Nets
Cryptographic Protocol Explication and End-Point Projection
ESORICS '08 Proceedings of the 13th European Symposium on Research in Computer Security: Computer Security
Security Weakness in a Provable Secure Authentication Protocol Given Forward Secure Session Key
ICCSA '09 Proceedings of the International Conference on Computational Science and Its Applications: Part II
Security of RFID Protocols -- A Case Study
Electronic Notes in Theoretical Computer Science (ENTCS)
Implementation and performance evaluation of the RSEP protocol on ARM and intel platforms
Proceedings of the 3rd international conference on Security of information and networks
Finite models for formal security proofs
Journal of Computer Security - 7th International Workshop on Issues in the Theory of Security (WITS'07)
An authenticated key exchange to improve the security of Shi et al. and Kim et al.'s protocols
WISM'11 Proceedings of the 2011 international conference on Web information systems and mining - Volume Part I
| Hi-index | 0.00 |
Most authentication protocols for distributed systems achieve identification and key distributions on the belief that the use of a uncertified key, i.e. the key whose freshness and authenticity cannot be immediately verified by its receiving principal while being received, should be avoided during the mid-way of an authentication process. In this paper we claim that using a uncertified key prudently can give performance advantages and not necessarily reduces the security of authentication protocols, as long as the validity of the key can be verified at the end of an authentication process. A nonce-based authentication protocol using uncertified keys is proposed. Its total number of messages is shown to be the minimal of all authentication protocols with the same formalized goals of authentication. The properties which make the protocol optimal in terms of message complexity are elaborated, and a formal logical analysis to the protocol is performed. The protocol is extended to counter the session key compromise problem and to support repeated authentication, in a more secure and flexible way without losing its optimality.