74,963 research outputs found
New security notions and feasibility results for authentication of quantum data
We give a new class of security definitions for authentication in the quantum
setting. These definitions capture and strengthen existing definitions of
security against quantum adversaries for both classical message authentication
codes (MACs) and well as full quantum state authentication schemes. The main
feature of our definitions is that they precisely characterize the effective
behavior of any adversary when the authentication protocol accepts, including
correlations with the key. Our definitions readily yield a host of desirable
properties and interesting consequences; for example, our security definition
for full quantum state authentication implies that the entire secret key can be
re-used if the authentication protocol succeeds.
Next, we present several protocols satisfying our security definitions. We
show that the classical Wegman-Carter authentication scheme with 3-universal
hashing is secure against superposition attacks, as well as adversaries with
quantum side information. We then present conceptually simple constructions of
full quantum state authentication.
Finally, we prove a lifting theorem which shows that, as long as a protocol
can securely authenticate the maximally entangled state, it can securely
authenticate any state, even those that are entangled with the adversary. Thus,
this shows that protocols satisfying a fairly weak form of authentication
security automatically satisfy a stronger notion of security (in particular,
the definition of Dupuis, et al (2012)).Comment: 50 pages, QCrypt 2016 - 6th International Conference on Quantum
Cryptography, added a new lifting theorem that shows equivalence between a
weak form of authentication security and a stronger notion that considers
side informatio
Phishing attack prediction by smart mobile devices
In recent times, phishing is a wide spread technique to steal user’s authentication
information, especially password. The key issue is that it is difficult for user to differentiate fake Login
User Interface from normal login. This paper presents a unique method to predict phishing by smart
device. In our technique, a smart device pre-stores feature information of Login User Interface. Before
entering authentication information, a plug-in of Web browser at host side will verify the validation of
Login Inter face according to pre-stored Login Interface information. Wi-Fi provides a communication
channel between the plug-in and the smart device. Furthermore, the smart device can automatically fill
the field of user id and password to the Login User Interface if Login User Interface passes the
verification of smart mobile device. Compared with other solutions, this solution cans greatly
improve the security of authentication
Service re-routing for service network graph: efficiency, scalability and implementation
The key to success in Next Generation Network is service routing in which service requests may need to be redirected as in the case of the INVITE request in Session Initiation Protocol. Service Path (SPath) holds the authentication and server paths along side with service information. As the number of hops in a redirection increases, the length of SPath increases. The overhead for service routing protocols which uses SPath increases with the length of SPath. Hence it is desirable to optimize SPath to ensure efficiency and scalability of protocols involving service routing. In this paper, we propose a re-routing strategy to optimize service routing, and demonstrate how this strategy can be implemented using SPath to enhance the efficiency and scalability of Service Network Graph (SNG)
SLRV: An RFID Mutual Authentication Protocol Conforming to EPC Generation-2 Standard
Having done an analysis on the security vulnerabilities of Radio Frequency Identification (RFID) through a desynchronization and an impersonation attacks, it is revealed that the secret information (i.e.: secret key and static identifier) shared between the tag and the reader is unnecessary. To overcome the vulnerability, this paper introduces Shelled Lightweight Random Value (SLRV) protocol; a mutual authentication protocol with high-security potentials conforming to electronic product code (EPC) Class-1 Generation-2 Tags, based on lightweight and standard cryptography on the tag’s and reader’s side, respectively. SLRV prunes de-synchronization attacks where the updating of internal values is only executed on the tag’s side and is a condition to a successful mutual authentication. Results of security analysis of SLRV, and comparison with existing protocols, are presented
- …