• Proceedings of the Korean Information Science Society Conference
• /
• 2001.10c
• /
• pp.613-615
• /
• 2001

본 논문에서는 미래 이등 통신 환경에서의 공개키 암호시스템에 기반한 VASP 와의 효율적인 상호 인증과키 교환 프로토콜을 제안한다. 제안된 프로토롤은 임시적으로 생성한 서명용 비밀키에 대한 인증서인 임시 이동 사용자 인증서를 기반으로 한다. 본 논문에서는 이동 통신 환경에 임시 이동 사용자 인증서 (Temporary Mobile User Certificate)를 도입하기 위하여 새로운 등록 프로토롤을 제시하였으며 제안된 임시 이동 사용자 인증서를 이용하여 VASP 와의 효율적인 인중 및 키 교환 프로토롤을 제안한다. 또한 임시 이동 사용자 인증서는 이동 사용자의 익명 서비스 사용을 보장할 수 있다.

• Review of KIISC
• /
• v.12 no.6
• /
• pp.81-92
• /
• 2002

cdma2000 1xEV(Evolution)-DO(Data Only)는 기존의 IS-2000 무선 프로토콜과 달리 패킷 데이터 서비스를 위한 전용 프로토콜로, 최대 2.4Mbps의 전송 속도를 제공한다. cdma2000 1xEV-DO는 이전의 프로토콜과 단리 무선 인터페이스 계층 구조에 따로 분리된 시큐리티 계층(security layer)을 가지며, 이 시큐리티 계층에서 패킷 데이터 서비스를 위한 인증과 암호화 서비스를 제공한다. 본 고에서는 패깃 데이터 서비스를 위한 전용 프로토콜인 chma2000 1xEV-DO의 시큐리티 계층의 4가지 프로토콜인 키 교환 프로토콜, 인증 프로토콜, 암호화 프로토롤, 시큐리티 프로토콜을 분석한다.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.26 no.11C
• /
• pp.102-112
• /
• 2001

This paper analyzes Security Performance and Processing Performance to measure performance between nodes by using AH and ESP protocol. IPsec VPN provides application with security service implemented in IP Layer while traffic cost and packet processing time it increased by encryption, decryption and authentication in AH and ESP. We measured overall packet processing time and IPsec module processing time. The result of the efficiency test showed that the factors of influencing electrical transmission efficiency were the size of electrical transmission packets, codes used for tunnelling, authentication functions, CPU velocity of host7, and the embodiment of IPsec; for a high capacity traffic, IPsec transmission was not appropriate, because transmission velocity was delayed by more than ten times in comparison with Non-IPsec.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.15 no.2
• /
• pp.73-80
• /
• 2005

We propose a Quantum Authentication and Key distribution protocol based on one-time n using one-way Hash function. The designated users can authenticate each other and the arbitrator using their one-time ID and distribute a quantum secret key using remained GHZ states after authentication procedure. Though the help of the arbitrator is needed in the process of authentication and key distribution, our protocol prevents the arbitrator from finding out the shared secret key even if the arbitrator becomes an active attacker. Unconditional security can be proved in our protocol as the other QKD protocols.

• The Transactions of the Korea Information Processing Society
• /
• v.6 no.12
• /
• pp.3613-3621
• /
• 1999

In this paper, we analyzed the suity of key distribution protocol based on discrete logarithm for the purpose of designing key distribution protocol systematically. We also propose the efficient key agreement protocol with direct authentication. In comparison with Station-to-Station protocol, it provides the direct authentication using the Diffie-Hellman problem without signature.

• Journal of the Korea Society of Computer and Information
• /
• v.8 no.3
• /
• pp.130-137
• /
• 2003

This paper proposes protocol design that can do user authentication efficiently in current systems that client-server environment is developed. And proposes a password-based authentication protocol suitable to certification through trustless network or key exchange. While the existing password-base protocols certify users through certification authority (CA) between client and server, the proposed protocol in this paper, users and server exchange keys and perform authentication without help of CA. To ameliorate the drawback of password-based protocols causing by the short length and randomness of password, the proposed protocol uses the signature techniques of ECDSA and the SRP protocol based on Diffie-Hellman key exchange method. Also, by with compare to round number and Hash function number and exponential operation of existing protocols, we explained efficiency of proposed protocol.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.15 no.3
• /
• pp.43-52
• /
• 2005

MIPv4 supports node mobility, manages MN's binding list and provides seamless communication through registration protocol. Since the registration protocol usually operating in the wireless environment involves authenticating MNs, it is a general approach to introduce the AAA infrastructure as key distribution center for the purpose of authentication. In this paper, we propose an efficient registration protocol with lightweight AAA based on domain key. Proposed protocol also withstands various replay attacks, and provides non-repudiation service for the accounts of the usage of the network service.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.12 no.1
• /
• pp.33-42
• /
• 2002

We present a systematic way to armor a zero-knowledge interactive proof based identification scheme that has badly chosen keys. Keys are sometimes mistakenly chosen to be weak(neither random nor long), and a weak key is often preferred to a strong key so that it might be easy for human to remember. Weak keys severely degrade the security of ZKIP based identification schemes. We show using off-line guessing attack how the weak key threats the security of ZlKIP based identification schemes. For the proper usage of ZKIP, we introduce a specialized form of ZKIP, which has a secret coin-tossing stage. Using the secret coin tossing, a secure framework is proposed for ZKIP based identification schemes with weak key in the ideal cipher model. The framework is very useful in password based authentication and key exchange protocol

• Journal of the Korea Computer Industry Society
• /
• v.4 no.4
• /
• pp.625-632
• /
• 2003

We are view of the information on VPN(Virtual private Network) into each difference layer protocol. network on mutuality exchanged of information is importance of the confidentiality and Integrity. But it is presented problems about compatability and availability between variable equipment as several protocol. hence, it was achieved of the transmission through encryption and authentication of information, although there is secured an intended attack from the third intruder. so tunneling VPN system on achieving, each layer position transmit of mutuality exchanged. This study will investigate the codification and certified security status when layer2 and layer 3 informations are each transmitted using protocol with integrity Public Key. In addition, we will using protocol and the performance analysis difference between layers and layers.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.30 no.1C
• /
• pp.25-34
• /
• 2005

Girault proposed a key agreement protocol based on his new idea of self-certified public key. Later Rueppel and Oorschot showed variants of the Girault scheme. All of these key agreement protocols inherit positive features of self-certified public key so that they can provide higher security and smaller communication overhead than key agreement protocols not based on self-certified public key. Even with such novel features, rigorous security analysis of these protocols has not been made clear yet. In this paper, we give rigorous security analysis of key agreement protocols based on self-certified public key. We use reduction among functions for security analysis and consider several kinds of active attacker models such as active impersonation attack, key-compromise impersonation attack, forward secrecy and known key security.