Most conventional conference key agreement protocols have not been concerned with a practical situation. There may exist some malicious conferees who attempt to block conference initiation for some purposes, e.g. commercial, political or military benefit. Instances where conference must be launched immediately due to emergency, efficient detection of malicious behavior would be needed. Recently, Tzeng (IEEE Trans. Comput. 51(4):373-379, 2002) proposed a fault-tolerant conference key agreement protocol to address the issue where a conference key can be established among conferees even though malicious conferees exist. However, his protocol might be complex and inefficient during fault-detection. In the case where a malicious conferee exists and a fault-tolerant mechanism is launched, complicated interactions between conferees will be required. In this paper, we introduce a novel strategy, where any malicious conferee may be identified and removed from the conferee list without any interaction. With such a non-interactive fault-tolerance, conferences could be established and started efficiently. A complete example of our protocol will be given to describe the fascinating fault-tolerance. We analyse the security of our protocol regarding four aspects, i.e. correctness, fault-tolerance, active attack and passive attack. The comparisons of performance between our protocol and that of Tzeng are also shown. As a whole, the advantage of our protocol is superior to that of Tzeng under the situation where malicious conferees exist.
Many novel, effective, and efficient applications and networking services are being developed for the Social Internet of Things. Recently, Li proposed a more secure and efficient authentication scheme with roaming service and user anonymity for mobile communications. The security analysis and discussion of the agreement phase is sufficiently safe; however, an attacker can intercept the identity of a mobile user's home agent in the authentication phase. By using this information, the attacker can mount distributed denial-of-service attacks in the roaming phase through replay attacks targeting the network's foreign agent and mobile user's home agent by using their corresponding session keys. Li's method also has some shortcomings regarding anonymity that we aim to address. To overcome these issues, this study proposes an elliptic curve-based wireless roaming anonymous login method for the authentication phase. The problems faced in the roaming phase are resolved, and this approach provides balanced session key computation between senders and receivers. Burrows-Abadi-Needham logic (BAN-logic) is used to verify the security of the proposed scheme. The proposed scheme affords good security, efficiency, and integrity and maintains anonymity.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.