• Title/Summary/Keyword: 키 교환 프로토콜

Search Result 283, Processing Time 0.023 seconds

Design of SRP based Independent authentication protocol for efficient user authentication (효율적 사용자 인증을 위한 SRP 기반의 독립적 인증 프로토콜 설계)

  • 정경숙;정태충
    • Journal of the Korea Society of Computer and Information
    • /
    • v.8 no.3
    • /
    • pp.130-137
    • /
    • 2003
  • This paper proposes protocol design that can do user authentication efficiently in current systems that client-server environment is developed. And proposes a password-based authentication protocol suitable to certification through trustless network or key exchange. While the existing password-base protocols certify users through certification authority (CA) between client and server, the proposed protocol in this paper, users and server exchange keys and perform authentication without help of CA. To ameliorate the drawback of password-based protocols causing by the short length and randomness of password, the proposed protocol uses the signature techniques of ECDSA and the SRP protocol based on Diffie-Hellman key exchange method. Also, by with compare to round number and Hash function number and exponential operation of existing protocols, we explained efficiency of proposed protocol.

  • PDF

Improved Password Change Protocol Using One-way Function (일방향 함수를 이용한 개선된 패스월드 변경 프로토콜)

  • Jeon Il-Soo
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.16 no.2
    • /
    • pp.121-127
    • /
    • 2006
  • Recently, Chang et at.$^[9]$ proposed a new password-based key agreement protocol and a password change protocol to improve the efficiency in the password-based authenticated key agreement protocol proposed by Yeh et at.$^[8]$. However, Wang et al.$^[10]$ showed that their protected password change protocol is not secure under the denial of service attack and the dictionary attack This paper proposes an improved password change protocol to solve this problems in the Chang et al's protocol. In the proposed protocol, the format of communication messages is modified not to have any clue for the guessing of the password and verifying of the guessed password. The proposed protocol supports the advantages in the previous password-based protocols and solves the problems in them effectively.

격자기반 양자내성 키 교환 알고리즘 구현

  • Park, Chanhui;Yun, Youngyeo;Park, Haeryong;Choi, Eunyoung;Kim, Howon
    • Review of KIISC
    • /
    • v.30 no.3
    • /
    • pp.11-16
    • /
    • 2020
  • 기술의 발전으로 이론으로만 존재하던 양자 알고리즘의 실현 가능성이 보이면서 기존 암호체계의 위협이 발생할 것으로 예측하고 있다. 미국 국립표준기술연구소에서는 양자컴퓨터 환경에서도 안전한 새로운 공개키 기반의 암호체계가 필요하다는 것을 강조하였고 양자내성암호 표준을 위한 공모전을 개최하였다. 암호는 네트워크 통신에서 중요한 역할을 하고 있고 네트워크 보안 프로토콜로 TLS가 많이 사용된다. 본 논문에서는 IoT와 같은 경량 환경에 적합한 TLS 라이브러리인 mbedTLS 상에서의 격자기반 양자내성 키 교환 알고리즘을 구현하고 성능을 평가하여 양자내성암호의 사용 가능성에 대해 제시한다.

Light-Weight Password-Based Authenticated Key Exchange for Two Users using Different Passwords (서로 다른 패스워드를 사용하는 두 사용자를 위한 경량 패스워드 기반 키 교환 프로토콜)

  • Kwon, Jeong-Ok;Kim, Ki-Tak;Jeong, Ik-Rae;Lee, Dong-Hoon
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.18 no.5
    • /
    • pp.17-30
    • /
    • 2008
  • In the paper, we consider password-based authenticated key exchange with different passwords, where the users do not share a password between themselves, but only with the server. The users make a session key using their different passwords with the help of the server. We propose an efficient password-based authenticated key exchange protocol with different passwords which achieves forward secrecy without random oracles. In fact this amount of computation and the number of rounds are comparable to the most efficient password-based authenticated key exchange protocol in the random oracle model. The protocol requires a client only to memorize a human-memorable password, and all other information necessary to run the protocol is made public.

Wireless Security Transmission Using Algorithm of Multiple-Key Exchange (다중 키 교환 알고리즘을 이용한 무선 보안 전송 기법)

  • Ryu, Dong-Ju;Kim, Gwang-Hyun;Noh, Bong-Nam
    • Proceedings of the Korean Institute of Information and Commucation Sciences Conference
    • /
    • v.9 no.2
    • /
    • pp.807-810
    • /
    • 2005
  • Constructed network test environment of wireless base for confidentiality guarantee of data and safe transmission that is transmited at Mobile node of Wireless Network environment in this paper. And, progressed research about IKEv2's Multiple-Key Exchange mechanism for efficient security transmission that use IPSec that is built-in to basis to IPv6 of Mobile environment. Have several key to single terminal to solve that is seam at hand off packet transmission process of Mobile Node in Wireless Network and Re-setting for Key and Re-exchange problem that happen frequently and studied technology that move. Key exchange protocol that is used for an experiment loads basically in MIPv6 and used IKEv2 protocol that is used for management and distribution of reliable encryption key between both end. Using network simulator of SSFNet(Scalable Simulation Framework Network Models) in this paper Key exchange delay value of IKEv2's security transmission analyzing comparison Performance measure and studied about problem and improvement way accordingly.

  • PDF

On the Security of Pointcheval-Zimmer Multi-Factor Authenticated Key Exchange Protocol (Pointcheval-Zimmer 다중 인증 요소 기반 인증된 키 교환 프로토콜의 안전성 연구)

  • Byun, Jin Wook
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.23 no.3
    • /
    • pp.351-358
    • /
    • 2013
  • In 2008, Pointcheval and Zimmer have presented multi-factor authenticated key exchange protocol with client's secret key, password, biometrics. However, it has been found to be flawed by Hao and Clarke if an attacker has single authentication factor (password), then the attacker can deduce other authentication factors. Interestingly, its countermeasure has not been presented due to the difficulty of design and structural problem. In this paper, an efficient countermeasure is briefly presented and its security is discussed as well.

