• 제목/요약/키워드: Key management Protocol

검색결과 301건 처리시간 0.024초

Secure Key Management Protocol in the Wireless Sensor Network

  • Jeong, Yoon-Su;Lee, Sang-Ho
    • Journal of Information Processing Systems
    • /
    • 제2권1호
    • /
    • pp.48-51
    • /
    • 2006
  • To achieve security in wireless sensor networks (WSN), it is important to be able to encrypt messages sent among sensor nodes. We propose a new cryptographic key management protocol, which is based on the clustering scheme but does not depend on the probabilistic key. The protocol can increase the efficiency to manage keys since, before distributing the keys by bootstrap, the use of public keys shared among nodes can eliminate the processes to send or to receive keys among the sensors. Also, to find any compromised nodes safely on the network, it solves safety problems by applying the functions of a lightweight attack-detection mechanism.

MKIPS: MKI-based protocol steganography method in SRTP

  • Alishavandi, Amir Mahmoud;Fakhredanesh, Mohammad
    • ETRI Journal
    • /
    • 제43권3호
    • /
    • pp.561-570
    • /
    • 2021
  • This paper presents master key identifier based protocol steganography (MKIPS), a new approach toward creating a covert channel within the Secure Real-time Transfer Protocol, also known as SRTP. This can be achieved using the ability of the sender of Voice-over-Internet Protocol packets to select a master key from a pre-shared list of available cryptographic keys. This list is handed to the SRTP sender and receiver by an external key management protocol during session initiation. In this work, by intelligent utilization of the master key identifier field in the SRTP packet creation process, a covert channel is created. The proposed covert channel can reach a relatively high transfer rate, and its capacity may vary based on the underlying SRTP channel properties. In comparison to existing data embedding methods in SRTP, MKIPS can convey a secret message without adding to the traffic overhead of the channel and packet loss in the destination. Additionally, the proposed covert channel is as robust as its underlying user datagram protocol channel.

블록체인 기반 가상자산 관리를 위한 (1,3) 분산키의 비신뢰 기반 안전한 분산 복구 프로토콜 (Secure Recovery Protocol of (1,3) Distributed Key Share with Trustless Setup for Asset Management in Blockchain)

  • 배경일;박준후;류재철
    • 정보보호학회논문지
    • /
    • 제31권5호
    • /
    • pp.863-874
    • /
    • 2021
  • 비신뢰 기반 분산키 생성은 다수의 참여자가 개인키를 모르는 상태에서 개인키의 샤미르 비밀 공유를 공동 생성하는 프로토콜이다. 또한 이를 임계값 서명으로 확장할 경우 개인키를 복원하지 않고도 다수 참여자간의 암호 프로토콜을 통해서 디지털 서명을 생성할 수 있도록 한다. 본 연구는 활용성이 높은 (1,3) 샤미르 비밀 공유 구조에서 한 공유 값을 분실할 경우 동일한 개인키에 대한 전체 공유 값을 비신뢰 기반으로 재생성해서 공유 구조를 복구하는 프로토콜을 제안한다. 제안 프로토콜은 정확성과 기밀성 측면에서 분산키 생성과 동일한 보안 요건을 갖춘다. 블록체인 기반 가상자산 관리에 적용할 경우 안전한 개인키 관리와 서명 권한의 위임 및 불능화를 가능하게 한다.

A Fair-Exchange E-Payment Protocol For Digital Products With Customer Unlinkability

  • Yen, Yi-Chung;Wu, Tzong-Chen;Lo, Nai-Wei;Tsai, Kuo-Yu
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • 제6권11호
    • /
    • pp.2956-2979
    • /
    • 2012
  • Along with the development of Information Technology, online transactions through Internet have become more popular for the reasons of convenience and efficiency. In order to provide secure and reliable online transactions, an effective electronic payment protocol is crucial. In this paper, we propose a novel electronic payment protocol for digital product transactions with an offline arbiter to achieve fair exchange, automated dispute resolution, customer anonymity, and customer unlinkability. In our protocol a product token is adopted to eliminate the need of key management for digital product decryption in the offline arbiter. In addition, Elliptic Curve Cryptography (ECC)-based self-certified public key is utilized to further reduce computing overheads. According to our analysis, the efficiency of our protocol can be greatly increased in comparison with previous literatures.

APPLICATION OF $(\upsilon,\kappa,\lambda)$-CONFIGURATION TO GENERATION OF A CONFERENCE KEY

  • Chung, Il-Yong
    • Journal of applied mathematics & informatics
    • /
    • 제8권2호
    • /
    • pp.531-537
    • /
    • 2001
  • In order for all participants at video conference to communicate mutually, the conference key should be necessary. In this paper, we present the communication protocol that generates a conference key efficiently based on $(\upsilon,\kappa,\lambda)$-configuration, one class of block designs, which minimizes message transmission overhead needed for this key. Especially, in the case of ${\lambda}=1$, the protocol requires only $O(\sqrt[v]{v})$ messages, where v is the number of participants.

