• Journal of KIISE:Computer Systems and Theory
• /
• v.29 no.5
• /
• pp.284-290
• /
• 2002

We propose a new authenticated encryption scheme that does not require any block encryption algorithm. Our scheme is based on the Horster-Michels-Petersen authenticated encryption scheme, and it uses a technique in the Bae~Deng signcryption scheme so that the sender's signature can be verified by an arbitrary third party. Since our scheme does not use any block encryption algorithm, we can reduce the code size in its implementation. The computation and communication costs of the proposed scheme are almost the same as those of the Bao-Deng scheme that uses a block encryption algorithm. Our scheme also satisfies all the security properties such as confidentiality, authenticity and nonrepudiation.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.1
• /
• pp.3-10
• /
• 2013

Several identity-based and authenticated key agreement protocols have been proposed. It remains at issue to design secure identity based and authenticated key agreement protocols. In this paper, we propose a one round authenticated group key agreement protocol which uses one more key pair as well as the public key and private key of typical IBE(Identity-Based Encryption) system. The proposed protocol modified Shi et al.'s protocol and He et al.'s protocol. The public and private keys and the signature process of our protocol are simpler than them of their protocols. Our protocol is secure and more efficient than their protocols in communication and computation costs.

• Journal of KIISE:Information Networking
• /
• v.31 no.2
• /
• pp.179-187
• /
• 2004

Password authenticated key exchange protocols for the symmetric model are easier to design, analyze and are more efficient than ones for the asymmetric model, but they are most likely to be broken by server's compromise. Though the protocols with provable security for the asymmetric model such as PAK-X and SNAPI-X are introduced, they need large amount of computation compared with the standard Diffie-Hellman key exchange. We present a systematic and efficient way to transform password authenticated key exchange protocols for the symmetric model into protocols for the asymmetric model. Thus, an efficient protocol for the asymmetric model can be constructed by a systematic protocol with low computation.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.16 no.6
• /
• pp.73-80
• /
• 2006

Recently, Sun et el. proposed a three-party authenticated key exchange protocol using the public key of the server and the derived verifier from the Password of a user. This paper proposes a password-based three-party authenticated key exchange protocol using smartcards. Since the proposed protocol has very low computation cost by using XOR and hash function operation instead of the public key operation, and reduces the count of message transmission to 20% compared with the protocol of Sun et el., it can execute an effective authenticated key exchange. Furthermore, the proposed protocol is safe from password guessing attack by not saving passwords in the server, and it is also safe from server compromise attack because the server cannot know the shared session key between the two users.

• Journal of information and communication convergence engineering
• /
• v.3 no.3
• /
• pp.163-166
• /
• 2005

The Key exchange protocols are very crucial tools to provide the secure communication in the broadband satellite access network. They should be required to satisfy various requirements such as security, Key confirmation, and Key freshness. In this paper, Two authenticated key exchange protocols TPEKE-E(Two Pass Encrypted Key Exchange-Exchange-Efficient) and TPEKE-S(Two Pass Encrypted Key xchange-Secure) are introduced. A basic idea of the protocols is that a password can be represented by modular addition N, and the number of possible modular addition N representing the password is $2^N$. The TPEKE-E is secure against the attacks including main-in-the-middle attack and off-line dictionary attack, and the performance is excellent so as beyond to comparison with other authenticated key exchange protocols. The TPEKE-S is a slight modification of the TPEKE-E. The TPEKE-S provides computational in feasibility for learning the password without having performed off line dictionary attack while preserving the performance of the TPEKE-E.

• ETRI Journal
• /
• v.34 no.3
• /
• pp.482-484
• /
• 2012

With the rapid progress of wireless mobile communications, the authenticated key agreement (AKA) protocol has attracted an increasing amount of attention. However, due to the limitations of bandwidth and storage of the mobile devices, most of the existing AKA protocols are not suitable for wireless mobile communications. Recently, Lo and others presented an efficient AKA protocol based on elliptic curve cryptography and included their protocol in 3GPP2 specifications. However, in this letter, we point out that Lo and others' protocol is vulnerable to an offline password guessing attack. To resist the attack, we also propose an efficient countermeasure.

• Journal of Broadcast Engineering
• /
• v.13 no.1
• /
• pp.79-85
• /
• 2008

An authenticated group key agreement protocol allows a group of parties communicating over an insecure network to share a common secret key. In this paper, we show that Zhou et al.'s ID-based authenticated group key agreement schemes do not provide forward secrecy.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.13 no.8
• /
• pp.4060-4075
• /
• 2019

ACORN is an authenticated encryption algorithm proposed as a candidate in the currently ongoing CAESAR competition. ACORN has a good performance on security and efficiency which has been a third-round candidate. This paper mainly concentrates on the security of ACORN under the forgery attack and the non-repudiation of ACORN. Firstly, we analyze the differential properties of the feedback function in ACRON are analyzed. By taking advantage of these properties, the forgery attacks on round-reduced ACORN are proposed with a success probability higher than $2^{-128}$ when the number of finalization rounds is less than 87. Moreover, the non-repudiation of ACRON in the nonce-reuse setting is analyzed. The known collision can be used to deny the authenticated message with probability $2^{-120}$. This paper demonstrates that ACORN cannot generate the non-repudiation completely. We believe it is an undesirable property indeed.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.17 no.2
• /
• pp.3-17
• /
• 2007

Receiver access control scheme is proposed to protect multicast distribution tree from DoS(Denial-of Service) attack induced by unauthorized use of IGMP(Internet group management protocol), by extending the security-related functionality of IGMP. Based on a specific network and business model adopted for commercial deployment of IP multicast applications, key management scheme is also presented for bootstrapping the proposed access control as well as accounting and billing for CP(Content Provider), NSP(Network Service Provider), and group members.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2003.07a
• /
• pp.77-82
• /
• 2003

본 논문에서는 ElGamal 암호 기반에 PAK(Password-Authenticated Key Exchange) 프로토콜을 적용하여, 새로운 패스워드-인증 키 분배 프로토콜을 제안하고자 한다. ElGamal 암호 기법에서 사용자와 서버의 공개키와 개인키로 미리 공유된 패스워드와 비밀 정보를 암호문으로 전송하고 복호함으로써 서버-클라이언트 상호 인증을 하고, 비밀 정보를 근거로 세션키를 나누어 갖는 것이 이 프로토콜의 목적이다. 또한 설계 시 패스워드-인증 키 교환 프로토콜에서의 보안 요구사항을 고려하여 패스워드 기반의 인증 키 분배 프로토콜에서 요구하는 보안 요구사항을 만족하고 있다.