• Title/Summary/Keyword: Session Key

Search Result 326, Processing Time 0.025 seconds

Robust Biometric-based Anonymous User Authenticated Key Agreement Scheme for Telecare Medicine Information Systems

  • Jung, Jaewook;Moon, Jongho;Won, Dongho
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.11 no.7
    • /
    • pp.3720-3746
    • /
    • 2017
  • At present, numerous hospitals and medical institutes have implemented Telecare Medicine Information Systems (TMIS) with authentication protocols to enable secure, efficient electronic transactions for e-medicine. Numerous studies have investigated the use of authentication protocols to construct efficient, robust health care services, and recently, Liu et al. presented an authenticated key agreement mechanism for TMIS. They argued that their mechanism can prevent various types of attacks and preserve a secure environment. However, we discovered that Liu et al.'s mechanism presents some vulnerabilities. First, their mechanism uses an improper identification process for user biometrics; second, the mechanism is not guaranteed to protect against server spoofing attacks; third, there is no session key verification process in the authentication process. As such, we describe how the above-mentioned attacks operate and suggest an upgraded security mechanism for TMIS. We analyze the security and performance of our method to show that it improves security relative to comparable schemes and also operates in an efficient manner.

Anonymity-Based Authenticated Key Agreement with Full Binding Property

  • Hwang, Jung Yeon;Eom, Sungwook;Chang, Ku-Young;Lee, Pil Joong;Nyang, DaeHun
    • Journal of Communications and Networks
    • /
    • v.18 no.2
    • /
    • pp.190-200
    • /
    • 2016
  • In this paper, we consider some aspects of binding properties that bind an anonymous user with messages. According to whether all the messages or some part of the messages are bound with an anonymous user, the protocol is said to satisfy the full binding property or the partial binding property, respectively. We propose methods to combine binding properties and anonymity-based authenticated key agreement protocols. Our protocol with the full binding property guarantees that while no participant's identity is revealed, a participant completes a key agreement protocol confirming that all the received messages came from the other participant. Our main idea is to use an anonymous signature scheme with a signer-controlled yet partially enforced linkability. Our protocols can be modified to provide additional properties, such as revocable anonymity. We formally prove that the constructed protocols are secure.

FI-Based Local Group Key Generation/Distribution for Mobile Multicast in a Hierarchical Mobile IPv6Network

  • Baek, Jin-Suk;Fisher, Paul S.;Kwak, Ming-Yung
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.2 no.1
    • /
    • pp.5-21
    • /
    • 2008
  • In order to securely transmit multicast data packets in a mobile environment where frequent join/leave events are a characteristic of the environment, there is a need for a new secure and efficient group key management solution. We propose a secure group key generation/distribution solution providing scalability and reliability. Using this solution, when a mobile node, which is in a multicast session, enters a new domain, the agent of the domain joins the multicast session and coordinates its data packets with the mobile node. The agent encrypts and transmits subsequent data packets to the mobile node, using a local one-time pad key. This key is generated with FI sequences, enabling the mobile node to regenerate the same data packet, based on the information sent by the agent. Our performance analysis demonstrates that the proposed solution can significantly reduce the number of key generations and distributions, when it is applied to the hierarchical mobile IPv6 network.

An Efficient Micropayment System using a Session Key (세션키를 이용한 효율적 소액지불시스템)

  • Jeong Yoon Su;Baek Seung-Ho;Hwang Yoon Cheol;Oh Chung Shick;Lee Sang-ho
    • Journal of KIISE:Information Networking
    • /
    • v.32 no.4
    • /
    • pp.462-470
    • /
    • 2005
  • A hash chain is highly efficient and attractive structure to use in electronic cash. Previous systems using hash chain are used extensively in various cryptography applications such as one-time passwords, server-supported signatures and microments. However, The most hash chain based systems using fro-paid method provide anonymity but have the problem to increase payment cost. Therefore, in this paper, we propose a new hash chain based microment system which improves efficiency using session key and guarantees user anonymity through blind signature in the withdrawal process of the root value without disclosing privacy Information.

A Design of Protocol Management System for Aggregating Messages based on Certification between Vehicles (차량간 인증 기반 메시지 집계 프로토콜 관리시스템 설계)

  • Lee, ByungKwan;Jeong, EunHee
    • Journal of Korea Society of Industrial Information Systems
    • /
    • v.18 no.4
    • /
    • pp.43-51
    • /
    • 2013
  • This paper proposes the design of protocol management system for aggregationg messages based on certification between vehicles which not only prevents the messages between vehicles from being forged and altered by Sybil attack by authenticating the them, and but also provides the efficient communication by aggregating the redundant vehicle messages which frequently happens when communicating. For this, the proposed system proposes the SKLC(Session Key Local Certificate) design which is a local certificate based on a session key, and the MAP(Message Aggregation Protocol) design which aggregates the redundant vehicle messages. Therefore, when the proposed system checks the certificate of vehicle, it provides the reliable information securely by verifying the integrity of vehicle with a hash function operation, and improves communication efficiency by reducing the processing time.

