Detection of Brute-Force Attacks in End-to-End Encrypted Network Traffic

Wichmann, Pascal; Marx, Matthias; Federrath, Hannes; Fischer, Mathias

doi:10.1145/3465481.3470113

Cited by 7 publications

(1 citation statement)

References 18 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…10. Brute force attack [38]: This attack occurs when a malicious attacker systematically attempts all possible combinations of a password or encryption key until the correct one is found. The attacker uses automated tools to generate and try every possible permutation, starting from the simplest and shortest, until gaining unauthorized access to the system or decrypting a message.…”

Section: Adversary Modelmentioning

confidence: 99%

Security enhancement of remote user authentication schemes based on biometrics

Kim

2024

Preprint

View full text Add to dashboard Cite

Remote authentication has been extensively studied over the past few decades, with password-based authentication being a common approach since Lamport's 1981 proposal of a password-based remote authentication scheme. Despite numerous advancements, including the introduction of biometric and smart card-based schemes by Li and Hwang, as well as Chen et al.'s claims of robustness against various attacks, these protocols continue to exhibit vulnerabilities. These weaknesses include susceptibility to attacks such as replay, man-in-the-middle, user impersonation, and offline password guessing, among others. In this study, we conduct a comprehensive analysis of several existing biometric-based authentication protocols, identifying critical vulnerabilities and areas for improvement. To address these issues, we propose a novel authentication protocol that leverages the biometrics of mobile devices. Our protocol incorporates a collision-free one-way hash function to enhance security. We conduct a thorough security analysis of the proposed protocol using the Automated Validation of Internet Security Protocols and Applications (AVISPA) tool, alongside both formal and informal security evaluations. The results of these analyses indicate that our proposed scheme significantly improves security by effectively mitigating common attacks that have compromised previous protocols. Additionally, our protocol demonstrates superior computational efficiency, making it practical for real-world applications. By addressing the security flaws inherent in existing protocols and optimizing for performance, our scheme provides a robust and efficient solution for secure remote authentication using mobile device biometrics.

show abstract

Section: Adversary Modelmentioning

confidence: 99%