• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.6A
• /
• pp.179-183
• /
• 2008

Recently, an efficient password-authenticated key exchange protocol based on RSA has been proposed by Park et al. with formal security proof. In this letter, we analyze their protocol, and show that it is not secure against an active adversary who performs a dictionary attack. Moreover, we analyze the performance of the proposed attack and show that the attack is a threatening attack against the protocol.

• Journal of Broadcast Engineering
• /
• v.13 no.2
• /
• pp.251-260
• /
• 2008

In this paper, we present two verifier-based multi-party PAKE (password-authenticated key exchange) protocols. The shared key can be used for secure content transmission. The suggested protocols are secure against server compromise attacks. Our first protocol is designed to provide forward secrecy and security against known-key attacks. The second protocol is designed to additionally provide key secrecy against the server which means that even the server can not know the session keys of the users of a group. The suggested protocols have a constant number of rounds are provably secure in the standard model. To the best of our knowledge, the proposed protocols are the first secure multi-party PAKE protocols against server compromise attacks in the literature.

• Journal of Information Processing Systems
• /
• v.7 no.1
• /
• pp.159-172
• /
• 2011

A designated verifier signature is a special type of digital signature, which convinces a designated verifier that she has signed a message in such a way that the designated verifier cannot transfer the signature to a third party. A strong designated verifier signature scheme enhances the privacy of the signer such that no one but the designated verifier can verify the signer's signatures. In this paper we present two generic frame works for constructing strong designated verifier signature schemes from any secure ring signature scheme and any deniable one-pass authenticated key exchange protocol, respectively. Compared with similar protocols, the instantiations of our construction achieve improved efficiency.

• Journal of the Korea Society of Computer and Information
• /
• v.17 no.4
• /
• pp.91-98
• /
• 2012

A group key exchange (GKE) protocol is designed to allow a group of parties communicating over a public network to establish a common secret key. As group-oriented applications gain popularity over the Internet, a number of GKE protocols have been suggested to provide those applications with a secure multicast channel. Among the many protocols is Yi et al.'s password-based GKE protocol in which each participant is assumed to hold their individual password registered with a trusted server. A fundamental requirement for password-based key exchange is security against off-line dictionary attacks. However, Yi et al.'s protocol fails to meet the requirement. In this paper, we report this security problem with Yi et al.'s protocol and show how to solve it.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.3
• /
• pp.481-496
• /
• 2021

It is imperative to migrate the current public key cryptosystem to a quantum-resistance system ahead of the realization of large-scale quantum computing technology. The National Institute of Standards and Technology, NIST, is promoting a public standardization project for Post-Quantum Cryptography(PQC) and also many research efforts have been conducted to apply PQC to TLS(Transport Layer Security) protocols, which are used for Internet communication security. In this paper, we propose a scenario in which a server and multi-clients share session keys on TLS by using the parallelized NTRU which is PQC in the key exchange process. In addition, we propose a method of accelerating NTRU using GPU and analyze its efficiency in an environment where a server needs to process large-scale data simultaneously.

• Journal of Internet Computing and Services
• /
• v.4 no.6
• /
• pp.95-102
• /
• 2003

The Diffle-Hellman Key Exchange scheme can produce a common session key between the two communicators, but its problem is that it makes a man-in-the middle attack possible. To solve problems like these, several protocols have been put forward, and the Simple Authenticated Key Agreement (SAKA) Protocol is among them. This protocol has been suggested by Seo-Sweeney, Tseng, and Ku-Wang, respectively, In this paper, we will put forward a new protocol that has been improved from all the original protocols mentioned above, but is still safe and quick to use, While the existing protocol divides the common session key production stage and the verification stage, the protocol suggested in this paper takes care of both of those stages simultaneously, therefore improving the processing performance.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.13 no.5
• /
• pp.3-15
• /
• 2003

The secure group communication enables the members, which belong to the same group, to communicate each other in a secure and secret manner. To do so, it is the most important that a group key is securely distributed among them and also group membership is efficiently managed. In detail, the generation, the distribution and the refreshment of a group key would be highly regarded in terms of low communication and computation complexity. In this paper, we show you a new protocol to generate a group key which will be safely shared within a group, utilizing the 2-party Diffie-Hellman key exchange protocol and the complete binary tree. Our protocol has less complexity of computation per group member by substituting many parts of exponentiation computations for multiplications. Consequently, each group member needs constant computations of exponentiation and multiplication regardless of the group size in the protocol and then it has less complexity of the computation than that of any other protocols.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.3
• /
• pp.351-358
• /
• 2013

In 2008, Pointcheval and Zimmer have presented multi-factor authenticated key exchange protocol with client's secret key, password, biometrics. However, it has been found to be flawed by Hao and Clarke if an attacker has single authentication factor (password), then the attacker can deduce other authentication factors. Interestingly, its countermeasure has not been presented due to the difficulty of design and structural problem. In this paper, an efficient countermeasure is briefly presented and its security is discussed as well.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.13 no.2
• /
• pp.43-51
• /
• 2017

Recently, MANET has been used in many fields as the range of applications increases. However, the dynamic topology that MANET has makes it difficult to route and provides the cause of exposure to security vulnerabilities. Therefore, the security features that can be robust to many attacks must have been applied in the routing technique provided in the MANET. In this paper, we propose a secure routing method that secure route is established by reliability evaluation of nodes and secure data communication has applied through key exchange mechanism. The proposed technique used hierarchical structure for efficiency of reliability evaluation of nodes. The reliability of nodes is performed by trust management node and reliability of nodes managed periodically is broadcasted. And the key exchange for secure data transmission is dene without CA as the certificate issuing organization. This allows fast key exchange and the integrity of data transmission improved. The proposed technique improves the security of the data transmission because a secure route to the destination node is established by the reliability evaluation and the data transmission is performed after the key between the source node and the destination node is exchanged through the established route.

• ETRI Journal
• /
• v.35 no.5
• /
• pp.919-922
• /
• 2013

A MIMO multi-way relay channel with full data exchange in which K users exchange messages with each other via the help of a single relay is considered. For the case in which each link is quasi-static Rayleigh fading and the relay is full-duplex, the fundamental diversity-multiplexing tradeoff (DMT) is investigated, and we show that a compress-and-forward relay protocol can achieve the optimal DMT.