Security Enhancement of Lightweight User Authentication Scheme Using Smartcard (스마트카드를 이용한 안전한 경량급 사용자 인증 스킴의 설계)

  • Lee, Youngsook
    • Convergence Security Journal
    • /
    • v.20 no.4
    • /
    • pp.209-215
    • /
    • 2020
  • The environment of the Internet provides an efficient communication of the things which are connected. While internet and online service provide us many valuable benefits, online services offered and accessed remotely through internet also exposes us to many different types of security threats. Most security threats were just related to information leakage and the loss of authentication on client-server environment. In 2016, Ahmed et al. proposed an efficient lightweight remote user authentication protocol. However, Kang et al. show that it's scheme still unstable and inefficient. It cannot resist offline identity guessing attack and cannot provide session key confirmation property. Moreover, there is some risk of biometric information's recognition error. In this paper, we propose an improved scheme to overcome these security weaknesses by storing secret data in device. In addition, our proposed scheme should provide not only security, but also efficiency since we only use hash function and XOR operation.

Mutual Identification and Key Exchange Scheme in Secure Vehicular Communications based on Group Signature (그룹 서명 기반의 차량 네트워크에서 상호 신분 확인 및 세션키 교환 기법)

  • Kim, Dai-Hoon;Choi, Jae-Duck;Jung, Sou-Hwan
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.20 no.1
    • /
    • pp.41-50
    • /
    • 2010
  • This paper proposes a mutual identification and session key exchange scheme in secure vehicular communication based on the group signature. In VANETs, security requirements such as authentication, conditional privacy, non-repudiation, and confidentiality are required to satisfy various vehicular applications. However, existing VANET security methods based on the group signature do not support a mutual identification and session key exchange for data confidentiality. The proposed scheme allows only one credential to authenticate ephemeral Diffie-Hellman parameters generated every key exchange session. Our scheme provides a robust key exchange and reduces storage and communication overhead. The proposed scheme also satisfies security requirements for various application services in VANETs.

Efficient mutual authentication and key distribution protocol for cdma2000 packet data service (cdma2000 패킷 데이터 서비스를 위한 효율적인 상호 인증과 키 분배 프로토콜)

  • 신상욱;류희수
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.13 no.2
    • /
    • pp.107-114
    • /
    • 2003
  • In this paper, we propose an efficient mutual authentication and key distribution protocol for cdma2000 packet data service which uses Mobile U access method with DIAMETER AAA(Authentication, Authorization and Accounting) infrastructure. The proposed scheme provides an efficient mutual authentication between MN(Mobile Node) and AAAH(home AAA server), and a secure session-key distribution among Mobile If entities. The proposed protocol improves the efficiency of DIAMETER AAA and satisfies the security requirements for authentication and key distribution protocol. Also, the key distributed by the proposed scheme can be used to generate keys for packet data security over 1xEV-DO wireless interface, in order to avoid a session hijacking attack for 1xEV-DO packet data service.

Simple and Efficient Authenticated Key Agreement Protocol (간단하고 효율적인 상호 인증 키 동의 프로토콜)

  • 이성운;유기영
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.13 no.5
    • /
    • pp.105-112
    • /
    • 2003
  • In this raper, we propose two simple and efficient key agreement protocols, called SEKA-H and SEKA-E, which use a pre-shared password between two parties for mutual authentication and agreeing a common session key. The SEKA-H protocol uses a hash function to verify an agreed session key. The SEKA-E Protocol, a variant of SEKA-H, uses an exponentiation operation in the verification phase. They are secure against the man-in-the-middle attack the password guessing attack and the Denning-Sacco attack and provide the perfect forward secrecy. The SEKA-H protocol is very simple in structure and provides good efficiency compared with other well-known protocols. The SEKA-E protocol is also comparable with the previous protocols.

Secure Key Exchange Protocols against Leakage of Long-tenn Private Keys for Financial Security Servers (금융 보안 서버의 개인키 유출 사고에 안전한 키 교환 프로토콜)

  • Kim, Seon-Jong;Kwon, Jeong-Ok
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.19 no.3
    • /
    • pp.119-131
    • /
    • 2009
  • The world's widely used key exchange protocols are open cryptographic communication protocols, such as TLS/SSL, whereas in the financial field in Korea, key exchange protocols developed by industrial classification group have been used that are based on PKI(Public Key Infrastructure) which is suitable for the financial environments of Korea. However, the key exchange protocols are not only vulnerable to client impersonation attacks and known-key attacks, but also do not provide forward secrecy. Especially, an attacker with the private keys of the financial security server can easily get an old session-key that can decrypt the encrypted messages between the clients and the server. The exposure of the server's private keys by internal management problems, etc, results in a huge problem, such as exposure of a lot of private information and financial information of clients. In this paper, we analyze the weaknesses of the cryptographic communication protocols in use in Korea. We then propose two key exchange protocols which reduce the replacement cost of protocols and are also secure against client impersonation attacks and session-key and private key reveal attacks. The forward secrecy of the second protocol is reduced to the HDH(Hash Diffie-Hellman) problem.