• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.15 no.6
• /
• pp.127-133
• /
• 2005

This paper presents a password-based key exchange protocol to guarantee secure communications for two users registered in a sever. In this protocol, the server is only responsible for the legality of the users but does not how the session key agreed between them. The protocol can resist the various attacks including server compromise attack and provide the perfect forward secrecy. The proposed protocol is efficient in terms of computation cost because of not employing the sewer's public key.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.28 no.1B
• /
• pp.1-10
• /
• 2003

An EPON which is going on standardization in IEEE 802.3ah, is tree topology consists of a OLT and multiple ONU using passive optical components, so this network is susceptible to variable security threats - eavesdropping, masquerading, denial of service and so on. In this paper, we design a security protocol supporting authentication and confidentiality services in MAC layer in order to prevent these security threats and to guarantee secure data exchange The designed security protocol introduce public-key based authentication and key management protocols for efficient key management, and choose Rijndael algorithm, which is recent standard of AES, to provide the confidentiality of EPON Proposed authentication and key management protocols perform authentication and public-key exchange at a time, and are secure protocols using derived common cipher key by exchanging public random number To implement the designed security protocol, we propose the procedures of authentication and public-key exchange, session key update, key recovery. This proposed protocol is verified using unknown session key, forward secrecy, unknown key-share, key-compromise impersonation.

• Current Optics and Photonics
• /
• v.3 no.2
• /
• pp.119-127
• /
• 2019

A new secret-key-sharing cryptosystem using optical phase-shifting digital holography is proposed. The proposed secret-key-sharing algorithm is based on the Diffie-Hellman key-exchange protocol, which is modified to an optical cipher system implemented by a two-step quadrature phase-shifting digital holographic encryption method using orthogonal polarization. Two unknown users' private keys are encrypted by two-step phase-shifting digital holography and are changed into three digital-hologram ciphers, which are stored by computer and are opened to a public communication network for secret-key-sharing. Two-step phase-shifting digital holograms are acquired by applying a phase step of 0 or ${\pi}/2$ in the reference beam's path. The encrypted digital hologram in the optical setup is a Fourier-transform hologram, and is recorded on CCDs with 256 quantized gray-level intensities. The digital hologram shows an analog-type noise-like randomized cipher with a two-dimensional array, which has a stronger security level than conventional electronic cryptography, due to the complexity of optical encryption, and protects against the possibility of a replay attack. Decryption with three encrypted digital holograms generates the same shared secret key for each user. Schematically, the proposed optical configuration has the advantage of producing a kind of double-key encryption, which can enhance security strength compared to the conventional Diffie-Hellman key-exchange protocol. Another advantage of the proposed secret-key-sharing cryptosystem is that it is free to change each user's private key in generating the public keys at any time. The proposed method is very effective cryptography when applied to a secret-key-exchange cryptosystem with high security strength.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• v.9 no.2
• /
• pp.807-810
• /
• 2005

Constructed network test environment of wireless base for confidentiality guarantee of data and safe transmission that is transmited at Mobile node of Wireless Network environment in this paper. And, progressed research about IKEv2's Multiple-Key Exchange mechanism for efficient security transmission that use IPSec that is built-in to basis to IPv6 of Mobile environment. Have several key to single terminal to solve that is seam at hand off packet transmission process of Mobile Node in Wireless Network and Re-setting for Key and Re-exchange problem that happen frequently and studied technology that move. Key exchange protocol that is used for an experiment loads basically in MIPv6 and used IKEv2 protocol that is used for management and distribution of reliable encryption key between both end. Using network simulator of SSFNet(Scalable Simulation Framework Network Models) in this paper Key exchange delay value of IKEv2's security transmission analyzing comparison Performance measure and studied about problem and improvement way accordingly.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.5
• /
• pp.17-30
• /
• 2008

In the paper, we consider password-based authenticated key exchange with different passwords, where the users do not share a password between themselves, but only with the server. The users make a session key using their different passwords with the help of the server. We propose an efficient password-based authenticated key exchange protocol with different passwords which achieves forward secrecy without random oracles. In fact this amount of computation and the number of rounds are comparable to the most efficient password-based authenticated key exchange protocol in the random oracle model. The protocol requires a client only to memorize a human-memorable password, and all other information necessary to run the protocol is made public.

