{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,12]],"date-time":"2025-03-12T04:28:41Z","timestamp":1741753721255,"version":"3.38.0"},"reference-count":27,"publisher":"SAGE Publications","issue":"3","license":[{"start":{"date-parts":[[2015,7,2]],"date-time":"2015-07-02T00:00:00Z","timestamp":1435795200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/journals.sagepub.com\/page\/policies\/text-and-data-mining-license"}],"content-domain":{"domain":["journals.sagepub.com"],"crossmark-restriction":true},"short-container-title":["Journal of Computer Security"],"published-print":{"date-parts":[[2015,7,2]]},"abstract":"<jats:p> Abstract <\/jats:p><jats:p> We derive bounds on the expected loss for authentication protocols in channels which are constrained due to noisy conditions and communication costs. This is motivated by a number of authentication protocols, where at least some part of the authentication is performed during a phase, lasting n rounds, with no error correction. This requires assigning an acceptable threshold for the number of detected errors and taking into account the cost of incorrect authentication and of communication. This paper describes a framework enabling an expected loss analysis for all the protocols in this family. Computationally simple methods to obtain nearly optimal values for the threshold, as well as for the number of rounds are suggested and upper bounds on the expected loss, holding uniformly, are given. These bounds are tight, as shown by a matching lower bound. Finally, a\u00a0method to adaptively select both the number of rounds and the threshold is proposed for a certain class of protocols. <\/jats:p>","DOI":"10.3233\/jcs-140521","type":"journal-article","created":{"date-parts":[[2015,7,3]],"date-time":"2015-07-03T11:55:18Z","timestamp":1435924518000},"page":"309-329","update-policy":"https:\/\/doi.org\/10.1177\/sage-journals-update-policy","source":"Crossref","is-referenced-by-count":4,"title":["Expected loss analysis for authentication in constrained channels"],"prefix":"10.1177","volume":"23","author":[{"given":"Christos","family":"Dimitrakakis","sequence":"first","affiliation":[{"name":"Chalmers University of Technology, Gothenburg, Sweden. E-mails:\u00a0,\u00a0"}]},{"given":"Aikaterini","family":"Mitrokotsa","sequence":"additional","affiliation":[{"name":"Chalmers University of Technology, Gothenburg, Sweden. E-mails:\u00a0,\u00a0"}]},{"given":"Serge","family":"Vaudenay","sequence":"additional","affiliation":[{"name":"EPFL, Lausanne, Switzerland. E-mail:\u00a0"}]}],"member":"179","published-online":{"date-parts":[[2015,7,2]]},"reference":[{"key":"ref001","doi-asserted-by":"crossref","unstructured":"[1]T.\u00a0Baign\u00e8res, P.\u00a0Sepehrdad and S.\u00a0Vaudenay, Distinguishing distributions using Chernoff information, in: ProvSec 2010, Springer, 2010.","DOI":"10.1007\/978-3-642-16280-0_10"},{"key":"ref002","doi-asserted-by":"crossref","unstructured":"[2]M.\u00a0Bellare, R.\u00a0Impagliazzo and M.\u00a0Naor, Does parallel repetition lower the error in computationally sound protocols? in: Foundations of Computer Science, IEEE Computer Society, 1997, p.\u00a0374.","DOI":"10.1109\/SFCS.1997.646126"},{"key":"ref003","doi-asserted-by":"crossref","unstructured":"[3]I.