• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.14 no.2
• /
• pp.15-22
• /
• 2004

For an ElGamal-type signature scheme using a generate g of order q, it has been well-known that the message nonce should be chosen randomly in the interval (0, q-1) for each message to be signed. In (2), H. Kuwakado and H. Tanaka proposed a polynomial time algorithm that gives the private key of the signer if two signatures with message nonces 0＜$k_1$, $k_2$$\leq$Ο(equation omitted) are available. Recently, R. Gallant, R. Lambert, and S. Vanstone suggested a method to improve the efficiency of elliptic curve crytosystem using integer decomposition. In this paper, by applying the integer decomposition method to the algorithm proposed by Kuwakado and Tanaka, we extend the algorithm to work in the case when ｜$k_1$ ｜,｜$k_2$, ｜$\leq$Ο(equation mitted) and improve the efficiency and completeness of the algorithm.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.9 no.1
• /
• pp.181-187
• /
• 2005

This paper proposes and implements a service model to transfer messages safely for PDA on CDMA wireless network and a secure massage transfer protocol which considers characteristics of PDA. Proposed service uses SMS(Short Message Service) connect to a off-line client device with the wired network for data communication. After receiving SMS message, client device processes the SMS message and creates a data channel through RAS(Remote Access Service), then the data of the server can be pushed to clients. The implemented security protocol can provide safe data transmission on each communication line through two way channels(SMS and data). Also, by using security nonce table, this protocol can reduce a number of transmissions for exchanging a safe session key, so intensity of encryption can be increased.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.20 no.4
• /
• pp.747-754
• /
• 2016

DHCP(Dynamic Host Configuration Protocol) is a protocol for efficiency and convenience of the IP address management. DHCP automatically assigns an IP address and configuration information needed to run the TCP/IP communication to individual host in the network. However, existing DHCP is vulnerable for network attack such as DHCP spoofing, release attack because there is no mutual authentication systems between server and client. To solve this problem, we have designed a new DHCP protocol supporting the following features: First, ECDH(Elliptic Curve Diffie-Hellman) is used to create session key and ECDSA(Elliptic Curve Digital Signature Algorithm) is used for mutual authentication between server and client. Also this protocol ensures integrity of message by adding a HMAC(Hash-based Message Authentication Code) on the message. And replay attacks can be prevented by using a Nonce. As a result, The receiver can prevent the network attack by discarding the received message from unauthorized host.

• Journal of Korean Society for Quality Management
• /
• v.49 no.4
• /
• pp.527-537
• /
• 2021

Purpose: The purpose of this study was to suggest an improved version of Proof-of-Nonce (PoN) algorithm, which is a distributed consensus algorithm used for block chain system. Methods: First, we used response surface method for design of experiment that is to generate experimental points considering non-linear relationship among variables. Then, we employed overlapped contour plots for visualizing the impact of control variables to performance target. Results: First, we modified the consensus procedure of the existing PoN algorithm by diminishing the content of the exchanged message. Then, we verified the performance improvement of the new PoN algorithm by performing a numerical experiment and paired t-test. Finally, we established new regression models for consensus time and Transactions per second (TPS) and proposed a method for optimizing control variables for obtaining performance target. Conclusion: We could improve the performance of the previous version of PoN algorithm by modifying the content of the exchanged message during 4-steps of consensus procedure, which might be a stepping stone for designing an efficient and effective consensus algorithm for blockchain system with dynamic operation environment.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.11 no.7
• /
• pp.3608-3628
• /
• 2017

Several block cipher modes of operation have been proposed in the literature to protect sensitive information. However, different security analysis models have been presented for attacking them. The analysis indicated that most of the current modes of operation are vulnerable to several attacks such as known plaintext and chosen plaintext/cipher-text attacks. Therefore, this paper proposes a secure block cipher mode of operation to thwart such attacks. In general, the proposed mode combines one-time chain keys with each plaintext before its encryption. The challenge of the proposed mode is the generation of the chain keys. The proposed mode employs the logistic map together with a nonce to dynamically generate a unique set of chain keys for every plaintext. Utilizing the logistic map assures the dynamic behavior while employing the nonce guarantees the uniqueness of the chain keys even if the same message is encrypted again. In this way, the proposed mode called SPCBC can resist the most powerful attacks including the known plaintext and chosen plaintext/cipher-text attacks. In addition, the SPCBC mode improves encryption time performance through supporting parallelized implementation. Finally, the security analysis and experimental results demonstrate that the proposed mode is robust compared to the current modes of operation.

