A Novel Stateless Authentication Protocol

  • Chris J. Mitchell
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7028)


The value of authentication protocols which minimise (or even eliminate) the need for stored state in addressing DoS attacks is well-established — the seminal paper of Aura and Nikander [1] is of particular importance in this context. However, although there is now a substantial literature on this topic, it would seem that many aspects of stateless security protocols remain to be explored. In this paper we consider the design of a novel stateless authentication protocol which has certain implementation advantages. Specifically, neither party needs to maintain significant stored state. The protocol is developed as a series of refinements, at each step eliminating certain undesirable properties arising in previous steps.


Authentication Scheme Authentication Protocol Security Protocol Mutual Authentication Multimedia Security 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Aura, T., Nikander, P.: Stateless Connections. In: Han, Y., Okamoto, T., Quing, S. (eds.) ICICS 1997. LNCS, vol. 1334, pp. 87–97. Springer, Heidelberg (1997)CrossRefGoogle Scholar
  2. 2.
    Boyd, C.A., Mathuria, A.: Protocols for key establishment and authentication. Springer (2003)Google Scholar
  3. 3.
    Orman, H.: RFC 2412, The OAKLEY key determination protocol. Internet Engineering Task Force (1998)Google Scholar
  4. 4.
    Karn, P., Simpson, W.: RFC 2522, Photuris: Session-key management protocol. Internet Engineering Task Force (1999)Google Scholar
  5. 5.
    Oppliger, R.: Protecting key exchange and management protocols against resource clogging attacks. In: Preneel, B. (ed.) Secure Information Networks: Communications and Multimedia Security, IFIP TC6/TC11 Joint Working Conference on Communications and Multimedia Security, CMS 1999, Leuven, Belgium, September 20-21. IFIP Conference Proceedings, vol. 152, pp. 163–175. Kluwer (1999)Google Scholar
  6. 6.
    Chen, L., Mitchell, C.J.: Parsing ambiguities in authentication and key establishment protocols. Journal of Electronic Security and Digital Forensics 3, 82–94 (2010)CrossRefGoogle Scholar
  7. 7.
    International Organization for Standardization Genève, Switzerland: ISO/IEC 9798–4: 1999/Cor 1:2009, Technical Corrigendum 1 (2009)Google Scholar
  8. 8.
    International Organization for Standardization Genève, Switzerland: ISO/IEC 9798–4: 1999, Information technology — Security techniques — Entity authentication — Part 4: Mechanisms using a cryptographic check function, 2nd edn. (1999)Google Scholar
  9. 9.
    Dent, A.W., Mitchell, C.J.: User’s Guide to Cryptography and Standards. Artech House, Boston (2005)zbMATHGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2013

Authors and Affiliations

  • Chris J. Mitchell
    • 1
  1. 1.Information Security GroupRoyal Holloway, University of LondonUK

Personalised recommendations