Applying a formal analysis technique to the CCITT X.509 strong two-way authentication protocol

1991 ◽  
Vol 3 (2) ◽  
pp. 81-98 ◽  
Author(s):  
Klaus Gaarder ◽  
Einar Snekkenes
Keyword(s):  
Formal Analysis ◽  
Authentication Protocol ◽  
Analysis Technique

Factores de éxito en las webs de contenidos audiovisuales. Análisis cualitativo comparado

2021 ◽  
Author(s):  
Susana Fernández-Lores ◽  
Gema Martínez-Navarro ◽  
Diana Gavilán
Keyword(s):  
Success Factors ◽  
Formal Analysis ◽  
Qualitative Comparative Analysis ◽  
Point Of View ◽  
Key Factors ◽  
Ticket Sales ◽  
Critical Success ◽  
Analysis Technique ◽  
Evolution Of Technology ◽  
Content Recommendation

The evolution of technology and the digital empowerment of society have led to the proliferation of Audiovisual Content Webs (ACWs) where users can share information and experiences, along with other commercial resources. ACWs have led to significant changes in the way users can select and access audiovisual content. The design of these websites combines various features, including a user community, streamed content, ticket sales, and recommendations, among others. Each ACW has a specific profile with respect to the mentioned variables. The aim of this study is to identify the critical success factors for a ACW, i.e., which features and the form they should take to attract followers, thus increasing the capacity to prescribe and broadcast content. Using qualitative comparative analysis (QCA), a formal analysis technique that allows the identification of combinations that produce a certain result, a sample of the 12 most representative cinema websites in Spain is analyzed. The results indicate that the incorporation of content recommendation systems and the connection with streaming platforms through which the content can be accessed are key factors in the success of these ACWs. This work contributes academically to the knowledge and explanation of audience behavior in the new audiovisual scenario. From a professional point of view, relevant design suggestions are offered to platform creators. Finally, the limitations of this work are described, and future lines of research are considered. Resumen La evolución de la tecnología y el empoderamiento digital de la sociedad ha dado lugar a la proliferación de webs de contenidos audiovisuales (WCA) donde los usuarios comparten información y experiencias, junto a otros recursos comerciales. Las WCA han provocado cambios significativos en la forma en la que los usuarios pueden seleccionar y acceder a los contenidos audiovisuales. En su diseño, estas webs combinan varias prestaciones: comunidad de usuarios, contenidos en streaming, venta de entradas o recomendaciones, entre otros. Cada WCA presenta un perfil específico respecto a las variables descritas. El objetivo del presente trabajo es identificar los factores críticos de éxito de una WCA, es decir las prestaciones y la forma que deben adoptar para captar seguidores, aumentando con ello capacidad de prescripción y difusión de contenidos. Mediante el análisis cualitativo comparado (QCA), técnica formal de análisis que permite la identificación de combinaciones que producen un determinado resultado, se analiza una muestra de las 12 webs de cine más representativas en España. Los resultados indican que la incorporación de sistemas de recomendación de contenidos y la conexión con plataformas en streaming desde las que poder acceder a los contenidos son factores claves del éxito. El trabajo contribuye académicamente al conocimiento y la explicación de la conducta de la audiencia en el nuevo escenario audiovisual. Desde el punto de vista profesional se ofrecen sugerencias relevantes de diseño para los creadores de plataformas. Por último, se describen las limitaciones del trabajo y se plantean futuras líneas de investigación.

scholarly journals A Provably Secure Three-Factor Authentication Protocol for Wireless Sensor Networks

2021 ◽  
Vol 2021 ◽  
pp. 1-15
Author(s):  
Tsu-Yang Wu ◽  
Lei Yang ◽  
Zhiyuan Lee ◽  
Shu-Chuan Chu ◽  
Saru Kumari ◽  
...  
Keyword(s):  
Wireless Sensor Networks ◽  
Sensor Networks ◽  
Formal Analysis ◽  
Authentication Protocol ◽  
Sensor Nodes ◽  
Wireless Sensor ◽  
Sensitive Data ◽  
Computational Overhead ◽  
And Performance ◽  
Three Factor

The wireless sensor network is a network composed of sensor nodes self-organizing through the application of wireless communication technology. The application of wireless sensor networks (WSNs) requires high security, but the transmission of sensitive data may be exposed to the adversary. Therefore, to guarantee the security of information transmission, researchers propose numerous security authentication protocols. Recently, Wu et al. proposed a new three-factor authentication protocol for WSNs. However, we find that their protocol cannot resist key compromise impersonation attacks and known session-specific temporary information attacks. Meanwhile, it also violates perfect forward secrecy and anonymity. To overcome the proposed attacks, this paper proposes an enhanced protocol in which the security is verified by the formal analysis and informal analysis, Burross-Abadii-Needham (BAN) logic, and ProVerif tools. The comparison of security and performance proves that our protocol has higher security and lower computational overhead.

Formal Analysis of an Efficient Handover Authentication Scheme for EAP-Based Wireless Networks with Extending BAN Logic

2013 ◽  
Vol 401-403 ◽  
pp. 1864-1867 ◽  
Author(s):  
Li Ling Cao ◽  
Wan Cheng Ge
Keyword(s):  
Wireless Networks ◽  
Privacy Preservation ◽  
Formal Analysis ◽  
Main Idea ◽  
Authentication Protocol ◽  
Security Requirements ◽  
Ban Logic ◽  
Handover Authentication ◽  
Authentication Schemes ◽  
Extensible Authentication Protocol

The existing Extensible Authentication Protocol (EAP) based handover authentication schemes have show robust security features especially the Qi Jing et al.'s design, which not only meets the essential security requirements in handover authentication but also achieves privacy preservation. However, it still suffers pitfalls in the process of authentication. The main idea of this paper is to extend the work by Qi Jing et al. and particularly focus on the formal analysis using extending BAN logic which is more concise yet practical to use on PKI-based protocols.