• The Journal of Korea Institute of Information, Electronics, and Communication Technology
• /
• v.9 no.5
• /
• pp.439-444
• /
• 2016

This paper proposes the technique to protect the privacy of those who uses Smart Tourism Service based on location. The proposed privacy protection technique (1) generates a shared private key, OTK(One Time Key) without information exchanging Users with a Tourism Server and provides Users and a Tourism Server with message confidentiality by encrypting data with the key, (2) concatenates users' ID, login time(timestamp), and randomly-generated nonce, generates OTK by hashing with a hash function, encrypts users' location information and query by using the operation of OTK and XOR and provides Users and a Tourism Server with message confidentiality by sending the encrypted result. (3) protects a message replay attack by adding OTK and timestamp. Therefore, this paper not only provides data confidentiality and users' privacy protection but also guarantees the safety of location information and behavior pattern data.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.32 no.12B
• /
• pp.750-757
• /
• 2007

This paper analyzes spam threats and proposes key exchange scheme for user authentication and SDP encryption to protect potential spam threats in SIP-based VoIP services. The existing HTTP digest authentication scheme exchanges many message because challenge is sent for every establishment of the session and doesn't provide a confidentiality of SDP. To protect SPIT, our scheme exchanges initial nonce and a session master key for authentication and SDP encryption during registration. In our scheme, the challenge and response procedure is not necessary and the communication overhead is much less than applying S/MIME or TLS.

• Journal of Korea Multimedia Society
• /
• v.15 no.8
• /
• pp.1048-1058
• /
• 2012

This paper proposes the DDMPF(Distributed Data Management Protocol using FAT) which prevents data loss and keeps the security of self-organized storages by comprising a client, a storage server, and a verification server in clouding environment. The DDMPF builds a self-organized storage server, solves data loss by decentralizing the partitioned data in it in contrast to the centralized problem and the data loss caused by the storage server problems of existing clouding storages, and improves the efficiency of distributed data management with FAT(File Allocation Table). And, the DDMPF improves the reliability of data by a verification server's verifying the data integrity of a storage server, and strengthens the security in double encryption with a client's private key and the system's master key using EC-DH algorithm. Additionally, the DDMPF limits the number of verification servers and detects the flooding attack by setting the TS(Time Stamp) for a verification request message and the replay attack by using the nonce value generated newly, whenever the verification is requested.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.13 no.8
• /
• pp.4060-4075
• /
• 2019

ACORN is an authenticated encryption algorithm proposed as a candidate in the currently ongoing CAESAR competition. ACORN has a good performance on security and efficiency which has been a third-round candidate. This paper mainly concentrates on the security of ACORN under the forgery attack and the non-repudiation of ACORN. Firstly, we analyze the differential properties of the feedback function in ACRON are analyzed. By taking advantage of these properties, the forgery attacks on round-reduced ACORN are proposed with a success probability higher than $2^{-128}$ when the number of finalization rounds is less than 87. Moreover, the non-repudiation of ACRON in the nonce-reuse setting is analyzed. The known collision can be used to deny the authenticated message with probability $2^{-120}$. This paper demonstrates that ACORN cannot generate the non-repudiation completely. We believe it is an undesirable property indeed.

• Journal of Korea Society of Industrial Information Systems
• /
• v.14 no.2
• /
• pp.81-85
• /
• 2009

In VANET, it is required one-way broadcast transmission because vehicles move at high speed and warning messages need to broadcast. our protocol employs digital signatures to authenticate nodes along the path. this prevents impersonation attacks and message modification attacks. our protocol also employs the node list to recognize intermediate nodes of the path. The node list, the time, and the nonce can prevent replay attacks.