안전한 XML 웹 서비스를 위한 키 정보 서비스 프로토콜에 관한 연구 (A Study on Key Information Service Protocol for Secure XML Web Service)

  • 박남제;문기영;손승원
    • 정보처리학회논문지C
    • /
    • 제10C권6호
    • /
    • pp.769-778
    • /
    • 2003
  • XML 보안 명세 중 하나인 XML 키 관리 명세(XKMS)는 다양하고 복잡한 기능의 웹 서비스 애플리케이션에서 XML 문서의 서명을 검증하거나 암호화하는 공개키의 관리를 위한 프로토콜을 정의한다. 본 논문에서는 XML 표준 명세를 준수하는 XML 키 정보 프로토콜 서비스 모델을 제시하고, 표준에 근거한 프로토콜 컴포넌트의 참조 모델을 구현하였다. 또한 XML 기반 보안서비스 특성에 착안하여 안전한 XML 웹서비스를 위한 키 정보 서비스에 대한 분석과 보안 방안에 대해 기술한다. 프로토콜 컴포넌트는 식별정보가 주어졌을 때, 필요로 하는 공개키 위치와 식별자 정보, 공개키 연결 기능을 제공한다. 구현된 참조 모델은 향후 국내 e-비즈니스 프레임워크 구성 시 표준적인 보안 모델을 구현할 수 있는 지침을 제공할 것이다.

RFID/USN 보안을 위한 프로토콜 설계 (Design of protocol for RFID/USN security)

  • 박상현;박상민;신승호
    • 대한안전경영과학회지
    • /
    • 제9권3호
    • /
    • pp.103-109
    • /
    • 2007
  • Payment and security requirement are playing an increasingly critical role in RFID system, allegedly the core of the ubiquitous, especially in logistics. Therefore, security technology has been playing essential role gradually unlike the past when only the perception of equipment was considered important technology. The current encoding system allows the access only to the user who has the secret key. Many encoding algorithm has been studied to ensure the security of secret key. Security protocol is the most typical way to authorize appropriate user perception by using the data and secret key to proceed the encoding and transmit it to the system in order to confirm the user. However, RFID system which transmits more than dozens of data per second cannot be used if the algorithm and protocol of the existing wired system are used because the performance will degrade as a consequence. Security protocol needs to be designed in consideration of property of RFID and hardware. In this paper, a protocol was designed using SNEP(Sensor Network Encryption Protocol), the security protocol used for the sensor similar to RFID- not the current system used in wired environment- and ECC (Elliptic Curve Cryptography: oval curve encoding), the encoding algorithm.

Practical Password-Authenticated Three-Party Key Exchange

  • Kwon, Jeong-Ok;Jeong, Ik-Rae;Lee, Dong-Hoon
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • 제2권6호
    • /
    • pp.312-332
    • /
    • 2008
  • Password-based authentication key exchange (PAKE) protocols in the literature typically assume a password that is shared between a client and a server. PAKE has been applied in various environments, especially in the “client-server” applications of remotely accessed systems, such as e-banking. With the rapid developments in modern communication environments, such as ad-hoc networks and ubiquitous computing, it is customary to construct a secure peer-to-peer channel, which is quite a different paradigm from existing paradigms. In such a peer-to-peer channel, it would be much more common for users to not share a password with others. In this paper, we consider password-based authentication key exchange in the three-party setting, where two users do not share a password between themselves but only with one server. The users make a session-key by using their different passwords with the help of the server. We propose an efficient password-based authentication key exchange protocol with different passwords that achieves forward secrecy in the standard model. The protocol requires parties to only memorize human-memorable passwords; all other information that is necessary to run the protocol is made public. The protocol is also light-weighted, i.e., it requires only three rounds and four modular exponentiations per user. In fact, this amount of computation and the number of rounds are comparable to the most efficient password-based authentication key exchange protocol in the random-oracle model. The dispensation of random oracles in the protocol does not require the security of any expensive signature schemes or zero-knowlegde proofs.

PCS/SCADA 센서 네트워크용 키 관리 프로토콜에 대한 보안 분석 (A Security Analysis of a Key Management Scheme for PCS/SCADA Sensor Networks)

  • 박동국
    • 디지털산업정보학회논문지
    • /
    • 제5권2호
    • /
    • pp.123-131
    • /
    • 2009
  • Process Control Systems (PCSs) or Supervisory Control and Data Acquisition (SCADA) systems have recently been added to the already wide collection of wireless sensor networks applications. The PCS/SCADA environment is somewhat more amenable to the use of heavy cryptographic mechanisms such as public key cryptography than other sensor application environments. The sensor nodes in the environment, however, are still open to devastating attacks such as node capture, which makes designing a secure key management challenging. Recently, Nilsson et al. proposed a key management scheme for PCS/SCADA, which was claimed to provide forward and backward secrecies. In this paper, we define four different types of adversaries or attackers in wireless sensor network environments in order to facilitate the evaluation of protocol strength. We then analyze Nilsson et al. 's protocol and show that it does not provide forward and backward secrecies against any type of adversary model.