Research on RFID Multi-Authentication Protocol Based on Hash Function

2013 ◽  
Vol 427-429 ◽  
pp. 2403-2407
Author(s):  
She Qiang Peng ◽  
Long Wang
Keyword(s):  
Hash Function ◽  
Data Privacy ◽  
Low Cost ◽  
Formal Analysis ◽  
Authentication Protocol ◽  
Formal Proof ◽  
Data Synchronization ◽  
Location Tracking ◽  
Forward Security ◽  
Security Authentication

To address the security problems caused by the fake readers, and the weakness of low authentication protocol efficiency, a new RFID security authentication protocol based on Hash function is proposed. The security ability of the protocol is compared with other protocols' and is proved by doing the formal analysis. The theoretical analysis and formal proof is presented to prove the security ability of the protocol. Consequently, the result showed that the new protocol could protect the data privacy, achieve the data synchronization, prevent the tag from location tracking, avoid information reproduction, prevent clone and counterfeit and possess forward security ability which was useful for low-cost tags.

Security Analysis of Proxy Mobile IPv6 Authentication Protocol with IPv4 Support

2012 ◽  
Vol 433-440 ◽  
pp. 3683-3687
Author(s):  
Ling Tie ◽  
Di He
Keyword(s):  
Formal Analysis ◽  
Security Analysis ◽  
Authentication Protocol ◽  
Mobile Ipv6 ◽  
Broadband Networks ◽  
Analysis Method ◽  
Proxy Mobile Ipv6 ◽  
Mobile Broadband ◽  
Ipv6 Protocol

Proxy mobile ipv6 protocol is a mandatory protocol to support inter-working among heterogeneous mobile broadband networks. In order to support compatibility to IPv4 network, a mobility infrastructure in the proxy mobile ipv6 that provide ipv4 extension is presented in this article. An authentication protocol based on authentication option is proposed to protect this proxy mobile IPv6 protocol with IPv4 support. A SVO formal Analysis method is used to prove the security of this protocol.

scholarly journals SLUA-WSN: Secure and Lightweight Three-Factor-Based User Authentication Protocol for Wireless Sensor Networks

Sensors ◽  
2020 ◽  
Vol 20 (15) ◽  
pp. 4143 ◽  
Author(s):  
SungJin Yu ◽  
YoungHo Park
Keyword(s):  
Wireless Sensor Networks ◽  
Sensor Networks ◽  
User Authentication ◽  
Formal Analysis ◽  
Mutual Authentication ◽  
Authentication Protocol ◽  
Sensor Nodes ◽  
Wireless Sensor ◽  
Security Threats ◽  
Three Factor

Wireless sensor networks (WSN) are composed of multiple sensor nodes with limited storage, computation, power, and communication capabilities and are widely used in various fields such as banks, hospitals, institutes to national defense, research, and so on. However, useful services are susceptible to security threats because sensitive data in various fields are exchanged via a public channel. Thus, secure authentication protocols are indispensable to provide various services in WSN. In 2019, Mo and Chen presented a lightweight secure user authentication scheme in WSN. We discover that Mo and Chen’s scheme suffers from various security flaws, such as session key exposure and masquerade attacks, and does not provide anonymity, untraceability, and mutual authentication. To resolve the security weaknesses of Mo and Chen’s scheme, we propose a secure and lightweight three-factor-based user authentication protocol for WSN, called SLUA-WSN. The proposed SLUA-WSN can prevent security threats and ensure anonymity, untraceability, and mutual authentication. We analyze the security of SLUA-WSN through the informal and formal analysis, including Burrows–Abadi–Needham (BAN) logic, Real-or-Random (ROR) model, and Automated Verification of Internet Security Protocols and Applications (AVISPA) simulation. Moreover, we compare the performance of SLUA-WSN with some existing schemes. The proposed SLUA-WSN better ensures the security and efficiency than previous proposed scheme and is suitable for practical WSN applications.

scholarly journals An improved authentication protocol–based dynamic identity for multi-server environments

2018 ◽  
Vol 14 (5) ◽  
pp. 155014771877765 ◽  
Author(s):  
Jianming Cui ◽  
Xiaojun Zhang ◽  
Ning Cao ◽  
Dexue Zhang ◽  
Jianrui Ding ◽  
...  
Keyword(s):  
Formal Analysis ◽  
Authentication Protocol ◽  
Object Identification ◽  
Third Party ◽  
Password Guessing Attack ◽  
Insider Attack ◽  
Dynamic Identity ◽  
Guessing Attack ◽  
Exclusive Or ◽  
Multi Server

The age of Internet of things gives rise to more challenges to various secure demands when designing the protocols, such as object identification and tracking, and privacy control. In many of the current protocols, a malicious server may cheat users as if it was a legal server, making it vital to verify the legality of both users and servers with the help of a trusted third-party, such as a registration center. Li et al. proposed an authentication protocol based on dynamic identity for multi-server environment, which is still susceptible to password-guessing attack, eavesdropping attack, masquerade attack, and insider attack etc. Besides, their protocol does not provide the anonymity of users, which is an essential request to protect users’ privacy. In this article, we present an improved authentication protocol, depending on the registration center in multi-server environments to remedy these security flaws. Different from the previous protocols, registration center in our proposed protocol is one of parties in authentication phase to verify the legality of the users and the servers, thus can effectively avoid the server spoofing attack. Our protocol only uses nonce, exclusive-OR operation, and one-way hash function in its implementation. Formal analysis has been performed using the Burrows–Abadi–Needham logic to show its security.

Sign in / Sign up

Export Citation Format

Share Document