• Journal of Korea Multimedia Society
• /
• v.21 no.4
• /
• pp.485-492
• /
• 2018

Recently, the numerous authentication and key distribution protocol for NFC payment environment have been proposed using public key cryptosystems. However, these protocol are vulnerable to quantum computing attack because quantum computing can solve factoring and discrete logarithm problem effectively using Grover and Shor's algorithm. For these reason, the secure authentication and key distribution have become a very important security issue in order to prevent quantum computing attacks. Therefore, to ensure user's payment information and privacy, we propose a secure quantum resistant authentication and key distribution protocol for NFC payment environments.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.13 no.2
• /
• pp.107-114
• /
• 2003

In this paper, we propose an efficient mutual authentication and key distribution protocol for cdma2000 packet data service which uses Mobile U access method with DIAMETER AAA(Authentication, Authorization and Accounting) infrastructure. The proposed scheme provides an efficient mutual authentication between MN(Mobile Node) and AAAH(home AAA server), and a secure session-key distribution among Mobile If entities. The proposed protocol improves the efficiency of DIAMETER AAA and satisfies the security requirements for authentication and key distribution protocol. Also, the key distributed by the proposed scheme can be used to generate keys for packet data security over 1xEV-DO wireless interface, in order to avoid a session hijacking attack for 1xEV-DO packet data service.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 1995.11a
• /
• pp.331-337
• /
• 1995

In this paper, We present that protocols have already proposed an applicable key distribution and authentication protocol based discrete logarithm and prime-factorization problem in PCN(Personal Communication Network) is anaysised. We newly propose identiity-based protocol using smart card. This proposed potocol is that Fiat-Shamir identification scheme and a new key distribution scheme based on Fiat-Shamir identification scheme are joined. Proposed protocol is compared with suiting protocols with respect to security and efficiency to evalate performance, so its calculation is reduced in key distribution and authentication to evaluate performance.

• Journal of Internet Computing and Services
• /
• v.7 no.3
• /
• pp.83-91
• /
• 2006

In this paper, we improved a cryptography system model based on the secure initial authentication public key with PKINIT of authentication and key recovery protocol. It is applied to all fields of cryptography system using certificate. This study presents two mechanisms to authenticate between member users. The first mechanism is initial authentication and distribution of session key by public key cryptography based on certificate between entity and server, and the second mechanism is a key recovery support protocol considering loss of session key in the secure communication between application servers.

• Proceedings of the Korea Society of Information Technology Applications Conference
• /
• 2005.11a
• /
• pp.277-280
• /
• 2005

With the proliferation of mobile terminals, use of the Internet in mobile environments is becoming more common. To support mobility in these terminals, Mobile IPv4 is proposed and represents the standard in IPv4 environments. Authentication should be mandatory, because mobile terminals can utilize Internet services in any foreign domain. Mobile IPv4 provides symmetric key based authentication using the default HMAC-MD5. However, symmetric key based authentication creates a key distribution problem. To solve this problem, public key based authentication mechanisms have been proposed. In this paper, the performance of each of these mechanisms is evaluated. The results present that, among these mechanisms, partial certificate based authentication has superior performance, and certificate based authentication has the worst performance. Although current public key based authentication mechanisms have lower performance than symmetric key based authentication, this paper presents the possibility that public key based authentication mechanisms may be used for future mobile terminal authentication.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.15 no.2
• /
• pp.73-80
• /
• 2005

We propose a Quantum Authentication and Key distribution protocol based on one-time n using one-way Hash function. The designated users can authenticate each other and the arbitrator using their one-time ID and distribute a quantum secret key using remained GHZ states after authentication procedure. Though the help of the arbitrator is needed in the process of authentication and key distribution, our protocol prevents the arbitrator from finding out the shared secret key even if the arbitrator becomes an active attacker. Unconditional security can be proved in our protocol as the other QKD protocols.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.13 no.1
• /
• pp.87-97
• /
• 2003

In this paper, we define two security concepts, “non-computable security” and “distribution security”, about authentication information committed to a authentication server without any trustee, and propose an authenticatied key exchange protocol based on password, satisfying “distribution security”. We call it MAP(Muti-Server Authentication Protocol based on Password) and show that SSSO(Secure Single Sign On) using MAP solves a problem of SSO(Single Sign On) using authentication protocol based on password with a trustee.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.5 no.4
• /
• pp.139-150
• /
• 2009

Authentication and key exchange are fundamental for establishing secure communication channels over public insecure networks. Password-based protocols for authenticated key exchange are designed to work even when user authentication is done via the use of passwords drawn from a small known set of values. There have been many protocols proposed over the years for password authenticated key exchange in the three-party scenario, in which two clients attempt to establish a secret key interacting with one same authentication server. However, little has been done for password authenticated key exchange in the more general and realistic four-party setting, where two clients trying to establish a secret key are registered with different authentication servers. In fact, the recent protocol by Yeh and Sun seems to be the only password authenticated key exchange protocol in the four-party setting. But, the Yeh-Sun protocol adopts the so called "hybrid model", in which each client needs not only to remember a password shared with the server but also to store and manage the server's public key. In some sense, this hybrid approach obviates the reason for considering password authenticated protocols in the first place; it is difficult for humans to securely manage long cryptographic keys. In this work, we introduce a key agreement protocol and a key distribution protocol, respectively, that requires each client only to remember a password shared with its authentication server.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.5 no.2
• /
• pp.177-184
• /
• 2009

The digital contents distribution system via network provides comfortability, usability, and diversified functions to content's users. However, for the characteristic of easy access of digital contents, the copyright infringements and indiscreet contents distribution are realized in this days. In other words, any users with the authentication key can access to copyright contents with any restrictions. To solve this problems, we proposed a user authentication mechanism which prevent indiscreet access to the digital content by using user system information. Also, to provide safe distribution of digital content, we used user's unique content authentication key.

• The Journal of Society for e-Business Studies
• /
• v.9 no.1
• /
• pp.209-220
• /
• 2004

If protocol has fast operations and short key length, it can be efficient user authentication protocol. Lenstra and Verheul proposed XTR. XTR have short key length and fast computing speed. Therefore, this can be used usefully in complex arithmetic. In this paper, to design efficient user authentication protocol we used a subgroup of Galois Field to problem domain. Proposed protocol does not use GF(p/sup 6/) that is existent finite field, and uses GF(p²) that is subgroup and solves problem. XTR-ElGamal based user authentication protocol reduced bit number that is required when exchange key by doing with upside. Also, proposed protocol provided easy calculation and execution by reducing required overhead when calculate. In this paper, we designed authentication protocol with y/sub i/ = g/sup b.p/sup 2(i-1)//ㆍv mol q, 1(equation omitted) 3 that is required to do user authentication.