• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.35 no.2B
• /
• pp.183-190
• /
• 2010

Recently, there is still vulnerability of attack, such as location tracking attack, replay attack, spoofing attack etc for all that is much research for Mobile RFID authentication. This paper designed method of making one time random number in DB server side unlike previously researched protocols, and it protects RFID communication from location tracking, replay attack and spoofing attack.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2019.05a
• /
• pp.298-299
• /
• 2019

In this paper, we propose a stable mutual authentication protocol between unmanned combat systems in tactical wireless networks where long distance communications are not always guaranteed due to a poor channel condition. The proposed protocol generates an authentication code using hash collision of arbitrarily selected random data. The authentication requester encrypts and transmits it to the authenticator. They performs authentication by sharing the valid authentication code. We analyze the safety of the proposed method for various attack scenarios.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.36 no.8B
• /
• pp.1028-1037
• /
• 2011

Recently, Selim et al proposed public key cryptography based privacy preserving multi-context RFID authentication protocol. However Selim et al's proposed protocol not only doesn't fit into passive tag based RFID system because it uses public key based encryption algorithm to perform authentication between reader and tag, but also is insecure to an impersonation attack because it doesn't provide mutual authentication. In order to eliminate the above described efficiency problem and security vulnerabilities, this paper proposes a new multi-context RFID mutual authentication protocol that can prevent privacy invasion and tag impersonation attack through providing mutual authentication between single passive tag which is located different application space and readers which provide multi-context purposes and can secure against relay attack and denial-of-service attack. As a result, the proposed protocol performs secure mutual authentication based on the collected space and time information from the RFID reader and provides strong security and high computation efficiency because if performs secure one-way hash function and symmetric encryption operations suitable to the environments of passive RFID tags.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2001.11a
• /
• pp.427-431
• /
• 2001

본 논문에서는 확인자 기반의 SRP 프로토콜을 이용하여 무선통신 환경에서 상호인증 프로토콜을 설계하는 것이다. 본 논문에서 제안한 타원 곡선 SRP 프로토콜은 타원 곡선 이산 대수 문제를 SRP에 적용시켜, 타원곡선의 높은 효율성과 보안성을 갖고, 스칼라 연산을 하게 됨으로써, 이동통신 시스템에 효율적인 인증 프로토콜을 제안한다.

• Journal of Industrial Convergence
• /
• v.18 no.5
• /
• pp.23-29
• /
• 2020

The Internet of things (IoT) is the extension of Internet connectivity into various devices and everyday objects. Embedded with electronics, Internet connectivity and other forms of hardware. The IoT poses significant risk to the entire digital ecosystem. This is because so many of these devices are designed without a built-in security system to keep them from being hijacked by hackers. This paper proposed a mutual authentication protocol for IoT Devices using symmetric-key algorithm. The proposed protocol use symmetric key cryptographic algorithm to securely encrypt data on radio channel. In addition, the secret key used for encryption is random number of devices that improves security by using variable secret keys. The proposed protocol blocked attacker and enabled legal deives to communicate because only authenticated devices transmit data by a mutual authentication protocol. Finally, our scheme is safe for attacks such as eavesdropping attack, location tracking, replay attack, spoofing attack and denial of service attack and we confirmed the safety by attack scenario.

• Proceedings of the Korean Information Science Society Conference
• /
• 2002.10c
• /
• pp.547-549
• /
• 2002

Seo와 Sweeny는 통신 당사자간의 직접적인 세션키(session key) 교환을 위해 SAKA(Simple Authenticated Key Agreement Algorithm)를 제안했다. SAKA는 패스워드(password)를 사용하여 사용자인증 기능을 제공하는 변형된 Diffie-Hellman 키 교환 프로토콜로써, 키 생성 및 사용자 인증 시 요구되는 계산량과 메시지 전송량을 고려할 때 효율적인 프로토콜이다. 그러나, 최근에 Lin은 SAKA의 안전성에 취약점이 있음을 지적하고 개선된 프로토콜을 제안하였다. 본 논문에서는 개선된 프로토콜이 여전히 재전송 공격(replay attack)에 안전하지 않기 때문에 사용자 인증을 제공 할 수 없음을 보인다.

• Proceedings of the Korean Information Science Society Conference
• /
• 2003.04a
• /
• pp.488-490
• /
• 2003

Diffie-Hellman 키 교환 프로토콜에 패스워드를 기반으로 하는 인증수단을 추가하여 Seo와 Sweeney는 SAKA를 제안하였다. 하지만 SAKA와 SAKA 변형 프로토콜들은 중간자 공격, 오프라인 패스워드 추측공격, 데닝-사코 공격, 완전한 전방향 보안의 측면에서 송.수신자 상호간의 인증 수단을 유효하게 제공하지 못하였다. 본 논문에서는 패스워드 기반의 키 교환 프로토콜에서 이루어지는 인증과정에서의 취약점을 해결하기 위해 키를 이용한 일방향 해쉬 함수를 이용하여 강화된 키 교환 프로토콜을 제안한다. 본 논문에서 제안한 프로토콜은 이전의 SAKA 변형 프로토콜들에 비해 적은 수의 메시지 교환이 필요한 장점이 있다.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.16 no.9
• /
• pp.1963-1969
• /
• 2012

Recently use of RFID(Radio Frequency Identification) tends to be rapidly increased and will be also extended throughout the whole life. Using radio-frequency data can be recognized automatically in the RFID system is vulnerable to personal information protection or security. And passive tags have a hardware problem is the limit for applying cryptographic. This paper presents an authentication protocol using AES and Nounce. After completing mutual authentication server to access and strengthen security vulnerability to the use of the Nounce, because safety in denial of service attacks.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 1997.11a
• /
• pp.120-127
• /
• 1997

본 논문에서는 해쉬함수 만을 이용한 상호 인증 및 세션키 공유 시스템을 안전하면서 적은 비용으로도 구현할 수 있는 프로토콜을 제안한다. 인증값을 계산하기 위하여 암호 알고리즘이나 모듈라 연산은 전혀 사용되지 않기 때문에 사용자 Terminal도 간단한 계산 능력을 갖추면 된다. 사용자는 패스워드를 암기하며 128비트 이상의 키가 저장된 간단한 메모리 디바이스를 소유한다.

• Journal of Digital Convergence
• /
• v.10 no.3
• /
• pp.155-160
• /
• 2012

This paper proposes an authentication protocol based on hash and AES safe from various types of attacks in order to assure the security of communication between tags and readers, which exchange data with each other wirelessly in a RFID system. The proposed authentication protocol resolves a problem in existing hash-based protocols whereby the same hidden value is generated for the same identification in each session. In order to hide tag identification information a number of complicated calculations were required, but using the proposed AES protocol reduces such calculations, strengthens security against replay attack, spoofing attack, traffic analysis, eavesdropping, etc. and assure mutual authentication between tags and readers.