• The KIPS Transactions:PartC
• /
• v.10C no.2
• /
• pp.133-140
• /
• 2003

IKE, which is the standard key management protocol for IPSEC, is said to have several known problems. To resolve the problems of the IKE, two protocol proposals are being discussed in the IETF. the IKE version 2 and Just Fast Keying protocols. They should satisfy several protocol design requirements such as the protocol simplicity, the endurability against DOS attacks, the degree of the PFS, the identity protection, the cryptographic negotiation, and the authentication methods. In this paper, we summarize the characteristics of these two protocols and try to analyze their implications according to the protocol design requirements.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.5
• /
• pp.17-30
• /
• 2008

In the paper, we consider password-based authenticated key exchange with different passwords, where the users do not share a password between themselves, but only with the server. The users make a session key using their different passwords with the help of the server. We propose an efficient password-based authenticated key exchange protocol with different passwords which achieves forward secrecy without random oracles. In fact this amount of computation and the number of rounds are comparable to the most efficient password-based authenticated key exchange protocol in the random oracle model. The protocol requires a client only to memorize a human-memorable password, and all other information necessary to run the protocol is made public.

• Journal of KIISE:Information Networking
• /
• v.33 no.2
• /
• pp.131-138
• /
• 2006

To achieve security in wireless sensor networks(WSN), it is important to be able to encrypt and authenticate messages sent among sensor nodes. Due to resource constraints, many key agreement schemes used in general networks such as Diffie-Hellman and public-key based schemes are not suitable for wireless sensor networks. The current pre-distribution of secret keys uses q-composite random key and it randomly allocates keys. But there exists high probability not to be public-key among sensor nodes and it is not efficient to find public-key because of the problem for time and energy consumption. To remove problems in pre-distribution of secret keys, we propose a new cryptographic key management protocol, which is based on the clustering scheme but does not depend on probabilistic key. The protocol can increase efficiency to manage keys because, before distributing keys in bootstrap, using public-key shared among nodes can remove processes to send or to receive key among sensors. Also, to find outcompromised nodes safely on network, it selves safety problem by applying a function of lightweight attack-detection mechanism.

• Journal of Convergence Society for SMB
• /
• v.4 no.4
• /
• pp.19-23
• /
• 2014

Group communication is becoming increasingly popular in Internet applications such as videoconferences, online chatting programs, games, and gambling. For secure communications, the integrity of messages, member authentication, and confidentiality must be provided among group members. To maintain message integrity, all group members use the Group Key (GK) for encrypting and decrypting messages while providing enough security to protect against passive attacks. Tree-based Group Diffie-Hellman (TGDH) is an efficient group key agreement protocol to generate the GK. TGDH assumes all members have an equal computing power. One of the characteristics of distributed computing and grid environments is heterogeneity; the member can be at a workstation, a laptop or even a mobile computer. Member reordering in the TDGH protocol could potentially lead to an improved protocol; such reordering should capture the heterogeneity of the network as well as latency. This research investigates dynamic reordering mechanisms to consider not only the overhead involved but also the scalability of the proposed protocol.

• ETRI Journal
• /
• v.37 no.4
• /
• pp.696-706
• /
• 2015

This paper presents an achievable secure videoconferencing system based on quantum key encryption in which key management can be directly applied and embedded in a server/client videoconferencing model using, for example, OpenMeeting. A secure key management methodology is proposed to ensure both a trusted quantum network and a secure videoconferencing system. The proposed methodology presents architecture on how to share secret keys between key management servers and distant parties in a secure domain without transmitting any secrets over insecure channels. The advantages of the proposed secure key management methodology overcome the limitations of quantum point-to-point key sharing by simultaneously distributing keys to multiple users; thus, it makes quantum cryptography a more practical and secure solution. The time required for the encryption and decryption may cause a few seconds delay in video transmission, but this proposed method protects against adversary attacks.

• The KIPS Transactions:PartC
• /
• v.12C no.3 s.99
• /
• pp.317-322
• /
• 2005

The existing certificate based authentication or identification just verifies whether the owner of private key corresponding to public key of certificate is the DN user set in the user field in the certificate or not, then we cannot find out who is the actual private key owner in a real world. To make up for this weak points, the method to insert the identification number like the resident registration number into the certificate extension field is applied as a technical standard to current domestic PKI system. In this paper, we propose the ECC based integrated identification, identification number checking and key management protocol providing user validation during the login.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.13 no.3
• /
• pp.43-51
• /
• 2017

MANET consists of only wireless nodes having limited processing capability. It processes routing and data transmission through cooperation among each other. And it is exposed to many attack threats due to the dynamic topology by movement of nodes and multi-hop communication. Therefore, the reliability of transmitted data between nodes must be improved and security of integrity must be high. In this paper, we propose a method to increase the reliability of transmitted data by providing a secure cryptography protocol. The proposed method used a hierarchical structure to provide smooth cryptographic services. The cluster authentication node issues the cluster authentication key pair and unique key to the nodes. The nodes performs the encryption through two steps of encryption using cluster public key and block encryption using unique key. Because of this, the robustness against data forgery attacks was heightened. The superior performance of the proposed method can be confirmed through comparative experiment with the existing security routing method.

• Journal of Internet Computing and Services
• /
• v.10 no.2
• /
• pp.41-51
• /
• 2009

Recently, there are many researches on security to remove vulnerability which is caused by wireless communication in wireless sensor networks. To guarantee secure communication, we should basically provide key management for each node, mutual authentication and key agreement protocol between two nodes. Although many protocols are presented to supply these security services, some of them require plentiful storage memory, powerful computation and communication capacity. In this paper, we propose a lightweight and efficient authentication and key agreement protocol between two sensor nodes, which is an enhanced version of Juang's scheme. In Juang's protocol, sensor node's information used to share a secret key should be transmitted to registration center via a base station. On the contrary, since node's information in our protocol is transmitted up to only base station, the proposed scheme can decrease computation and communication cost for establishing the shared key between two nodes.

• Journal of the Korea Society of Computer and Information
• /
• v.11 no.6 s.44
• /
• pp.35-47
• /
• 2006

In an Ubiquitous Environment, the growth of various services and equipment is forecasted to increase both the multicast users and diverse hacking attacks of the multicast key. Rapid increasing of multicast users and application security protocols reduce the performance of the Central key management system. Accordingly. We propose to elevate the functionality of the key management mechanism for greater efficiency and stability of the multicast services. in this paper The existing key management mechanism comparison and simulation will analyze these problems. We propose the advanced SMKD (Secure Multicast Key Distribution) mechanism application of the small group and key length control new security protocol by methods to solve these problems. The SMKD Model in this paper will help reduce loading the key distribution and encryption execution of a central key management system, and this model can also ensure stability to a central key management system by efficient key management.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.7 no.1
• /
• pp.149-165
• /
• 2013

Current group key agreement protocols, which are often tree-based, have unnecessary delays that are caused when members with low-performance computer systems join a group key computation process. These delays are caused by the computations necessary to balance a key tree after membership changes. An alternate approach to group key generation that reduces delays is the dynamic prioritizing mechanism of queue-based group key generation. We propose an efficient group key agreement protocol and present the results of performance evaluation tests of this protocol. The queue-based approach that we propose is scalable and requires less computational overhead than conventional tree-based protocols.