• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제10권3호
• /
• pp.1212-1228
• /
• 2016

Secure communication is an important aspect of today's interconnected environments and it can be achieved by the use of cryptographic algorithms and protocols. However, many existing cryptographic mechanisms are tightly integrated into communication protocols. Issues emerge when security vulnerabilities are discovered in cryptographic mechanisms because their replacement would eventually require replacing deployed protocols. The concept of cryptographic agility is the solution to these issues because it allows dynamic switching of cryptographic algorithms and keys prior to and during the communication. Most of today's secure protocols implement cryptographic agility (IPsec, SSL/TLS, SSH), but cryptographic agility mechanisms cannot be used in a standalone manner. In order to deal with the aforementioned limitations, we propose a lightweight cryptographically agile agreement model, which is formally verified. We also present a solution in the Agile Cryptographic Agreement Protocol (ACAP) that can be adapted on various network layers, architectures and devices. The proposed solution is able to provide existing and new communication protocols with secure communication prerequisites in a straightforward way without adding substantial communication overhead. Furthermore, it can be used between previously unknown parties in an opportunistic environment. The proposed model is formally verified, followed by a comprehensive discussion about security considerations. A prototype implementation of the proposed model is demonstrated and evaluated.

• 한국정보과학회논문지:정보통신
• /
• 제31권2호
• /
• pp.179-187
• /
• 2004

대칭형 패스워드 기반의 인증 및 키교환 프로토콜은 비대칭형 프로토콜보다 설계, 분석, 효율면에서 더 좋은 성질을 가진다. 하지만, 인증 서버가 공격당하는 경우 대칭형 인증 프로토콜은 쉽게 사용자의 패스워드가 노출된다. 비대칭형의 안전성 증명을 가지는 PAK-X나 SNAPI-X같은 프로토콜이 제안되었지만, Diffie-Hellman 키교환에 비해 많은 연산을 필요로 하고 있다. 이 논문에서는 패스워드 기반의 대칭형 인중 및 키교환 프로토콜을 비대칭형 프로토콜로 변환하는 효율적인 방법을 제시한다.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제7권12호
• /
• pp.3244-3260
• /
• 2013

A three-party password-based authenticated key exchange (PAKE) protocol allows two clients registered with a trusted server to generate a common cryptographic key from their individual passwords shared only with the server. A key requirement for three-party PAKE protocols is to prevent an adversary from mounting a dictionary attack. This requirement must be met even when the adversary is a malicious (registered) client who can set up normal protocol sessions with other clients. This work revisits three existing three-party PAKE protocols, namely, Guo et al.'s (2008) protocol, Huang's (2009) protocol, and Lee and Hwang's (2010) protocol, and demonstrates that these protocols are not secure against offline and/or (undetectable) online dictionary attacks in the presence of a malicious client. The offline dictionary attack we present against Guo et al.'s protocol also applies to other similar protocols including Lee and Hwang's protocol. We conclude with some suggestions on how to design a three-party PAKE protocol that is resistant against dictionary attacks.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제4권5호
• /
• pp.776-796
• /
• 2010

Integrated RFID-WSNs (wireless sensor networks) have recently been researched to provide object identities, sensing information, mobile service, and network functionalities. In integrated RFID-WSNs, the reader collision is one of the critical problems. Above all, due to the absence of universally applicable anti-collision protocols and the channel capture phenomenon, the medium access control protocols in integrated RFID-WSNs suffer from reader collision and starvation problems. In this paper, we propose an efficient MAC protocol, called EMP, to avoid the above problems in integrated RFID-WSNs. EMP is a CSMA-based MAC protocol which is compatible with sensor networks operating on integrated nodes which consist of an RFID reader and a senor node. EMP resolves not only the reader collision problem, but also the starvation problem using a power control mechanism. To verify the performance of EMP, we compared it with other anti-reader collision MAC protocols using simulations. As a result, the performance of EMP showed improvements in throughput, system efficiency, and energy consumption compared to the single data channel protocols (CSMA/CA, Pulse, and DiCa) in dense deployment environments.

• 한국정보전자통신기술학회논문지
• /
• 제8권6호
• /
• pp.520-527
• /
• 2015

ETSI(European Telecommunications Standards Institute) EN 301 790에서는 광대역 위성망에서 제공되어야 할 두 가지 보안 서비스를 기술하고 있는데, 하나는 사용자(개체) 인증 서비스이고, 다른 하나는 사용자들 간의 데이터의 흐름이나 사용자와 관리자간의 데이터의 흐름을 악의적으로 공격하여 허락되지 않도록 불법적인 접근으로부터 데이터를 보호하는 기밀성 서비스이다. 특히, 기밀성 서비스를 제공하기 위해 ETSI에서는 NCC(Network Control Centre)와 RCST(Return Channel Satellite Terminal) 사이에 Main Key Exchange, Quick Key Exchange, 그리고 Explicit Key Exchange 세 가지 키 교환 프로토콜을 제시하고 있다. 본 논문에서는 ETSI 표준의 키 교환 프로토콜을 분석하고, 성능 분석과 성능 평가를 통하여 키 교환 프로토콜의 효율성과 장단점을 분석한다.

