• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.5
• /
• pp.49-57
• /
• 2008

User authentication and key agreement are very important components to provide secure home network service. Although the TTA adopted the EEAP-PW protocol as a user authentication and key transmission standard, it has some problems including not to provide forward secrecy. This paper first provides an analysis of the problems in EEAP-PW and then proposes a new attribute-based authenticated key agreement protocol, denoted by EEAP-AK. to solve the problems. The proposed protocol supports the different level of security by diversifying network accessibility for the user attribute after the user attribute-based authentication and key agreement protocol steps. It efficiently solves the security problems in the EEAP-PW and we could support more secure home network service than the EEAP-AK.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.20 no.2
• /
• pp.57-72
• /
• 2010

Hash based RFID protocols proposed by Ha and M.Burmester is a scheme that tag's ID is updated using hash function to provide forward secrecy after session end. But this protocols have a problem both privacy and efficiency. This paper analyze a problem for privacy to apply a privacy game model proposed by Vaudenay. we analyze the cause that these scheme is difficult with tag's cheap implementation and efficient resynchronization. To solve these problems, we proposed a new hash based mutual authentication protocol which apply only two protocol's advantages. this protocols is based of resynchronization algorithm for Ha et al.'s protocol and added a new simple counter to record the numner of continuous desynchronization between tag and reader secret informations. this counter is more simple than cyclic counter proposed by M. Burmester's protocol. Also, we prove that proposal protocol improve a privacy against a privacy attack which is executed for Ha and M. Burmester's protocols.

• Journal of Convergence for Information Technology
• /
• v.12 no.2
• /
• pp.23-29
• /
• 2022

Recently, due to the increase in the use of Internet of Things (IoT) devices, the amount of data transmitted and processed to cloud computing servers has increased rapidly. As a result, network problems (delay, server overload and security threats) are emerging. In particular, edge computing with lower computational capabilities than cloud computing requires a lightweight authentication algorithm that can easily authenticate numerous IoT devices.In this paper, we proposed a key-agreement protocol of a lightweight algorithm that guarantees anonymity and forward and backward secrecy between IoT and edge devices. and the proposed algorithm is stable in MITM and replay attacks for edge device and IoT. As a result of comparing and analyzing the proposed key-agreement protocol with previous studies, it was shown that a lightweight protocol that can be efficiently used in IoT and edge devices.

• Convergence Security Journal
• /
• v.22 no.1
• /
• pp.81-92
• /
• 2022

The rapidly growing IoT market is expanding not only in general households but also in smart homes and smart cities. Among the major protocols used in IoT, ZigBee accounts for more than 90% of the smart home's door lock market and is mainly used in miniaturized sensor devices, so the safety of the protocol is very important. However, the device using Zig Bee is not satisfied with the omnidirectional safety because it uses a fixed key during the authentication process that connects to the network, and it has not been resolved in the recently developed ZigBee 3.0. This paper proposes a design method that provides omnidirectional safety to the ZigBee authentication protocol and can be quickly applied to existing protocols. The proposed improved ZigBee authentication protocol analyzed and applied the recently developed OWE protocol to apply ECDH, which has low computational volume and provides omnidirectional safety in IoT. Based on this, it provides the safety of the ZigBee authentication protocol, and it is expected that it will be able to provide user convenience as it does not require a separate certificate or password input.

• The KIPS Transactions:PartC
• /
• v.15C no.6
• /
• pp.573-586
• /
• 2008

The improved performance and miniaturization of computer and the improvement of wireless communication technology have enabled the emergence of many high quality services. Among them multicast services are receiving much attention and their usage is increasing due to the increase of Internet multimedia services such as video conference, multimedia stream, internet TV, etc. Security plays an important role in mobile multicast services. In this paper, we proposed a secure multicast protocol for a hierarchical micro-mobility environment. The proposed secure multicast protocol provides security services such as authentication, access control, confidentiality and integrity using mechanisms including symmetric/asymmetric key crypto-algorithms and capabilities. To provide forward/backward secrecy and scalability, we used sub-group keys based on the hierarchical micro-mobility environment. With this security services, it is possible to guard against all kinds of security attacks performed by illegal mobile nodes. Attacks executed by internal nodes can be thwarted except those attacks which delete packet or cause network resources to be wasted. We used simulator to measure the performance of proposed protocol. As a result, the simulation showed that effect of these security mechanisms on the multicast protocol was not too high.

