Abstract. Yeh et al. have recently proposed a mutual authentication protocol based on EPC Class-1 Gen.-2 standard. They claim their protocol is secure against adversarial attacks and also provides forward secrecy. In this paper we show that the proposed protocol does not have cited security features properly. A powerful and practical attack is presented on this protocol whereby the whole security of the protocol is broken. Furthermore, Yeh et al.'s protocol does not assure the untraceabilitiy and backwarduntraceabilitiy attributes. We also will propose our revision to safeguard the Yeh et al.'s protocol against cited attacks.
For many years, the pay-TV system has attracted a lot of users. Users have recently expressed the desire to use mobile TV or mobile payment via anonymous protocols. The mobile users have also received their services over cellular communications networks. Each mobile device receives services from each head end systems. With increasing numbers of users and the expansion of Internet, user's privacy has become crucial important. When a device leaves the head end system's range, it must receive services from another head end system. In this paper, we review Chen et al's scheme and we highlight some weaknesses, including privilege insider attack and user traceability attack. Finally, we alleviate the scheme and analyze the alleviated scheme using both heuristic and formal methods.
This study analyzes cybersecurity trends and proposes a conceptual framework to identify cybersecurity topics of social interest and emerging topics that need to be addressed by researchers in the field. The insights drawn from this framework allow for a more proactive approach to identifying cybersecurity patterns and emerging threats that will ultimately improve the collective cybersecurity posture of the modern society. To achieve this, cybersecurity-oriented content in both media and academic corpora, disseminated between 2008 and 2018, were morphologically analyzed via text mining. A total of 3,556 academic papers obtained from the top-10 highly reputable cybersecurity academic conferences, and 4,163 news articles collected from the
New York Times
were processed. The LDA topic modeling followed optimal perplexity and coherence scores resulted in 12 trendy topics. Next, the time-based gap between these trendy topics was analyzed to measure the correlation between media and trendy academic topics. Both convergences and divergences between the two cybersecurity corpora were identified, suggesting a strong time-based correlation between these resources. This framework demonstrates the effective use of automated techniques to provide insights about cybersecurity topics of social interest and emerging trends and informs the direction of future academic research in this field.
Ubiquitousness of Radio Frequency Identification (RFID) systems with inherent weaknesses has been a cause of concern about their privacy and security. Therefore, secure protocols are essentially necessary for the RFID tags to guarantee privacy and authentication among them and the reader. This paper inspects privacy in the RFID systems. First, we survey four new-found RFID authentication protocols, and then, their weaknesses in formal privacy model are analyzed. Although the authors of the schemes claimed that their protocols completely resist privacy attacks, we formally prove that all of them suffer from the family of traceability attacks. Furthermore, not only are the four improved protocols proposed to prevent the aforementioned attacks, but also we provide formal analysis to guarantee the security and privacy of the proposed enhancements.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.