4,199 research outputs found
Expected loss analysis of thresholded authentication protocols in noisy conditions
A number of authentication protocols have been proposed recently, where at
least some part of the authentication is performed during a phase, lasting
rounds, with no error correction. This requires assigning an acceptable
threshold for the number of detected errors. This paper describes a framework
enabling an expected loss analysis for all the protocols in this family.
Furthermore, computationally simple methods to obtain nearly optimal value of
the threshold, as well as for the number of rounds is suggested. Finally, a
method to adaptively select both the number of rounds and the threshold is
proposed.Comment: 17 pages, 2 figures; draf
Analysis of Channel-Based User Authentication by Key-Less and Key-Based Approaches
User authentication (UA) supports the receiver in deciding whether a message
comes from the claimed transmitter or from an impersonating attacker. In
cryptographic approaches messages are signed with either an asymmetric or
symmetric key, and a source of randomness is required to generate the key. In
physical layer authentication (PLA) instead the receiver checks if received
messages presumably coming from the same source undergo the same channel. We
compare these solutions by considering the physical-layer channel features as
randomness source for generating the key, thus allowing an immediate comparison
with PLA (that already uses these features). For the symmetric-key approach we
use secret key agreement, while for asymmetric-key the channel is used as
entropy source at the transmitter. We focus on the asymptotic case of an
infinite number of independent and identically distributed channel
realizations, showing the correctness of all schemes and analyzing the secure
authentication rate, that dictates the rate at which the probability that UA
security is broken goes to zero as the number of used channel resources (to
generate the key or for PLA) goes to infinity. Both passive and active attacks
are considered and by numerical results we compare the various systems
A framework for analyzing RFID distance bounding protocols
Many distance bounding protocols appropriate for the RFID technology have been proposed recently. Unfortunately, they are commonly designed without any formal approach, which leads to inaccurate analyzes and unfair comparisons. Motivated by this need, we introduce a unied framework that aims to improve analysis and design of distance bounding protocols. Our framework includes a thorough terminology about the frauds, adversary, and prover, thus disambiguating many misleading terms. It also explores the adversary's capabilities and strategies, and addresses the impact of the prover's ability to tamper with his device. It thus introduces some new concepts in the distance bounding domain as the black-box and white-box models, and the relation between the frauds with respect to these models. The relevancy and impact of the framework is nally demonstrated on a study case: Munilla-Peinado distance bounding protocol
Attacks on quantum key distribution protocols that employ non-ITS authentication
We demonstrate how adversaries with unbounded computing resources can break
Quantum Key Distribution (QKD) protocols which employ a particular message
authentication code suggested previously. This authentication code, featuring
low key consumption, is not Information-Theoretically Secure (ITS) since for
each message the eavesdropper has intercepted she is able to send a different
message from a set of messages that she can calculate by finding collisions of
a cryptographic hash function. However, when this authentication code was
introduced it was shown to prevent straightforward Man-In-The-Middle (MITM)
attacks against QKD protocols.
In this paper, we prove that the set of messages that collide with any given
message under this authentication code contains with high probability a message
that has small Hamming distance to any other given message. Based on this fact
we present extended MITM attacks against different versions of BB84 QKD
protocols using the addressed authentication code; for three protocols we
describe every single action taken by the adversary. For all protocols the
adversary can obtain complete knowledge of the key, and for most protocols her
success probability in doing so approaches unity.
Since the attacks work against all authentication methods which allow to
calculate colliding messages, the underlying building blocks of the presented
attacks expose the potential pitfalls arising as a consequence of non-ITS
authentication in QKD-postprocessing. We propose countermeasures, increasing
the eavesdroppers demand for computational power, and also prove necessary and
sufficient conditions for upgrading the discussed authentication code to the
ITS level.Comment: 34 page
- …