Cryptanalysis of some conference schemes for mobile communications
To allow many users to hold a secure teleconference in mobile networks, a secure conference scheme with dynamic participation is necessary. However, designing a secure and efficient conference scheme is a difficult task because wireless networks are susceptible to attacks and wireless devices have l...
Saved in:
| Main Authors: | , , , |
|---|---|
| Other Authors: | |
| Format: | Article |
| Language: | English |
| Published: |
2013
|
| Subjects: | |
| Online Access: | https://hdl.handle.net/10356/98299 http://hdl.handle.net/10220/12122 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Nanyang Technological University |
| Language: | English |
| id |
sg-ntu-dr.10356-98299 |
|---|---|
| record_format |
dspace |
| spelling |
sg-ntu-dr.10356-982992020-03-07T14:00:29Z Cryptanalysis of some conference schemes for mobile communications He, Daojing Chen, Chun Ma, Maode Bu, Jiajun School of Electrical and Electronic Engineering DRNTU::Engineering::Electrical and electronic engineering::Satellite telecommunication To allow many users to hold a secure teleconference in mobile networks, a secure conference scheme with dynamic participation is necessary. However, designing a secure and efficient conference scheme is a difficult task because wireless networks are susceptible to attacks and wireless devices have limited resources. Recently, a lightweight and secure conference scheme has been suggested. Later, it has been found that this solution has security weaknesses and a modified version to overcome them has been presented. Compared with other conference schemes, these two schemes have many advantages. In this short paper, security study of these conference schemes in mobile networks has been performed with the following findings: (1) both the original scheme and the modified version are still vulnerable to our proposed impersonation attack; (2) they lack a mechanism to confirm the delivery of relevant messages, leading to protocol disruption. Therefore, these two schemes cannot be deployed for the real world applications without further development. Then, some efficient countermeasures are given for enhancing the security of both schemes. Further, the security properties of the improved protocol are formally validated by a model checking tool called AVISPA. Finally, several basic principles are suggested for the design of a secure conference scheme. 2013-07-24T08:21:39Z 2019-12-06T19:53:19Z 2013-07-24T08:21:39Z 2019-12-06T19:53:19Z 2011 2011 Journal Article He, D., Chen, C., Ma, M., & Bu, J. (2012). Cryptanalysis of some conference schemes for mobile communications. Security and Communication Networks, 5(1), 107-112. 1939-0114 https://hdl.handle.net/10356/98299 http://hdl.handle.net/10220/12122 10.1002/sec.284 en Security and communication networks © 2011 John Wiley & Sons, Ltd. |
| institution |
Nanyang Technological University |
| building |
NTU Library |
| country |
Singapore |
| collection |
DR-NTU |
| language |
English |
| topic |
DRNTU::Engineering::Electrical and electronic engineering::Satellite telecommunication |
| spellingShingle |
DRNTU::Engineering::Electrical and electronic engineering::Satellite telecommunication He, Daojing Chen, Chun Ma, Maode Bu, Jiajun Cryptanalysis of some conference schemes for mobile communications |
| description |
To allow many users to hold a secure teleconference in mobile networks, a secure conference scheme with dynamic participation is necessary. However, designing a secure and efficient conference scheme is a difficult task because wireless networks are susceptible to attacks and wireless devices have limited resources. Recently, a lightweight and secure conference scheme has been suggested. Later, it has been found that this solution has security weaknesses and a modified version to overcome them has been presented. Compared with other conference schemes, these two schemes have many advantages. In this short paper, security study of these conference schemes in mobile networks has been performed with the following findings: (1) both the original scheme and the modified version are still vulnerable to our proposed impersonation attack; (2) they lack a mechanism to confirm the delivery of relevant messages, leading to protocol disruption. Therefore, these two schemes cannot be deployed for the real world applications without further development. Then, some efficient countermeasures are given for enhancing the security of both schemes. Further, the security properties of the improved protocol are formally validated by a model checking tool called AVISPA. Finally, several basic principles are suggested for the design of a secure conference scheme. |
| author2 |
School of Electrical and Electronic Engineering |
| author_facet |
School of Electrical and Electronic Engineering He, Daojing Chen, Chun Ma, Maode Bu, Jiajun |
| format |
Article |
| author |
He, Daojing Chen, Chun Ma, Maode Bu, Jiajun |
| author_sort |
He, Daojing |
| title |
Cryptanalysis of some conference schemes for mobile communications |
| title_short |
Cryptanalysis of some conference schemes for mobile communications |
| title_full |
Cryptanalysis of some conference schemes for mobile communications |
| title_fullStr |
Cryptanalysis of some conference schemes for mobile communications |
| title_full_unstemmed |
Cryptanalysis of some conference schemes for mobile communications |
| title_sort |
cryptanalysis of some conference schemes for mobile communications |
| publishDate |
2013 |
| url |
https://hdl.handle.net/10356/98299 http://hdl.handle.net/10220/12122 |
| _version_ |
1681044568586321920 |