Related papers: An attack on MySQL's login protocol
We demonstrate how adversaries with unbounded computing resources can break Quantum Key Distribution (QKD) protocols which employ a particular message authentication code suggested previously. This authentication code, featuring low key…
The rapid development of information and network technologies motivates the emergence of various new computing paradigms, such as distributed computing, and edge computing. This also enables more and more network enterprises to provide…
In this paper we review and comment on "A novel protocol-authentication algorithm ruling out a man-in-the-middle attack in quantum cryptography", [M. Peev et al., Int. J. Quant. Inform., 3, 225, (2005)]. In particular, we point out that the…
If an eavesdropper succeeds in compromising the quantum as well as the classical channels and mimics the receiver "Bob" for the sender "Alice" and vice versa, one defence strategy is the successive, temporally interlocked partial…
Recently, Li et al. proposed a dynamic identity based authentication protocol for multi-server architecture. They claimed their protocol is secure and can withstand various attacks. But we found some security loopholes in the protocol.…
A paper presented at the ICICS 2019 conference describes what is claimed to be a `provably secure group authentication [protocol] in the asynchronous communication model'. We show here that this is far from being the case, as the protocol…
In 2013, Tsai et al. cryptanalyzed Yeh et al. scheme and shown that Yeh et al., scheme is vulnerable to various cryptographic attacks and proposed an improved scheme. In this poster we will show that Tsai et al., scheme is also vulnerable…
In this Reply we propose a modified security proof of the Quantum Dense Key Distribution protocol detecting also the eavesdropping attack proposed by Wojcik in his Comment.
In identity misbinding attacks against authenticated key-exchange protocols, a legitimate but compromised participant manipulates the honest parties so that the victim becomes unknowingly associated with a third party. These attacks are…
The Echo protocol tries to do secure location verification using physical limits imposed by the speeds of light and sound. While the protocol is able to guarantee that a certain object is within a certain region, it cannot ensure the…
Honeywords are decoy passwords that can be added to a credential database; if a login attempt uses a honeyword, this indicates that the site's credential database has been leaked. In this paper we explore the basic requirements for…
We experimentally implemented an eavesdropping attack against the Ekert protocol for quantum key distribution based on the Wigner inequality. We demonstrate a serious lack of security of this protocol when the eavesdropper gains total…
Everyone is concerned about the Internet security, yet most traffic is not cryptographically protected. The usual justification is that most attackers are only off-path and cannot intercept traffic; hence, challenge-response mechanisms…
In this paper, we propose an algorithm that targets contamination and eavesdropping adversaries. We consider the case when the number of independent packets available to the eavesdropper is less than the multicast capacity of the network.…
In this work, message authentication over noisy channels is studied. The model developed in this paper is the authentication theory counterpart of Wyner's wiretap channel model. Two types of opponent attacks, namely impersonation attacks…
Recently proposed quantum key distribution protocols are shown to be vulnerable to a classic man-in-the-middle attack using entangled pairs created by Eve. It appears that the attack could be applied to any protocol that relies on…
Symmetric private information retrieval is a cryptographic task allowing a user to query a database and obtain exactly one entry without revealing to the owner of the database which element was accessed. The task is a variant of general…
Honeypots are a well-studied defensive measure in network security. This work proposes an effective low-cost honeypot that is easy to deploy and maintain. The honeypot introduced in this work is able to handle commands in a non-standard way…
In this note we propose an encryption communication protocol which also provides database security. For the encryption of the data communication we use a transformation similar to the Cubic Public-key transformation. This method represents…
Most current self-sovereign identity systems may be categorized as strictly objective, consisting of cryptographically signed statements issued by trusted third party attestors. This failure to provide an input for subjectivity accounts for…