• Journal of Broadcast Engineering
• /
• v.13 no.1
• /
• pp.79-85
• /
• 2008

An authenticated group key agreement protocol allows a group of parties communicating over an insecure network to share a common secret key. In this paper, we show that Zhou et al.'s ID-based authenticated group key agreement schemes do not provide forward secrecy.

• Journal of Communications and Networks
• /
• v.14 no.6
• /
• pp.682-691
• /
• 2012

Key agreement protocol is a fundamental protocol in cryptography whereby two or more participants can agree on a common conference key in order to communicate securely among themselves. In this situation, the participants can securely send and receive messages with each other. An adversary not having access to the conference key will not be able to decrypt the messages. In this paper, we propose a novel identity-based authenticated multi user key agreement protocol employing a symmetric balanced incomplete block design. Our protocol is built on elliptic curve cryptography and takes advantage of a kind of bilinear map called Weil pairing. The protocol presented can provide an identification (ID)-based authentication service and resist different key attacks. Furthermore, our protocol is efficient and needs only two rounds for generating a common conference key. It is worth noting that the communication cost for generating a conference key in our protocol is only O($\sqrt{n}$) and the computation cost is only O($nm^2$), where $n$ implies the number of participants and m denotes the extension degree of the finite field $F_{p^m}$. In addition, in order to resist the different key attack from malicious participants, our protocol can be further extended to provide the fault tolerant property.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.15 no.4
• /
• pp.11-27
• /
• 2005

To date, most identity-based key agreement protocols are based on a single PKG (Private Key Generator) environment. In 2002, Chen and Kudla proposed an identity-based key agreement protocol for a multiple PKG environment, where each PKG shares identical system parameters but possesses distinct master key. However, it is more realistic to assume that each PKG uses different system parameters including the PKG's master key. In this paper, we propose a new two party key agreement protocol between users belonging to different PKGs that do not share system parameters. We also extend this protocol to two types of tripartite key agreement protocols. We show that our two party protocol requires minimal amount of pairing computation for a multiple PKG environment and our tripartite protocol is more efficient than existing protocols. We also show that the proposed key agreement protocols satisfy every security requirements of key agreement protocol.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.1
• /
• pp.3-10
• /
• 2013

Several identity-based and authenticated key agreement protocols have been proposed. It remains at issue to design secure identity based and authenticated key agreement protocols. In this paper, we propose a one round authenticated group key agreement protocol which uses one more key pair as well as the public key and private key of typical IBE(Identity-Based Encryption) system. The proposed protocol modified Shi et al.'s protocol and He et al.'s protocol. The public and private keys and the signature process of our protocol are simpler than them of their protocols. Our protocol is secure and more efficient than their protocols in communication and computation costs.

• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.49 no.1
• /
• pp.92-101
• /
• 2012

Security support is a significant factor in ad hoc networks. Especially in dynamic topologies, key agreement with private key updating is essential in providing a secure system. And it is also necessary to protect the identities of individual nodes in wireless environments to avoid personal privacy problems. However, many of the existing key agreement schemes for ad hoc networks do not consider these issues concurrently. This paper proposes an anonymous ID-based private key update scheme and a key agreement scheme for mobile ad hoc networks. We also suggest a method of rekeying between different domains using service-coordinators. These schemes are secure against various attacks and are suitable for service-oriented mobile ad hoc networks.

• Convergence Security Journal
• /
• v.23 no.4
• /
• pp.43-52
• /
• 2023

Many businesses and organizations use smartcard-based user authentication for remote access. In the meantime, through various studies, dynamic ID-based remote user authentication protocols for distributed multi-server environments have been proposed to protect the connection between users and servers. Among them, Qiu et al. proposed an efficient smart card-based remote user authentication system that provides mutual authentication and key agreement, user anonymity, and resistance to various types of attacks. Later, Andola et al. found various vulnerabilities in the authentication scheme proposed by Qiu et al., and overcame the flaws in their authentication scheme, and whenever the user wants to log in to the server, the user ID is dynamically changed before logging in. An improved authentication protocol is proposed. In this paper, by analyzing the operation process and vulnerabilities of the protocol proposed by Andola et al., it was revealed that the protocol proposed by Andola et al. was vulnerable to offline smart card attack, dos attack, lack of perfect forward secrecy, and session key attack.

• IEIE Transactions on Smart Processing and Computing
• /
• v.3 no.5
• /
• pp.298-305
• /
• 2014

In this study, a novel Randomly Shifted Certification Authority Authentication protocol was used in ad hoc networks to provide authentication by considering the MAC layer characteristics. The nodes achieve authentication through the use of public key certificates issued by a CA, which assures the certificate's ownership. As a part of providing key management, the active CA node transfers the image of the stored public keys to other idle CA nodes. Finally the current active CA randomly selects the ID of the available idle CA and shifts the CA ownership by transferring it. Revoking is done if any counterfeit or duplicate non CA node ID is found. Authentication and integrity is provided by preventing MAC control packets, and Enhanced Hash Message Authentication Code (EHMAC) can be used. Here EHMAC with various outputs is introduced in all control packets. When a node transmits a packet to a node with EHMAC, verification is conducted and the node replies with the transmitter address and EHMAC in the acknowledgement.

• Proceedings of the Korean Information Science Society Conference
• /
• 2007.10a
• /
• pp.104-105
• /
• 2007

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.38C no.7
• /
• pp.595-604
• /
• 2013

Devising a secure authenticated key agreement (AKA) protocol for two entities communicating over an open network is a matter of current research. McCullagh et al. proposed a new two-party identity-based AKA protocol supporting both key escrow and key escrow-less property instantiated by either in a single domain or over two distinct domains. In this paper, we show that their protocol over two distinct domains suffers from masquerading attack and therefore does not satisfy the claimed security. The attack is made possible due to the lack of sufficient authentication of entity and integrity assurance in the protocol. We then propose an efficient verifiable key agreement protocol by including signature primitive in the authentication procedure to solve the problem of McCullagh et al.'s protocol.

• KIPS Transactions on Computer and Communication Systems
• /
• v.5 no.10
• /
• pp.361-372
• /
• 2016

Identity Privacy issues such as exposures of IMSIs(International Mobile Subscriber Identities) in access network have been consistently raised throughout GSM, UMTS, LTE in 3GPP. The 3GPP specification uses temporary identities instead of IMSI to ensure anonymity of the user. Even if temporary identities are disclosed, Identity Privacy may be maintained at a safe level by security policies such as no linkability and periodic update. But in case of IMSI, it cannot be changed even though it is exposed. There still exist some situations that IMSI is used in clear text for the authentication. Therefore, a protective mechanism for the identity confidentiality is needed. In this paper we propose a protocol based on IBE(Identity-based Encryption) to protect permanent identities in access network. By simplifying the scheme, this protocol has minimized the system impact on current 3GPP environment. And this scheme can be applied to all kind of permanent identities and 3GPP AKA(Authentication and Key Agreement) protocols in access network.