• The KIPS Transactions:PartC
• /
• v.9C no.3
• /
• pp.331-336
• /
• 2002

In this paper, we propose a new distribution and renewal scheme for a group key suitable for secure mobile communications based on identification protocol, in which all members of the group can reshare the new group common key except revoked members by using a key distribution center (a trusted center). The security of this scheme is based on the difficulty of the discrete logarithm problem. The proposed scheme can be appropriately managed in case that terminal's capability of storage and computing power is relatively small and more than one caller are revoked. It also renews a group key easily when the center changes this key intervally for security.

• The KIPS Transactions:PartC
• /
• v.12C no.3 s.99
• /
• pp.317-322
• /
• 2005

The existing certificate based authentication or identification just verifies whether the owner of private key corresponding to public key of certificate is the DN user set in the user field in the certificate or not, then we cannot find out who is the actual private key owner in a real world. To make up for this weak points, the method to insert the identification number like the resident registration number into the certificate extension field is applied as a technical standard to current domestic PKI system. In this paper, we propose the ECC based integrated identification, identification number checking and key management protocol providing user validation during the login.

• Proceedings of the Korean Information Science Society Conference
• /
• 2005.07a
• /
• pp.151-153
• /
• 2005

무선 센서 네트워크는 방대한 응용분야와 유비쿼터스 환경 하에서 중요한 한 부분을 차지하며 그 유용성을 입증하고 있다. 이런 무선 센서 네트워크의 센서 노드는 작은 크기를 바탕으로 목표 장소에 임의로 배치되어 다양한 데이터를 수집하는 능력이 탁월하다 하지만 이런 장점은 센서 노드의 한정된 하드웨어 능력과 전원공급 문제, 물리적 노출 문제로 인해 스스로를 위험에 노출시키는 여지를 만들게 되었다. 즉 일반적으로 사용되어지는 네트워크 보안 방법을 무선 센서 네트워크에 적응하기에는 센서 노드 능력에 한계가 있으며, 환경적 요소로 인해 불가능하다. 따라서 무선 센서 네트워크의 특성을 감안한 효과적인 보안 방법이 필요하며, 이런 맥락에 본 논문은 무선 센서 네트워크의 하드웨어적인 한계를 감안한 대칭키(Symmetric key) 기반의 키 분배 기법을 제안하고자 한다. 제안하는 기법에서는 모든 노드가 공통으로 소유한 전체 마스터 키(master key)와 의사 난수 생성기(pseudo random number generator:PRNG), 그리고 특정 대상으로부터 분배되는 난수(random number)의 조합을 통해 임의의 키를 생성, 갱신함으로써 다양한 종류의 무선 센서 네트워크 모델에 유연하게 대처할 수 있도록 하였다. 또한 이를 위한 통신 회수를 최소화함으로써 효율성을 제공해 준다.

• Convergence Security Journal
• /
• v.21 no.3
• /
• pp.3-11
• /
• 2021

Most of the internet security protocols rely on classical algorithms based on the mathematical complexity of the integer factorization problem, which becomes vulnerable to a quantum computer. Recent progresses of quantum computing technologies have highlighted the need for applying quantum key distribution (QKD) on existing network protocols. We report the development and integration of a plug & play QKD device with a commercial IPSec device by replacing the session keys used in IPSec protocol with the quantum ones. We expect that this work paves the way for enhancing security of the star-type networks by implementing QKD with the end-to-end IP communication.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.1 no.1
• /
• pp.38-46
• /
• 1991

This paper pro poses a ley distribution system based on identification information. The system uses an indivdual user's identification instead of the public file used in the Diffie-Hellman sustem. It does not require any services of a center to distribute work keys and users to keep directory public file. We propose an identity-based key distribution system for generating a commom secret conference kdy for two or more users. We assume users are connected in a ring network. Message among users authenticated using each user's identification informa-tion. The security of the our proposed system is based on the difficulty of both factoring large numbers and computing discrete logarithms over large finite fields.

• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.43 no.7 s.349
• /
• pp.1-13
• /
• 2006

In this paper, we introduce a novel key management scheme that is based on the key pre-distribution but provides the key re-distribution method, in order to manage keys for message encryption and authentication of lower-layer sensor nodes on hierarchical mobile sensor networks. The characteristics of our key management are as follows: First, the role of key management is distributed to aggregator nodes as well as a sink node, to overcome the weakness of centralized management. Second, a sink node generates keys using regression model, thus it stores only the information for calculating the keys using the key information received from nodes, but does not store the relationship between a node and a key, and the keys themselves. As the disadvantage of existing key pre-distributions, they do not support the key re-distribution after the deployment of nodes, and it is hard to extend the key information in the case that sensor nodes in the network enlarge. Thirdly, our mechanism provides the resilience to node capture(${\lambda}$-security), also provided by the existing key pre-distributions, and fourth offers the key freshness through key re-distribution, key distribution to mobile nodes, and scalability to make up for the weak points in the existing key pre-distributions. Fifth, our mechanism does not fix the relationship between a node and a key, thus supports the anonymity and untraceability of mobile nodes. Lastly, we compare ours with existing mechanisms, and verify our performance through the overhead analysis of communication, computation, and memory.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.13 no.12
• /
• pp.2563-2568
• /
• 2009

Although a symmetric cryptographic system has many advantages in speed of encryption decryption, the security problems with the distribution method of secret keys have been still raised. Especially, the distribution method of secret keys for unspecified individuals who want secret communication is becoming a core issue. As a simple solution to this issue, Diffie-Hellman key exchange methods were proposed, but proved to be insufficient in depending MITM(Main In The Middle) attacks. To find effective solution to problems mentioned above, this paper proposes the strengthened Diffie-Hellman key exchange methods applied for the mobile-phone channel which are widely used. This paper emphasizes the way to distribute the synthesized session keys to the sender and the receiver, which are created with authentication numbers exchanged between the mobile-phones and Diffie-Hellman key. Using proposed ways, MITMattacks can be effectively defended.

• Journal of KIISE:Information Networking
• /
• v.36 no.4
• /
• pp.263-274
• /
• 2009

Decentralized group key management mechanisms offer beneficial solutions to enhance the scalability and reliability of a secure multicast framework by confining the impact of a membership change in a local area. However, many of the previous decentralized solutions reveal the plaintext to the intermediate relaying proxies, or require the key distribution center to coordinate secure group communications between subgroups. In this study, we propose a decentralized group key management scheme that features a mechanism allowing a service provider to deliver the group key to valid members in a distributed manner using the proxy cryptography. In the proposed scheme, the key distribution center is eliminated while data confidentiality of the transmitted message is provided during the message delivery process. The proposed scheme can support a secure group communication in dynamic network environments where there is no trusted central controller for the whole network and the network topology changes frequently.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2013.10a
• /
• pp.831-833
• /
• 2013

PHR is integrated into the server, so the problem has managed. Thus, the highly sensitive information stored on the server. PHR should be limited to the access rights. In this paper, the access rights of PHR as a way to distinguish the role of each approach based on a distributed hierarchical key to ensuring the privacy of PHR by key distribution protocol is proposed.

• Annual Conference of KIPS
• /
• 2002.04b
• /
• pp.801-804
• /
• 2002

최근 인터넷의 발달로 대량의 디지털 정보를 활용할 수 있는 기반이 성숙됨에 따라 이를 이용한 다양한 서비스가 증가하고 있으며, 이와 더불어 인터넷 상에서 전송되는 메시지에 대한 기밀성을 제공하기 위한 다양한 암호시스템의 사용 또한 증가하고 있다. 그러나, 암호 시스템 내에서 사용되고 있는 키 분배 프로토콜들에 대한 적절한 선택 기준이 미흡한 실정이다. 따라서, 본 논문에서는 표준으로 제정된 이산대수 기반의 키 분배 프로토콜들의 특징을 분석하고 이것을 바탕으로 가장 적합한 응용분야를 제시한다.