110 Hits in 3.9 sec

Extending IPsec for Efficient Remote Attestation [chapter]

Ahmad-Reza Sadeghi, Steffen Schulz
2010 Lecture Notes in Computer Science  
In this work, we propose an extension to the IPsec key exchange protocol IKEv2.  ...  Our extension (i) allows for continuous exchange of attestation data while the IPsec connection is running, (ii) supports highly ecient exchange of attestation data and (iii) requires minimal changes to  ...  As the attestation messages are only exchanged once the IKEv2 authentication phase succeeded, requirement R2 of goal G1 is met in case of V1.  ... 
doi:10.1007/978-3-642-14992-4_14 fatcat:3gp2vmb4lbgwvgwahhjsfx4csi

Model Checking the IKEv2 Protocol Using Spin

Tristan Ninet, Axel Legay, Romaric Maillard, Louis-Marie Traonouez, Olivier Zendra
2019 2019 17th International Conference on Privacy, Security and Trust (PST)  
Previous analyses of IKEv2 concluded that the protocol was suffering from two authentication vulnerabilities: the penultimate authentication flaw and a vulnerability that leads to a reflection attack.  ...  We further discuss two modifications of the protocol and prove that both of them do overcome the vulnerability the penultimate authentication flaw.  ...  Acknowledgment The authors would like to thank Thomas Given-Wilson for its help with proof-reading an early version of this paper, and Youcef Ech-Chergui for its IKEv2 expertise.  ... 
doi:10.1109/pst47121.2019.8949057 dblp:conf/pst/NinetLMTZ19 fatcat:nejckudjdnda7aqsqhe4vf6qa4

ACE of Spades in the IoT Security Game: A Flexible IPsec Security Profile for Access Control

Santiago Aragon, Marco Tiloca, Max Maass, Matthias Hollick, Shahid Raza
2018 2018 IEEE Conference on Communications and Network Security (CNS)  
The Authentication and Authorization for Constrained Environments (ACE) framework provides fine-grained access control in the Internet of Things, where devices are resource-constrained and with limited  ...  We provide the first Open Source implementation of the ACE IPsec profile for the Contiki OS and test it on the resource-constrained Zolertia Firefly platform.  ...  Center CROSSING (project S1) and project C.1 within the RTG 2050 "Privacy and Trust for Mobile Users"; the EIT-Digital Master School.  ... 
doi:10.1109/cns.2018.8433209 dblp:conf/cns/AragonTMHR18 fatcat:pckthj3ol5ar3k3gd63ko6m72q

Deniable Internet Key Exchange [chapter]

Andrew C. Yao, Yunlei Zhao
2010 Lecture Notes in Computer Science  
Furthermore, even for protocols running in the higher layers (e.g, the application layer), a party may respond to a key-exchange request coming from a peer who, for the sake of preserving its privacy,  ...  The first generation IKEv1 [16] uses public-key encryption as the authentication mechanism (with SKEME serving as the basis in part), 1 and IKEv2 [18] uses public-key signature as the authentication mechanism  ...  We remark that mixing both parties' IDs in message computation violates the privacy-preserving principle of IKEv2, i.e., message from one party should not involve it's peer's ID.  ... 
doi:10.1007/978-3-642-13708-2_20 fatcat:hqbabyc5f5avzkz75hd4j3utjy

Key Exchange Protocol Supporting Mobility and Multihoming

Mohammed A. Tawfiq, Sufyan T. Faraj Al-janabi, Abdul-Karim A. R. Kadhim
2006 i-manager's Journal on Software Engineering  
The goals of designing KEPSOM are to develop key exchange protocol proposal characterized by its secrecy, simplicity, efficiency, resistivity, and its ability to support mobility and multihoming.  ...  In these tests, it is found that the required time for rekeying is about 27% of the total required time for exchanging the keys.  ...  In the case of key-exchange, a session is intended to agree on "session key" with one another party (the peer to the session) and involves the exchange of the messages with that party.  ... 
doi:10.26634/jse.1.2.824 fatcat:mqe2fzozv5efve66r3r3psnj3e

Comparison and Analysis of Secure Mobile Architecture (SMA) and Evolved Packet System

Jani Pellikka, Marek Skowron, Andrei Gurtov
2011 2011 IEEE 73rd Vehicular Technology Conference (VTC Spring)  
of user traffic and protection of user/host privacy by default.  ...  by 3GPP and Secure Mobile Architecture (SMA), a standardization effort by The Open Group (TOG).  ...  ACKNOWLEDGMENT The authors would like to thank the partners of the Celtic MEVICO project for all fruitful discussions and their valuable advice on writing this paper.  ... 
doi:10.1109/vetecs.2011.5956380 dblp:conf/vtc/PellikkaSG11 fatcat:vwxwvdjwnfboxbnfty62h2agha

A network-assisted mobile VPN for securing users data in UMTS

Christos Xenakis, Christoforos Ntantogian, Ioannis Stavrakakis
2008 Computer Communications  
For the initialization of a network-assisted mVPN and the related key agreement an extension of Internet Key Exchange version 2 (IKEv2) is proposed.  ...  For the initialization of a network-assisted mVPN an extension of the Internet Key Exchange version 2 (IKEv2) [21] is proposed.  ...  Acknowledgement This work has been supported by the project CASCADAS (IST-027807) funded by the FET Program of the European Commission.  ... 
doi:10.1016/j.comcom.2008.05.018 fatcat:nrxfdlmzfre37dnxly4cypczzy

DMM-SEP: Secure and Efficient Protocol for Distributed Mobility Management based on 5G Networks

