• Title/Summary/Keyword: EKE-S

Search Result 19, Processing Time 0.031 seconds

Authenticated Key Exchange Protocol for the Secure and Efficient (안전하고 효율적으로 인증된 키 교환 프로토콜)

  • Park, Jong-Min;Park, Byung-Jun
    • Journal of the Korea Institute of Information and Communication Engineering
    • /
    • v.14 no.8
    • /
    • pp.1843-1848
    • /
    • 2010
  • The Key exchange protocols are very crucial tools to provide the secure communication in the broadband satellite access network. They should be required to satisfy various requirements such as security, Key confirmation, and Key freshness. In this paper, we propose Two authenticated key exchange protocols Two Pass EKE-E(Encrypted Key Exchange-Efficient) and Two Pass EKE-S(Encrypted Key Exchange-Secure) are introduced. A basic idea of the protocols is that a password can be represented by modular addition N, and the number of possible modular addition N representing the password is $2^N$ The Two Pass EKE-E is secure against the attacks including main-in-the-middle attack and off-line dictionary attack, and the performance is excellent so as beyond to comparison with other authenticated key exchange protocols. The Two Pass EKE-S is a slight modification of the Two Pass EKE-E. The Two Pass EKE-S provides computational in feasibility for learning the password without having performed off line dictionary attack while preserving the performance of the Two Pass EKE-E.

A Routing Security Authentication using S-EKE in MANET Environments (MANET 환경에서 S-EKE를 이용한 라우팅 보안 인증)

  • Lee, Cheol-Seung
    • The Journal of the Korea institute of electronic communication sciences
    • /
    • v.9 no.4
    • /
    • pp.433-438
    • /
    • 2014
  • The demanding in construction of the stand-alone networks and interconnection between convergence devices have led an increase in research on MANET and the application of MANET has been paid much attention as a Ubiquitous computing which is growing fast in the field of computer science. With performance both as hosts and routers, easy network configuration, and fast response, mobile nodes participating in MANET are suitable for Embedded computing but have vulnerable points, about lack of dynamic network topology due to mobility, network scalability, passive attacks, and active attacks which make it impossible to manage continuous security authentication service. In this study, proposes S-EKE authentication mechanism for a robust authentication based on MANET and through identify wireless environment security vulnerabilities, currently being used in OTP S/Key and DH-EKE analyzes.

One time password key exchange Authentication technique based on MANET (MANET 기반 원타임 패스워드 키교환 인증기법)

  • Lee, Cheol-Seung;Lee, Joon
    • Journal of the Korea Institute of Information and Communication Engineering
    • /
    • v.11 no.7
    • /
    • pp.1367-1372
    • /
    • 2007
  • This paper suggests One-time Password key exchange authentication technique for a strong authentication based on MANET and through identify wireless environment security vulnerabilities, analyzes current authentication techniques. The suggested authentication technique consists of 3 steps: Routing, Registration, and Running. The Routing step sets a safe route using AODV protocol. The Registration and Running step apply the One-time password S/key and the DH-EKE based on the password, for source node authentication. In setting the Session key for safe packet transmission and data encryption, the suggested authentication technique encrypts message as H(pwd) verifiers, performs key exchange and utilizes One time password for the password possession verification and the efficiency enhancement. EKE sets end to end session key using the DH-EKE in which it expounds the identifier to hash function with the modula exponent. A safe session key exchange is possible through encryption of the H(pwd) verifier. The suggested authentication technique requires exponentiation and is applicable in the wireless network environment because it transmits data at a time for key sharing, which proves it is a strong and reliable authentication technique based on the complete MANET.

Formal Specification and Verification for S/KEY Against Dictionary Attack (사전공격 방지를 위한 S/KEY의 정형 명세 및 검증)

  • Kim Il-Gon;Choi Jin-Young
    • Journal of KIISE:Software and Applications
    • /
    • v.31 no.9
    • /
    • pp.1218-1225
    • /
    • 2004
  • S/KEY system was proposed to guard against intruder's password replay attack. But S/KEY system has vulnerability that if an attacker derive passphrase from his dictionary file, he can acquire one-time password required for user authentication. In this paper, we propose a correct S/KEY system mixed with EKE to solve the problem. Also, we specify a new S/KEY system with Casper and CSP, verify its secrecy and authentication requirements using FDR model checking tool.

