• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.18 no.3
• /
• pp.801-825
• /
• 2024

For Internet of Things, it is more preferred to have immediate access to environment information from sensor nodes (SNs) rather than from gateway nodes (GWNs). To fulfill the goal, mutual authentication scheme between user and SNs with session key (SK) negotiation is more suitable. However, this is a challenging task due to the constrained power, computation, communication and storage resources of SNs. Though lots of authentication schemes with SK negotiation have been designed to deal with it, they are still insufficiently secure and/or efficient, and some even have serious vulnerabilities. Therefore, we design an efficient secure authentication scheme with session key negotiation (eSAS2KN) for wireless sensor networks (WSNs) utilizing fuzzy extractor technique, hash function and bitwise exclusive-or lightweight operations. In the eSAS2KN, user and SNs are mutually authenticated with anonymity, and an SK is negotiated for their direct and instant communications subsequently. To prove the security of eSAS2KN, we give detailed informal security analysis, carry out logical verification by applying BAN logic, present formal security proof by employing Real-Or-Random (ROR) model, and implement formal security verification by using AVISPA tool. Finally, computation and communication costs comparison show the eSAS2kN is more efficient and secure for practical application.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.10 no.8
• /
• pp.3826-3851
• /
• 2016

With traditional data storage solutions becoming too expensive and cumbersome to support Big Data processing, enterprises are now starting to outsource their data requirements to third parties, such as cloud service providers. However, this outsourced initiative introduces a number of security and privacy concerns. In this paper, homomorphic encryption is suggested as a mechanism to protect the confidentiality and privacy of outsourced data, while at the same time allowing third parties to perform computation on encrypted data. This paper also discusses the challenges of Big Data processing protection and highlights its differences from traditional data protection. Existing works on homomorphic encryption are technically reviewed and compared in terms of their encryption scheme, homomorphism classification, algorithm design, noise management, and security assumption. Finally, this paper discusses the current implementation, challenges, and future direction towards a practical homomorphic encryption scheme for securing outsourced Big Data computation.

• Journal of the Korean Society of Safety
• /
• v.31 no.3
• /
• pp.162-167
• /
• 2016

As the simple empirical and phenomenological model applied to the analysis of leakage and explosion of chemical substances does not regard numerous variables, such as positional density of installations and equipment, turbulence, atmospheric conditions, obstacles, and wind effects, there is a significant gap between actual accident consequence and computation. Therefore, the risk management of a chemical plant based on such a computation surely has low reliability. Since a process plant is required to have outcomes more similar to the actual outcomes to secure highly reliable safety, this study was designed to apply the CFD (computational fluid dynamics) simulation technique to analyze a virtual prediction under numerous variables of leakages and explosions very similarly to reality, in order to review the computation technique of the practical safety distance at a process plant.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.12 no.3
• /
• pp.1315-1329
• /
• 2018

Ciphertext-policy attribute-based encryption (CP-ABE) associates ciphertext with access policies. Only when the user's attributes satisfy the ciphertext's policy, they can be capable to decrypt the ciphertext. Expressivity and security are the two directions for the research of CP-ABE. Most of the existing schemes only consider monotonic access structures are selectively secure, resulting in lower expressivity and lower security. Therefore, fully secure CP-ABE schemes with non-monotonic access structure are desired. In the existing fully secure non-monotonic access structure CP-ABE schemes, the attributes that are set is bounded and a one-use constraint is required by these projects on attributes, and efficiency will be lost. In this paper, to overcome the flaw referred to above, we propose a new fully secure non-monotonic access structure CP-ABE. Our proposition enforces no constraints on the scale of the attributes that are set and permits attributes' unrestricted utilization. Furthermore, the scheme's public parameters are composed of a constant number of group elements. We further compare the performance of our scheme with former non-monotonic access structure ABE schemes. It is shown that our scheme has relatively lower computation cost and stronger security.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 1994.11a
• /
• pp.35-44
• /
• 1994

We propose an undeniable digital signature scheme which is practical since it has less computation and communication overhead than Chaum's one. We expect that this protocol be useful to develop secure systems such as electronic contract system, electronic mail system and electronic cash system.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.8 no.9
• /
• pp.3250-3265
• /
• 2014

Integrated WiMAX and WiFi networks is of great potential for the future due to the wider coverage of WiMAX and the high data transport capacity of WiFi. However, seamless and secure handover (HO) is one of the most challenging issues in this field. In this paper, we present a novel vertical HO authentication scheme with privacy preserving for WiMAX-WiFi heterogeneous networks. Our scheme uses ticket-based and pseudonym-based cryptographic methods to secure HO process and to achieve high efficiency. The formal verification by the AVISPA tool shows that the proposed scheme is secure against various malicious attacks and the simulation result indicates that it outperforms the existing schemes in terms of communication and computation cost.

