TY - GEN
T1 - New method of authentication
T2 - Colloque Francophone sur l'Ingenierie des Protocoles, CFIP 2006 - French-Speaking Conference on Protocol Engineering, CFIP 2006
AU - Cheikhrouhou, Omar
AU - Laurent-Maknavicius, Maryline
AU - Jemaa, Maher Ben
PY - 2006/1/1
Y1 - 2006/1/1
N2 - This paper describes a new EAP method called EAP-EHash (EHash for Encrypted-Hash) which combines simplicity and deployment easiness of EAP-MD5 and robustness of EAP-TLS. EAP-EHash is expected to apply in the same application domains than those two existing methods (user authentication to servers, VPN?). For a better positioning of each EAP method, the paper presents first the EAP-TLS and EAP-MD5 methods, and then EAP-EHash and realizes a critical analysis of each of them. Finally the EAP-EHash method is formally validated with the AVISPA tool, thus proving that it verifies the expected security properties, especially its robustness to Man-In-The-Middle attacks.
AB - This paper describes a new EAP method called EAP-EHash (EHash for Encrypted-Hash) which combines simplicity and deployment easiness of EAP-MD5 and robustness of EAP-TLS. EAP-EHash is expected to apply in the same application domains than those two existing methods (user authentication to servers, VPN?). For a better positioning of each EAP method, the paper presents first the EAP-TLS and EAP-MD5 methods, and then EAP-EHash and realizes a critical analysis of each of them. Finally the EAP-EHash method is formally validated with the AVISPA tool, thus proving that it verifies the expected security properties, especially its robustness to Man-In-The-Middle attacks.
UR - https://www.scopus.com/pages/publications/84926081271
M3 - Conference contribution
AN - SCOPUS:84926081271
T3 - CFIP 2006 - Colloque Francophone sur l'Ingenierie des Protocoles
SP - 193
EP - 205
BT - CFIP 2006 - Colloque Francophone sur l'Ingenierie des Protocoles
PB - Hermes Science Publications
Y2 - 30 October 2006 through 3 November 2006
ER -