• Title/Summary/Keyword: Adversary

Search Result 186, Processing Time 0.028 seconds

Forward Anonymity-Preserving Secure Remote Authentication Scheme

  • Lee, Hanwook;Nam, Junghyun;Kim, Moonseong;Won, Dongho
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.10 no.3
    • /
    • pp.1289-1310
    • /
    • 2016
  • Dynamic ID-based authentication solves the ID-theft problem by changing the ID in each session instead of using a fixed ID while performing authenticated key exchanges between communicating parties. User anonymity is expected to be maintained and the exchanged key kept secret even if one of the long-term keys is compromised in the future. However, in the conventional dynamic ID-based authentication scheme, if the server's long-term key is compromised, user anonymity can be broken or the identities of the users can be traced. In addition, these schemes are vulnerable to replay attacks, in which any adversary who captures the authentication message can retransmit it, and eventually cause the legitimate user to be denied service. This paper proposes a novel dynamic ID-based authentication scheme that preserves forward anonymity as well as forward secrecy and obviates replay attacks.

USN Security Considerations in Home Network (홈 네트워크에서의 USN 보안 고려 사항 분석)

  • Park, Woo-Chool;Park, Hyun-Mun;Lee, Myung-Soo;Yoon, Nyung-Hyun
    • Proceedings of the KIEE Conference
    • /
    • 2006.04a
    • /
    • pp.171-173
    • /
    • 2006
  • Because sensor networks use wireless communication, they are vulnerable to attacks which are more difficult launch in the wired domain. Many wired networks benefit from their inherent physical security properties. It is unlikely that an adversary will dig up the Internet backbone and splice into the line. However, wireless communications are difficult to protect; they are by nature a broadcast medium. In a broadcast medium, adversaries can easily eavesdrop on, intercept, inject, and alter transmitted data. In addition, adversaries are not restricted to using sensor network hardware. We have analyzed the IEEE 802.15.4, ZigBee specification which includes a number of security provisions and options. In this paper, we highlight places where USN security considerations and home network attack scenarios.

  • PDF

Event Log Validity Analysis for Detecting Threats by Insiders in Control System

  • Kim, Jongmin;Kang, Jiwon;Lee, DongHwi
    • Journal of information and communication convergence engineering
    • /
    • v.18 no.1
    • /
    • pp.16-21
    • /
    • 2020
  • Owing to the convergence of the communication network with the control system and public network, security threats, such as information leakage and falsification, have become possible through various routes. If we examine closely at the security type of the current control system, the operation of the security system focuses on the threats made from outside to inside, so the study on the detection system of the security threats conducted by insiders is inadequate. Thus, this study, based on "Spotting the Adversary with Windows Event Log Monitoring," published by the National Security Agency, found that event logs can be utilized for the detection and maneuver of threats conducted by insiders, by analyzing the validity of detecting insider threats to the control system with the list of important event logs.

A Lightweight Authentication Mechanism for Acknowledgment in LR-WPAN Environment

  • Heo, Joon;Hong, Choong-Seon;Choi, Sang-Hyun
    • Annual Conference of KIPS
    • /
    • 2005.11a
    • /
    • pp.973-976
    • /
    • 2005
  • In IEEE 802.15.4 (Low-Rate Wireless Personal Area Network) specification, a successful reception and validation of a data or MAC command frame can be confirmed with an acknowledgment. However, the specification does not support security for acknowledgment frame; the lack of a MAC covering acknowledgments allows an adversary to forge an acknowledgment for any frame. This paper proposes an identity authentication mechanism at the link layer for acknowledgment frame in IEEE 802.15.4 network. With the proposed mechanism there is only three bits for authentication, which can greatly reduce overhead. The encrypted bit stream for identity authentication will be transmitted to device by coordinator within association process. Statistical method indicates that our mechanism is successful in handling MAC layer attack.

  • PDF

An eCK-secure Authenticated Key Exchange Protocol without Random Oracles

  • Moriyama, Daisuke;Okamoto, Tatsuaki
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.5 no.3
    • /
    • pp.607-625
    • /
    • 2011
  • Two-party key exchange protocol is a mechanism in which two parties communicate with each other over an insecure channel and output the same session key. A key exchange protocol that is secure against an active adversary who can control and modify the exchanged messages is called authenticated key exchange (AKE) protocol. LaMacchia, Lauter and Mityagin presented a strong security definition for public key infrastructure (PKI) based two-pass protocol, which we call the extended Canetti-Krawczyk (eCK) security model, and some researchers have provided eCK-secure AKE protocols in recent years. However, almost all protocols are provably secure in the random oracle model or rely on a special implementation technique so-called the NAXOS trick. In this paper, we present a PKI-based two-pass AKE protocol that is secure in the eCK security model. The security of the proposed protocol is proven without random oracles (under three assumptions), and does not rely on implementation techniques such as the NAXOS trick.

