• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.1
• /
• pp.25-31
• /
• 2012

LTE/SAE has presented the handover key management to revoke the compromised keys and to isolate corrupted network devices. In this paper, we identify that the handover key management is vulnerable to de-synchronization attacks, which is jeopardizing the forward secrecy of handover key management. Also, an adversary could prevent the UE from creating the secure link with eNodeB, which is delaying the handover procedure. In this paper, we present a counrermeasure to prevent above attacks, and analyze the performance issues of the proposed protocol.

• Journal of KIISE:Software and Applications
• /
• v.31 no.9
• /
• pp.1218-1225
• /
• 2004

S/KEY system was proposed to guard against intruder's password replay attack. But S/KEY system has vulnerability that if an attacker derive passphrase from his dictionary file, he can acquire one-time password required for user authentication. In this paper, we propose a correct S/KEY system mixed with EKE to solve the problem. Also, we specify a new S/KEY system with Casper and CSP, verify its secrecy and authentication requirements using FDR model checking tool.

• Convergence Security Journal
• /
• v.23 no.4
• /
• pp.43-52
• /
• 2023

Many businesses and organizations use smartcard-based user authentication for remote access. In the meantime, through various studies, dynamic ID-based remote user authentication protocols for distributed multi-server environments have been proposed to protect the connection between users and servers. Among them, Qiu et al. proposed an efficient smart card-based remote user authentication system that provides mutual authentication and key agreement, user anonymity, and resistance to various types of attacks. Later, Andola et al. found various vulnerabilities in the authentication scheme proposed by Qiu et al., and overcame the flaws in their authentication scheme, and whenever the user wants to log in to the server, the user ID is dynamically changed before logging in. An improved authentication protocol is proposed. In this paper, by analyzing the operation process and vulnerabilities of the protocol proposed by Andola et al., it was revealed that the protocol proposed by Andola et al. was vulnerable to offline smart card attack, dos attack, lack of perfect forward secrecy, and session key attack.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.9 no.2
• /
• pp.811-829
• /
• 2015

One-way authenticated key agreement protocols, aiming at solving the problems to establish secure communications over public insecure networks, can achieve one-way authentication of communicating entities for giving a specific user strong anonymity and confidentiality of transmitted data. Public Key Infrastructure can design one-way authenticated key agreement protocols, but it will consume a large amount of computation. Because one-way authenticated key agreement protocols mainly concern on authentication and key agreement, we adopt multi-server architecture to realize these goals. About multi-server architecture, which allow the user to register at the registration center (RC) once and can access all the permitted services provided by the eligible servers. The combination of above-mentioned ideas can lead to a high-practical scheme in the universal client/server architecture. Based on these motivations, the paper firstly proposed a new one-way authenticated key agreement scheme based on multi-server architecture. Compared with the related literatures recently, our proposed scheme can not only own high efficiency and unique functionality, but is also robust to various attacks and achieves perfect forward secrecy. Finally, we give the security proof and the efficiency analysis of our proposed scheme.

• Journal of Korea Multimedia Society
• /
• v.20 no.3
• /
• pp.500-510
• /
• 2017

Recently Lee et al. proposed an improved symmetric key-based remote user authentication scheme to eliminate the security weaknesses of Kumari et al.'s scheme. They hence claimed that their scheme is secure to various well-known attacks. However, we found that Lee et al.'s scheme is still insecure against outsider attack, smart card stolen and off-line password guessing attack. To overcome these security vulnerabilities, we propose an enhanced authentication scheme with key-agreement which is based on the fuzzy-extractor. Furthermore, we prove that the proposed scheme is more secure, and that it serves to gratify all of the required security properties. Finally, we compare the performance and functionality of the proposed scheme with those of previous schemes.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2006.06a
• /
• pp.171-175
• /
• 2006

