• Journal of Korea Multimedia Society
• /
• v.20 no.4
• /
• pp.614-628
• /
• 2017

Recently, Due to the rapid development of the internet and IT technology, users can conveniently use various services provided by the server anytime and anywhere. However, these technologies are exposed to various security threat such as tampering, eavesdropping, and exposing of user's identity and location information. In 2016, Nikooghadam et al. proposed a lightweight authentication and key agreement protocol preserving user anonymity. This paper overcomes the vulnerability of Nikooghadam's authentication protocol proposed recently. This paper suggests an enhanced remote user authentication protocol that protects user's password and provides perfect forward secrecy.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.28 no.1B
• /
• pp.1-10
• /
• 2003

An EPON which is going on standardization in IEEE 802.3ah, is tree topology consists of a OLT and multiple ONU using passive optical components, so this network is susceptible to variable security threats - eavesdropping, masquerading, denial of service and so on. In this paper, we design a security protocol supporting authentication and confidentiality services in MAC layer in order to prevent these security threats and to guarantee secure data exchange The designed security protocol introduce public-key based authentication and key management protocols for efficient key management, and choose Rijndael algorithm, which is recent standard of AES, to provide the confidentiality of EPON Proposed authentication and key management protocols perform authentication and public-key exchange at a time, and are secure protocols using derived common cipher key by exchanging public random number To implement the designed security protocol, we propose the procedures of authentication and public-key exchange, session key update, key recovery. This proposed protocol is verified using unknown session key, forward secrecy, unknown key-share, key-compromise impersonation.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.31 no.11C
• /
• pp.1023-1029
• /
• 2006

In this Paper, we present a novel authentication and key exchange(AKE) protocol for inter-NSP(provider) roaming in IEEE 802.16e networks. The proposed protocol allows performing both user and device authentication jointly by using two different authentication credentials and Provides user anonymity and session key establishment. Also, this protocol requires only two round number message exchange between foreign network and home network.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.11 no.8
• /
• pp.4025-4042
• /
• 2017

Session initiation protocol (SIP) is a kind of powerful and common protocols applied for the voice over internet protocol. The security and efficiency are two urgent requirements and admired properties of SIP. Recently, Hamed et al. proposed an efficient authentication and key agreement scheme for SIP. However, we demonstrate that Hamed et al.'s scheme is vulnerable to de-synchronization attack and cannot provide anonymity for users. Furthermore, we propose an improved and efficient authentication and key agreement scheme by using elliptic curve cryptosystem. Besides, we prove that the proposed scheme is provably secure by using secure formal proof based on Burrows-Abadi-Needham logic. The comparison with the relevant schemes shows that our proposed scheme has lower computation costs and can provide stronger security.

• Journal of Internet Computing and Services
• /
• v.9 no.2
• /
• pp.83-88
• /
• 2008

Session initiation protocol (SIP) is an application-layer prolocol to initiate and control multimedia client session. When client ask to use a SIP service, they need to be authenticated in order to get service from the server. Authentication in a SIP application is the process in which a client agent present credentials to another SIP element to establish a session or be granted access to the network service. In 2005, Yang et al. proposed a key exchange and authentication scheme for use in SIP applications, which is based on the Diffie-Hellman protocol. But, Yang et al.'s scheme is not suitable for the hardware-limited client and severs, since it requires the protocol participant to perform significant amount of computations (i.e., four modular exponentiations). Based on this observation. Huang and Wei have recently proposed a new efficient key exchange and authentication scheme thor improves on Yang et al.'s scheme. As for security, Huang and Wei claimed, among others, that their scheme is resistant to offline dictionary attacks. However, the claim turned out to be untrue. In this paper, we show thor Huang and Wei's key exchange and authentication scheme is vulnerable to on offline dictionary attack and forward secrecy.

• Journal of the Korea Society of Computer and Information
• /
• v.17 no.4
• /
• pp.91-98
• /
• 2012

A group key exchange (GKE) protocol is designed to allow a group of parties communicating over a public network to establish a common secret key. As group-oriented applications gain popularity over the Internet, a number of GKE protocols have been suggested to provide those applications with a secure multicast channel. Among the many protocols is Yi et al.'s password-based GKE protocol in which each participant is assumed to hold their individual password registered with a trusted server. A fundamental requirement for password-based key exchange is security against off-line dictionary attacks. However, Yi et al.'s protocol fails to meet the requirement. In this paper, we report this security problem with Yi et al.'s protocol and show how to solve it.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.11 no.4
• /
• pp.1301-1306
• /
• 2010

The protocol based on password have very important qualifications that not only satisfy against attacks cause of restricting that have, but also efficiency of reducing users' workload. It has a problem of speculative attacks for the user authentication protocol based on password with most case, because users use password that can remember easily. Song and Etc. have proposed new mechanism that improved the problem of S/KEY system. The protocol proposed by Song has a problem in registration process, and user information can be abused by the malevolent server. We propose a new authentication protocol based on efficient OPT, that improved above problems.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.5
• /
• pp.1035-1045
• /
• 2018

Recently, with the development of IT technology, authentication methods of users using cloud services have been diversified. However, research on providing authentication information of a user using a cloud service securely according to authority has not been make until now. In this paper, we propose a key establishment protocol which can perform split authentication using secret key and access control key according to the role authority of user in Intra cloud environment. The proposed protocol generates the access control key and secret key of the user by using the attributes of the user and the generated random number($t_1$, $t_2$), and classifies the roles according to the user's authority after generating the key. Unnecessary operation processes can be reduced. As a result of the performance evaluation, the proposed protocol guarantees the security against various type of attacks that may occur in the cloud environment because the user is authenticated by dividing the access control key and secret key. The size of the ciphertext used to establish the key could be reduced by ${\sum}+1$ more than the existing protocol.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.7 no.8
• /
• pp.2061-2080
• /
• 2013

Roaming authentication protocol is widely used in wireless network which can enable a seamless service for the mobile users. However, the classical approach requires the home server's participation during the authentication between the mobile user and the foreign server. So the more the roaming requests are performed the heavier burden will be on the home server. In this paper, we propose a new roaming authentication framework for wireless communication without the home server's participation. The new roaming authentication protocol in the new framework takes advantage of the ID-based cryptography and provides user anonymity. It has good performance compared with the roaming authentication protocols whose authentication do not need the home server's participation in terms of security and computation costs. Moreover, a new User-to-User authentication protocol in the new framework is also present. All the authentications proposed in this paper can be regarded as a common construction and can be applied to various kinds of wireless networks such as Cellular Networks, Wireless Mesh Networks and Vehicle Networks.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.38C no.7
• /
• pp.595-604
• /
• 2013

Devising a secure authenticated key agreement (AKA) protocol for two entities communicating over an open network is a matter of current research. McCullagh et al. proposed a new two-party identity-based AKA protocol supporting both key escrow and key escrow-less property instantiated by either in a single domain or over two distinct domains. In this paper, we show that their protocol over two distinct domains suffers from masquerading attack and therefore does not satisfy the claimed security. The attack is made possible due to the lack of sufficient authentication of entity and integrity assurance in the protocol. We then propose an efficient verifiable key agreement protocol by including signature primitive in the authentication procedure to solve the problem of McCullagh et al.'s protocol.