• 한국산업정보학회논문지
• /
• 제10권2호
• /
• pp.59-66
• /
• 2005

최근에 Ku와 Chen(Ku-Chen)은 기존에 Chien등이 제안한 스마트카드를 이용한 효율적인 패스워드 기반의 원격 사용자 인증 프로토콜의 문제점을 보이고 해결책을 제시하였다. 본 논문에서는 Ku-Chen의 프로토콜 역시 재 전송 공격들에 문제점이 있음을 보이고, 이를 해결하기 위한 두 가지 프로토콜을 제안한다. 먼저, Ku-Chen의 프로토콜에서 존재하는 문제점을 해결하기 위하여 동기화된 타임스탬프(Timestamp)를 이용한 프로토콜을 제안한다. 그리고 타임스탬프에 기반 한 프로토콜이 갖는 궁극적인 문제점을 해결하기 위하여 난수에 기반 한 프로토콜을 제안한다. 본 논문에서 제안한 프로토콜들은 기존의 패스워드 기반의 인증 프로토콜의 장점을 유지하면서 이 방식의 문제점들을 효율적으로 해결한다.

• Journal of Communications and Networks
• /
• 제18권3호
• /
• pp.502-512
• /
• 2016

The wireless carrier sense multiple access with collision detection (WCSMA/CD) and carrier sense multiple access with collision resolution (CSMA/CR) protocols are considered representative distributed collision detection protocols for fully connected dense wireless local area networks. These protocols identify collisions through additional short-sensing within a collision detection (CD) period after the start of data transmission. In this study, we analyze their throughput numerically and show that the throughput has a trade-off that accords with the length of the CD period. Consequently, we obtain the optimal length of the CD period that maximizes the throughput as a closed-form solution. Analysis and simulation results show that the throughput of distributed collision detection protocols is considerably improved when the optimal CD period is allocated according to the number of stations and the length of the transmitted packet.

• Journal of Communications and Networks
• /
• 제18권3호
• /
• pp.351-363
• /
• 2016

This paper investigates the performance of interference-limited two-way transmission protocols in the Rayleigh fading channels. New lower bound of outage probability and approximate expression of bit error rate (BER) for three-phase two-way relaying (3P-TWR) protocol are derived in closed-form. These expressions are valid for arbitrary signal-to-noise ratio values, numbers of co-channel interferers and amajority of modulation formats employed in the practical system. Then a comparative study is developed for the performance of three two-way transmission protocols, i.e., direct transmission (DT) protocol, two-phase two-way relaying (2P-TWR) protocol and 3P-TWR protocol based on the asymptotic expressions of outage probability and BER. On the basis of the theoretical results, the thresholds on the strength (variance) of direct channel and target rate for the relative performance of different protocols are obtained and the effect of interferences at the terminal and relay on the relative performance is analyzed. The results present key insights on how to choose proper two-way transmission protocol with the knowledge of fading channels, required date rate and modulation format to optimize the system performance in the practical interference-limited scenarios. Simulation results are presented to validate the theoretical analysis.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제6권12호
• /
• pp.3152-3165
• /
• 2012

Wireless sensor networks (WSN) often employ asynchronous MAC scheduling, which allows each sensor node to wake up independently without synchronizing with its neighbor nodes. However, this asynchronous scheduling may not deal with collisions due to hidden terminals effectively. Although most of the existing asynchronous protocols exploit a random back-off technique to resolve collisions, the random back-off cannot secure a receiver from potentially repetitive collisions and may lead to a substantial increase in the packet latency. In this paper, we propose a new collision resolution algorithm called Transient Coordinator (TC) for asynchronous WSN MAC protocols. TC resolves a collision on demand by ordering senders' transmissions when a receiver detects a collision. To coordinate the transmission sequence both the receiver and the collided senders perform handshaking to collect the information and to derive a collision-free transmission sequence, which enables each sender to exclusively access the channel. According to the simulation results, our scheme can improve the average per-node throughput by up to 19.4% while it also reduces unnecessary energy consumption due to repetitive collisions by as much as 91.1% compared to the conventional asynchronous MAC protocols. This demonstrates that TC is more efficient in terms of performance, resource utilization, and energy compared to the random back-off scheme in dealing with collisions for asynchronous WSN MAC scheduling.

• International Journal of Computer Science & Network Security
• /
• 제21권8호
• /
• pp.342-352
• /
• 2021

Multicast Routings is a big challenge due to limitations such as node power and bandwidth Mobile Ad-hoc Network (MANET). The path to be chosen from the source to the destination node requires protocols. Multicast protocols support group-oriented operations in a bandwidth-efficient way. While several protocols for multi-cast MANETs have been evolved, security remains a challenging problem. Consequently, MANET is required for high quality of service measures (QoS) such infrastructure and application to be identified. The goal of a MANETs QoS-aware protocol is to discover more optimal pathways between the network source/destination nodes and hence the QoS demands. It works by employing the optimization method to pick the route path with the emphasis on several QoS metrics. In this paper safe routing is guaranteed using the Secured Multicast Routing offered in MANET by utilizing the Ant Colony Optimization (ACO) technique to integrate the QOS-conscious route setup into the route selection. This implies that only the data transmission may select the way to meet the QoS limitations from source to destination. Furthermore, the track reliability is considered when selecting the best path between the source and destination nodes. For the optimization of the best path and its performance, the optimized algorithm called the micro artificial bee colony approach is chosen about the probabilistic ant routing technique.