Ad-hoc Security Authentication Technique based on Verifier (검증자 기반 Ad-hoc 보안 인증기법)

  • Lee, Cheol-Seung;Hong, Seong-Pyo;Lee, Ho-Young;Lee, Joon
    • Proceedings of the Korean Institute of Information and Commucation Sciences Conference
    • /
    • 2007.10a
    • /
    • pp.713-716
    • /
    • 2007
  • This paper suggests One-time Password key exchange authentication technique for a strong authentication based on Ad-hoc Networks and through identify wireless environment security vulnerabilities, analyzes current authentication techniques. The suggested authentication technique consists of 3 steps: Routing, Registration, and Running. The Routing step sets a safe route using AODV protocol. The Registration and Running step apply the One-time password S/key and the DH-EKE based on the password, for source node authentication. In setting the Session key for safe packet transmission and data encryption, the suggested authentication technique encrypts message as H(pwd) verifiers, performs key exchange and utilizes One time password for the password possession verification and the efficiency enhancement. EKE sets end to end session key using the DH-EKE in which it expounds the identifier to hash function with the modula exponent. A safe session key exchange is possible through encryption of the H(pwd) verifier.

  • PDF

OTP-EKE: A Key Exchange Protocol based on One-Time-Password (OTP-EKE:원-타임-패스워드 기반의 키 고환 프로토콜)

  • Seo, Seung-Hyun;Cho, Tae-Nam;Lee, Sang-Ho
    • Journal of KIISE:Computer Systems and Theory
    • /
    • v.29 no.5
    • /
    • pp.291-298
    • /
    • 2002
  • Mutual authentication is essential for key exchange protocols and password-based authentication scheme is used widely, which is convenient to users and executed on the cheap. Password-based protocol should be not only secure against attach but also efficient to reduce user's load. In this paper, we propose a new key exchange protocol, called OTP-EKE(One Time Password based Encrypted Key Exchange), to provide authentication and to share a session key between a server and a user. We choose a password-based scheme as a user authentication. Especially, we use a one-time-password verifier and server's public password to protect against attacks on server's directory. As for efficiency, we improve the performance by reducing the number of modular exponentiations and the number of rounds.

Statistical Characteristics of East Sea Mesoscale Eddies Detected, Tracked, and Grouped Using Satellite Altimeter Data from 1993 to 2017 (인공위성 고도계 자료(1993-2017년)를 이용하여 탐지‧추적‧분류한 동해 중규모 소용돌이의 통계적 특성)