Diffie-Hellman기반 키 합의 프로토콜들은 비교적 고비용의 연산인 지수연산으로 인해, 유선 네트워크 환경에 비해 저전력이고 컴퓨팅 자원이 제한되어 있는 무선 네트워크 환경에서는 비효율적이고 구현하기 어려운 문제가 있다. 이에 Yang등은 대리서버(Proxy Server)를 이용하여 Diffie-Hellman방식을 적용하면서도 단말 무선 네트워크 사용자의 지수연산부담을 감소시키는 효율적인 키 합의 프로토콜(이하 SEKAP)을 제안하였다. 그러나 SEKAP는 재전송공격(Replay Attack), 알려지지 않은 키 공유 공격(Unknown Key Share Attack), 그리고 키 노출로 인한 위장공격(Key Compromised Impersonation Attack) 등에 취약하며 전방향 안전성(Forward Secrecy)을 제공하지 못한다. 본 논문에서는 SEKAP가 위 공격들에 대해 취약함을 보이고, 세션키의 상호인증을 추가한 개선된 프로토콜을 제안한다.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.11 no.12
• /
• pp.6188-6204
• /
• 2017

Over the years, more password-based authentication key agreement schemes using chaotic maps were susceptible to attack by off-line password guess attack. This work approaches this problem by a new method--new theorem of chaotic maps: $T_{a+b}(X)+T_{a-b}(X)=2T_a(X)T_b(X)$,(a>b). In fact, this method can be used to design two-party, three-party, even in N-party intelligently. For the sake of brevity and readability, only a two-party instance: a novel Two-party Password-Authenticated Key Agreement Protocol is proposed for resisting password guess attack in this work. Compared with the related literatures recently, our proposed scheme can be not only own high efficiency and unique functionality, but is also robust to various attacks and achieves perfect forward secrecy. For capturing improved ratio of security and efficiency intuitively, the paper firstly proposes a new parameter called security/efficiency ratio(S/E Ratio). The higher the value of the S/E Ratio, the better it is. Finally, we give the security proof and the efficiency analysis of our proposed scheme.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.10 no.3
• /
• pp.1289-1310
• /
• 2016

Dynamic ID-based authentication solves the ID-theft problem by changing the ID in each session instead of using a fixed ID while performing authenticated key exchanges between communicating parties. User anonymity is expected to be maintained and the exchanged key kept secret even if one of the long-term keys is compromised in the future. However, in the conventional dynamic ID-based authentication scheme, if the server's long-term key is compromised, user anonymity can be broken or the identities of the users can be traced. In addition, these schemes are vulnerable to replay attacks, in which any adversary who captures the authentication message can retransmit it, and eventually cause the legitimate user to be denied service. This paper proposes a novel dynamic ID-based authentication scheme that preserves forward anonymity as well as forward secrecy and obviates replay attacks.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.10 no.9
• /
• pp.2384-2389
• /
• 2009

In this paper, we propose a lightweight mutual authentication protocol for secure and efficient home network service. Lee et al. recently proposed an attribute-base authentication key agreement protocol using public key in home network. Its protocol provided forward secrecy but don't diminish conspicious overhead of operation using ticket. Therefore the proposed protocol provided the security and efficiency using hash function and counter. Also it can provide secure home network service by check consumer electronics control level of users after created session key.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.11 no.2
• /
• pp.901-923
• /
• 2017

Efficient key distribution and management mechanisms as well as lightweight ciphers are the main pillar for establishing secure wireless sensor networks (WSN). Several symmetric based key distribution protocols are already proposed, but most of them are not scalable, yet vulnerable to a small number of compromised nodes. In this paper, we propose an efficient and scalable key management and distribution framework, named KMMR, for large scale WSNs. The KMMR contributions are three fold. First, it performs lightweight local processes orchestrated into upward and downward tiers. Second, it limits the impact of compromised nodes to only local links. Third, KMMR performs efficient secure node addition and revocation. The security analysis shows that KMMR withstands several known attacks. We implemented KMMR using the NesC language and experimented on Telosb motes. Performance evaluation using the TOSSIM simulator shows that KMMR is scalable, provides an excellent key connectivity and allows a good resilience, yet it ensures both forward and backward secrecy. For a WSN comprising 961 sensor nodes monitoring a 60 hectares agriculture field, KMMR requires around 2.5 seconds to distribute all necessary keys, and attains a key connectivity above 96% and a resilience approaching 100%. Quantitative comparisons to earlier work show that KMMR is more efficient in terms of computational complexity, required storage space and communication overhead.