Does Counting Still Count? Revisiting the Security of Counting based User Authentication Protocols against Statistical Attacks
Download: Paper (PDF)
Date: 24 Apr 2013
Document Type: Presentations
Additional Documents: Slides
Associated Event: NDSS Symposium 2013
At NDSS 2012, Yan et al. proposed a generic statistical attack on counting-based authentication protocols. However, they did not give details of any fixes against this attack barring a few suggestions. We generalize this attack with a much more comprehensive theoretical analysis, and propose two fixes to make counting-based protocols practically safe against the attack at the cost of usability.