University of Limerick Institutional Repository

Detection and prevention of new attacks for ID-based authentication protocols

DSpace Repository

Show simple item record

dc.contributor.author Chen, Jinyong
dc.contributor.author Dojen, Reiner
dc.contributor.author Jurcut, Anca
dc.date.accessioned 2021-05-31T09:11:28Z
dc.date.available 2021-05-31T09:11:28Z
dc.date.issued 2020
dc.identifier.uri http://hdl.handle.net/10344/10121
dc.description peer-reviewed en_US
dc.description.abstract The rapid development of information and network technologies motivates the emergence of various new computing paradigms, such as distributed computing, and edge computing. This also enables more and more network enterprises to provide multiple different services simultaneously. To ensure these services can conveniently be accessed only by authorized users, many password and smart card-based authentication schemes for multi-server architecture have been proposed. In this paper, we review several dynamic ID-based password authentication schemes for multi-server environments. New attacks against four of these schemes are presented, demonstrating that an adversary can impersonate either legitimate or fictitious users. The impact of these attacks is the failure to achieve the main security requirement: authentication. Thus, the security of the analyzed schemes is proven to be compromised. We analyze these four dynamic ID-based schemes and discuss the reasons for the success of the new attacks. Additionally, we propose a new set of design guidelines to prevent such exploitable weaknesses on dynamic ID-based authentication protocols. Finally, we apply the proposed guidelines to the analyzed protocols and demonstrate that violation of these guidelines leads to insecure protocols. en_US
dc.language.iso eng en_US
dc.publisher ACM en_US
dc.relation.ispartofseries 9th International Conference on Networks, Communication and Computing (ICNCC 2020);pp. 78-86
dc.subject Authentication protocols en_US
dc.subject Multi-factor authentication en_US
dc.title Detection and prevention of new attacks for ID-based authentication protocols en_US
dc.type info:eu-repo/semantics/conferenceObject en_US
dc.type.supercollection all_ul_research en_US
dc.type.supercollection ul_published_reviewed en_US
dc.identifier.doi 10.1145/3447654.3447666
dc.rights.accessrights info:eu-repo/semantics/openAccess en_US


Files in this item

This item appears in the following Collection(s)

Show simple item record

Search ULIR


Browse

My Account

Statistics