• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.40 no.8
• /
• pp.1597-1605
• /
• 2015

Password authenticated key exchange (PAKE) is a protocol that a client stores its password to a server, authenticates itself using its password and shares a session key with the server. In multi-server PAKE, a client splits its password and stores them to several servers separately. Unless all the servers are compromised, client's password will not be disclosed in the multi-server setting. In attribute-based encryption (ABE), a sender encrypts a message M using a set of attributes and then a receiver decrypts it using the same set of attributes. In this paper, we introduce multi-server PAKE protocol that utilizes a set of attributes of ABE as a client's password. In the protocol, the client and servers do not need to create additional public/private key pairs because the password is used as a set of public keys. Also, the client and the servers exchange only one round-trip message per server. The protocol is secure against dictionary attacks. We prove our system is secure in a proposed threat model. Finally we show feasibility through evaluating the execution time of the protocol.

• Proceedings of the KAIS Fall Conference
• /
• 2006.11a
• /
• pp.212-215
• /
• 2006

본 논문에서는 MANET 환경에서 악의적인 노드들로부터 데이터를 보호하고 안전하게 전달하는 방법으로 클러스터 기반의 라우팅 알고리즘인 CBRP를 이용하여 클러스터 헤더간의 데이터 교환처럼 데이터를 캡슐화 하여 데이터의 은닉효과를 주었다. 또한 Diffie-Hellman 키 교환 알고리즘을 이용하여 노드간에 전송되는 데이터를 암호화함으로써 악의적인 노드는 데이터를 습득하더라도 키를 가지고 있지 않기 때문에 어떤 내용인지 알기 어려운 특성을 지니고 있다.

• Journal of the Korea Society of Computer and Information
• /
• v.9 no.3
• /
• pp.163-169
• /
• 2004

In this paper, a conventional key exchange method simply performs the key exchange setup step based on discrete algebraic subjects. But the mutual-authentication procedure of wireless PKI for reducing authentication time uses an elliptical curve for a key exchange setup step. Proposed handover method shows reduced handover processing time than conventional method since it can reduce CRL retrieval time. Also, we compared proposed authentication structure and conventional algorithm. and simulation results show that proposed authentication method outperforms conventional algorithm in all environment regardless of call arrival rate. queue service rate. queue size.

• Journal of the Korea Society of Computer and Information
• /
• v.10 no.2 s.34
• /
• pp.123-132
• /
• 2005

In this paper, a conventional key exchange method simply Performs the key exchange setup step based on discrete algebraic subjects. But the mutual-authentication procedure of wireless PKI for reducing authentication time uses an elliptical curve for a key exchange setup step. Proposed hand-over method shows reduced hand-over processing time than conventional method since it can reduce CRL retrieval time. Also, we compared proposed authentication structure and conventional algorithm, and simulation results show that proposed authentication method outperforms conventional algorithm in authentication waiting time.

• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.46 no.2
• /
• pp.81-88
• /
• 2009

This paper proposed a session key exchange and authentication scheme on non-interactive key distribution algorithm using a community member's ID in ubiquitous networks. In ubiquitous network environment, User's context-awareness information is collected and used to provide a context-awareness service for someone who need it. However, in ubiquitous network environment, this kind of the Context-awareness information could be abused by a malicious nodes. The proposed scheme using the community member ID provides a session key exchange and mutual authentication between community members, and supports secure data communication. Also, when exchanging the session key and authenticating each other, this scheme reduces communication overhead and authentication delay compared to the AAA server scheme.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.18 no.1
• /
• pp.84-90
• /
• 2014

Secret communication has developed from analogue communication to digital one. Secret communication which is based on digital communication has been designed succeeding safety of one-time pad. One-time pad's safety is attributed to the security of secret key's mutual storage and mutual synchronization that is the key's interchange basis is one of the essential factors. This manuscript examines mathematical stability of BB84 algorithm which is one of the quantum cryptography system, and conducts transmission of quantum key. The created key suggests One-time Pad algorithm which interchanges ciphertext implemented AES's 64th round.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.14 no.3
• /
• pp.13-25
• /
• 2004

The key exchange protocols are very crucial tools to provide the secure communication in the broadband satellite access network. They should be required to satisfy various requirements such as security, key confirmation, and key freshness. In this paper, we present the guideline of security functions in BSAN(Broadband Satellite Access Network), and analyze the specification of the security primitives and the hey exchange Protocols for the authenticated key agreement between RCST(Return Channel Satellite Terminal) and NCC(fretwork Control Centre). In addition, we propose the security specification for a domestic broad satellite network based on the analysis on the analysis profile of ETSI(European Telecommunications Standards Institute) standards. The key exchange protocols proposed in ETSI standard are vulnerable to man-in-the-middle attack and they don't provide key confirmation. To overcome this shortcoming, we propose the 4 types of the key exchange protocols which have the resistant to man-in-the-middle-attack, key freshness, and key confirmation, These proposed protocols can be used as a key exchange protocol between RCST and NCC in domestic BSAN. These proposed protocols are based on DH key exchange protocol, MTI(Matsumoto, Takashima, Imai) key exchange protocol, and ECDH(Elliptic Curve Diffie-Hellman).

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2003.07a
• /
• pp.73-76
• /
• 2003

인터넷상에서 많은 상거래 및 개인 정보들이 전송되고 있다. 그러나 이런 정보들은 많은 위협에 노출되어 있다. 이를 해결하기 위해서 전자서명, 컨텐츠 암호 등 많은 방법들이 제안되고 있지만, 이런 기법들을 이용하기 위해서는 키의 생성, 분배, 전송을 위한 처리 모듈이 기본적으로 필요하다. 이런 모듈 중 전송 및 분배 시에 제3자를 이를 가로채어서 유용하는 문제점이 발생된다. 이에 본 연구는 기존의 키 교환 알고리즘인 Diffie-Hellman(DH)에 공개키 암호화 방법과 패스워드 방법을 추가하여 기존의 키 교환에서 발생된 문제점들에 대해서 해결 하고자 한다.

• Proceedings of the Korea Multimedia Society Conference
• /
• 2000.04a
• /
• pp.103-106
• /
• 2000

본 논문에서는 키 교환 단계없이 비대칭키 암호 알고리즘을 사용하여 대량의 메시지를 암호화하여 전송하는 기법을 제안한다. 제안된 기법은 전체 메시지를 스크램블링한 후 스크램블링된 메시지의 일부분만을 공개키 암호 알고리즘을 사용하여 암호화하여 전송한다. 스크램블링 함수로 신상욱[3] 등에 의해 제안된 해쉬함수를 사용한 all-or-nothing 변환을 이용한다. 그리고 제안된 기법에 약간의 추가적인 오버헤드를 부가하여 디지털 서명까지 제공하는 기법을 제안한다.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 1991.11a
• /
• pp.95-104
• /
• 1991

관용키 암호시스템에서 가장 널리 실용화되어 사용되고 있는 알고리즘은 DES(Data Encryption Standard)이지만, DES의 보안성에 대해서는 공표이래 많은 비판과 논란이 있었으며 그중 56비트의 키로서는 충분한 비도를 제공하기에는 너무나 짧다는 것이 하나의 비판이다. 본 논문에서는 총 112비트의 키가 사용되도록 128비트의 평문을 네 부분으로 나누어 좌우 두개씩 DES알고리즘에 적용하고 좌우측을 교환하는 확장 DES를 제안하고 이를 분석하였다.