• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.7 no.7
• /
• pp.1737-1753
• /
• 2013

Current group key agreement protocols, which are often tree-based, have unnecessary delays that are caused when members with low-performance computer systems join a group key computation process. These delays are caused by the computations necessary to balance a key tree after membership changes. An alternate approach to group key generation that reduces delays is the dynamic prioritizing mechanism of queue-based group key generation. We propose an efficient group key agreement protocol and present the results of performance evaluation tests of this protocol. The queue-based approach that we propose is scalable and requires less computational overhead than conventional tree-based protocols.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.19 no.6
• /
• pp.23-35
• /
• 2009

Password-Authenticated Key Exchange (PAKE) Protocol is a useful tool for secure communication conducted over open networks without sharing a common secret key or assuming the existence of the public key infrastructure (PKI). It seems difficult to design efficient PAKE protocols using RSA, and thus many PAKE protocols are designed based on the Diffie-Hellman key exchange (DH-PAKE). Therefore it is important to design an efficient PAKE based on RSA function since the function is suitable for designing a PAKE protocol for imbalanced communication environment. In this paper, we propose a computationally-efficient key exchange protocol based on the RSA function that is suitable for low-power devices in imbalanced environment. Our protocol is more efficient than previous RSA-PAKE protocols, required theoretical computation and experiment time in the same environment. Our protocol can provide that it is more 84% efficiency key exchange than secure and the most efficient RSA-PAKE protocol CEPEK. We can improve the performance of our protocol by computing some costly operations in offline step. We prove the security of our protocol under firmly formalized security model in the random oracle model.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.11 no.2
• /
• pp.901-923
• /
• 2017

Efficient key distribution and management mechanisms as well as lightweight ciphers are the main pillar for establishing secure wireless sensor networks (WSN). Several symmetric based key distribution protocols are already proposed, but most of them are not scalable, yet vulnerable to a small number of compromised nodes. In this paper, we propose an efficient and scalable key management and distribution framework, named KMMR, for large scale WSNs. The KMMR contributions are three fold. First, it performs lightweight local processes orchestrated into upward and downward tiers. Second, it limits the impact of compromised nodes to only local links. Third, KMMR performs efficient secure node addition and revocation. The security analysis shows that KMMR withstands several known attacks. We implemented KMMR using the NesC language and experimented on Telosb motes. Performance evaluation using the TOSSIM simulator shows that KMMR is scalable, provides an excellent key connectivity and allows a good resilience, yet it ensures both forward and backward secrecy. For a WSN comprising 961 sensor nodes monitoring a 60 hectares agriculture field, KMMR requires around 2.5 seconds to distribute all necessary keys, and attains a key connectivity above 96% and a resilience approaching 100%. Quantitative comparisons to earlier work show that KMMR is more efficient in terms of computational complexity, required storage space and communication overhead.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.5
• /
• pp.885-896
• /
• 2013

MTC(Machine Type Communications), providing a variety of services anytime and anywhere by connecting the cellular network to the machine and things without human intervention, is being considered as a major challenge of the next-generation communications. Currently, When a massive MTC devices simultaneously connect to the network, each MTC device needs an independent access authentication process. Because of this process, authentication signaling congestion and overload problems will cause in LTE-Advanced. In this paper, we propose a group-based authentication protocol and a key management protocol. For managing the MTC devices as group units, the proposed protocol elects a group leader and authentications only once with the core network. After the authentication is completed, a group leader manages the rest members and MME(Mobility Management Entity) by constructing a binary tree. Finally, the propose protocol analysis show that the proposed protocol not only can reduces the authentication signaling which generated in between the MTC devices and the core network but also can manages the MTC devices, efficiently.

• Journal of the Korea Society of Computer and Information
• /
• v.9 no.3
• /
• pp.177-182
• /
• 2004

The existing group key management architectures applied to a small scale routing protocols may have many overheads with key distribution. Therefore this paper proposes a group key management protocol in PIM-SM multicast group communication. This method divide multicast groups with RP, and subgroup key managers are established in each RP and can be transmitted groups keys. And this does not have needs of the data translation and the new key distribution for path change. This does not have needs of the data translation and the new key distribution for path change, so the data transmission time can be reduced.

