• Journal of Information Processing Systems
• /
• v.20 no.1
• /
• pp.116-130
• /
• 2024

In the Internet-of-Things (IoT) or blockchain-based network systems, secure keys may be stored in individual devices; thus, individual devices should protect data by performing secure operations on the data transmitted and received over networks. Typically, secure functions, such as a physical unclonable function (PUF) and fully homomorphic encryption (FHE), are useful for generating safe keys and distributing data in a network. However, to provide these functions in embedded devices for IoT or blockchain systems, proper inspection is required for designing and implementing embedded system-on-chip (SoC) modules through overhead and performance analysis. In this paper, a virtual platform (SoC VP) was developed that includes a secure key generation module with a PUF and FHE. The SoC VP platform was implemented using SystemC, which enables the execution and verification of various aspects of the secure key generation module at the electronic system level and analyzes the system-level execution time, memory footprint, and performance, such as randomness and uniqueness. We experimentally verified the secure key generation module, and estimated the execution of the PUF key and FHE encryption based on the unit time of each module.

• ETRI Journal
• /
• v.37 no.4
• /
• pp.696-706
• /
• 2015

This paper presents an achievable secure videoconferencing system based on quantum key encryption in which key management can be directly applied and embedded in a server/client videoconferencing model using, for example, OpenMeeting. A secure key management methodology is proposed to ensure both a trusted quantum network and a secure videoconferencing system. The proposed methodology presents architecture on how to share secret keys between key management servers and distant parties in a secure domain without transmitting any secrets over insecure channels. The advantages of the proposed secure key management methodology overcome the limitations of quantum point-to-point key sharing by simultaneously distributing keys to multiple users; thus, it makes quantum cryptography a more practical and secure solution. The time required for the encryption and decryption may cause a few seconds delay in video transmission, but this proposed method protects against adversary attacks.

• Journal of Convergence Society for SMB
• /
• v.4 no.3
• /
• pp.21-25
• /
• 2014

Group communications are becoming popular in Internet applications such as video conferences, on-line chatting programs, games, and gambling. Secure and efficient group communication is needed for message integration, confidentiality, and system usability. However, the conventional group key agreement protocols are too much focused on minimizing the computational overhead by concentrating on generating the common group key efficiently for secure communication. As a result, the common group key is generated efficiently but a failure in authentication allows adversaries to obtain valuable information during the group communication. After achieving the secure group communication, the secure group communication should generate the group key efficiently and distribute it to group members securely, so the balance of security and system usage must be considered at the same time. Therefore, this research proposes the software architecture model of a secure and efficient group communication that will be imbedded into networking applications.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.5 no.3
• /
• pp.607-625
• /
• 2011

Two-party key exchange protocol is a mechanism in which two parties communicate with each other over an insecure channel and output the same session key. A key exchange protocol that is secure against an active adversary who can control and modify the exchanged messages is called authenticated key exchange (AKE) protocol. LaMacchia, Lauter and Mityagin presented a strong security definition for public key infrastructure (PKI) based two-pass protocol, which we call the extended Canetti-Krawczyk (eCK) security model, and some researchers have provided eCK-secure AKE protocols in recent years. However, almost all protocols are provably secure in the random oracle model or rely on a special implementation technique so-called the NAXOS trick. In this paper, we present a PKI-based two-pass AKE protocol that is secure in the eCK security model. The security of the proposed protocol is proven without random oracles (under three assumptions), and does not rely on implementation techniques such as the NAXOS trick.

• 한국정보통신설비학회:학술대회논문집
• /
• 2008.08a
• /
• pp.556-558
• /
• 2008

Secure broadcasting is requirement for payment of TV systems, government or company. Hierarchical key management for access control provides efficient key management in those environment. Also, time-bound hierarchical key management technique generates different keys in each time period. In 2004, Tzeng proposed a time-bound cryptgraphic key assignment scheme for access control in a hierarchy and in 2008, Bertino et al proposed an efficient time-bound hierarchical key management scheme for secure broadcasting. Tzeng's scheme and Bertino et al's scheme are organized in different environment and primitive. In this paper, we analysis above two time-bound hierarchical key management scheme.

