Thiru Neels - Academia.edu (original) (raw)
Uploads
Papers by Thiru Neels
… Conference, 2004. 5th …, 2004
IP network has been evolving significantly in last decade. Many computers and devices have been a... more IP network has been evolving significantly in last decade. Many computers and devices have been attached to the IP network and many applications were taken place over it. One of interesting applications is building embedded control system which has connectivity to Internet. This paper explains an implementation of embedded web server with security support which becomes an example of control application over IP network. A security algorithm, TEA (Tiny Encryption Algorithm), has been implemented in a microprocessor system together with TCP/IP stack. The microprocessor system is based on 8051 family microcontroller which serves as web server. The encryption algorithm is processed both on server and client. Therefore in clients need a plug in, which run encryption mechanism, so that they can access the embedded web server safely.
Information Sciences, 2007
Authentication and key exchange are fundamental for establishing secure communication channels ov... more Authentication and key exchange are fundamental for establishing secure communication channels over public insecure networks. Password-based protocols for authenticated key exchange are designed to work even when user authentication is done via the use of passwords drawn from a small known set of values. Recently, Wen et al. (H.-A. Wen, T.-F. Lee, T. Hwang, Provably secure three-party password-based authenticated key exchange protocol using Weil pairing, IEE Proceedings-Communications 152 proposed a new protocol for password-based authenticated key exchange in the three-party setting, where the clients trying to establish a common secret key do not share a password between themselves but only with a trusted server. Wen et al.'s protocol carries a claimed proof of security in a formal model of communication and adversarial capabilities. However, this work shows that the protocol for three-party key exchange is completely insecure and the claim of provable security is seriously incorrect. We conduct a detailed analysis of flaws in the protocol and its security proof, in the hope that no similar mistakes are made in the future.
Password-based authentication is still the most widelyused authentication mechanism, largely beca... more Password-based authentication is still the most widelyused authentication mechanism, largely because of the ease with which it can be understood by end users and implemented. In this paper, we propose a security infrastructure for grid applications, in which users are authenticated using passwords. Our infrastructure allows users to perform single sign-on based only on passwords, without requiring a public key infrastructure. Nevertheless, our infrastructure supports essential grid security services, such as mutual authentication and delegation, using public key cryptographic techniques. Moreover, hosting servers in our infrastructure are not required to have public key certificates, meaning mutual authentication and delegation of proxy credentials can be performed in a lightweight and efficient manner.
… Conference, 2004. 5th …, 2004
IP network has been evolving significantly in last decade. Many computers and devices have been a... more IP network has been evolving significantly in last decade. Many computers and devices have been attached to the IP network and many applications were taken place over it. One of interesting applications is building embedded control system which has connectivity to Internet. This paper explains an implementation of embedded web server with security support which becomes an example of control application over IP network. A security algorithm, TEA (Tiny Encryption Algorithm), has been implemented in a microprocessor system together with TCP/IP stack. The microprocessor system is based on 8051 family microcontroller which serves as web server. The encryption algorithm is processed both on server and client. Therefore in clients need a plug in, which run encryption mechanism, so that they can access the embedded web server safely.
Information Sciences, 2007
Authentication and key exchange are fundamental for establishing secure communication channels ov... more Authentication and key exchange are fundamental for establishing secure communication channels over public insecure networks. Password-based protocols for authenticated key exchange are designed to work even when user authentication is done via the use of passwords drawn from a small known set of values. Recently, Wen et al. (H.-A. Wen, T.-F. Lee, T. Hwang, Provably secure three-party password-based authenticated key exchange protocol using Weil pairing, IEE Proceedings-Communications 152 proposed a new protocol for password-based authenticated key exchange in the three-party setting, where the clients trying to establish a common secret key do not share a password between themselves but only with a trusted server. Wen et al.'s protocol carries a claimed proof of security in a formal model of communication and adversarial capabilities. However, this work shows that the protocol for three-party key exchange is completely insecure and the claim of provable security is seriously incorrect. We conduct a detailed analysis of flaws in the protocol and its security proof, in the hope that no similar mistakes are made in the future.
Password-based authentication is still the most widelyused authentication mechanism, largely beca... more Password-based authentication is still the most widelyused authentication mechanism, largely because of the ease with which it can be understood by end users and implemented. In this paper, we propose a security infrastructure for grid applications, in which users are authenticated using passwords. Our infrastructure allows users to perform single sign-on based only on passwords, without requiring a public key infrastructure. Nevertheless, our infrastructure supports essential grid security services, such as mutual authentication and delegation, using public key cryptographic techniques. Moreover, hosting servers in our infrastructure are not required to have public key certificates, meaning mutual authentication and delegation of proxy credentials can be performed in a lightweight and efficient manner.