Jiyoon Kim, Philip Virgil Astillo, Ilsun You
2020 IEEE Access  
, integrity, mutual authentication, and key exchange.  ...  However, DMM, which has no dominant security scheme specified to itself, is excessively dependent on the security of Layer 2 and is vulnerable to various threats.  ...  Moreover, the obtained lemmas demonstrate that the proposed protocol satisfies the security requirements including confidentiality, integrity, mutual authentication, key exchange, privacy, and defense  ... 
doi:10.1109/access.2020.2985448 fatcat:2kw6e7k5bnajljauyqxwesk5de

Tailoring end-to-end IP security protocols to the Internet of Things

Rene Hummen, Hanno Wirtz, Jan Henrik Ziegeldorf, Jens Hiller, Klaus Wehrle
2013 2013 21st IEEE International Conference on Network Protocols (ICNP)  
Recent standardization efforts focus on a number of lightweight IP security protocol variants for end-to-end security in the Internet of Things (IoT), most notably DTLS, HIP DEX, and minimal IKEv2.  ...  These protocol variants commonly consider public-key-based cryptographic primitives in their protocol design for peer authentication and key agreement.  ...  To authenticate this key agreement, both peers prove the correctness of the Master Key using message authentication codes (MAC) in the I2 and R2 messages.  ... 
doi:10.1109/icnp.2013.6733571 dblp:conf/icnp/HummenWZHW13 fatcat:ejmfos3uijefbg55dkozozmgsy

Just fast keying in the pi calculus

Martín Abadi, Bruno Blanchet, Cédric Fournet
2007 ACM Transactions on Privacy and Security  
In some cases, there are overlaps between the two kinds of proofs; those overlaps provide extra assurance about the correctness of the formalization and the proofs.  ...  Specifically, we present a formalization of one of the two variants of JFK known as JFKr (the one closer to IKEv2).  ...  of this paper, and to Michael Roe and Dieter Gollmann for early discussions on this work.  ... 
doi:10.1145/1266977.1266978 fatcat:mow3dqrjyveptgmtjqf7swvsva

Just fast keying

William Aiello, Steven M. Bellovin, Matt Blaze, Ran Canetti, John Ioannidis, Angelos D. Keromytis, Omer Reingold
2004 ACM Transactions on Privacy and Security  
We describe Just Fast Keying (JFK), a new key-exchange protocol, primarily designed for use in the IP security architecture.  ...  It is simple, efficient, and secure; we sketch a proof of the latter property.  ...  -Privacy: It must preserve the privacy of the initiator and/or responder, insofar as possible. -Memory-DoS: It must resist memory exhaustion attacks.  ... 
doi:10.1145/996943.996946 fatcat:6lmsda5cjzaepbftzgzwowplci

Conception of Virtual Private Networks Using IPsec Suite of Protocols, Comparative Analysis of Distributed Database Queries Using Different IPsec Modes of Encryption

Muhamed Elezi, Bujar Raufi
2015 Procedia - Social and Behavioral Sciences  
The world of Internet as such is open and insecure by nature.  ...  This paper offers a set of simulated secure data communication tunnels together with a comparison of results of the speed variables measured against the security through different encryption protocols  ...  Internet Key Exchange 2 (IKEv2): The most recent RFC that covers the IKE2 is RFC 7427 and it introduces IKE2 as an internet standard.  ... 
doi:10.1016/j.sbspro.2015.06.206 fatcat:tlglyrj5pzbpteawhgirdndxfa

Just Fast Keying in the Pi Calculus [chapter]

Martín Abadi, Bruno Blanchet, Cédric Fournet
2004 Lecture Notes in Computer Science  
In some cases, there are overlaps between the two kinds of proofs; those overlaps provide extra assurance about the correctness of the formalization and the proofs.  ...  Specifically, we present a formalization of one of the two variants of JFK known as JFKr (the one closer to IKEv2).  ...  of this paper, and to Michael Roe and Dieter Gollmann for early discussions on this work.  ... 
doi:10.1007/978-3-540-24725-8_24 fatcat:7sidbpxvlncrzhtkwqcd26wukq

Broadcast Message Authentication Mechanism to Detect Clone and Sybil attacks in VANET's based on ID-Based Signature Scheme

Kareemulla Shaik, Md. Ali Hussain
2018 International Journal of Engineering & Technology  
To achieve this a secure authentication and attack detection mechanism can be designed.  ...  Our scheme shown best performance compared to existing schemes in terms of packet delivery ration, detection rate and detection time.  ...  Wang,, developed a new light-weight and efficient strong privacy-preserving authentication technique for secure communication in case of VANETs [13] .  ... 
doi:10.14419/ijet.v7i3.12.17770 fatcat:ln4ruhibf5f6lmvlecft7cmxim

HIP based Approach for Configuration Provisioning

Seppo Heikkinen, Hannes Tschofenig
2006 2006 IEEE 17th International Symposium on Personal, Indoor and Mobile Radio Communications  
The most typical configuration procedure of a host involves the provision of an IP address and most often this is done with the help of Dynamic Host Configuration Protocol (DHCP).  ...  While the closed nature of the access networks has mitigated the vulnerability, the evolvement of the networks and increase in wireless use demand more stringent secure measures.  ...  The authors had the ideas of the proposal for the first time within the EU funded Ambient Networks project and wish to acknowledge the feedback and support received there.  ... 
doi:10.1109/pimrc.2006.254082 dblp:conf/pimrc/HeikkinenT06 fatcat:2gu5z54qnrc37o4y2hb4dcfwzq
« Previous Showing results 1 — 15 out of 110 results