Preventing delegation-based mobile authentications from man-in-the-middle attacks

Preventing delegation-based mobile authentications from man-in-the-middle attacks

In this paper, an approach of mutual authentication and key exchange for mobile access, based on the trust delegation and message authentication code, is developed, and a novel nonce-based authentication approach is presented. The proposed protocols can effectively defend all known attacks to mobile...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:Computer standards and interfaces 2012-03, Vol.34 (3), p.314-326
Hauptverfasser: Lu, Jian-Zhu, Zhou, Jipeng
Format: Artikel
Sprache:eng
Schlagworte:
Authentication
Computation
Elliptic curve cryptosystem
Failure
Hash based algorithms
Messages
Mobile communication
Mutual authentication
Networks
Protocol (computers)
Security
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
container_end_page 326
container_issue 3
container_start_page 314
container_title Computer standards and interfaces
container_volume 34
creator Lu, Jian-Zhu
Zhou, Jipeng
description In this paper, an approach of mutual authentication and key exchange for mobile access, based on the trust delegation and message authentication code, is developed, and a novel nonce-based authentication approach is presented. The proposed protocols can effectively defend all known attacks to mobile networks including the denial-of-service attacks and man-in-the-middle attacks. In particular, in contrast to some previous work, our design gives users a chance to set a session key according to users' will, and does not require a mobile user to compute useless hash key chains in the face of HLR-online authentication failures or run the initial authentication protocol before HLR-offline authentication. Moreover, our design enjoys both computation efficiency and communication efficiency as compared to known mobile authentication schemes.
doi_str_mv 10.1016/j.csi.2011.10.014
format Article
fullrecord <record><control><sourceid>proquest_cross</sourceid><recordid>TN_cdi_proquest_miscellaneous_1019632544</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><els_id>S0920548911001164</els_id><sourcerecordid>1019632544</sourcerecordid><originalsourceid>FETCH-LOGICAL-c330t-bbd0653a99de3083498f66e38180241f6a18889b41b8bfb5055b38f31bd042b23</originalsourceid><addsrcrecordid>eNp9kEtLAzEQx4MoWKsfwNsevWTNa9MsnqT4goIKeg55zNbUfdRkW_Dbm7WePQ0z8_sPzA-hS0pKSqi83pQuhZIRSnNfEiqO0IyqBcMLQtUxmpGaEVwJVZ-is5Q2hBAm-WKGXl8i7KEfQ78uPLSwNmMYemxNAl90gw0tFGY3fkyI-92loolDV3Smx6HHeYO74P2EjaNxn-kcnTSmTXDxV-fo_f7ubfmIV88PT8vbFXackxFb64msuKlrD5woLmrVSAlcUUWYoI00VClVW0Gtso2tSFVZrhpOc04wy_gcXR3ubuPwtYM06i4kB21rehh2SWctteSsEiKj9IC6OKQUodHbGDoTvzM0cVJvdNanJ33TKOvLmZtDBvIP-wBRJxegd-BDBDdqP4R_0j9Vunfp</addsrcrecordid><sourcetype>Aggregation Database</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype><pqid>1019632544</pqid></control><display><type>article</type><title>Preventing delegation-based mobile authentications from man-in-the-middle attacks</title><source>Elsevier ScienceDirect Journals</source><creator>Lu, Jian-Zhu ; Zhou, Jipeng</creator><creatorcontrib>Lu, Jian-Zhu ; Zhou, Jipeng</creatorcontrib><description>In this paper, an approach of mutual authentication and key exchange for mobile access, based on the trust delegation and message authentication code, is developed, and a novel nonce-based authentication approach is presented. The proposed protocols can effectively defend all known attacks to mobile networks including the denial-of-service attacks and man-in-the-middle attacks. In particular, in contrast to some previous work, our design gives users a chance to set a session key according to users' will, and does not require a mobile user to compute useless hash key chains in the face of HLR-online authentication failures or run the initial authentication protocol before HLR-offline authentication. Moreover, our design enjoys both computation efficiency and communication efficiency as compared to known mobile authentication schemes.