• International Journal of Computer Science & Network Security
• /
• v.21 no.9
• /
• pp.1-10
• /
• 2021

The Internet of things (IoT) is the main advancement in data processing and communication technologies. In IoT, intelligent devices play an exciting role in wireless communication. Although, sensor nodes are low-cost devices for communication and data gathering. However, sensor nodes are more vulnerable to different security threats because these nodes have continuous access to the internet. Therefore, the multiparty security credential-based key generation mechanism provides effective security against several attacks. The key generation-based methods are implemented at sensor nodes, edge nodes, and also at server nodes for secure communication. The main challenging issue in a collaborative key generation scheme is the extensive multiplication. When the number of parties increased the multiplications are more complex. Thus, the computational cost of batch key and multiparty key-based schemes is high. This paper presents a Secure Multipart Key Distribution scheme (SMKD) that provides secure communication among the nodes by generating a multiparty secure key for communication. In this paper, we provide node authentication and session key generation mechanism among mobile nodes, head nodes, and trusted servers. We analyzed the achievements of the SMKD scheme against SPPDA, PPDAS, and PFDA schemes. Thus, the simulation environment is established by employing an NS 2. Simulation results prove that the performance of SMKD is better in terms of communication cost, computational cost, and energy consumption.

• Journal of information and communication convergence engineering
• /
• v.3 no.3
• /
• pp.163-166
• /
• 2005

The Key exchange protocols are very crucial tools to provide the secure communication in the broadband satellite access network. They should be required to satisfy various requirements such as security, Key confirmation, and Key freshness. In this paper, Two authenticated key exchange protocols TPEKE-E(Two Pass Encrypted Key Exchange-Exchange-Efficient) and TPEKE-S(Two Pass Encrypted Key xchange-Secure) are introduced. A basic idea of the protocols is that a password can be represented by modular addition N, and the number of possible modular addition N representing the password is $2^N$. The TPEKE-E is secure against the attacks including main-in-the-middle attack and off-line dictionary attack, and the performance is excellent so as beyond to comparison with other authenticated key exchange protocols. The TPEKE-S is a slight modification of the TPEKE-E. The TPEKE-S provides computational in feasibility for learning the password without having performed off line dictionary attack while preserving the performance of the TPEKE-E.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.17 no.5
• /
• pp.3-14
• /
• 2007

In this paper, we observe that secure tweakable permutation families in the sense of strong pseudorandom permutation (SPRP) can be transformed to secure permutation families in the sense of SPRP against related-key attacks (SPRP-RKA). This fact allows us to construct a secure SPRP-RKA which is the most efficient to date. We also observe that secure function families of a certain form in the sense of a pseudorandom function (PRF) can be transformed to secure permutation families in the sense of PRP-RKA. We can exploit it to get various secure constructions against related-key attacks from known MAC algorithms. Furthermore, we define other security notions for related-key attacks, namely indistinguishability and non-malleability, and look into the relations between the security notions fur related-key attacks. We show that secure tweakable permutation families in the sense of indistinguishability (resp. non-malleability) can be transformed to secure permutation families in the sense of indistinguishability (resp. non-malleability) against related-key attacks.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.11 no.5
• /
• pp.2792-2810
• /
• 2017

Forward-secure signature is a specific type of signature, which can mitigate the damage caused by the signing key exposure. Most of the existing forward-secure (identity-based) signature schemes can update users' secret keys at each time period, achieve the existential unforgeability, and resist against classical computer attacks. In this paper, we first revisit the framework of forward-secure identity-based signatures, and aim at supporting flexible key update at multi time period. Then we propose a post-quantum forward-secure identity-based signature scheme from lattices and use the basis delegation technique to provide flexible key update. Finally, we prove that the proposed scheme is strongly unforgeable under the short integer solution (SIS) hardness assumption in the random oracle model.

• Journal of Internet Computing and Services
• /
• v.3 no.5
• /
• pp.87-94
• /
• 2002

This paper proposes a group key management protocol for a secure of all the multcast user in PIM-SM multicast group communication. Each subgroup manager gives a secure key to it's own transmitter and the transmitter compress the data with it's own secure key from the subgroup manager, Before the transmitter send the data to receiver, the transmitter prepares to encrypt a user's service by sending a encryption key to the receiver though the secure channel. after checking the user's validity through the secure channel, As the transmitter sending a data after then, the architecture is designed that the receiver will decode the received data with the transmitter's group key, Therefore, transmission time is shortened because there is no need to data translation by the group key on data sending and the data transmition is possible without new key distribution at path change to shortest path of the router characteristic.