• Journal of Communications and Networks
• /
• v.10 no.1
• /
• pp.18-27
• /
• 2008

This paper is to study a subclass of group-oriented cryptographic scheme: Many-to-one encryption and authentication scheme. The many-to-one encryption and authentication scheme is to solve a practical problem, i.e., the scenario that the number of the receivers is very small compared with the number of the senders and a receiver may serve millions of senders. Compared with the traditional methods, the burdens of the receiver and the KGC are reduced greatly. How to revoke a sender from his receiver's legitimate sender group is also proposed and it is efficient compared with some traditional methods. The proposed scheme is proven in the random oracle models. The computational complexity of our scheme is independent of the number of the senders. At the end of the paper, an example is given to show how to use our scheme in online software registration and update.

• The KIPS Transactions:PartC
• /
• v.10C no.2
• /
• pp.133-140
• /
• 2003

IKE, which is the standard key management protocol for IPSEC, is said to have several known problems. To resolve the problems of the IKE, two protocol proposals are being discussed in the IETF. the IKE version 2 and Just Fast Keying protocols. They should satisfy several protocol design requirements such as the protocol simplicity, the endurability against DOS attacks, the degree of the PFS, the identity protection, the cryptographic negotiation, and the authentication methods. In this paper, we summarize the characteristics of these two protocols and try to analyze their implications according to the protocol design requirements.

• Journal of the Korea Society of Computer and Information
• /
• v.25 no.1
• /
• pp.87-92
• /
• 2020

Various devices, which are powerful computer and low-performance sensors, is connected to IoT network. Accordingly, applying mutual authentication for devices and data encryption method are essential since illegal attacks are existing on the network. But cryptographic methods such as symmetric key and public key algorithms, hash function are not appropriate to low-performance devices. Therefore, this paper proposes blockchain-based lightweight IoT mutual authentication protocol for the low-performance devices.

• Journal of the Korea Institute of Military Science and Technology
• /
• v.11 no.5
• /
• pp.58-70
• /
• 2008

Earlier researches on Sensor Networks preferred symmetric key-based authentication schemes in consideration of limitations in network resources. However, recent advancements in cryptographic algorithms and sensor-node manufacturing techniques have opened suggestion to public key-based solutions such as Merkle tree-based schemes. These previous schemes, however, must perform the authentication process one-by-one in hierarchical manner and thus are not fit to be used as primary authentication methods in sensor networks which require mass of multiple authentications at any given time. This paper proposes a new concept of public key-based authentication that can be effectively applied to sensor networks. This scheme is based on exponential distributed data concept, a derivative from Shamir's (t, n) threshold scheme, in which the authentication of neighbouring nodes are done simultaneously while minimising resources of sensor nodes and providing network scalability. The performance advantages of this scheme on memory usage, communication overload and scalability compared to Merkle tree-based authentication are clearly demonstrated using performance analysis.

• The Journal of Korean Association of Computer Education
• /
• v.7 no.1
• /
• pp.45-53
• /
• 2004

Ad-Hoc network is wireless network architecture without infrastructure. We encounter new types of security problems in Ad-Hoc networks because such networks have little or no support from infrastructure. Thus, wireless communications need security mechanisms in order to guarantee the integrity and the privacy of the communication, as well as the authentication of the entities involved. Many practical systems have been proposed. The most familiar system is the Diffie-Hellman key distribution system. This algorithm allows the establishment of a cryptographic secret key between two entities. If more than two users want to compute a common key, then a group key agreement system is used. This paper discusses several group key agreement systems and presents two efficient fault tolerant methods to perform successful group key agreement.

• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.44 no.10
• /
• pp.148-155
• /
• 2007

The routing optimization mode, which Mobile IPv6 provides for the direct communication between a mobile node and its correspond node, introduces various security threats, thus causing several protocols to be proposed for the secure binding update procedure. In particular, the Kang-Park protocol, which Kang and Park presented in 2005, achieves the optimized cryptographic operations and the strong security, while based on its unique security proxy structure. In spite of such advantages, it has some drawbacks in terms of security and efficiency. This paper improves the Kang-Park protocol through the strong CoA validation and early binding update methods. Also, we show that the improved protocol is better than others.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.9 no.12
• /
• pp.4987-5014
• /
• 2015

The bilinear pairing, also known as Weil pairing or Tate pairing, is widely used in cryptography and its properties help to construct cryptographic schemes for different applications in which the security of the transmitted data is a major concern. In remote login authentication schemes, there are two major requirements: i) proving the identity of a user and the server for legitimacy without exposing their private keys and ii) freedom for a user to choose and change his password (private key) efficiently. Most of the existing methods based on the bilinear property have some security breaches due to the lack of features and the design issues. In this paper, we develop a new scheme using the bilinear property of an elliptic point and the biometric characteristics. Our method provides many features along with three major goals. a) Checking the correctness of the password before sending the authentication message, which prevents the wastage of communication cost; b) Efficient password change phase in which the user is asked to give a new password after checking the correctness of the current password without involving the server; c) User anonymity - enforcing the suitability of our scheme for applications in which a user does not want to disclose his identity. We use BAN logic to ensure the mutual authentication and session key agreement properties. The paper provides informal security analysis to illustrate that our scheme resists all the security attacks. Furthermore, we use the AVISPA tool for formal security verification of our scheme.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.8 no.11
• /
• pp.4028-4049
• /
• 2014

Attribute-based encryption (ABE) is a promising cryptographic primitive for implementing fine-grained data sharing in cloud computing. However, before ABE can be widely deployed in practical cloud storage systems, a challenging issue with regard to attributes and user revocation has to be addressed. To our knowledge, most of the existing ABE schemes fail to support flexible and direct revocation owing to the burdensome update of attribute secret keys and all the ciphertexts. Aiming at tackling the challenge above, we formalize the notion of ciphertext-policy ABE supporting flexible and direct revocation (FDR-CP-ABE), and present a concrete construction. The proposed scheme supports direct attribute and user revocation. To achieve this goal, we introduce an auxiliary function to determine the ciphertexts involved in revocation events, and then only update these involved ciphertexts by adopting the technique of broadcast encryption. Furthermore, our construction is proven secure in the standard model. Theoretical analysis and experimental results indicate that FDR-CP-ABE outperforms the previous revocation-related methods.

• JSTS:Journal of Semiconductor Technology and Science
• /
• v.16 no.4
• /
• pp.470-480
• /
• 2016

The reversal of a silicon chip to find out its security structure is common and possible at the present time. Thanks to reversing, it is possible to use a probing attack to obtain useful information such as personal information or a cryptographic key. For this reason, security-related blocks such as DES (Data Encryption Standard), AES (Advanced Encryption Standard), and RSA (Rivest Shamir Adleman) engines should be located in the lower layer of the chip to guard against a probing attack; in this regard, the addition of a silicon-surface-protection layer onto the chip surface is a crucial protective measure. But, for manufacturers, the implementation of an additional silicon layer is burdensome, because the addition of just one layer to a chip significantly increases the overall production cost; furthermore, the chip size is increased due to the bulk of the secure logic part and routing area of the silicon protection layer. To resolve this issue, this paper proposes a practical silicon-surface-protection method using a metal layer that increases the security level of the chip while minimizing its size and cost. The proposed method uses a shift register for the alternation and variation of the metal-layer data, and the inter-connection area is removed to minimize the size and cost of the chip in a more extensive manner than related methods.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.37 no.5B
• /
• pp.377-384
• /
• 2012

RFID system is a technique to obtain information of tag using radio frequency. Specificity of RFID systems using radio frequency has many problems that is eavesdropping, location tracking, spoofing attack, replay attack, denial of service attack. So, RFID protocol should be used cryptographic methods and mutual authentication for security and privacy. In this paper, we explain the problem of past protocol and propose the nonfixed symmetric key-based RFID mutual authentication protocol using shift computation and random number. Proposed protocol is secure from various attacks. Because it use shift operation and non-fixed symmetric key.