• The KIPS Transactions:PartC
• /
• v.12C no.7 s.103
• /
• pp.949-958
• /
• 2005

In the paper we study key agreement schemes when a party needs to establish a session key with each of several parties, thus having multiple session keys. This situation can be represented by a graph, tailed a key graph, where a vertex represents a party and an edge represents a relation between two parties sharing a session key. graphs to establish all session keys corresponding to all edges in a key graph simultaneously in a single session. A key agreement protocol of a key graph is a natural extension of a two-party key agreement protocol. We propose a new key exchange model for key graphs which is an extension of a two-party key exchange model. using the so-called randomness re-use technique which re-uses random values to make session keys for different sessions, we suggest two efficient key agreement protocols for key graphs based on the decisional Diffie-Hellman assumption, and prove their securities in the key exchange model of key graphs. Our first scheme requires only a single round and provides key independence. Our second scheme requires two rounds and provides forward secrecy. Both are proven secure In the standard model. The suggested protocols are the first pairwise key agreement protocols and more efficient than a simple scheme which uses a two-party key exchange for each necessary key. Suppose that a user makes a session key with n other users, respectively. The simple scheme's computational cost and the length of the transmitted messages are increased by a factor of n. The suggested protocols's computational cost also depends on n, but the length of the transmitted messages are constant.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.4
• /
• pp.789-801
• /
• 2018

Currently widely used IP cameras provide the ability to control IP cameras remotely via mobile devices. To do so, the IP camera software is installed on the website specified by the camera manufacturer, and authentication is performed through the password between the IP camera and the mobile device. However, many products currently used do not provide a secure channel between the IP camera and the mobile device, so that all IDs and passwords transmitted between the two parties are exposed. To solve these problems, we propose an authentication and key exchange protocol using ID-based signature scheme. The proposed protocol is characterized in that (1) mutual authentication is performed using ID and password built in IP camera together with ID-based signature, (2) ID and password capable of specifying IP camera are not exposed, (3) provide forward-secrecy using Diffie-Hellman key exchange, and (4) provide security against external attacks as well as an honest-but-curious manufacturer with the master secret key of the ID-based signature.

• Journal of the Daesoon Academy of Sciences
• /
• v.25_1
• /
• pp.25-85
• /
• 2015

In this study, source criticism (an establishment of authentic text) of the Hyun-Mu Sutra(玄武經) among different editions is studied and an attempt of a new interpretation appropriate to that is attempted. The Hyun-Mu Sutra, a scripture written in 1909, began to communicate with the world through the religions of Jeungsanism. In particular, it was remarkable that The Hyun-Mu Sutra was absorbed as canon textbooks Jeonkyung(典經), the Scriptures of Daesoonjinrihoe, The Fellowship of Daesoon Truth(大巡眞理) from a loner and secret pull-out of heritage traditions. However, this scripture though written in 1909 and more than 100 years has passed, remained in a state unestablished authentic text. The Hyun-Mu Sutra is the scripture consisted of 25 pages by the religions of Jeungsanism[Gang Il-sun 姜一淳(1871~1909)]. 33 page type of Hyun-Mu Sutra has been distributed in the world until now the authentic text of The Hyun-Mu Sutra. However, as a result of the examination, diagnostic scripture(病勢文) was found to have been added by descendants. After a review of authentic text of The Hyun-Mu Sutra, it concluded that there is no diagnostic scripture in primary The Hyun-Mu Sutra. Though The Hyun-Mu Sutra is a booklet of a small amount, the notation and expression is so unique, it has been in secrecy to read its contents. Interpretation way of The Hyun-Mu Sutra up to now can be summarized in two as follows. 1) approaches by I-ching 2) approaches by ten celestrial stemps and twelve earthly branches(10干12支). Approaches by I-ching among this sometimes was supplemented with Buddhist classification methods. Nevertheless, these studies can be evaluated limited because it fails to secure authentic text of The Hyun-Mu Sutra. In this study, the contents of The Hyun-Mu Sutra was examined itemized by focusing on the following four points. 1) The icon of The Hyun-Mu Sutra(玄武經符) is similar as normal talisman(符籍) but it has other features. 2) 'Reverse Fonts'(反書體)[the opposite view of the standard fonts(正書體), reflected in the mirror fonts] and size or location used in text is not in uniform. 3) letters in scripture were pointed and points were stamped in the left and upper and lower characters. 4) "Spiritual poem" (詠歌, the Korean traditional music with a view of elegance as an origin of eco), and the music with the Five-Sounds[宮Gung, 商Sang, 角Gak, 徵Chi, 羽Wu) were related. As a result, content analysis of The Hyun-Mu Sutra is carried out in the next four points. 1) The icon of The Hyun-Mu Sutra (玄武經符) has been primarily developed by Jeungsan. 2) 'Reverse Fonts'(反書體)[the opposite view of the standard fonts(正書體), reflected in the mirror fonts] and reverse location such as '宙宇' [the reverse of '宇宙'] represents based on a new world based on a forward and reverse I-ching(正易). 3) Dot and neighbor points is a symbolic map that guides the position of lateral new world(後天) and era(人尊) 4) Spiritual poem is the entrance to achieve the Realization of Do(道通). The above can be considered as the results of this study.