\u00a0Boureanu, A.\u00a0Mitrokotsa and S.\u00a0Vaudenay, Practical and provably secure distance-bounding, in: Information Security Conference (ISC 2013), 2013.","DOI":"10.1007\/978-3-662-43933-3_4"},{"key":"ref004","doi-asserted-by":"crossref","unstructured":"[4]I.\u00a0Boureanu, A.\u00a0Mitrokotsa and S.\u00a0Vaudenay, Secure and lightweight distance-bounding, in: Proceedings of LIGHTSEC 2013, LNCS, Vol.\u00a08162, Springer, 2013, pp.\u00a097\u2013113.","DOI":"10.1007\/978-3-642-40392-7_8"},{"key":"ref005","doi-asserted-by":"publisher","DOI":"10.3233\/JCS-140518"},{"key":"ref006","doi-asserted-by":"crossref","unstructured":"[6]S.\u00a0Brands and D.\u00a0Chaum, Distance-bounding protocols, in: Proceedings of EUROCRYPT\u201993, LNCS, Vol.\u00a0765, 1994, pp.\u00a0344\u2013359.","DOI":"10.1007\/3-540-48285-7_30"},{"key":"ref007","doi-asserted-by":"crossref","unstructured":"[7]L.\u00a0Bussard and W.\u00a0Bagga, Distance-bounding proof of knowledge to avoid real-time attacks, in: Security and Privacy in the Age of Ubiquitous Computing, Vol.\u00a0181, Springer, Boston, 2005, pp.\u00a0223\u2013238.","DOI":"10.1007\/0-387-25660-1_15"},{"key":"ref008","doi-asserted-by":"crossref","unstructured":"[8]S.\u00a0\u010capkun, L.\u00a0Butty\u00e1n and J.\u00a0Hubaux, Sector: Secure tracking of node encounters in multi-hop wireless networks, in: ACM SASN, October 2003, 2003, pp.\u00a021\u201332.","DOI":"10.1145\/986858.986862"},{"key":"ref009","doi-asserted-by":"publisher","DOI":"10.1109\/JSAC.2005.861380"},{"key":"ref010","doi-asserted-by":"publisher","DOI":"10.1214\/aoms\/1177729330"},{"key":"ref011","doi-asserted-by":"publisher","DOI":"10.1214\/aoms\/1177706205"},{"key":"ref012","unstructured":"[12]M.H.\u00a0DeGroot, Optimal Statistical Decisions, Wiley, 1970."},{"key":"ref013","unstructured":"[13]Y.\u00a0Desmedt, Major security problems with the \u201cunforgeable\u201d (Feige)\u2013Fiat\u2013Shamir proofs of identity and how to overcome them, in: Proceedings of SecuriCom\u201988, 1988, pp.\u00a0147\u2013159."},{"key":"ref014","unstructured":"[14]C.\u00a0Dimitrakakis, A.\u00a0Mitrokotsa and S.\u00a0Vaudenay, Expected loss analysis of thresholded authentication protocols in noisy conditions, Technical report, 2010, available at: arXiv:1009.0278."},{"key":"ref015","doi-asserted-by":"crossref","unstructured":"[15]C.\u00a0Dimitrakakis, A.\u00a0Mitrokotsa and S.\u00a0Vaudenay, Expected loss bounds for authentication in constrained channels, in: INFOCOM, 2012 Proceedings IEEE, March 2012, 2012, pp.\u00a0478\u2013485.","DOI":"10.1109\/INFCOM.2012.6195788"},{"key":"ref016","doi-asserted-by":"crossref","unstructured":"[16]G.\u00a0Hancke and M.\u00a0Kuhn, An RFID distance bounding protocol, in: Proceedings of SECURECOMM\u201905, September 2005, 2005, pp.\u00a067\u201373.","DOI":"10.1109\/SECURECOMM.2005.56"},{"key":"ref017","doi-asserted-by":"crossref","unstructured":"[17]C.\u00a0Kim and G.\u00a0Avoine, RFID distance bounding protocol with mixed challenges to prevent relay attacks, Preprint, 2009, available at: Cryptology ePrint Archive: Report 2009\/310.","DOI":"10.1007\/978-3-642-10433-6_9"},{"key":"ref018","doi-asserted-by":"crossref","unstructured":"[18]C.