  • LEE, KYUNGJAE;NAM, SUNGHYUN;KIM, YOUNG-GYU
    • The Sea:JOURNAL OF THE KOREAN SOCIETY OF OCEANOGRAPHY
    • /
    • v.24 no.2
    • /
    • pp.267-281
    • /
    • 2019
  • Energetic mesoscale eddies in the East Sea (ES) associated with strong mesoscale variability impacting circulation and environments were statistically characterized by analyzing satellite altimeter data collected during 1993-2017 and in-situ data obtained from four cruises conducted between 2015 and 2017. A total of 1,008 mesoscale eddies were detected, tracked, and identified and then classified into 27 groups characterized by mean lifetime (L, day), amplitude (H, m), radius (R, km), intensity per unit area (EI, $cm^2/s^2/km^2$), ellipticity (e), eddy kinetic energy (EKE, TJ), available potential energy (APE, TJ), and direction of movement. The center, boundary, and amplitude of mesoscale eddies identified from satellite altimeter data were compared to those from the in-situ observational data for the four cases, yielding uncertainties in the center position of 2-10 km, boundary position of 10-20 km, and amplitude of 0.6-5.9 cm. The mean L, H, R, EI, e, EKE, and APE of the ES mesoscale eddies during the total period are $95{\pm}104$ days, $3.5{\pm}1.5cm$, $39{\pm}6km$, $0.023{\pm}0.017cm^2/s^2/km^2$, $0.72{\pm}0.07$, $23{\pm}21TJ$, and $588{\pm}250TJ$, respectively. The ES mesoscale eddies tend to move following the mean surface current rather than propagating westward. The southern groups (south of the subpolar front) have a longer L, larger H, R, and higher EKE, APE; and stronger EI than those of the northern groups and tend to move a longer distance following surface currents. There are exceptions to the average characteristics, such as the quasi-stationary groups (the Wonsan Warm, Wonsan Cold, Western Japan Basin Warm, and Northern Subpolar Frontal Cold Eddy groups) and short-lived groups with a relatively larger H, higher EKE, and APE and stronger EI (the Yamato Coastal Warm, Central Yamato Warm, and Eastern Japan Basin Coastal Warm eddy groups). Small eddies in the northern ES hardly resolved using the satellite altimetry data only, were not identified here and discussed with potential over-estimations of the mean L, H, R, EI, EKE, and APE. This study suggests that the ES mesoscale eddies 1) include newly identified groups such as the Hokkaido and the Yamato Rise Warm Eddies in addition to relatively well-known groups (e.g., the Ulleung Warm and the Dok Cold Eddies); 2) have a shorter L; smaller H, R, and lower EKE; and stronger EI and higher APE than those of the global ocean, and move following surface currents rather than propagating westward; and 3) show large spatial inhomogeneity among groups.

Variability of Mesoscale Eddies in the Pacific Ocean Simulated by an Eddy Resolving OGCM of $1/12^{\circ}$

  • Yim B.Y.;Noh Y.;You S.H.;Yoon J.H.;Qiu B.
    • 한국전산유체공학회:학술대회논문집
    • /
    • 2006.05a
    • /
    • pp.133-136
    • /
    • 2006
  • The mesoscale eddy field in the North Pacific Ocean, simulated by a high resolution eddy-resolving OGCM ($1/12^{\circ}C$ horizontal resolution), was analyzed, and compared with satellite altimetry data of TOPEX/Poseidon. High levels of eddy kinetic energy (EKE) appear near the Kurosho, North Equatorial Current (NEC), and Subtropical Countercurrent (STCC) in the western part of the subropical gyre. In particlure, it was found that the EKE level of the STCC has a well-defined annual cycle, but no distinct annual cycle of the EKE exists in any other zonal current of the North Pacific Ocean.

  • PDF

Formal Methodology for Safety Analysis of Security Protocols (보안 프로토콜의 안전성 분석을 위한 정형적 방법론)

  • Kim Il-Gon;Jeon Chul-Wuk;Kim Hyun-Seok;Choi Jin-Young;Kang In-Hye
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.15 no.1
    • /
    • pp.17-27
    • /
    • 2005
  • With the development of wire and wireless based networks, a various security protocols have been proposed to protect important resources and user information against attackers. However, many security protocols have found oかy to be later vulnerable to attacks. In this Paper, we introduce the formal methodology to verify the safety of security protocols in the design phase, and we take advantage of the formal methodology which uses Casper/CSP and FDR tools by introducing the verification example of EKE protocol and BCY protocol. Lastly, we propose a new BCY protocol after verifying it's safety.

Remark on the Security of Password Schemes (패스워드 인증 키교환 프로토콜의 안전성에 관한 고찰)

  • 이희정
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.13 no.4
    • /
    • pp.161-168
    • /
    • 2003
  • We discuss the security of two famous password authenticated key exchange protocols, EKE2 and PAK. We introduce ′insider assisted attack′ Based on this assumption we point out weakness of the security of EKE2 and PAK protocols. More precisely, when the legitimate user wants to find other user′s password, called "insider-assisted attacker", the attacker can find out many ephemeral secrets of the server and then after monitoring on line other legitimate user and snatching some messages, he can guess a valid password of the user using the previous information. Of course for this kind of attack there are some constraints. Here we present a full description of the attack and point out that on the formal model, one should be very careful in describing the adversary′s behavior.