• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.2
• /
• pp.11-20
• /
• 2008

Three-party key exchange protocol is a cryptographic protocol which permits two clients share a common session key using different passwords by the help of a trusted server. In a three-party key exchange protocol, an user remember only one password which shared with a trusted server for establish a common key with another user. The trusted server should participate in an execution of the protocol between two clients. This impose heavy burden on the server when many users want to establish a session key using the protocol. In this paper, we propose a three-party key exchange protocol based on a smart card which reduce the computational complexity and communication overhead for the trusted server. In our protocol, the server does not participate in an key exchange procedure between two clients.

• Proceedings of the Korea Society for Industrial Systems Conference
• /
• 2008.10b
• /
• pp.445-448
• /
• 2008

The key establishment between nodes is one of the most important issues to secure the communication in wireless sensor networks. Some researcher used the probabilistic key sharing scheme with a pre-shared key pool to reduce the number of keys and the key disclosure possibility. However, there is a potential possibility that some nodes do not have a common share in the key pool. The purpose of this paper is to devise a peer to peer key sharing protocol (PPKP) based on Quorum system and Diffie-Hellman key exchange scheme (DHS). The PPKP establishes a session key by creating a shared key using the DHS and then scrambles it based on Quorum system to secure that. The protocol reduces the number of necessary keys than the previous schemes and could solve the non-common key sharing possibility problem in the probabilistic schemes.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.5
• /
• pp.17-30
• /
• 2008

In the paper, we consider password-based authenticated key exchange with different passwords, where the users do not share a password between themselves, but only with the server. The users make a session key using their different passwords with the help of the server. We propose an efficient password-based authenticated key exchange protocol with different passwords which achieves forward secrecy without random oracles. In fact this amount of computation and the number of rounds are comparable to the most efficient password-based authenticated key exchange protocol in the random oracle model. The protocol requires a client only to memorize a human-memorable password, and all other information necessary to run the protocol is made public.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.12 no.5
• /
• pp.2346-2352
• /
• 2011

E-mail systems using the intranet is widely exposed to internal threats should an administrator or a third party decides to misuse the information. To solve this problem, we propose a safe intranet email encryption protocol using the symmetrical-key password algorithm. Since the proposed protocol encrypts the data using a pre-agreed session keys between the users, the data will be safe from malignant access attempts provided that the session key is not exposed.

• Proceedings of the Korean Information Science Society Conference
• /
• 2002.10c
• /
• pp.547-549
• /
• 2002

Seo와 Sweeny는 통신 당사자간의 직접적인 세션키(session key) 교환을 위해 SAKA(Simple Authenticated Key Agreement Algorithm)를 제안했다. SAKA는 패스워드(password)를 사용하여 사용자인증 기능을 제공하는 변형된 Diffie-Hellman 키 교환 프로토콜로써, 키 생성 및 사용자 인증 시 요구되는 계산량과 메시지 전송량을 고려할 때 효율적인 프로토콜이다. 그러나, 최근에 Lin은 SAKA의 안전성에 취약점이 있음을 지적하고 개선된 프로토콜을 제안하였다. 본 논문에서는 개선된 프로토콜이 여전히 재전송 공격(replay attack)에 안전하지 않기 때문에 사용자 인증을 제공 할 수 없음을 보인다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.6B
• /
• pp.207-217
• /
• 2008

Secure channels, indispensable to many applications, can be established by using an authenticated key exchange (AKE) protocol where the involving parties authenticate one another and then share authenticated session keys over insecure networks. In this paper, we introduce a new type of AKE protocols that are especially designed to minimize the damages caused by leakages of stored secrets. Such protocols are called Leakage-Resilient AKE (LR-AKE) protocols, whose motivation, design principles, several constructions, security analysis and applications are explained in detail.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.14 no.1
• /
• pp.79-89
• /
• 2004

Mobile IP Low Latency Handoffs allow greater support for real-time services on a Mobile W network by minimizing the period of time when a mobile node is unable to send or receive IP packets due to the delay in the Mobile IP Registration process. However, on Mobile IP network with AAA servers that are capable of performing Authentication, Authorization, and Accounting(AAA) services, every Registration has to be traversed to the home network to achieve new session keys, that are distributed by home AAA server, for a new Mobile IP session. This communication delay is the time taken to re-authenticate the mobile node and to traverse between foreign and home network even if the mobile node has been previously authorized to old foreign agent. In order to reduce these extra time overheads, we present a method that performs Low Latency Handoffs without requiring funker involvement by home AAA server. The method re-uses the previously assigned session keys. To provide confidentiality and integrity of session keys in the phase of key exchange between agents, it uses a key sharing method by gateway foreign agent that Performs a ousted thirty party. The Proposed method allows the mobile node to perform Low Latency Handoffs with fast as well as secure operation

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.14 no.7
• /
• pp.3487-3494
• /
• 2013

Diverse application service such as mobile payment, access control or smart poster have been provided by using smart devices with built-in Near Field Communication technology. Especially, a mobile payment system can provide convenience to its users, but it also can poses including data disclosure while transmitting. There are vulnerabilities while generating session keys used to encrypt data in transaction processes as proposed in KS X 6928, the standard for mobile payment system. Therefore, in this thesis, I analyzed weaknesses of session keys used to encrypt transaction data and proposed a more secure mobile payment system based on NFC to enhance security. The proposed system will provide security functionalities such as key freshness, mutual authentication and key confirmation.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.32 no.12B
• /
• pp.750-757
• /
• 2007

This paper analyzes spam threats and proposes key exchange scheme for user authentication and SDP encryption to protect potential spam threats in SIP-based VoIP services. The existing HTTP digest authentication scheme exchanges many message because challenge is sent for every establishment of the session and doesn't provide a confidentiality of SDP. To protect SPIT, our scheme exchanges initial nonce and a session master key for authentication and SDP encryption during registration. In our scheme, the challenge and response procedure is not necessary and the communication overhead is much less than applying S/MIME or TLS.

• Journal of the Korea Society of Computer and Information
• /
• v.29 no.6
• /
• pp.53-60
• /
• 2024

In this paper, we analyze the authentication scheme of Hwang et al. proposed in 2023 and propose a new authentication scheme that improves its problems. Hwang et al. claimed that their authentication scheme was practical and secure, but as a result of analysis in this paper, it is possible to attack the password/ID guessing attack and session key disclosure attack due to insider attack and stolen smart card attack. In addition, Hwang et al.'s authentication scheme, which provides user anonymity, does not provide user untraceability due to its unstable design. The proposed authentication scheme, which improves these problems, not only provides user untraceability, but also is secure for stolen smart card attack, insider attack, session key disclosure attack, and replay attack. In addition, except for one fuzzy extraction operation, it shows the same complexity or very similar one as related authentication schemes. Therefore, the proposed authentication scheme can be said to be an authentication scheme with safety and practicality.