Does Counting Still Count? Revisiting the Security of Counting based User Authentication Protocols against Statistical Attacks

Author(s): Hassan Jameel Asghar, Shujun Li, Ron Steinfeld, Josef Pieprzyk

Download: Paper (PDF)

Date: 24 Apr 2013

Document Type: Presentations

Additional Documents: Slides

Associated Event: NDSS Symposium 2013

Abstract:

At NDSS 2012, Yan et al. proposed a generic statistical attack on counting-based authentication protocols. However, they did not give details of any fixes against this attack barring a few suggestions. We generalize this attack with a much more comprehensive theoretical analysis, and propose two fixes to make counting-based protocols practically safe against the attack at the cost of usability.