• Journal of KIISE:Information Networking
• /
• v.30 no.3
• /
• pp.371-376
• /
• 2003

As Mobile Internet gets more popular, the switchover of E-Commerce to M-Commerce gets faster and many service providers offer diverse M-Commerce service by using mobile technology. Also, as M-Commerce makes rapid progress, the security protocol gets more widely recognized for its significance. In particular, WAKE(Wireless Authentication and Key Establishment) protocol carried out wirelessly is of great importance, since the user and service provider must get through to carry out the M-Commerce. Key recovery method is a part of the key management in order to provide an emergency recovery of key whenever necessary, like when the user lost the key or the cryptosystem was illegally used. The ASPeCT project first tried to support the key recovery function in WAKE Protocol Since then, a variety of WAKE Key Recovery protocols have been proposed. In this thesis, problems of WAKE Key Recovery protocols proposed so far are analyzed and new WAKE Key Recovery protocol is suggested to solve those problems.

• Journal of Digital Convergence
• /
• v.10 no.6
• /
• pp.247-251
• /
• 2012

Tree-based Group Diffie-Hellman (TGDH) is one of the efficient group key agreement protocols to generate the GK. TGDH assumes all members have an equal computing power. As one of the characteristics of distributed computing is heterogeneity, the member can be at a workstation, a laptop or even a mobile computer. Therefore, the group member sequence should be reordered in terms of the member's computing power to improve performance. This research proposes a reordering of members in the group key generation tree to enhance the efficiency of the group key generation.

• Proceedings of the Korean Institute of Navigation and Port Research Conference
• /
• 1999.10a
• /
• pp.163-175
• /
• 1999

As the size and complexity of network increase, Distributed Systems Management (DSM) will be significant issue within information network in order to increase the high reliability and to improve the flexibility of network management. The OSI management model has several problems. The key problems are that it does not fully address the problems of how to develop communication protocol in support of DSM, and how to classify the management connection criteria. In this paper, to solve first problem described above, this paper propose the connectionless CMIP(Common Management Information Protocol) to accomplish for effectively managing the distributed management system, and indicate its efficiency; this protocol is available to negotiate among the managing systems, handle the dynamic information. To work out second problem, we introduce the connection criteria in the hierarchy of management systems, and finally evaluate the efficiency of a suggested protocol during cooperative negotiation among the managing systems.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.4
• /
• pp.69-78
• /
• 2008

We propose to analyze a weakness of quantum key distribution and quantum authentication which use entangled state were proposed by Bao-sen Shi(2001) and to improve the security of the protocol. The existing protocol had a weakness against an impersonation attack of an eavesdropper, because of a only process which authenticated a third party(Center) by users. In this paper, we propose improving the security of the protocol that authenticates users by a third party using check mode which applies CHSH inequality.

• Journal of Internet Computing and Services
• /
• v.11 no.6
• /
• pp.87-110
• /
• 2010

Recently competitive Korean companies are suffered from financial loss due to illegal exposure of their own proprietary know-how secrets, since it is difficult to watch hidden illegal channels to leak them due to their digitalization. Today the DRM-based system designed to protect such secrets is insufficient to prevent it, since DRM-based protection system cannot defend the intelligent robbery of secrets, in special, employee's robbery. The MSEC is much appropriate to secure secrets against employee's robbery. Our paper notes that IGMP, MSEC and SNMP can work easily together to realize secure system that satisfy strong security condition for prevention from leaking secrets. Since the previous research was on the architectural design for prevention of illegal exposure, this paper proposes the efficient protocol based on MSEC protocol. Our protocol satisfies the strong security conditions that the principles that the secret should be stored/distributed only in an encrypted shape, and should be separated physically from its encryption key, and should be carried in registered mobile storage separate from its processing device, and should be verified in terms of both user and device. Thus this paper proposes both the protocol for secret document distribution and its group key management.