• 정보처리학회논문지:컴퓨터 및 통신 시스템
• /
• 제9권8호
• /
• pp.165-170
• /
• 2020

IoT (Internet of Things) 시대가 활성화되면서 개인정보를 포함한 많은 정보들이 IoT 디바이스들을 통해 전달되고 있다. 정보보호를 위해 디바이스끼리 상호 암호화하여 통신하는 것이 중요하며 IoT 디바이스 특성상, 성능의 제한으로 인해 경량 보안 프로토콜 사용이 요구된다. 현재 보안 프로토콜에서 사용하는 암호 기법들은 대부분 RSA, ECC (Elliptic Curve Cryptography)를 사용하고 있다. 하지만 고사양의 양자 컴퓨터가 개발되고 쇼어 알고리즘을 활용한다면 앞선 RSA와 ECC가 근거하는 안정성의 문제를 쉽게 해결할 수 있기 때문에 더 이상 사용할 수 없다. 이에 본 논문에서는 양자 컴퓨터의 계산능력에 내성을 가지는 보안 프로토콜을 설계하였다. 미국 NIST (National Institute of Standards and Technology) 양자내성암호 표준화 공모전을 진행중인 코드기반암호 ROLLO를 사용하였으며, IoT 디바이스끼리의 상호 통신을 위해 연산 소모가 적은 해시, XOR연산을 활용하였다. 마지막으로 제안하는 프로토콜과 기존 프로토콜의 비교 분석 및 안전성 분석을 실시하였다.

• 한국산업정보학회논문지
• /
• 제13권1호
• /
• pp.68-75
• /
• 2008

Ad hoc 네트워크는 구성이 변하기 쉬운 환경이므로 불법 노드가 네트워크 자원소비 및 경로방해 등의 동작이 용이하므로 라우팅 프로토콜 보호가 필요하다. 본 논문에서는 대칭키 암호화 방식을 이용하여 효율적이고 안전한 경로발견 프로토콜을 제안한다. 제안한 프로토콜은 대칭키 암호화 방식을 이용하여 각 홉에서 처리하는 연산량을 줄이며 경로응답 시 암/복호화 과정이 있어 정당한 홉을 가장한 active 공격에 강하다.

• 정보보호학회논문지
• /
• 제27권3호
• /
• pp.459-466
• /
• 2017

가장 널리 사용되는 오픈 소스 프로젝트 중 하나인 OpenSSL은 대부분의 웹 사이트, 서버 및 클라이언트를 보호하는 데 사용되는 암호화 라이브러리이다. OpenLLS을 사용하여 SSL 혹은 이것으로부터 나온 TLS 프로토콜로 안전하게 통신할 수 있다. 시스템의 지속적 보안성 유지를 위해 암호 프로토콜은 업데이트되고 개선되어야 하므로, 이 라이브러리는 새로운 암호화 방법을, 특히 대칭 암호화 프로토콜을, 시스템에 통합하여 구현하는 일이 간단하도록 작성되었다. 그러나 비대칭 암호화 프로토콜을 추가 할 때는 훨씬 더 복잡해진다. 본 논문에서는 OpenSSL 기반 사용자 지정 암호 프로토콜 구현 방안 도출을 위하여 OpenSSL 라이브러리의 세부 아키텍처를 파악하고 설명한다. 그리고 대칭키와 비대칭 암호화 기반 사용자 지정 프로토콜을 수용하기 위해 OpenSSL 라이브러리를 수정하는 방법을 제시한다.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제13권2호
• /
• pp.978-1002
• /
• 2019

With the rapid development of the Internet of Things, the problem of privacy protection has been paid great attention. Recently, Nikooghadam et al. pointed out that Kumari et al.'s protocol can neither resist off-line guessing attack nor preserve user anonymity. Moreover, the authors also proposed an authentication supportive session initial protocol, claiming to resist various vulnerability attacks. Unfortunately, this paper proves that the authentication protocols of Kumari et al. and Nikooghadam et al. have neither the ability to preserve perfect forward secrecy nor the ability to resist key-compromise impersonation attack. In order to remedy such flaws in their protocols, we design a lightweight authentication protocol using elliptic curve cryptography. By way of informal security analysis, it is shown that the proposed protocol can both resist a variety of attacks and provide more security. Afterward, it is also proved that the protocol is resistant against active and passive attacks under Dolev-Yao model by means of Burrows-Abadi-Needham logic (BAN-Logic), and fulfills mutual authentication using Automated Validation of Internet Security Protocols and Applications (AVISPA) software. Subsequently, we compare the protocol with the related scheme in terms of computational complexity and security. The comparative analytics witness that the proposed protocol is more suitable for practical application scenarios.

• Journal of Communications and Networks
• /
• 제14권1호
• /
• pp.104-110
• /
• 2012

Group key agreement protocols allow a group of users, communicating over a public network, to establish a shared secret key to achieve a cryptographic goal. Protocols based on certificateless public key cryptography (CL-PKC) are preferred since CL-PKC does not need certificates to guarantee the authenticity of public keys and does not suffer from key escrow of identity-based cryptography. Most previous certificateless group key agreement protocols deploy signature schemes to achieve authentication and do not have constant rounds. No security model has been presented for group key agreement protocols based on CL-PKC. This paper presents a security model for a certificateless group key agreement protocol and proposes a constant-round group key agreement protocol based on CL-PKC. The proposed protocol does not involve any signature scheme, which increases the efficiency of the protocol. It is formally proven that the proposed protocol provides strong AKE-security and tolerates up to $n$-2 malicious insiders for weak MA-security. The protocol also resists key control attack under a weak corruption model.

