• Journal of Advanced Navigation Technology
• /
• v.15 no.5
• /
• pp.722-728
• /
• 2011

Most services need to have authentication protocols to verify users' eligibility in the network environment. For this, a lot of user authentication protocols have been researched and developed. Two of them, SPMA and I-SPMA protocols, introduced the lack of mutual authentication and vulnerability to the reply attack of the prior protocols and suggested revised protocols. Nevertheless, these protocols did not mention about the critical problem caused when the server and the client lose synchronization on the secret information between them. Therefore, in this paper, we analyze the security characteristics of the existing protocols and prove the vulnerability to the synchronization of the protocols.

• Proceedings of the IEEK Conference
• /
• 2005.11a
• /
• pp.233-236
• /
• 2005

Our country compares with advanced nations by supply of super high speed network and information communication infra construction has gone well very. Many people by extension of on-line transaction and various internet services can exchange, or get information easily in this environment. But, virus or poisonous information used to Cyber terror such as hacking was included within such a lot of information and such poisonous information are threatening national security as well as individual's private life. There were always security and speed among a lot of items to consider networks equipment from these circumstance to now when develop and install in trade-off relation. In this paper, we present a high speed VPN Acceleration Board(VPN-AB) that balances both speed and security requirements of high speed network environment. Our VPN-AB supports two VPN protocols, IPsec and SSL. The protocols have a many cryptographic algorithms, DES, 3DES, AES, MD5, and SHA-1, etc.. The acceleration board process data packets into the system with In-line mode. So it is possible that VPN-AB processes inbound and outbound packets by 10Gbps. We use Nitrox-II CN2560 security processor VPN-AB is designed using that supports many hardware security modules and two SPI-4.2 interfaces to design VPN-AB.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.16 no.1
• /
• pp.23-33
• /
• 2006

Key Agreement protocols are among the most basic and widely used cryptographic protocols. In this paper we present an efficient O-based authenticated key agreement (AKA) protocol by using bilinear maps, especially well suited to unbalanced computing environments : an ID-based AKA protocol for Server and Client. Particularly, considering low-power clients' devices, we remove expensive operations such as bilinear maps from a client side. Our protocol uses signcryption and provide security in random oracle model.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2024.05a
• /
• pp.235-238
• /
• 2024

This paper investigates the integration of ARIA cryptography within hardware secure modules to bolster IoT security. We present a comparative analysis of two prominent IoT communication protocols, MQTT and LwM2M, augmented with ARIA cryptography. The study evaluates their performance, security, and scalability in practical IoT applications. Our experimental setup comprises FPGA-enabled hardware secure modules interfaced with Raspberry Pi acting as an MQTT and LwM2M client. We utilize the Mosquitto MQTT server and an LwM2M server deployed on AWS IoT. Through rigorous experimentation, we measure various performance metrics, including latency, throughput, and resource utilization. Additionally, security aspects are scrutinized, assessing the resilience of each protocol against common IoT security threats. Our findings highlight the efficacy of ARIA cryptography in bolstering IoT security and reveal insights into the comparative strengths and weaknesses of MQTT and LwM2M protocols. These results contribute to the development of robust and secure IoT systems, paving the way for future research in this domain.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.1
• /
• pp.3-10
• /
• 2013

Several identity-based and authenticated key agreement protocols have been proposed. It remains at issue to design secure identity based and authenticated key agreement protocols. In this paper, we propose a one round authenticated group key agreement protocol which uses one more key pair as well as the public key and private key of typical IBE(Identity-Based Encryption) system. The proposed protocol modified Shi et al.'s protocol and He et al.'s protocol. The public and private keys and the signature process of our protocol are simpler than them of their protocols. Our protocol is secure and more efficient than their protocols in communication and computation costs.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.5 no.9
• /
• pp.1684-1697
• /
• 2011

We show that two protocols for RFID mutual authentication in pervasive computing environments, recently proposed by Kang et al, are vulnerable to several attacks. First, we show these protocols do not preserve the privacy of users' location. Once a tag is authenticated successfully, we show several scenarios where legitimate or illegitimate readers can trace the location of that tag without any further information about the tag's identifier or initial private key. Second, since the communication between readers and the database takes place over an insecure communication channel and in the plaintext form, we show scenarios where a compromised tag can gain access to confidential information that the tag is not supposed get access to. Finally, we show that these protocols are also vulnerable to the replay and denial-of-service attacks. While some of these attacks are due to simple flaws and can be easily fixed, others are more fundamental and are due to relaxing widely accepted assumptions in the literature. We examine this issue, apply countermeasures, and re-evaluate the protocols overhead after taking these countermeasures into account and compare them to other work in the literature.

• Journal of the Korea Convergence Society
• /
• v.8 no.12
• /
• pp.15-22
• /
• 2017

This paper analyzes vulnerability of each service protocol used in ICT convergence industry, smart factory, smart grid, smart home, smart traffic, smart health care, and suggests technologies that can overcome security vulnerabilities. In addition, we design a service-oriented protocol security framework that allows us to quickly and easily develop security functions in an open environment by defining a security element common to protocols and designing a security module for each protocol layer including the corresponding elements. Service protocol independent security module and specialized security module, it will be possible to develop flexible and fast security system in ICT convergence industry where various protocols are used. The overall security level of the ICT service network can be improved by installing the necessary security modules in the operating system, and the productivity can be improved in the industrial security field by reusing each security module.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2003.12a
• /
• pp.620-624
• /
• 2003

In［5］, the bit security of keys obtained from protocols based on pairings has been discussed. However it was not able to give bit security of tripartite authenticated key(TAK) agreement protocol of type 4. This paper shows the bit security of keys obtained from TAK-4 protocol.

• Journal of Information Processing Systems
• /
• v.3 no.1
• /
• pp.21-25
• /
• 2007

We propose several practical SMC protocols for privacy-preserving cooperative scientific computations. We consider two important scientific computations which involve linear equations: the linear systems of equations problem and the linear least-square problem. The protocols proposed in this paper achieve acceptable security in the sense of Du-Zhan's paradigm and t-wise collusion-resistance, and their communication complexity is O(tm), where t is a security parameter and m is the total number of participants. The complexity of our protocol is significantly better than the previous result O($m^2/{\mu}$) of [4], in which the oblivious transfer protocol is used as an important building block.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.11 no.7
• /
• pp.3720-3746
• /
• 2017

At present, numerous hospitals and medical institutes have implemented Telecare Medicine Information Systems (TMIS) with authentication protocols to enable secure, efficient electronic transactions for e-medicine. Numerous studies have investigated the use of authentication protocols to construct efficient, robust health care services, and recently, Liu et al. presented an authenticated key agreement mechanism for TMIS. They argued that their mechanism can prevent various types of attacks and preserve a secure environment. However, we discovered that Liu et al.'s mechanism presents some vulnerabilities. First, their mechanism uses an improper identification process for user biometrics; second, the mechanism is not guaranteed to protect against server spoofing attacks; third, there is no session key verification process in the authentication process. As such, we describe how the above-mentioned attacks operate and suggest an upgraded security mechanism for TMIS. We analyze the security and performance of our method to show that it improves security relative to comparable schemes and also operates in an efficient manner.