• Journal of information and communication convergence engineering
• /
• 제9권4호
• /
• pp.431-434
• /
• 2011

Password-based user-authentication schemes have been widely used when users access a server to avail internet services. Multiserver password-authentication schemes enable remote users to obtain service from multiple servers without separately registering with each server. In 2008, Jia-Lun Tsai proposed an improved and efficient password-authenticated key agreement scheme for a multiserver architecture based on Chang-Lee's scheme proposed in 2004. However, we found that Tsai's scheme does not provide forward secrecy and is weak to insider impersonation and denial of service attacks. In this article, we describe the drawbacks of Tsai's scheme and provide a countermeasure to satisfy the forward secrecy property.

• 정보보호학회논문지
• /
• 제30권3호
• /
• pp.313-323
• /
• 2020

최근 스마트 그리드 관련 기술의 발전으로 사용자는 다양한 환경에서 보다 안전하고 신뢰성 있는 전력 서비스를 제공 받을 수 있다. 그러나 이러한 서비스들은 인터넷을 통하여 제공되므로 공격자의 데이터 주입, 변경, 삭제 및 추출 등 다양한 잠재적인 공격에 취약하다. 따라서 올바른 사용자에게만 서비스를 제공하기 위한 사용자 인증하고 키를 합의 하는 것은 반드시 이루어져야 하는 보안 필수요소 이다. 본 논문에서는 Zhang 등이 제안한 인증 및 키 합의 방식이 안전성을 tamper-resistant 디바이스에 의존하는 문제가 있으며 스마트 미터 도난 및 위장 공격, 세션 키 노출 공격 등 다양한 공격에 취약함을 밝히고 이를 개선한 스마트 그리드 환경에서 변조 방지 디바이스를 사용하지 않으며 안전한 사용자 인증 및 키 합의 방식을 제안한다. 또한 제안된 인증 방식의 안전성 및 성능을 분석하고 BAN(Abadi-Burrow-Needham) logic 분석을 통하여 제안한 방식이 안전한 상호 인증을 제공함을 입증하였다. 따라서 제안된 방식은 효율적이고 안전하며 실제 스마트 그리드 환경에서 효율적으로 적용 가능한 인증 방식이다.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제10권5호
• /
• pp.2375-2393
• /
• 2016

Key agreement is paramount in secure wireless communications. A promising approach to address key agreement schemes is to extract secure keys from channel characteristics. However, because channels lack randomness, it is difficult for wireless networks with stationary communicating terminals to generate robust keys. In this paper, we propose a Robust Secure Key Agreement (RSKA) scheme from Received Signal Strength (RSS) in stationary wireless networks. In order to mitigate the asymmetry in RSS measurements for communicating parties, the sender and receiver normalize RSS measurements and quantize them into q-bit sequences. They then reshape bit sequences into new l-bit sequences. These bit sequences work as key sources. Rather than extracting the key from the key sources directly, the sender randomly generates a bit sequence as a key and hides it in a promise. This is created from a polynomial constructed on the sender's key source and key. The receiver recovers the key by reconstructing a polynomial from its key source and the promise. Our analysis shows that the shared key generated by our proposed RSKA scheme has features of high randomness and a high bit rate compared to traditional RSS-based key agreement schemes.

• 한국정보처리학회:학술대회논문집
• /
• 한국정보처리학회 2006년도 춘계학술발표대회
• /
• pp.1113-1116
• /
• 2006

Security in wireless sensor networks is very pressing especially when sensor nodes are deployed in hostile environments. To obtain security purposes, it is essential to be able to encrypt and authenticate messages sent amongst sensor nodes. Keys for encryption and authentication must be agreed upon by communicating nodes. Due to resource limitations and other unique features, obtaining such key agreement in wireless sensor network is extremely complex. Many key agreement schemes used in general networks, such as trusted server, Diffie-Hellman and public-key based schemes, are not suitable for wireless sensor networks [1], [2], [5], [7], [8]. In that situation, key pre-distribution scheme has been emerged and considered as the most appropriate scheme [2], [5], [7]. Based on that sense, we propose a new resource-optimal key pre-distribution scheme utilizing merits of the two existing key pre-distribution schemes [3], [4]. Our scheme exhibits the fascinating properties: substantial improvement in sensors' resource usage, rigorous guarantee of successfully deriving pairwise keys between any pair of nodes, greatly improved network resiliency against node capture attack. We also present a detailed analysis in terms of security and resource usage of the scheme.

• International Journal of Internet, Broadcasting and Communication
• /
• 제9권3호
• /
• pp.35-43
• /
• 2017

In 2013, Lee-Lie proposed secure smart card based authentication scheme of Zhu's authentication for TMIS which is secure against the various attacks and efficient password change. In this paper, we discuss the security of Lee-Lie's smart card-based authentication scheme, and we have shown that Lee-Lie's authentication scheme is still insecure against the various attacks. Also, we proposed the improved scheme to overcome these security problems of Lee-Lie's authentication scheme, even if the secret information stored in the smart card is revealed. As a result, we can see that the improved smart card based user authentication scheme for TMIS is secure against the insider attack, the password guessing attack, the user impersonation attack, the server masquerading attack, the session key generation attack and provides mutual authentication between the user and the telecare system.