• International Journal of Computer Science & Network Security
• /
• 제21권3호
• /
• pp.60-70
• /
• 2021

In this paper we study the problem of implementation of security issues of blue tooth, especially secure simple pairing, with the help of an efficient four user authenticated key (4UAK) for an elliptic curve cryptography (ECC). This paper also deals with the design, implement and performance evaluation of secure simple pairing (SSP) using an elliptic curve cryptography, such as Diffie Hellman protocol when four users are involved. Here, we also compute the best, worst and average case step counts (time complexities). This work puts forth an efficient way of providing security in blue tooth. The time complexity of O(n⁴) is achieved using Rabin Miller Primality methodology. The method also reduces the calculation price and light communication loads.

• Journal of information and communication convergence engineering
• /
• 제20권4호
• /
• pp.242-249
• /
• 2022

Classical cryptography with complex computations has recently been utilized in the latest computing systems to create secret keys. However, systems can be breached by fast-measuring methods of the secret key; this approach does not offer adequate protection when depending on the computational complexity alone. The laws of physics for communication purposes are used in quantum computing, enabling new computing concepts to be introduced, particularly in cryptography and key distribution. This paper proposes a quantum computing lattice (CQL) mechanism that applies the BB84 protocol to generate a quantum key. The generated key and a one-time pad encryption method are used to encrypt the message. Then Babai's algorithm is applied to the ciphertext to find the closet vector problem within the lattice. As a result, quantum computing concepts are used with classical encryption methods to find the closet vector problem in a lattice, providing strength encryption to generate the key. The proposed approach is demonstrated a high calculation speed when using quantum computing.

• Journal of Communications and Networks
• /
• 제12권6호
• /
• pp.592-599
• /
• 2010

In recent years, significant improvements have been made to the techniques used for analyzing satellite communication and attacking satellite systems. In 2003, a research team at Los Alamos National Laboratory, USA, demonstrated the ease with which civilian global positioning system (GPS) spoofing attacks can be implemented. They fed fake signals to the GPS receiver so that it operates as though it were located at a position different from its actual location. Moreover, Galileo in-orbit validation element A and Compass-M1 civilian codes in all available frequency bands were decoded in 2007 and 2009. These events indicate that cryptography should be used in addition to the coding technique for secure and authenticated satellite communication. In this study, we address this issue by using an authenticated key-exchange protocol to build a secure and authenticated communication channel for satellite communication. Our protocol uses identity-based cryptography. We also prove the security of our protocol in the extended Canetti-Krawczyk model, which is the strongest security model for authenticated key-exchange protocols, under the random oracle assumption and computational Diffie-Hellman assumption. In addition, our protocol helps achieve high efficiency in both communication and computation and thus improve security in satellite communication.

• Journal of Communications and Networks
• /
• 제14권6호
• /
• pp.682-691
• /
• 2012

Key agreement protocol is a fundamental protocol in cryptography whereby two or more participants can agree on a common conference key in order to communicate securely among themselves. In this situation, the participants can securely send and receive messages with each other. An adversary not having access to the conference key will not be able to decrypt the messages. In this paper, we propose a novel identity-based authenticated multi user key agreement protocol employing a symmetric balanced incomplete block design. Our protocol is built on elliptic curve cryptography and takes advantage of a kind of bilinear map called Weil pairing. The protocol presented can provide an identification (ID)-based authentication service and resist different key attacks. Furthermore, our protocol is efficient and needs only two rounds for generating a common conference key. It is worth noting that the communication cost for generating a conference key in our protocol is only O($\sqrt{n}$) and the computation cost is only O($nm^2$), where $n$ implies the number of participants and m denotes the extension degree of the finite field $F_{p^m}$. In addition, in order to resist the different key attack from malicious participants, our protocol can be further extended to provide the fault tolerant property.

• 한국통신학회논문지
• /
• 제32권1B호
• /
• pp.11-16
• /
• 2007

본 논문에서는 이동 애드혹 망을 위해 시공간 방식에 근거한 보안 라우팅 프로토콜의 설계와 성능을 기술한다. 제안된 시공간 방식은 시간영역에서는 출발지와 목적지 간에 키 배포를 수행하고, 또한 공간영역에서는 경로 상에서의 침입 탐지를 수행하기 때문에 붙여진 이름이다. 데이터 인증을 위해 효율성이 높은 대칭키 방식을 사용하고, 비밀 키는 출발지에서 목적지로 시간차를 이용하여 배포되어 진다. 또한, 단방향의 해쉬체인을 공간측면에서 홉단위로 형성함으로써, 침입자나 포섭된 노드가 라우팅 정보를 조작하는 것을 방지한다 제안된 라우팅 프로토콜의 성능을 평가하기 위해 ns-2 시뮬레이션을 통하여 같은 조건하에서 기존의 AODV와 비교한 결과, 우리가 제안한 프로토콜이 보안 기능을 제공하면서도 동시에 지연시간과 처리율 측면에서 기존의 AODV와 유사한 성능을 보여주고 있다.