• Title/Summary/Keyword: 순방향 비밀성

Search Result 5, Processing Time 0.019 seconds

A Study on the User Authentication Scheme with Forward Secrecy (순방향 비밀성을 제공하는 사용자 인증 스킴에 관한 연구)

  • An, Young-Hwa
    • Journal of the Korea Society of Computer and Information
    • /
    • v.16 no.2
    • /
    • pp.183-191
    • /
    • 2011
  • Recently Wang-Li proposed the remote user authentication scheme using smart cards. But the proposed scheme has not been satisfied security requirements considering in the user authentication scheme using the password based smart card. In this paper, we described the Wang-Li and Yoon et al.'s authentication scheme simply, and we prove that the Wang-Li's scheme is vulnerable to a password guessing attack and impersonation attack in case that the attacker steals the user's smart card and extracts the information in the smart card. Accordingly, we propose the improved user authentication scheme based on the hash function and generalized ElGamal signature scheme that can withstand many possible attacks including a password guessing attack, impersonation attack and replay attack, and that can offer the function of forward secrecy. The result of comparative analysis, the our proposed scheme is much more secure and efficient than the Wang-Li and Yoon et al.'s scheme.

Secure Remote User Authentication Scheme for Password Guessing Attack (패스워드 추측공격에 안전한 원격 사용자 인증 스킴)

  • Shin, Seung-Soo;Han, Kun-Hee
    • Journal of the Korea Academia-Industrial cooperation Society
    • /
    • v.12 no.12
    • /
    • pp.5895-5901
    • /
    • 2011
  • This paper shows that a scheme provided by An[7] is not enough to satisfy security requirements for a user certification using a password-based smart card. In order to compensate this weakness, this study provides an improved user scheme with a hash function and ElGamal signature. This new scheme has some advantages protecting password guessing attack, masquerade, and replay attack as well as providing forward secrecy. Compared to An's certification scheme, this scheme suggests that the effect of computational complexity is similar but the efficiency of safety is better.

Weaknesses and Improvement of User Authentication Scheme against Smart-Card Loss Attack (스마트 카드 분실 공격에 안전한 사용자 인증 스킴의 취약점 및 개선방안)

  • Choi, Younsung
    • The Journal of the Institute of Internet, Broadcasting and Communication
    • /
    • v.16 no.6
    • /
    • pp.95-101
    • /
    • 2016
  • With the rapid development of Internet and communication network technology, various studies had proceeded to develop the technology of wireless sensor networks. Authentication schemes for user and sensor are critical and important security issue to use wireless sensors legally. First, Das introduce a user authentication scheme using smart card and password for wireless sensor networks, various studies had proceeded. Chem et al. suggested a secure user authentication scheme against smart card loss attack but Chen et al. scheme does not still resolve some security vulnerability such as perfect forward secrecy, session key exposure by gateway node, anonymity, and the password check. To resolve the problems, this paper proposes a security enhanced user authentication using the fuzzy extraction, elliptic curves cryptography and dynamic ID and analyzes the security.

Key-Agreement Protocol between IoT and Edge Devices for Edge Computing Environments (에지 컴퓨팅 환경을 위한 IoT와 에지 장치 간 키 동의 프로토콜)

  • Choi, Jeong-Hee
    • Journal of Convergence for Information Technology
    • /
    • v.12 no.2
    • /
    • pp.23-29
    • /
    • 2022
  • Recently, due to the increase in the use of Internet of Things (IoT) devices, the amount of data transmitted and processed to cloud computing servers has increased rapidly. As a result, network problems (delay, server overload and security threats) are emerging. In particular, edge computing with lower computational capabilities than cloud computing requires a lightweight authentication algorithm that can easily authenticate numerous IoT devices.In this paper, we proposed a key-agreement protocol of a lightweight algorithm that guarantees anonymity and forward and backward secrecy between IoT and edge devices. and the proposed algorithm is stable in MITM and replay attacks for edge device and IoT. As a result of comparing and analyzing the proposed key-agreement protocol with previous studies, it was shown that a lightweight protocol that can be efficiently used in IoT and edge devices.

A New Secure Multicast Protocol in Micro-Mobility Environments using Secure Group Key (마이크로 모빌리티 환경에서 보안 그룹키를 이용한 안전한 멀티캐스트 프로토콜)

  • Kang, Ho-Seok;Shim, Young-Chul
    • The KIPS Transactions:PartC
    • /
    • v.15C no.6
    • /
    • pp.573-586
    • /
    • 2008
  • The improved performance and miniaturization of computer and the improvement of wireless communication technology have enabled the emergence of many high quality services. Among them multicast services are receiving much attention and their usage is increasing due to the increase of Internet multimedia services such as video conference, multimedia stream, internet TV, etc. Security plays an important role in mobile multicast services. In this paper, we proposed a secure multicast protocol for a hierarchical micro-mobility environment. The proposed secure multicast protocol provides security services such as authentication, access control, confidentiality and integrity using mechanisms including symmetric/asymmetric key crypto-algorithms and capabilities. To provide forward/backward secrecy and scalability, we used sub-group keys based on the hierarchical micro-mobility environment. With this security services, it is possible to guard against all kinds of security attacks performed by illegal mobile nodes. Attacks executed by internal nodes can be thwarted except those attacks which delete packet or cause network resources to be wasted. We used simulator to measure the performance of proposed protocol. As a result, the simulation showed that effect of these security mechanisms on the multicast protocol was not too high.