• 한국컴퓨터정보학회논문지
• /
• 제23권2호
• /
• pp.53-61
• /
• 2018

In this paper, the author proposes an efficient group key agreement scheme in a mobile environment where group members frequently join and leave. This protocol consists of basic protocols and general ones and is expected to be suitable for communications between a mobile device with limited computing capability and a key distributing center (or base station) with sufficient computing capability. Compared with other schemes, the performance of the proposed protocol is a bit more efficient in the aspects of the overall cost for both communication and computation where the computational efficiency of the scheme is achieved by using exclusive or operations and a one-way hash function. Also, in the aspect of security, it guarantees both forward and backward secrecy based on the computational Diffie-Hellman (CDH) assumption so that secure group communication can be made possible. Furthermore, the author proves its security against a passive adversary in the random oracle model.

• 한국통신학회논문지
• /
• 제30권6C호
• /
• pp.607-615
• /
• 2005

그룹 키 동의 프로토콜은 일련의 그룹을 형성하는 다수의 통신 참여자들이 공개된 통신망 상에서 안전하게 그룹의 공통 비밀키를 설정할 수 있는 방법을 제공해준다. 그룹 키 동의 프로토콜에 관한 연구는 그동안 많은 연구자들에 의해 다양한 관점에서 진행되어왔다. 하지만, 고성능 컴퓨터와 상대적으로 계산능력이 떨어지는 모바일 단말기가 혼재되어 있는 네트워크 환경에서의 그룹 키 동의 프로토콜에 관한 연구는 아직 전무한 실정이다. 따라서 본 논문에서는 이러한 유무선 통합 네트워크 환경에 적합한 그룹 키 동의 방식을 제안한다. 제안된 방식은 키 설정 프로토콜의 안전성 요구사항을 모두 만족할 뿐만 아니라, 효율성과 확장성 또한 매우 뛰어나다.

• 한국통신학회논문지
• /
• 제35권5C호
• /
• pp.445-453
• /
• 2010

연산 과부하로 인해 대부분의 연구에서는 무선센서네트워크에서 공개키 암호방식의 사용은 힘들다고 여겨져 왔다. 하지만 최근의 일부 연구에서는 키 사이즈, 데이터 사이즈, 연산 시간, 전력 소비 등이 다른 공개키 암호들에 비해 적은 공개키 암호방식을 무선센서네트워크에 적용할 수 있다는 결과가 있다. NTRU 암호방식은 무선센서네트워크에서 사용될 수 있는 공개키 암호방식 중의 하나로 꼽힌다. 하지만 실제로 무선센서네트워크에 적용할 수 있는 NTRU에 기반한 효율적인 키 교환 스킴은 많지 않다. 이 논문에서는 무선센서네트워크에서 사용할 수 있는 NTRU에 기반한 효율적인 키 교환 스킴을 제안한다.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제11권12호
• /
• pp.6188-6204
• /
• 2017

Over the years, more password-based authentication key agreement schemes using chaotic maps were susceptible to attack by off-line password guess attack. This work approaches this problem by a new method--new theorem of chaotic maps: $T_{a+b}(X)+T_{a-b}(X)=2T_a(X)T_b(X)$,(a>b). In fact, this method can be used to design two-party, three-party, even in N-party intelligently. For the sake of brevity and readability, only a two-party instance: a novel Two-party Password-Authenticated Key Agreement Protocol is proposed for resisting password guess attack in this work. Compared with the related literatures recently, our proposed scheme can be not only own high efficiency and unique functionality, but is also robust to various attacks and achieves perfect forward secrecy. For capturing improved ratio of security and efficiency intuitively, the paper firstly proposes a new parameter called security/efficiency ratio(S/E Ratio). The higher the value of the S/E Ratio, the better it is. Finally, we give the security proof and the efficiency analysis of our proposed scheme.

• Journal of Communications and Networks
• /
• 제14권1호
• /
• pp.104-110
• /
• 2012

Group key agreement protocols allow a group of users, communicating over a public network, to establish a shared secret key to achieve a cryptographic goal. Protocols based on certificateless public key cryptography (CL-PKC) are preferred since CL-PKC does not need certificates to guarantee the authenticity of public keys and does not suffer from key escrow of identity-based cryptography. Most previous certificateless group key agreement protocols deploy signature schemes to achieve authentication and do not have constant rounds. No security model has been presented for group key agreement protocols based on CL-PKC. This paper presents a security model for a certificateless group key agreement protocol and proposes a constant-round group key agreement protocol based on CL-PKC. The proposed protocol does not involve any signature scheme, which increases the efficiency of the protocol. It is formally proven that the proposed protocol provides strong AKE-security and tolerates up to $n$-2 malicious insiders for weak MA-security. The protocol also resists key control attack under a weak corruption model.