• IEIE Transactions on Smart Processing and Computing
• /
• v.2 no.5
• /
• pp.297-301
• /
• 2013

Key agreement protocols allow multi-parties exchanging public information to create a common secret key that is known only to those entities over an insecure network. Since Joux first published the pairing-based one round tripartite key agreement protocol, many authenticated protocols have been proposed. Unfortunately, many of them have been broken while others have been shown to be deficient in some desirable security attributes. In 2004, Cheng et al. presented two protocols aimed at strengthening Shim's certificate-based and Zhang et al.'s tripartite identity-based protocols. This paper reports that 1) In Cheng et al.'s identity-based protocol, an adversary can extract long-term private keys of all the parties involved; and 2) Cheng et al.'s certification-based protocol is weak against key integrity attacks. This paper suggests possible remedies for the security flaws in both protocols and then presents a modified Cheng et al.'s identity-based, one-round tripartite protocol that is more secure than the original protocol.

• The Transactions of The Korean Institute of Electrical Engineers
• /
• v.56 no.9
• /
• pp.1665-1675
• /
• 2007

This paper presents the problem of controlling asynchronous sequential machines in the presence of input disturbances, which may be also regarded as an adversary in a game theoretic setting. The main objective is to provide necessary and sufficient condition for the existence of a corrective controller that solves model matching problem of an asynchronous machine suffering from input disturbance. The existence condition can be stated in terms of a simple comparison of two skeleton matrices. The proposed controller eliminates the adversarial effect of input disturbance and makes the controlled machine mimic the behavior of a model in stable-state way. Whenever controller exists, algorithms for their design are outlined and demonstrated in a case study.

• The Transactions of The Korean Institute of Electrical Engineers
• /
• v.56 no.9
• /
• pp.1655-1664
• /
• 2007

This paper presents the problem of controlling asynchronous sequential machines in the presence of input disturbances, which may be also regarded as an adversary in a game theoretic setting. The main objective is to develope a new methodology for including unpredictable behavior of input disturbance into models of asynchronous machines. The input disturbance, representing uncontrollable noise input, is embedded into a new model of asynchronous machines in form of input/state finite state machines. It is shown that the proposed modeling preserves the fundamental model and well-pose of asynchronous machines. The reachability matrix, an important performance index of asynchronous machines, is also adapted according to input disturbance and will be used for constructing corrective controllers in the companion paper.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.5 no.2
• /
• pp.123-131
• /
• 2009

Process Control Systems (PCSs) or Supervisory Control and Data Acquisition (SCADA) systems have recently been added to the already wide collection of wireless sensor networks applications. The PCS/SCADA environment is somewhat more amenable to the use of heavy cryptographic mechanisms such as public key cryptography than other sensor application environments. The sensor nodes in the environment, however, are still open to devastating attacks such as node capture, which makes designing a secure key management challenging. Recently, Nilsson et al. proposed a key management scheme for PCS/SCADA, which was claimed to provide forward and backward secrecies. In this paper, we define four different types of adversaries or attackers in wireless sensor network environments in order to facilitate the evaluation of protocol strength. We then analyze Nilsson et al. 's protocol and show that it does not provide forward and backward secrecies against any type of adversary model.

• Review of KIISC
• /
• v.12 no.2
• /
• pp.62-76
• /
• 2002

Incautiously designed and informally verified cryptographic protocols are error-prone and can allow an adversary to have the ideal starting point for various kinds of attacks. The flaws resulting from these protocols can be subtle and hard to find. Accordingly we need formal methods for systematic design and verification of cryptographic protocols. This paper surveys the state-of-the-art and proposes a practical developing method that will be implemented in the future study.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.6 no.11
• /
• pp.2940-2955
• /
• 2012

In this paper, we propose aggregate signcryption for achieving data security in UWSNs. The main challenge of these networks established in sensitive environments is offline sink visiting. Moreover, the sensors must retain collected data for long enough time to offload them onto the itinerant sink. Thus, the unattended nature of data collection intervals might offer the adversary the opportunity to apply various attacks without detection. In this paper, employing low order operations (in time and space), we propose a new secure scheme in which various security goals such as confidentiality (through encrypting), authentication and integrity (through signing) are achieved. In addition, the aggregation process of our scheme reduces the space and communication overheads both for sensors and sink, i.e. the proposed technique efficiently enables the sensors and sink to protect, verify and recover all the related data. We further compare our scheme with the best alternative work in the literature.

• ETRI Journal
• /
• v.34 no.1
• /
• pp.66-75
• /
• 2012

This paper proposes a privacy-preserving database encryption scheme that provides access pattern hiding against a service provider. The proposed scheme uses a session key to permute indices of database records each time they are accessed. The proposed scheme can achieve access pattern hiding in situations in which an adversary cannot access the inside of the database directly, by separating the entity with an index table and data table and permuting both the index and position where the data are stored. Moreover, it is very efficient since only O(1) server computation and communication cost are required in terms of the number of the data stored. It can be applied to cloud computing, where the intermediate entities such as cloud computing service provider can violate the privacy of users or patients.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.14 no.6
• /
• pp.2534-2553
• /
• 2020

Recently, numerous certificateless encryption (CLE) schemes have been introduced. The security proofs of most schemes are given under the random oracle model (ROM). In the standard model, the adversary is able to calculate the hash function instead of asking the challenger. Currently, there is only one scheme that was proved to be secure in SM. In this paper, we constructed a new CLE scheme and gave the security proofs in SM. In the new scheme, the size of the storage space required by the system is constant. The computation cost is lower than other CLE schemes due to it needs only two pairing operations.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.10 no.3
• /
• pp.1289-1310
• /
• 2016

Dynamic ID-based authentication solves the ID-theft problem by changing the ID in each session instead of using a fixed ID while performing authenticated key exchanges between communicating parties. User anonymity is expected to be maintained and the exchanged key kept secret even if one of the long-term keys is compromised in the future. However, in the conventional dynamic ID-based authentication scheme, if the server's long-term key is compromised, user anonymity can be broken or the identities of the users can be traced. In addition, these schemes are vulnerable to replay attacks, in which any adversary who captures the authentication message can retransmit it, and eventually cause the legitimate user to be denied service. This paper proposes a novel dynamic ID-based authentication scheme that preserves forward anonymity as well as forward secrecy and obviates replay attacks.

• Proceedings of the KIEE Conference
• /
• 2006.04a
• /
• pp.171-173
• /
• 2006

Because sensor networks use wireless communication, they are vulnerable to attacks which are more difficult launch in the wired domain. Many wired networks benefit from their inherent physical security properties. It is unlikely that an adversary will dig up the Internet backbone and splice into the line. However, wireless communications are difficult to protect; they are by nature a broadcast medium. In a broadcast medium, adversaries can easily eavesdrop on, intercept, inject, and alter transmitted data. In addition, adversaries are not restricted to using sensor network hardware. We have analyzed the IEEE 802.15.4, ZigBee specification which includes a number of security provisions and options. In this paper, we highlight places where USN security considerations and home network attack scenarios.