• Journal of KIISE:Information Networking
• /
• v.31 no.3
• /
• pp.252-258
• /
• 2004

In this paper, we propose a new authenticated key exchange protocol in which client and sever can mutually authenticate and establish a session key over an insecure channel using only a human memorable password. The proposed protocol is based on Diffie-Hellman scheme and has many of desirable security attributes: It resists off-line dictionary attacks mounted by either Passive or active adversaries over network, allowing low-entropy Passwords to be used safely. It also offers perfect forward secrecy, which protects past sessions when passwords are compromised. In particular, the advantage of our scheme is that it is secure against an impersonation attack, even if a server's password file is exposed to an adversary. The proposed scheme here shows that it has better performance when compared to the previous notable password-based key exchange methods.

• Journal of Korea Multimedia Society
• /
• v.16 no.2
• /
• pp.180-189
• /
• 2013

The SMART Highway project combines road construction with advanced technology and vehicle telecommunications. Its expected outcome is a world-leading intelligent road that is green, fast, and comfortable. A vehicular ad-hoc network(VANET) is the core technology of the SMART Highway, whose transport operation is based on road vehicles. The VANET is a next-generation networking technology that enables wireless communication between vehicles or between vehicles and a road side unit(RSU). In the VANET system, a vehicle accident is likely to cause a serious disaster. Therefore, some information on safety is essential to serve as the key exchange protocol for communication between vehicles. However, the key exchange scheme of the general network proposed for a fast-moving communication environment is unsuitable for vehicles. In this paper, communication between multiple vehicles more efficient and secure key exchange at the vehicle certification by signcryption is proposed.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.27 no.12C
• /
• pp.1238-1244
• /
• 2002

In this paper, H.235-based security mechanism for H.323 multimedia applications was implemented. H.235 covers authentication using HMAC, Diffie-Hellman key exchange, session key management for voice channel, and encryption functions such as DES, 3DES, RC2. Extra encryption algorithms such as SEED, and AES were also included for possible use in the future. And, we also analyzed the quality of service (QoS), the requirement of implementation, and interoperability to the result in this study. The results could be applied to secure simple IP phone terminals, gateways, or gatekeepers.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2012.11a
• /
• pp.903-906
• /
• 2012

스마트 디바이스의 보편화로 인해 시간이나 장소에 구애 받지 않고 이동하면서 사용자간 다양한 데이터를 주고받게 되었다. 더욱이 모바일 및 스마트 디바이스를 이용한 업무처리량이 늘어남에 따라 음성 통화 및 데이터를 주고받는 양 또한 늘어났고 이에 대한 안전성의 문제점이 나타내게 되었다. 본 논문에서는 사용자간 안전한 음성 통화 및 데이터 송수신을 위하여 보안이 적용되지 않은 표준 SIP 프로토콜에 무선 환경에 적합한 WTLS를 적용하여 데이터의 안전성을 검증하고 TLS를 적용했을 때와 비교하여 데이터 전송 속도차를 분석한다. 데이터의 보호를 위해 WTLS 알고리즘을 이용한 안전한 키 교환 프로토콜과 암복호화 알고리즘을 적용 시켰다.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.29 no.3C
• /
• pp.426-435
• /
• 2004

The DIAMETER protocol provides Authentication, Authorization, and Accounting (AAA) transactions across the Internet. SIP(Session Initiation Protocol) will be used for new types of signaling, such as instant messaging and application level mobility across networks. And SIP will be a major signaling protocol for next generation wireless networks. But the Digest authentication scheme is not using a secure method of user authentication in SIP, and it is vulnerable to man-in-the-middle attacks or dictionary attacks. This study focused on designing a SIP proxy for interworking with AAA server with respect to user authentication and security analysis. We compared and analyzed the security aspects of the scenarios and propose two proposals that a response which include the user address and password-based mutual authentication and key agreement protocol. It is claimed to be more secure against common attacks than current scenarios.

• Journal of the Korea Society of Computer and Information
• /
• v.10 no.5 s.37
• /
• pp.161-170
• /
• 2005

The Certificate Revocation List(CRL) or the Online Certificate Status Protocol(OCSP)has been used to validate certificates. However, the CRL cannot validate certificates in realtime because of the Time-Gap problem and the OCSP server overloads in a large scale secure system. In addition, the client cannot access a wired LAN until the client has been authenticated by the authentication server on the IEEE 802. 1x framework. Therefore, the client cannot validate the authentication server's certificate using a certificate validation server. Thus, the client cannot authenticate the authentication server in realtime. To solve these problems this paper designed a secure system that can protect the content of communications and authenticate users in realtime on a wireless LAN The designed certificate validation protocol was proved that the stability and efficiency of the system was very high, the result of the validation had the presence, the speed of the validation was not affected by the system scale, the number of authorities user must trust was reduced to one, and the overload of the validation server was Protected. And the designed user authentication and key exchange protocols were Proved that the mutual authentication was possible in realtime and the fact of the authentication could be authorized by the CA because of using the authorized certificates.