• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.13 no.4
• /
• pp.29-36
• /
• 2003

In this paper, we propose a new Two-factor Authentication and Key Exchange(TAKE) protocol that can be applied to low-power PDAs in Public Wireless LAMs using two factor authentication and precomputation. This protocol provides mutual authentication session key establishment, identity privacy, and practical half forward-secrecy. The only computational complexity that the client must perform is one symmetric key encryption and five hash functions during the runtime of the protocol.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.10 no.4
• /
• pp.33-46
• /
• 2000

IPsec is a protocol suite to protect the data communication between computers on internet and many VPNs(Virtual Private Networks) use IPsec protocol. IKE protocol is used to exchange keys in IPsec. Formal analysis method is used increasingly in computer science to increase the reliability of a system. In this paper, the IKE protocol is analyzed formally. This paper shows that IKE with Authentication with Signature and Authentication with Pre-Shared Key is safe, but Authentication with Public Key Encryption and A Revised Method of Authentication with Public Key Encryption are safe only with the assumption that a participant has the correct public key of the correspondent. To make sure that a participant has the correct public key of the correspondent, the usage of certificate is recommended.

• The Journal of Society for e-Business Studies
• /
• v.9 no.1
• /
• pp.209-220
• /
• 2004

If protocol has fast operations and short key length, it can be efficient user authentication protocol. Lenstra and Verheul proposed XTR. XTR have short key length and fast computing speed. Therefore, this can be used usefully in complex arithmetic. In this paper, to design efficient user authentication protocol we used a subgroup of Galois Field to problem domain. Proposed protocol does not use GF(p/sup 6/) that is existent finite field, and uses GF(p²) that is subgroup and solves problem. XTR-ElGamal based user authentication protocol reduced bit number that is required when exchange key by doing with upside. Also, proposed protocol provided easy calculation and execution by reducing required overhead when calculate. In this paper, we designed authentication protocol with y/sub i/ = g/sup b.p/sup 2(i-1)//ㆍv mol q, 1(equation omitted) 3 that is required to do user authentication.

• Journal of the Korea Society of Computer and Information
• /
• v.8 no.3
• /
• pp.130-137
• /
• 2003

This paper proposes protocol design that can do user authentication efficiently in current systems that client-server environment is developed. And proposes a password-based authentication protocol suitable to certification through trustless network or key exchange. While the existing password-base protocols certify users through certification authority (CA) between client and server, the proposed protocol in this paper, users and server exchange keys and perform authentication without help of CA. To ameliorate the drawback of password-based protocols causing by the short length and randomness of password, the proposed protocol uses the signature techniques of ECDSA and the SRP protocol based on Diffie-Hellman key exchange method. Also, by with compare to round number and Hash function number and exponential operation of existing protocols, we explained efficiency of proposed protocol.

• Proceedings of the IEEK Conference
• /
• 2003.07a
• /
• pp.113-116
• /
• 2003

Mobile communication network because information through radio channel is passed, information may be eavesdropped and need information security countermeasure in communication network dimension for safe information exchange because there is possibility that is manufactured. This paper used Public Key Cryptography for protection and authentication connected with user authentication. Use public key and private key that is asymmetry encryption key to quote that is used at encryption, decryption of Public key. Encrypt IMSI and authentication message that is transmitted MS, VLR and HLR interval to public key, wish to embody transmitted authentication protocol safety.

• The Journal of Korea Institute of Information, Electronics, and Communication Technology
• /
• v.8 no.6
• /
• pp.520-527
• /
• 2015

The key exchange protocols are very crucial tools to provide the secure communication in the broadband satellite access network. They should be required to satisfy various requirements such as security, key confirmation, and key freshness. In this paper, we present the security functions in ETSI(European Telecommunications Standards Institute), and analyze the specification of the security primitives and the key exchange protocols for the authenticated key agreement between RCST(Return Channel Satellite Terminal) and NCC(Network Control Centre). ETSI key exchange protocols consists of Main Key Exchange, Quick Key Exchange, and Explicit Key Exchange. We analyse the pros and cons of key exchange protocols based on performance analysis and performance evaluation.

• Journal of KIISE:Computer Systems and Theory
• /
• v.26 no.10
• /
• pp.1237-1247
• /
• 1999

이질적 분산 환경에서 전자 상거래는 신임장을 기반으로 상거래 참여자들에 대한 인증 서비스가 제공되어야 한다. 본 연구에서는 CORBA 보안 명세 1 를 기반으로 전자 상거래 참여자들에 대한 객체 단위 인증 및 권한 부여 기법을 제공하는 상호 인증 서비스 구조를 제안한다. 이 구조는 Kerberos 2 의 인증 기법 및 인증 키 교환 기법으로 전자 상거래 참여자간에 상대 주체의 신원 확인 뿐 아니라 거래 진행 중 취득한 정보의 근원을 파악할 수 있도록 하였다. 또한 Kerberos 기법을 CORBA 플랫폼 기반의 상호 인증 구조로서 분산 환경에 대해 확장하였으므로 키 관리 등 보안 정보 관리에 있어 효율적이다.Abstract Electronic commerce shall provide its subjects with a credential-based authentication service in the heterogeneous distributed computing environment. In this paper, based on CORBA security service specification 1 which OMG defined, we propose the mutual authentication service for subjects of electronic commerce, providing the authentication of object level and the authenticated key exchange. This proposed structure, by Kerberos 2 for the authentication and the authenticated key exchange, assures not only the identification of a partner but also the confidence of origin of business item for negotiations between subjects of electronic commerce. Since our deployed Kerberos is extended to the mutual authentication service based on CORBA platform, it is efficient for security administration to manage the information such as a key management in the heterogeneous distributed computing environment.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.9 no.12
• /
• pp.5135-5149
• /
• 2015

Communications among multi-party must be fast, cost effective and secure. Today's computing environments such as internet conference, multi-user games and many more applications involve multi-party. All participants together establish a common session key to enable multi-party and secure exchange of messages. Multi-party password-based authenticated key exchange scheme allows users to communicate securely over an insecure network by using easy-to-remember password. Kwon et al. proposed a practical three-party password-based authenticated key exchange (3-PAKE) scheme to allow two users to establish a session key through a server without pre-sharing a password between users. However, Kwon et al.'s scheme cannot meet the security requirements of key authentication, key confirmation and anonymity. In this paper, we present a novel, simple and efficient multi-party password-based authenticated key exchange (M-PAKE) scheme based on the elliptic curve cryptography for mobile environment. Our proposed scheme only requires two round-messages. Furthermore, the proposed scheme not only satisfies security requirements for PAKE scheme but also achieves efficient computation and communication.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.3
• /
• pp.351-358
• /
• 2013

In 2008, Pointcheval and Zimmer have presented multi-factor authenticated key exchange protocol with client's secret key, password, biometrics. However, it has been found to be flawed by Hao and Clarke if an attacker has single authentication factor (password), then the attacker can deduce other authentication factors. Interestingly, its countermeasure has not been presented due to the difficulty of design and structural problem. In this paper, an efficient countermeasure is briefly presented and its security is discussed as well.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.35 no.5B
• /
• pp.833-839
• /
• 2010

Mobility of sensor node is one of the rising issues in Wireless Sensor Networks (WSN). However, current security researches on WSN only consider static environments. Thus they are not sufficient to be deployed in the dynamic environment where the resource is limited. In this paper, we propose the efficient node authentication and key exchange protocol that reduces the overhead in node re-authentication.