\u00a0Kim, G.\u00a0Avoine, F.\u00a0Koeune, F.X.\u00a0Standaert and O.\u00a0Pereira, The Swiss-knife RFID distance bounding protocol, in: Proceedings of ICISC\u201908, December 2008, LNCS, Vol.\u00a05461, Springer, 2009, pp.\u00a098\u2013115.","DOI":"10.1007\/978-3-642-00730-9_7"},{"key":"ref019","doi-asserted-by":"publisher","DOI":"10.1109\/TIT.2008.2009842"},{"key":"ref020","doi-asserted-by":"publisher","DOI":"10.1109\/LCOMM.2010.02.091946"},{"key":"ref021","unstructured":"[21]P.\u00a0Peris-Lopez, J.C.\u00a0Hernandez-Castro, C.\u00a0Dimitrakakis, A.\u00a0Mitrokotsa and J.M.E.\u00a0Tapiador, Shedding light on RFID distance bounding protocols and terrorist fraud attacks, Preprint, 2010, available at: arXiv:0906.4618v2."},{"key":"ref022","doi-asserted-by":"crossref","unstructured":"[22]J.\u00a0Reid, J.M.G.\u00a0Nieto, T.\u00a0Tang and B.\u00a0Senadji, Detecting relay attacks with timing-based protocols, in: Proceedings of ASIACCS\u201907, ACM, 2007, pp.\u00a0204\u2013213.","DOI":"10.1145\/1229285.1229314"},{"key":"ref023","unstructured":"[23]D.\u00a0Singel\u00e9e, Study and design of a security architecture for wireless personal area networks, PhD dissertation, Katholieke Universiteit Leuven, 2008."},{"key":"ref024","doi-asserted-by":"crossref","unstructured":"[24]D.\u00a0Singel\u00e9e and B.\u00a0Preneel, Distance bounding in noisy environments, in: Security and Privacy in Ad-hoc and Sensor Networks \u2013 ESAS 2007, LNCS, Vol.\u00a04572, Springer, 2007, pp.\u00a0101\u2013115.","DOI":"10.1007\/978-3-540-73275-4_8"},{"key":"ref025","unstructured":"[25]W.\u00a0Stallings, Cryptography and Network Security, Prentice-Hall, 2006."},{"key":"ref026","doi-asserted-by":"crossref","unstructured":"[26]D.R.\u00a0Stinson, Cryptography: Theory and Practice, Chapman & Hall, 2006.","DOI":"10.1201\/9781420057133"},{"key":"ref027","doi-asserted-by":"crossref","unstructured":"[27]N.O.\u00a0Tippenhauer and S.\u00a0\u010capkun, ID-based secure distance bounding and localization, in: Computer Security \u2013 ESORICS 2009, LNCS, Vol.\u00a05789, Springer, Heidelberg, 2010, pp.\u00a0621\u2013636.","DOI":"10.1007\/978-3-642-04444-1_38"}],"container-title":["Journal of Computer Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/journals.sagepub.com\/doi\/pdf\/10.3233\/JCS-140521","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/journals.sagepub.com\/doi\/full-xml\/10.3233\/JCS-140521","content-type":"application\/xml","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/journals.sagepub.com\/doi\/pdf\/10.3233\/JCS-140521","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,3,11]],"date-time":"2025-03-11T08:53:24Z","timestamp":1741683204000},"score":1,"resource":{"primary":{"URL":"https:\/\/journals.sagepub.com\/doi\/10.3233\/JCS-140521"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2015,7,2]]},"references-count":27,"journal-issue":{"issue":"3","published-print":{"date-parts":[[2015,7,2]]}},"alternative-id":["10.3233\/JCS-140521"],"URL":"https:\/\/doi.org\/10.3233\/jcs-140521","relation":{},"ISSN":["0926-227X","1875-8924"],"issn-type":[{"type":"print","value":"0926-227X"},{"type":"electronic","value":"1875-8924"}],"subject":[],"published":{"date-parts":[[2015,7,2]]}}}