Man-In-The-Middle Attack against Certain Authentication Protocols Revisited: Insights into the Approach and Performances Re-Evaluation

Man-In-The-Middle Attack against Certain Authentication Protocols Revisited: Insights into the Approach and Performances Re-Evaluation

We address a class of authentication protocols called “HB” ones and the man-in-the-middle (MIM) attack, reported at the ASIACRYPT conference, called OOV-MIM (Ouafi-Overbeck-Vaudenay MIM). Analysis of the considered attack and its systematic experimental evaluation are given. It is shown that the mai...

Full description

Bibliographic Details
Main Authors: Milica Knežević, Siniša Tomović, Miodrag J. Mihaljević
Format: Article
Language:English
Published: MDPI AG 2020-08-01
Series:Electronics
Subjects:
authentication protocol
HB
man-in-the-middle attack
cryptanalysis
performance
RFID
Online Access:https://www.mdpi.com/2079-9292/9/8/1296
id doaj-144de055d6ed43d6b274a215ab96b5a3
record_format Article
spelling doaj-144de055d6ed43d6b274a215ab96b5a32020-11-25T03:16:27ZengMDPI AGElectronics2079-92922020-08-0191296129610.3390/electronics9081296Man-In-The-Middle Attack against Certain Authentication Protocols Revisited: Insights into the Approach and Performances Re-EvaluationMilica Knežević0Siniša Tomović1Miodrag J. Mihaljević2Mathematical Institute of the Serbian Academy of Sciences and Arts, Kneza Mihaila 36, 11000 Belgrade, SerbiaMathematical Institute of the Serbian Academy of Sciences and Arts, Kneza Mihaila 36, 11000 Belgrade, SerbiaMathematical Institute of the Serbian Academy of Sciences and Arts, Kneza Mihaila 36, 11000 Belgrade, SerbiaWe address a class of authentication protocols called “HB” ones and the man-in-the-middle (MIM) attack, reported at the ASIACRYPT conference, called OOV-MIM (Ouafi-Overbeck-Vaudenay MIM). Analysis of the considered attack and its systematic experimental evaluation are given. It is shown that the main component of OOV-MIM, the algorithm for measuring the Hamming weight of noise vectors, outputs incorrect results as a consequence of the employed approximation of the probability distributions. The analysis reveals that, practically, the only scenario in which the OOV-MIM attack is effective is the one in which two incorrect estimations produced by the algorithm for measuring the Hamming weight, when coupled, give the correct result. This paper provides additional insights into the OOV-MIM and corrected claims about the performance/complexity showing that the performances of the considered attack have been overestimated, i.e., that the complexity of the attack has been underestimated. Particularly, the analysis points out the reasons for the incorrect claims and to the components of the attack that do not work as expected.https://www.mdpi.com/2079-9292/9/8/1296authentication protocolHBman-in-the-middle attackcryptanalysisperformanceRFID
collection DOAJ
language English
format Article
sources DOAJ
author Milica Knežević
Siniša Tomović
Miodrag J. Mihaljević
spellingShingle Milica Knežević
Siniša Tomović
Miodrag J. Mihaljević
Man-In-The-Middle Attack against Certain Authentication Protocols Revisited: Insights into the Approach and Performances Re-Evaluation
Electronics
authentication protocol
HB
man-in-the-middle attack
cryptanalysis
performance
RFID
author_facet Milica Knežević
Siniša Tomović
Miodrag J. Mihaljević
author_sort Milica Knežević
title Man-In-The-Middle Attack against Certain Authentication Protocols Revisited: Insights into the Approach and Performances Re-Evaluation
title_short Man-In-The-Middle Attack against Certain Authentication Protocols Revisited: Insights into the Approach and Performances Re-Evaluation
title_full Man-In-The-Middle Attack against Certain Authentication Protocols Revisited: Insights into the Approach and Performances Re-Evaluation
title_fullStr Man-In-The-Middle Attack against Certain Authentication Protocols Revisited: Insights into the Approach and Performances Re-Evaluation
title_full_unstemmed Man-In-The-Middle Attack against Certain Authentication Protocols Revisited: Insights into the Approach and Performances Re-Evaluation
title_sort man-in-the-middle attack against certain authentication protocols revisited: insights into the approach and performances re-evaluation
publisher MDPI AG
series Electronics
issn 2079-9292
publishDate 2020-08-01
description We address a class of authentication protocols called “HB” ones and the man-in-the-middle (MIM) attack, reported at the ASIACRYPT conference, called OOV-MIM (Ouafi-Overbeck-Vaudenay MIM). Analysis of the considered attack and its systematic experimental evaluation are given. It is shown that the main component of OOV-MIM, the algorithm for measuring the Hamming weight of noise vectors, outputs incorrect results as a consequence of the employed approximation of the probability distributions. The analysis reveals that, practically, the only scenario in which the OOV-MIM attack is effective is the one in which two incorrect estimations produced by the algorithm for measuring the Hamming weight, when coupled, give the correct result. This paper provides additional insights into the OOV-MIM and corrected claims about the performance/complexity showing that the performances of the considered attack have been overestimated, i.e., that the complexity of the attack has been underestimated. Particularly, the analysis points out the reasons for the incorrect claims and to the components of the attack that do not work as expected.
topic authentication protocol
HB
man-in-the-middle attack
cryptanalysis
performance
RFID
url https://www.mdpi.com/2079-9292/9/8/1296
work_keys_str_mv AT milicaknezevic maninthemiddleattackagainstcertainauthenticationprotocolsrevisitedinsightsintotheapproachandperformancesreevaluation
AT sinisatomovic maninthemiddleattackagainstcertainauthenticationprotocolsrevisitedinsightsintotheapproachandperformancesreevaluation
AT miodragjmihaljevic maninthemiddleattackagainstcertainauthenticationprotocolsrevisitedinsightsintotheapproachandperformancesreevaluation
_version_ 1724636100898586624

Similar Items