Study on Public Key Cryptosystem and Password Based Direct Authentication Protocol for Remote User Access (공개키와 패스워드 기반의 사용자 직접 인증 프로토콜에 관한 연구)

  • Kim, Chan-Oh;Choi, Eun-Jeong;Song, Joo-Seok
    • Annual Conference of KIPS
    • /
    • 2001.10b
    • /
    • pp.1041-1044
    • /
    • 2001
  • 신뢰할 수 없는 네트워크를 통한 패스워드 기반의 원거리 사용자 인증은 패스워드의 선택범위와 길이가 사용자의 기억력에 제한되는 낮은 안전성 때문에 오프라인 사전공격에 취약하다. 본 논문은 이산 대수 문제 해결의 어려움에 기반한 Diffie-Hellman 키 교환과 블록암호화 알고리듬 및 MAC을 이용하여 패스워드 기반 인증 및 키 협상 프로토콜을 제안한다. 제안된 프로토콜은 오프라인 사전공격을 예방할 수 있으며, 세션키와 패스워드 검증정보가 독립적이므로 공격자에게 패스워드가 노출되더라도 이전 세션의 복호화에 영향을 미치지 않는 전향적 보안성을 제공한다. 또한 세션키의 노출이 패스워드에 대한 정보를 노출시키지 않으며, 암호화 횟수와 메시지 크기를 최소화 하여 효율성을 극대화 하였다. 따라서 웹을 통한 홈뱅킹이나, 모바일 환경이 요구되는 셀룰러 폰에서의 사용자 인증처럼 제3의 신뢰 기관을 이용하지 않는 단순 직접 인증에 적합하다.

  • PDF

An Enhancement of Simple Authenticated Key Agreement Protocol (개선된 '간단한 인증키 동의 (Simple Authenticated Key Agreement)'프로토콜)

  • Kim Young-Sin;Kim Yoon-Jeong;Hwang Jun
    • Journal of Internet Computing and Services
    • /
    • v.4 no.6
    • /
    • pp.95-102
    • /
    • 2003
  • The Diffle-Hellman Key Exchange scheme can produce a common session key between the two communicators, but its problem is that it makes a man-in-the middle attack possible. To solve problems like these, several protocols have been put forward, and the Simple Authenticated Key Agreement (SAKA) Protocol is among them. This protocol has been suggested by Seo-Sweeney, Tseng, and Ku-Wang, respectively, In this paper, we will put forward a new protocol that has been improved from all the original protocols mentioned above, but is still safe and quick to use, While the existing protocol divides the common session key production stage and the verification stage, the protocol suggested in this paper takes care of both of those stages simultaneously, therefore improving the processing performance.

  • PDF

Mutual Fair Contracts Protocol for Mobility of Subject (이동성을 보장하는 상호 공정 계약 프로토콜)

  • Chang, Kyung-Ah;Lee, Byung-Rae;Kim, Tai-Yun
    • Annual Conference of KIPS
    • /
    • 2000.04a
    • /
    • pp.1205-1209
    • /
    • 2000
  • 이동 주체의 전자 상거래 참여는 계약 문서나 결제 정보 교환 서비스에 대해 사용자 실체에 대한 증명과 교환 메시지의 사후 검증 수단을 요구하고 있다. 본 논문에서는 이동 주체의 이동성에 따른 한계적 계산 능력 및 대역폭 사용을 고려하여 부분적으로 제 3의 신뢰 기관(Trusted Third Party, TTP)의 효율적인 참여 구조를 수용한 상호 공정 계약 프로토콜을 제안하였다. 본 논문에서는 기존 공정 계약 프로토콜에 대한 연구를 상거래 주체에 대한 이동성을 지원하기 위해 상호 공정 계약 프로토콜로 확장하였다. 제안한 프로토콜은 이동성에 대한 한계적 능력에 대해 해당 TTP와 공개키를 기반으로 거래 주체간의 상호 인증을 수행하도록 하였으며, 이러한 초기화를 수행한 이후 상거래 주체는 해당 인증 결과를 기반으로 주체간 상호 메시지 교환을 위한 공정 계약 프로토콜을 수행하도록 하였다. 또한 사전에 동의한 계약 과정 이외의 예외 상황 발생시 부분적 TTP의 참여를 허용하여 시스템의 대단위 계산 능력에 대한 효율성을 보장할 수 있다.

  • PDF

Efficient ID-Based Authentication and Key Exchange Protocol (효율적인 ID 기반 인증 및 키 교환 프로토콜)

  • Eom, Jieun;Seo, Minhye;Park, Jong Hwan;Lee, Dong Hoon
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.26 no.6
    • /
    • pp.1387-1399
    • /
    • 2016
  • In a hyper-connected society realized through IoT-enabled technology, a large amount of data is collected by various devices and is processed to provide new services to users. While communicating through a network, it is essential for devices to execute mutual authentication since users' privacy can be infringed by malicious attackers. ID-based signature enables authentication and key exchange with a unique ID of a device. However, most of the previous ID-based signature schemes based on RSA require an additional step to share parameters for key exchange so that they are not suitable for resource-constrained devices in terms of efficiency. In this paper, we design an efficient ID-based signature and thereby propose an efficient ID-based authentication and key exchange protocol in which sessions for both an authentication and a key exchange are executed simultaneously. In addition, we prove the security of our scheme under the RSA onewayness problem and analyze the efficiency by comparing with the previous schemes.