• ETRI Journal
• /
• v.41 no.4
• /
• pp.465-472
• /
• 2019

The major challenge in wireless body area networks (WBAN) is setting up a protected communication between data consumers and a body area network controller while meeting the security and privacy requirements. This paper proposes efficient and secure data communication in WBANs using a Twofish symmetric algorithm and ciphertext-policy attribute-based encryption with constant size ciphertext; in addition, the proposed scheme incorporates policy updating to update access policies. To the best of the author's knowledge, policy updating in WBAN has not been studied in earlier works. The proposed scheme is evaluated in terms of message size, energy consumption, and computation cost, and the results are compared with those of existing schemes. The result shows that the proposed method can achieve higher efficiency than conventional methods.

• International Journal of Computer Science & Network Security
• /
• v.24 no.6
• /
• pp.41-48
• /
• 2024

Existing PoS (Point of Sale) based payment frameworks are vulnerable as the Payment Application's integrity in the smart phone and PoS are compromised, vulnerable to reverse engineering attacks. In addition to these existing PoS (Point of Sale) based payment frameworks do not perform point-to-point encryption and do not ensure communication security. We propose a Smart and Secure PoS (SSPoS) Framework which overcomes these attacks. Our proposed SSPoS framework ensures point-to-point encryption (P2PE), Application hardening and Application wrapping. SSPoS framework overcomes repackaging attacks. SSPoS framework has very less communication and computation cost. SSPoS framework also addresses Heartbleed vulnerability. SSPoS protocol is successfully verified using Burrows-Abadi-Needham (BAN) logic, so it ensures all the security properties. SSPoS is threat modeled and implemented successfully.

• Journal of applied mathematics & informatics
• /
• v.31 no.3_4
• /
• pp.425-441
• /
• 2013

In literature, several strong designated verifier signature (SDVS) schemes have been devised using elliptic curve bilinear pairing and map-topoint (MTP) hash function. The bilinear pairing requires a super-singular elliptic curve group having large number of elements and the relative computation cost of it is approximately two to three times higher than that of elliptic curve point multiplication, which indicates that bilinear pairing is an expensive operation. Moreover, the MTP function, which maps a user identity into an elliptic curve point, is more expensive than an elliptic curve scalar point multiplication. Hence, the SDVS schemes from bilinear pairing and MTP hash function are not efficient in real environments. Thus, a cost-efficient SDVS scheme using elliptic curve cryptography with pairingfree operation is proposed in this paper that instead of MTP hash function uses a general cryptographic hash function. The security analysis shows that our scheme is secure in the random oracle model with the hardness assumption of CDH problem. In addition, the formal security validation of the proposed scheme is done using AVISPA tool (Automated Validation of Internet Security Protocols and Applications) that demonstrated that our scheme is unforgeable against passive and active attacks. Our scheme also satisfies the different properties of an SDVS scheme including strongness, source hiding, non-transferability and unforgeability. The comparison of our scheme with others are given, which shows that it outperforms in terms of security, computation cost and bandwidth requirement.

• The KIPS Transactions:PartC
• /
• v.12C no.1 s.97
• /
• pp.29-36
• /
• 2005

A key agreement protocol is the most important part to establish a secure cryptographic system and the effort to standardize the key agreement protocols is in rapid progress. Several efficient and secure key agreement protocols have been proposed so far since Diffie-Hellman proposed a public key agreement system in 1976. But, since Diffie-Hellman based key agreement protocols need a lot of computation to establish the session key, they are not suitable for wireless Internet environment. In this paper, we propose the efficient key agreement protocol using Proxy server. The Proposed Protocol gives the security equivalent to that the Diffie-Hellman based Protocol and the computation work of mobile user can be decreased using proxy server.