• IEIE Transactions on Smart Processing and Computing
• /
• v.2 no.3
• /
• pp.176-187
• /
• 2013

Message replay, malicious Access Point (AP) associations and Denial of Service (DoS) attacks are the major threats in Wireless LANs. These threats are possible due to a lack of proper authentication and insecure message communications between wireless devices. Current wireless authentication & key exchange (AKE) schemes and security protocols (WEP, WPA and IEEE 802.11i) are not sufficient against these threats. This paper presents a novel Secure WLAN Authentication Scheme (SWAS). The scheme introduces the delegation concept of mobile authentication in WLANs, and provides mutual authentication to all parties (Wireless Station, Access Point and Authentication Server). The messages involved in the process serve both authentication and key refreshing purposes. The scheme enhances the security by protecting the messages through cryptographic techniques and reduces the DoS impact. The results showed that cryptographic techniques do not result in extra latencies in authentication. The scheme also reduces the communication cost and network overhead.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2017.04a
• /
• pp.373-375
• /
• 2017

Side-channel attacks and in particular differential power analysis (DPA) attacks pose a serious threat to cryptographic implementations. One approach to counteract such attacks is cryptographic schemes based on fresh re-keying. In settings of pre-shared secret keys, such schemes render DPA attacks infeasible by deriving session keys and by ensuring that the attacker cannot collect side-channel leakage on the session key during cryptographic operations with different inputs. This paper present a study on rekeying approach against side channel attacks with current secure schemes and their rekeying functions.

• Journal of information and communication convergence engineering
• /
• v.7 no.4
• /
• pp.561-564
• /
• 2009

A cryptographic dongle, which is capable of transmitting encrypted voice signals over the CDMA/GSM voice channel, was designed and implemented. The dongle used PIC microcontroller for signals processing including analog to digital conversion and digital to analog conversion, encryption and communicating with the smart phone. A smart phone was used to provide power to the dongle as well as passing the encrypted speech to the smart phone which then transmits the signal to the network. A number of tests were conducted to check the efficiency of the dongle, the firmware programming, the encryption algorithms, and the secret key management system, the interface between the smart phone and the dongle and the noise level.

• Proceedings of the IEEK Conference
• /
• 2002.07b
• /
• pp.948-950
• /
• 2002

IPSec authentication provides support for data integrity and authentication of IP packets. Authentication is based on the use of a message authentication code(MAC). Hash function algorithm is used to produce MAC , which is referred to HMAC. In this paper, we propose a cryptographic accelerator using FPGA implementations. The accelator consists of a hash function mechanism based on MD5 algorithm, and a public-key generator based on a Elliptiv Curve algorithm with small scale of circuits. The accelator provides a messsage authentification as well as a digital signature. Implementation results show the proposed cryptographic accelerator can be applied to IPSec authentications.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• v.9 no.2
• /
• pp.852-855
• /
• 2005

This paper introduces a case study of designing a cryptographic processor dedicated to VPN/SSL system. The designed processor supports not only block cipher algorithm, including 3DES, AES, and SEED, but also 163 bit ECC public key crypto algorithm. Moreover, we adopted PCI Master interface in the design, which guarantees fast computation of cryptographic algorithm prevalent in general information security systems.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.6B
• /
• pp.219-232
• /
• 2008

A novel idea of protocol security analysis is presented based on trusted freshness. The idea has been implemented not only by hand but also by a belief muitisets formalism for automation. The key of the security analysis based on trusted freshness is a freshness principle: for each participant of a cryptographic protocol, the security of the protocol depends only on the sent or received one-way transformation of a message, which includes a trusted freshness. The manual security analysis method and the belief multisets formalism are all established on the basis of the freshness principle. Security analysis based on trusted freshness can efficiently distinguish whether a message is fresh or not, and the analysis results suggest the correctness of a protocol convincingly or the way to construct attacks intuitively from the absence of security properties. Furthermore, the security analysis based on trusted freshness is independent of the idealization of a protocol, the concrete formalization of attackers' possible behaviors, and the formalization of concurrent runs of protocols.

• The KIPS Transactions:PartC
• /
• v.19C no.1
• /
• pp.9-18
• /
• 2012

In 2010, Pedro et al. proposed RFID distance bounding protocol based on WSBC cryptographic puzzle. This paper points out that Pedro et al.'s protocol not only is vulnerable to tag privacy invasion attack and location tracking attack because an attacker can easily obtain the secret key(ID) of a legal tag from the intercepted messages between the reader and the tag, but also requires heavy computation by performing symmetric key operations of the resource limited passive tag and many communication rounds between the reader and the tag. Moreover, to resolve the security weakness and the computation/communication efficiency problems, this paper also present a new RFID distance bounding protocol based on WSBC cryptographic puzzle that can provide strong security and high efficiency. As a result, the proposed protocol not only provides computational and communicational efficiency because it requires secure one-way hash function for the passive tag and it reduces communication rounds, but also provides strong security because both tag and reader use secure one-way hash function to protect their exchanging messages.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.9 no.7
• /
• pp.1419-1424
• /
• 2005

This paper suggests a new cipher mode of operation which can recover cryptographic synchronization. First, we study the typical cipher modes of operation, especially focused on cryptographic synchronization problems. Then, we suggest a statistical cipher-feedback mode of operation. We define the error sources mathmatically and simulate propagation errors caused by a bit insertion or bit deletion. In the simulation, we compare the effects of changing the synchronization pattern length and feedback key length. After that, we analyze the simulation results with the calculated propagation errors. finally. we evaluate the performance of the statistical cipher-feedback mode of operation and recommand the implementation considerations.

• Journal of Internet Computing and Services
• /
• v.6 no.5
• /
• pp.11-25
• /
• 2005

In MIPv6 environment, an important design consideration for public key based binding update protocols is to minimize asymmetric cryptographic operations in mobile nodes with constraint computational power, such as PDAs and cellular phones, For that, public key based protocols such as CAM-DH. SUCV and Deng-Zhou-Bao's approach provides an optimization to offload asymmetric cryptographic operations of a mobile node to its home agent. However, such protocols have some problems in providing the optimization. Especially, CAM-DH with this optimization does not unload all asymmetric cryptographic operations from the mobile node, while resulting in the home agent's vulnerability to denial of service attacks. In this paper, we improve the drawbacks of CAM-DH. Furthermore, we adopt Aura's two hash-based CGA scheme to increase the cost of brute-force attacks searching for hash collisions in the CGA method. The comparison of our protocol with other public key based protocols shows that our protocol can minimize the MN's computation overhead, in addition to providing better manageability and stronger security than other protocols.

• Journal of Industrial Convergence
• /
• v.17 no.1
• /
• pp.1-6
• /
• 2019

Various cryptographic technologies have been proposed from ancient times and are developing in various ways to ensure the confidentiality of information. Due to exponentially increasing computer power, the encryption key is gradually increasing for security. Technology are being developed; however, security is guaranteed only in a short period of time. With the advent of the 4th Industrial Revolution, encryption technology is required in various fields. Recently, encryption technology using homomorphic encryption has attracted attention. Security threats arise due to the exposure of keys and plain texts used in the decryption processing for the operation of encrypted information. The homomorphic encryption can compute the data of the cipher text and secure process the information without exposing the plain text. When using the homomorphic encryption in processing big data like stored personal information in various services, security threats can be avoided because there is no exposure to key usage and decrypted information.