Related papers: Cryptanalysis on Four Two-Party Authentication Pro…
This a response to "Yes They Can! ..." (a comment on [5]) by J.S. Shaari et al. [9]. We show that the claims in the comment do not hold up and that all the conclusions obtained in [5] are correct. In particular, the two considered kinds of…
This paper describes a new protocol for authentication in ad-hoc networks. The protocol has been designed to meet specialized requirements of ad-hoc networks, such as lack of direct communication between nodes or requirements for revocable…
This paper modifies Kak's three-stage protocol so that it can guarantee secure transmission of information. Although avoiding man-in-the-middle attack is our primary objective in the introduction of classical authentication inside the…
OAuth is the new de facto standard for delegating authorization in the web. An important limitation of OAuth is the fact that it was designed for authorization and not for authentication. The usage of OAuth for authentication thus leads to…
Recently, a quantum key exchange protocol has been described, which served as basis for securing an actual bank transaction by means of quantum cryptography [quant-ph/0404115]. Here we show, that the authentication scheme applied is…
We propose a new three-party quantum private comparison protocol using genuinely maximally entangled six-qubit states. In our protocol, three participants can determine whether their private information are equal or not without an external…
In a 2005 IACR report, Wang published an efficient identity-based key agreement protocol (IDAK) suitable for resource constrained devices. The author shows that the IDAK key agreement protocol is secure in the Bellare-Rogaway model with…
This paper analyzes the performance of Kak's three stage quantum cryptographic protocol based on public key cryptography against a man-in-the-middle attack. A method for protecting against such an attack is presented using certificates…
To prevent credential stuffing attacks, industry best practice now proactively checks if user credentials are present in known data breaches. Recently, some web services, such as HaveIBeenPwned (HIBP) and Google Password Checkup (GPC), have…
We present a multiparty simultaneous quantum identity authentication protocol based on entanglement swapping. In our protocol, the multi-user can be authenticated by a trusted third party simultaneously.
In the big data era, many organizations face the dilemma of data sharing. Regular data sharing is often necessary for human-centered discussion and communication, especially in medical scenarios. However, unprotected data sharing may also…
In this paper we proposed an authentication technique based on the user cards, to improve the authentication process in systems that allows remote access for the users, and raise the security rate during an exchange of their messages. in…
Until now, there have been developed many arbitrated quantum signature schemes implemented with a help of a trusted third party. In order to guarantee the unconditional security, most of them take advantage of the optimal quantum one-time…
Considering computer systems, security is the major concern with usability. Security policies need to be developed to protect information from unauthorized access. Passwords and secrete codes used between users and information systems for…
This study aims to assess wireless network security holistically and attempts to determine the weakest link among the parts that comprise the 'secure' aspect of the wireless networks: security protocols, wireless technologies and user…
In Yang et al.'s literatures (J. Phys. A: Math. 42, 055305, 2009; J. Phys. A:Math. 43, 209801, 2010), a quantum private comparison protocol based on Bell states and hash function is proposed, which aims to securely compare the equality of…
The OAuth 2.0 protocol is one of the most widely deployed authorization/single sign-on (SSO) protocols and also serves as the foundation for the new SSO standard OpenID Connect. Despite the popularity of OAuth, so far analysis efforts were…
In this paper, we build upon the model of two-party quantum computation introduced by Salvail et al. [SSS09] and show that in this model, only trivial correct two-party quantum protocols are weakly self-composable. We do so by defining a…
To protect users from data breaches and phishing attacks, service providers typically implement two-factor authentication (2FA) to add an extra layer of security against suspicious login attempts. However, since 2FA can sometimes hinder…
Recently, Zou et al. [Phys. Rev. A 82, 042325 (2010)] pointed out that two arbitrated quantum signature (AQS) schemes are not secure, because an arbitrator cannot arbitrate the dispute between two users when a receiver repudiates the…