• Proceedings of the Korean Information Science Society Conference
• /
• 2002.04a
• /
• pp.778-780
• /
• 2002

The TLS protocol suite, which provides transport-layer security far the Internet, has been standardized in the IETF. A TLS session is an association between a client and a server, created by the TLS handshake Protocol. Sessions define a set of cryptographic securi쇼 parameters, which can be shared among multiple connections. The TLS protocol, however, does not address the specific method fur how to manage the existing TLS sessions on the host. This paper proposes an efficient management scheme TLS, based on the principles of trust management.

• 정보화사회
• /
• s.111
• /
• pp.26-30
• /
• 1997

정보사회가 고도화될수록 통신정보의 불법적인 도청과 함게, 원거리 엑세스에 발생되는 개인식별 문제, 컴퓨터 정보의 무단삭제 및 변조 등의 무결성 문제가 심각한 문제로 대두되고 있다. 이런 문제를 해결하는 암호기술이 정보보호 프로토콜(Cryptographic Protocol:또는 암호 프로토콜)분야이다.

• ETRI Journal
• /
• v.43 no.3
• /
• pp.561-570
• /
• 2021

This paper presents master key identifier based protocol steganography (MKIPS), a new approach toward creating a covert channel within the Secure Real-time Transfer Protocol, also known as SRTP. This can be achieved using the ability of the sender of Voice-over-Internet Protocol packets to select a master key from a pre-shared list of available cryptographic keys. This list is handed to the SRTP sender and receiver by an external key management protocol during session initiation. In this work, by intelligent utilization of the master key identifier field in the SRTP packet creation process, a covert channel is created. The proposed covert channel can reach a relatively high transfer rate, and its capacity may vary based on the underlying SRTP channel properties. In comparison to existing data embedding methods in SRTP, MKIPS can convey a secret message without adding to the traffic overhead of the channel and packet loss in the destination. Additionally, the proposed covert channel is as robust as its underlying user datagram protocol channel.

• Journal of Internet Computing and Services
• /
• v.6 no.5
• /
• pp.11-25
• /
• 2005

In MIPv6 environment, an important design consideration for public key based binding update protocols is to minimize asymmetric cryptographic operations in mobile nodes with constraint computational power, such as PDAs and cellular phones, For that, public key based protocols such as CAM-DH. SUCV and Deng-Zhou-Bao's approach provides an optimization to offload asymmetric cryptographic operations of a mobile node to its home agent. However, such protocols have some problems in providing the optimization. Especially, CAM-DH with this optimization does not unload all asymmetric cryptographic operations from the mobile node, while resulting in the home agent's vulnerability to denial of service attacks. In this paper, we improve the drawbacks of CAM-DH. Furthermore, we adopt Aura's two hash-based CGA scheme to increase the cost of brute-force attacks searching for hash collisions in the CGA method. The comparison of our protocol with other public key based protocols shows that our protocol can minimize the MN's computation overhead, in addition to providing better manageability and stronger security than other protocols.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.39B no.6
• /
• pp.360-369
• /
• 2014

Underwater Acoustic Sensor Networks(UASN) enables varied study from collected data of underwater environments such as pollution monitoring, disaster prevention. The collected data is transmitted from underwater to terrestrial communication entity by acoustic communication. Because of the constraints of underwater environments include low data rate and propagation delay, it is difficult to apply cryptographic techniques of terrestrial wireless communication to UASN. For this reason, if the cryptographic techniques are excluded, then collected data will be exposed to security threats, such as extortion and forgery, during transmission of data. So, the cryptographic techniques, such as the authentication and key establishment protocol which can confirm reliability of communication entities and help them share secret key for encryption of data, must need for protecting transmitted data against security threats. Thus, in this paper, we propose the light weight authentication and key establishment protocol.

