Thiru Neels - Profile on Academia.edu (original) (raw)

varsha wilson related author profile picture

Hind Cheurfi related author profile picture

Hoang Son Tung related author profile picture

aaf lf related author profile picture

Diego Ivan Leon related author profile picture

Belén Cedeño Reyes related author profile picture

alex scott related author profile picture

Acab Helmi related author profile picture

Soha Samir related author profile picture

Haroon Azizi related author profile picture

Uploads

Papers by Thiru Neels

Research paper thumbnail of First step toward internet based embedded control system

… Conference, 2004. 5th …, 2004

IP network has been evolving significantly in last decade. Many computers and devices have been a... more IP network has been evolving significantly in last decade. Many computers and devices have been attached to the IP network and many applications were taken place over it. One of interesting applications is building embedded control system which has connectivity to Internet. This paper explains an implementation of embedded web server with security support which becomes an example of control application over IP network. A security algorithm, TEA (Tiny Encryption Algorithm), has been implemented in a microprocessor system together with TCP/IP stack. The microprocessor system is based on 8051 family microcontroller which serves as web server. The encryption algorithm is processed both on server and client. Therefore in clients need a plug in, which run encryption mechanism, so that they can access the embedded web server safely.

Research paper thumbnail of Security weakness in a three-party pairing-based protocol for password authenticated key exchange

Information Sciences, 2007

Authentication and key exchange are fundamental for establishing secure communication channels ov... more Authentication and key exchange are fundamental for establishing secure communication channels over public insecure networks. Password-based protocols for authenticated key exchange are designed to work even when user authentication is done via the use of passwords drawn from a small known set of values. Recently, Wen et al. (H.-A. Wen, T.-F. Lee, T. Hwang, Provably secure three-party password-based authenticated key exchange protocol using Weil pairing, IEE Proceedings-Communications 152 proposed a new protocol for password-based authenticated key exchange in the three-party setting, where the clients trying to establish a common secret key do not share a password between themselves but only with a trusted server. Wen et al.'s protocol carries a claimed proof of security in a formal model of communication and adversarial capabilities. However, this work shows that the protocol for three-party key exchange is completely insecure and the claim of provable security is seriously incorrect. We conduct a detailed analysis of flaws in the protocol and its security proof, in the hope that no similar mistakes are made in the future.

Research paper thumbnail of A Certificate-Free Grid Security Infrastructure Supporting Password-Based User Authentication

Password-based authentication is still the most widelyused authentication mechanism, largely beca... more Password-based authentication is still the most widelyused authentication mechanism, largely because of the ease with which it can be understood by end users and implemented. In this paper, we propose a security infrastructure for grid applications, in which users are authenticated using passwords. Our infrastructure allows users to perform single sign-on based only on passwords, without requiring a public key infrastructure. Nevertheless, our infrastructure supports essential grid security services, such as mutual authentication and delegation, using public key cryptographic techniques. Moreover, hosting servers in our infrastructure are not required to have public key certificates, meaning mutual authentication and delegation of proxy credentials can be performed in a lightweight and efficient manner.

Research paper thumbnail of Embedded system security

Computer, 2004

Philip Koopman is an associate pro- fessor in the Department of Electrical and Computer Engineering at Carnegie Mellon University, where he is also a member of the Institute for Complex Engineered Systems and the Institute for Software Research International. Contact him at koopman@cmu.edu. For example, how do we create impenetrable firewalls to keep attack- ers from manipulating safety-critical sensors and actuators? How can we ensure that real-time deadlines will be met, even in the face of DoS attacks or An Internet-enabled thermostat can also let Big Brother monitor whether you’re setting it properly to do your part for an energy crisis—and set it for you if you’re not. Some gas, water, and

Research paper thumbnail of First step toward internet based embedded control system

… Conference, 2004. 5th …, 2004

IP network has been evolving significantly in last decade. Many computers and devices have been a... more IP network has been evolving significantly in last decade. Many computers and devices have been attached to the IP network and many applications were taken place over it. One of interesting applications is building embedded control system which has connectivity to Internet. This paper explains an implementation of embedded web server with security support which becomes an example of control application over IP network. A security algorithm, TEA (Tiny Encryption Algorithm), has been implemented in a microprocessor system together with TCP/IP stack. The microprocessor system is based on 8051 family microcontroller which serves as web server. The encryption algorithm is processed both on server and client. Therefore in clients need a plug in, which run encryption mechanism, so that they can access the embedded web server safely.

Research paper thumbnail of Security weakness in a three-party pairing-based protocol for password authenticated key exchange

Information Sciences, 2007

Authentication and key exchange are fundamental for establishing secure communication channels ov... more Authentication and key exchange are fundamental for establishing secure communication channels over public insecure networks. Password-based protocols for authenticated key exchange are designed to work even when user authentication is done via the use of passwords drawn from a small known set of values. Recently, Wen et al. (H.-A. Wen, T.-F. Lee, T. Hwang, Provably secure three-party password-based authenticated key exchange protocol using Weil pairing, IEE Proceedings-Communications 152 proposed a new protocol for password-based authenticated key exchange in the three-party setting, where the clients trying to establish a common secret key do not share a password between themselves but only with a trusted server. Wen et al.'s protocol carries a claimed proof of security in a formal model of communication and adversarial capabilities. However, this work shows that the protocol for three-party key exchange is completely insecure and the claim of provable security is seriously incorrect. We conduct a detailed analysis of flaws in the protocol and its security proof, in the hope that no similar mistakes are made in the future.

Research paper thumbnail of A Certificate-Free Grid Security Infrastructure Supporting Password-Based User Authentication

Password-based authentication is still the most widelyused authentication mechanism, largely beca... more Password-based authentication is still the most widelyused authentication mechanism, largely because of the ease with which it can be understood by end users and implemented. In this paper, we propose a security infrastructure for grid applications, in which users are authenticated using passwords. Our infrastructure allows users to perform single sign-on based only on passwords, without requiring a public key infrastructure. Nevertheless, our infrastructure supports essential grid security services, such as mutual authentication and delegation, using public key cryptographic techniques. Moreover, hosting servers in our infrastructure are not required to have public key certificates, meaning mutual authentication and delegation of proxy credentials can be performed in a lightweight and efficient manner.

Research paper thumbnail of Embedded system security

Computer, 2004

Philip Koopman is an associate pro- fessor in the Department of Electrical and Computer Engineering at Carnegie Mellon University, where he is also a member of the Institute for Complex Engineered Systems and the Institute for Software Research International. Contact him at koopman@cmu.edu. For example, how do we create impenetrable firewalls to keep attack- ers from manipulating safety-critical sensors and actuators? How can we ensure that real-time deadlines will be met, even in the face of DoS attacks or An Internet-enabled thermostat can also let Big Brother monitor whether you’re setting it properly to do your part for an energy crisis—and set it for you if you’re not. Some gas, water, and

Log In