• Journal of Communications and Networks
• /
• v.12 no.6
• /
• pp.592-599
• /
• 2010

In recent years, significant improvements have been made to the techniques used for analyzing satellite communication and attacking satellite systems. In 2003, a research team at Los Alamos National Laboratory, USA, demonstrated the ease with which civilian global positioning system (GPS) spoofing attacks can be implemented. They fed fake signals to the GPS receiver so that it operates as though it were located at a position different from its actual location. Moreover, Galileo in-orbit validation element A and Compass-M1 civilian codes in all available frequency bands were decoded in 2007 and 2009. These events indicate that cryptography should be used in addition to the coding technique for secure and authenticated satellite communication. In this study, we address this issue by using an authenticated key-exchange protocol to build a secure and authenticated communication channel for satellite communication. Our protocol uses identity-based cryptography. We also prove the security of our protocol in the extended Canetti-Krawczyk model, which is the strongest security model for authenticated key-exchange protocols, under the random oracle assumption and computational Diffie-Hellman assumption. In addition, our protocol helps achieve high efficiency in both communication and computation and thus improve security in satellite communication.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.7 no.12
• /
• pp.3244-3260
• /
• 2013

A three-party password-based authenticated key exchange (PAKE) protocol allows two clients registered with a trusted server to generate a common cryptographic key from their individual passwords shared only with the server. A key requirement for three-party PAKE protocols is to prevent an adversary from mounting a dictionary attack. This requirement must be met even when the adversary is a malicious (registered) client who can set up normal protocol sessions with other clients. This work revisits three existing three-party PAKE protocols, namely, Guo et al.'s (2008) protocol, Huang's (2009) protocol, and Lee and Hwang's (2010) protocol, and demonstrates that these protocols are not secure against offline and/or (undetectable) online dictionary attacks in the presence of a malicious client. The offline dictionary attack we present against Guo et al.'s protocol also applies to other similar protocols including Lee and Hwang's protocol. We conclude with some suggestions on how to design a three-party PAKE protocol that is resistant against dictionary attacks.

• Honam Mathematical Journal
• /
• v.26 no.3
• /
• pp.247-256
• /
• 2004

Buchmann and Williams[1] proposed a key exchange system making use of the properties of the maximal order of an imaginary quadratic field. $H{\ddot{u}}hnlein$ et al. [6,7] also introduced a cryptosystem with trapdoor decryption in the class group of the non-maximal imaginary quadratic order with prime conductor q. Their common techniques are based on the properties of the invertible ideals of the maximal or non-maximal orders respectively. Kim and Moon [8], however, proposed a key-exchange system and a public-key encryption scheme, based on the class semigroups of imaginary quadratic non-maximal orders. In Kim and Moon[8]'s cryptosystem, a non-invertible ideal is chosen as a generator of key-exchange ststem and their secret key is some characteristic value of the ideal on the basis of Zanardo et al.[9]'s quantity for ideal equivalence. In this paper we propose the methods for finding the non-invertible ideals corresponding to non-primitive quadratic forms and clarify the structure of the class semigroup of non-maximal order as finitely disjoint union of groups with some quantities correctly. And then we correct the misconceptions of Zanardo et al.[9] and analyze Kim and Moon[8]'s cryptosystem.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.11 no.5
• /
• pp.97-104
• /
• 2001

In this paper, we propose Recoverable Password Based Key Exchange Protocol(RPKEP). RPKEP has user who has password, server which share the secret key information with user, and password recovery agency(PRA) which help to recover the user\`s password. Proposed protocol has some advantages that it is secure against off-line dictionary attack which is considered most important in password based key exchange protocol and suer\`s security is preserved even though user\`s secret information stored in the server is disclosed. By applying Chaum\`s blind signature scheme in the process of password recovery, even the PRA can\`t obtain any information about user\`s password.

• Journal of Korea Multimedia Society
• /
• v.8 no.4
• /
• pp.525-535
• /
• 2005

A password-based authenticated tripartite key exchange protocol based on A. Joux's protocol was proposed. By using encryption scheme with shared password, we can resolve man-in-the-middle attack and lack of authentication problems. We also suggested a scheme to avoid the offline dictionary attack to which symmetric encryption schemes are vulnerable. The proposed protocol does not require a trusted party which is required in certificate or identity based authentication schemes. Therefore in a ad hoc network which is difficult to install network infrastructure, the proposed protocol would be very useful. The proposed protocol is more efficient in computation aspect than any existing password-based authenticated tripartite key exchange protocols. When it is used as a base line protocol of tree based group key exchange protocol, the computational weak points of the proposed protocol are compensated.