</description><identifier>ISSN: 0920-5489</identifier><identifier>EISSN: 1872-7018</identifier><identifier>DOI: 10.1016/j.csi.2011.10.014</identifier><language>eng</language><publisher>Elsevier B.V</publisher><subject>Authentication ; Computation ; Elliptic curve cryptosystem ; Failure ; Hash based algorithms ; Messages ; Mobile communication ; Mutual authentication ; Networks ; Protocol (computers) ; Security</subject><ispartof>Computer standards and interfaces, 2012-03, Vol.34 (3), p.314-326</ispartof><rights>2011 Elsevier B.V.</rights><lds50>peer_reviewed</lds50><woscitedreferencessubscribed>false</woscitedreferencessubscribed><citedby>FETCH-LOGICAL-c330t-bbd0653a99de3083498f66e38180241f6a18889b41b8bfb5055b38f31bd042b23</citedby><cites>FETCH-LOGICAL-c330t-bbd0653a99de3083498f66e38180241f6a18889b41b8bfb5055b38f31bd042b23</cites></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://www.sciencedirect.com/science/article/pii/S0920548911001164$$EHTML$$P50$$Gelsevier$$H</linktohtml><link.rule.ids>314,776,780,3537,27901,27902,65306</link.rule.ids></links><search><creatorcontrib>Lu, Jian-Zhu</creatorcontrib><creatorcontrib>Zhou, Jipeng</creatorcontrib><title>Preventing delegation-based mobile authentications from man-in-the-middle attacks</title><title>Computer standards and interfaces</title><description>In this paper, an approach of mutual authentication and key exchange for mobile access, based on the trust delegation and message authentication code, is developed, and a novel nonce-based authentication approach is presented. The proposed protocols can effectively defend all known attacks to mobile networks including the denial-of-service attacks and man-in-the-middle attacks. In particular, in contrast to some previous work, our design gives users a chance to set a session key according to users' will, and does not require a mobile user to compute useless hash key chains in the face of HLR-online authentication failures or run the initial authentication protocol before HLR-offline authentication. Moreover, our design enjoys both computation efficiency and communication efficiency as compared to known mobile authentication schemes.</description><subject>Authentication</subject><subject>Computation</subject><subject>Elliptic curve cryptosystem</subject><subject>Failure</subject><subject>Hash based algorithms</subject><subject>Messages</subject><subject>Mobile communication</subject><subject>Mutual authentication</subject><subject>Networks</subject><subject>Protocol (computers)</subject><subject>Security</subject><issn>0920-5489</issn><issn>1872-7018</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2012</creationdate><recordtype>article</recordtype><recordid>eNp9kEtLAzEQx4MoWKsfwNsevWTNa9MsnqT4goIKeg55zNbUfdRkW_Dbm7WePQ0z8_sPzA-hS0pKSqi83pQuhZIRSnNfEiqO0IyqBcMLQtUxmpGaEVwJVZ-is5Q2hBAm-WKGXl8i7KEfQ78uPLSwNmMYemxNAl90gw0tFGY3fkyI-92loolDV3Smx6HHeYO74P2EjaNxn-kcnTSmTXDxV-fo_f7ubfmIV88PT8vbFXackxFb64msuKlrD5woLmrVSAlcUUWYoI00VClVW0Gtso2tSFVZrhpOc04wy_gcXR3ubuPwtYM06i4kB21rehh2SWctteSsEiKj9IC6OKQUodHbGDoTvzM0cVJvdNanJ33TKOvLmZtDBvIP-wBRJxegd-BDBDdqP4R_0j9Vunfp</recordid><startdate>201203</startdate><enddate>201203</enddate><creator>Lu, Jian-Zhu</creator><creator>Zhou, Jipeng</creator><general>Elsevier B.V</general><scope>AAYXX</scope><scope>CITATION</scope><scope>7SC</scope><scope>8FD</scope><scope>JQ2</scope><scope>L7M</scope><scope>L~C</scope><scope>L~D</scope></search><sort><creationdate>201203</creationdate><title>Preventing delegation-based mobile authentications from man-in-the-middle attacks</title><author>Lu, Jian-Zhu ; Zhou, Jipeng</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-c330t-bbd0653a99de3083498f66e38180241f6a18889b41b8bfb5055b38f31bd042b23</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2012</creationdate><topic>Authentication</topic><topic>Computation</topic><topic>Elliptic curve cryptosystem</topic><topic>Failure</topic><topic>Hash based algorithms</topic><topic>Messages</topic><topic>Mobile communication</topic><topic>Mutual authentication</topic><topic>Networks</topic><topic>Protocol (computers)</topic><topic>Security</topic><toplevel>peer_reviewed</toplevel><toplevel>online_resources</toplevel><creatorcontrib>Lu, Jian-Zhu</creatorcontrib><creatorcontrib>Zhou, Jipeng</creatorcontrib><collection>CrossRef</collection><collection>Computer and Information Systems Abstracts</collection><collection>Technology Research Database</collection><collection>ProQuest Computer Science Collection</collection><collection>Advanced Technologies Database with Aerospace</collection><collection>Computer and Information Systems Abstracts – Academic</collection><collection>Computer and Information Systems Abstracts Professional</collection><jtitle>Computer standards and interfaces</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext</fulltext></delivery><addata><au>Lu, Jian-Zhu</au><au>Zhou, Jipeng</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>Preventing delegation-based mobile authentications from man-in-the-middle attacks</atitle><jtitle>Computer standards and interfaces</jtitle><date>2012-03</date><risdate>2012</risdate><volume>34</volume><issue>3</issue><spage>314</spage><epage>326</epage><pages>314-326</pages><issn>0920-5489</issn><eissn>1872-7018</eissn><abstract>In this paper, an approach of mutual authentication and key exchange for mobile access, based on the trust delegation and message authentication code, is developed, and a novel nonce-based authentication approach is presented. The proposed protocols can effectively defend all known attacks to mobile networks including the denial-of-service attacks and man-in-the-middle attacks. In particular, in contrast to some previous work, our design gives users a chance to set a session key according to users' will, and does not require a mobile user to compute useless hash key chains in the face of HLR-online authentication failures or run the initial authentication protocol before HLR-offline authentication. Moreover, our design enjoys both computation efficiency and communication efficiency as compared to known mobile authentication schemes.</abstract><pub>Elsevier B.V</pub><doi>10.1016/j.csi.2011.10.014</doi><tpages>13</tpages></addata></record>
fulltext fulltext
identifier ISSN: 0920-5489
ispartof Computer standards and interfaces, 2012-03, Vol.34 (3), p.314-326
issn 0920-5489
1872-7018
language eng
recordid cdi_proquest_miscellaneous_1019632544
source Elsevier ScienceDirect Journals
subjects Authentication
Computation
Elliptic curve cryptosystem
Failure
Hash based algorithms
Messages
Mobile communication
Mutual authentication
Networks
Protocol (computers)
Security
title Preventing delegation-based mobile authentications from man-in-the-middle attacks
url https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-28T18%3A15%3A43IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-proquest_cross&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=Preventing%20delegation-based%20mobile%20authentications%20from%20man-in-the-middle%20attacks&rft.jtitle=Computer%20standards%20and%20interfaces&rft.au=Lu,%20Jian-Zhu&rft.date=2012-03&rft.volume=34&rft.issue=3&rft.spage=314&rft.epage=326&rft.pages=314-326&rft.issn=0920-5489&rft.eissn=1872-7018&rft_id=info:doi/10.1016/j.csi.2011.10.014&rft_dat=%3Cproquest_cross%3E1019632544%3C/proquest_cross%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_pqid=1019632544&rft_id=info:pmid/&rft_els_id=S0920548911001164&rfr_iscdi=true