Provably Secure Forward Secure Certificateless Proxy Signature Scheme

  • Li, Jiguo;Li, Yanqiong;Zhang, Yichen
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.7 no.8
    • /
    • pp.1972-1988
    • /
    • 2013
  • In order to deal with key exposure problem, we introduce forward secure technique into certificateless proxy signature scheme, and propose the formal definition and security model of the forward secure certificateless proxy signature. Our security model takes into account the super adversary in certificateless signature. Furthermore, we present a construction of forward secure certificateless proxy signature scheme with bilinear maps. Based on the difficulty of computational Diffie-Hellman problem, we prove the scheme is secure against chosen message attack in the random oracle model. Finally, we analyze efficiency of the proposed scheme.

An Efficient Group Key Agreement Using Hierarchical Key Tree in Mobile Environment

  • Cho, Seokhyang
    • Journal of the Korea Society of Computer and Information
    • /
    • v.23 no.2
    • /
    • pp.53-61
    • /
    • 2018
  • In this paper, the author proposes an efficient group key agreement scheme in a mobile environment where group members frequently join and leave. This protocol consists of basic protocols and general ones and is expected to be suitable for communications between a mobile device with limited computing capability and a key distributing center (or base station) with sufficient computing capability. Compared with other schemes, the performance of the proposed protocol is a bit more efficient in the aspects of the overall cost for both communication and computation where the computational efficiency of the scheme is achieved by using exclusive or operations and a one-way hash function. Also, in the aspect of security, it guarantees both forward and backward secrecy based on the computational Diffie-Hellman (CDH) assumption so that secure group communication can be made possible. Furthermore, the author proves its security against a passive adversary in the random oracle model.

A Strongly Unforgeable Homomorphic MAC over Integers (강한 위조 불가능성을 갖는 정수 기반 준동형 메시지 인증 코드)

  • Joo, Chihong;Yun, Aaram
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.24 no.3
    • /
    • pp.461-475
    • /
    • 2014
  • Homomorphic MAC is a cryptographic primitive which protects authenticity of data, while allowing homomorphic evaluation of such protected data. In this paper, we present a new homomorphic MAC, which is based on integers, relying only on the existence of secure PRFs, and having efficiency comparable to the practical Catalano-Fiore homomorphic MAC. Our scheme is unforgeable even when MAC verification queries are allowed to the adversary, and we achieve this by showing strong unforgeability of our scheme.

A Study on a village settlement adjustment planning by residents' planning participation (주민(住民)의 계획참가(計劃參加)에 의한 마을정비계획(整備計劃)에 관한 연구(硏究) - 일본(日本) 정강현(靜岡縣) 부사궁시(富士宮市) 마견총지구(馬見塚地區)의 사례(事例) -)

  • Jang, Taek-Ju;GAWAJIMA, Masaaki;OGIHARA, Masamitu
    • Journal of the Korean Institute of Rural Architecture
    • /
    • v.1 no.1
    • /
    • pp.41-52
    • /
    • 1999
  • This study is based on the characteristics of the planning process and planning methods for a village settlement adjustment plan by means of direct community participation using the adversary system. The main idea is to make well-living village with the help of specialist after village people observe their own village and think "What kind of problem is there?", "What solution for these problems do we need?", "How do we make well-living area?".

  • PDF

A Strong Designated Verifiable DL Based Signcryption Scheme

  • Mohanty, Sujata;Majhi, Banshidhar
    • Journal of Information Processing Systems
    • /
    • v.8 no.4
    • /
    • pp.567-574
    • /
    • 2012
  • This paper presents a strong designated verifiable signcryption scheme, in which a message is signcrypted by a signcryptor and only a specific receiver, who called a "designated verifier", verifies it using his own secret key. The scheme is secure, as an adversary can not verify the signature even if the secret key of the signer is compromised or leaked. The security of the proposed scheme lies in the complexity of solving two computationally hard problems, namely, the Discrete Logarithm Problem (DLP) and the Integer Factorization Problem (IFP). The security analysis of the scheme has been done and it is proved that, the proposed scheme can withstand an adaptive chosen ciphertext attack. This scheme can be very useful in organizations where there is a need to send confidential documents to a specific recipient. This scheme can also be applicable to real life scenarios, such as, e-commerce applications, e-banking and e-voting.