• 한국정보컨버전스학회:학술대회논문집
• /
• 2008.06a
• /
• pp.47-52
• /
• 2008

A radio-frequency identification(RFID) tag is a small, inexpensive microchip that emits an identifier in response to a query from a nearby reader. The price of these tags promises to drop to the range of $0.05 per unit in the next several years, offering a viable and powerful replacement for barcodes. The challenge in providing security for low-cost RFID tags is that they are computationally weak devices, unable to perform even basic symmetric-key cryptographic operations. Security researchers often therefore assume that good privacy protection in RFID tags is unattainable. In this paper, we explore a notion of minimalist cryptography suitable for RFID tags. We consider the type of security obtainable in RFID devices with a small amount of rewritable memory, but very limited computing capability. Our aim is to show that standard cryptography is not necessary as a starting point for improving security of very weak RFID devices. Our contribution is threefold: 1. We propose a new formal security model for authentication and privacy in RFID tags. This model takes into account the natural computational limitations and the likely attack scenarios for RFID tags in real-world settings. It represents a useful divergence from standard cryptographic security modeling, and thus a new view of practical formalization of minimal security requirements for low-cost RFID-tag security. 2. We describe protocol that provably achieves the properties of authentication and privacy in RFID tags in our proposed model, and in a good practical sense. Our proposed protocol involves no computationally intensive cryptographic operations, and relatively little storage. 3. Of particular practical interest, we describe some reduced-functionality variants of our protocol. We show, for instance, how static pseudonyms may considerably enhance security against eavesdropping in low-cost RFID tags. Our most basic static-pseudonym proposals require virtually no increase in existing RFID tag resources.

• Journal of Convergence for Information Technology
• /
• v.9 no.1
• /
• pp.86-91
• /
• 2019

Block chains began by recognizing the danger of centralized control of financial systems after the 2008 financial crisis. From the beginning of 2008, blockchain has been developing a lot of attention and technology, starting with a tremendous innovation called cryptographic destruction based on technology, a block chain called Bitcoin. However, the vulnerability has also been discovered over time and the damage has been repeated. But in the fourth industry of the 21st century, many advances and technologies based on them are expected to emerge. Therefore, this paper proposes new analytical transaction protocols for vulnerabilities in cryptographic currency transactions. The proposed transaction protocol is a way to authenticate once again at the end of the transaction and the transaction is concluded with this authentication. It presents countermeasures by adding security elements between users to the transaction process rather than internal security to transaction vulnerabilities.

• Journal of Information Processing Systems
• /
• v.8 no.1
• /
• pp.175-190
• /
• 2012

Shuffling is an effective method to build a publicly verifiable mix network to implement verifiable anonymous channels that can be used for important cryptographic applications like electronic voting and electronic cash. One shuffling scheme by Groth is claimed to be secure and efficient. However, its soundness has not been formally proven. An attack against the soundness of this shuffling scheme is presented in this paper. Such an attack compromises the soundness of the mix network based on it. Two new shuffling protocols are designed on the basis of Groth's shuffling and batch verification techniques. The first new protocol is not completely sound, but is formally analyzed in regards to soundness, so it can be applied to build a mix network with formally proven soundness. The second new protocol is completely sound, so is more convenient to apply. Formal analysis in this paper guarantees that both new shuffling protocols can be employed to build mix networks with formally provable soundness. Both protocols prevent the attack against soundness in Groth's scheme. Both new shuffling protocols are very efficient as batch-verification-based efficiency-improving mechanisms have been adopted. The second protocol is even simpler and more elegant than the first one as it is based on a novel batch cryptographic technique.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.8 no.5
• /
• pp.1069-1075
• /
• 2007

New BESA cryptographic algorithm is suitable network environment and wire/wireless communication network, on implement easy, security rate preservation, scalable & reconfigurable. Though proposed algorithm strengthens security vulnerability of TCP/IP protocol and keep security about many user as that have authentication function in network environment, there is important purpose. So that new BESA cryptographic algorithm implemented by hardware base cryptosystem and en/decryption is achieved at the same time, composed architecture.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.3
• /
• pp.459-466
• /
• 2017

One of the most widely-used open source project; OpenSSL is a cryptography library that is used to secure most web sites, servers and clients. One can secure the communication with the Secure Socket Layer (SSL) or its successor, Transport Layer Security (TLS) protocols by using the OpenSSL library. Since cryptography protocols will be updated and enhanced in order to keep the system protected, the library was written in such a way that simplifies the integration of new cryptographic methods, especially for the symmetric cryptography protocols. However, it gets a lot more complicated in adding an asymmetric cryptography protocol and no guide can be found for the integration of the asymmetric cryptography protocol. In this paper, we explained the architecture of the OpenSSL library and provide a simple tutorial to modify the OpenSSL library in order to accommodate custom protocols of both symmetric and asymmetric cryptography.