• Title/Summary/Keyword: key management protocol

Search Result 301, Processing Time 0.028 seconds

Secure Key Management Protocol in the Wireless Sensor Network

  • Jeong, Yoon-Su;Lee, Sang-Ho
    • Journal of Information Processing Systems
    • /
    • v.2 no.1
    • /
    • pp.48-51
    • /
    • 2006
  • To achieve security in wireless sensor networks (WSN), it is important to be able to encrypt messages sent among sensor nodes. We propose a new cryptographic key management protocol, which is based on the clustering scheme but does not depend on the probabilistic key. The protocol can increase the efficiency to manage keys since, before distributing the keys by bootstrap, the use of public keys shared among nodes can eliminate the processes to send or to receive keys among the sensors. Also, to find any compromised nodes safely on the network, it solves safety problems by applying the functions of a lightweight attack-detection mechanism.

MKIPS: MKI-based protocol steganography method in SRTP

  • Alishavandi, Amir Mahmoud;Fakhredanesh, Mohammad
    • ETRI Journal
    • /
    • v.43 no.3
    • /
    • pp.561-570
    • /
    • 2021
  • This paper presents master key identifier based protocol steganography (MKIPS), a new approach toward creating a covert channel within the Secure Real-time Transfer Protocol, also known as SRTP. This can be achieved using the ability of the sender of Voice-over-Internet Protocol packets to select a master key from a pre-shared list of available cryptographic keys. This list is handed to the SRTP sender and receiver by an external key management protocol during session initiation. In this work, by intelligent utilization of the master key identifier field in the SRTP packet creation process, a covert channel is created. The proposed covert channel can reach a relatively high transfer rate, and its capacity may vary based on the underlying SRTP channel properties. In comparison to existing data embedding methods in SRTP, MKIPS can convey a secret message without adding to the traffic overhead of the channel and packet loss in the destination. Additionally, the proposed covert channel is as robust as its underlying user datagram protocol channel.

Secure Recovery Protocol of (1,3) Distributed Key Share with Trustless Setup for Asset Management in Blockchain (블록체인 기반 가상자산 관리를 위한 (1,3) 분산키의 비신뢰 기반 안전한 분산 복구 프로토콜)

  • Bae, Kyoungil;Park, Junhoo;Ryou, Jaecheol
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.31 no.5
    • /
    • pp.863-874
    • /
    • 2021
  • Distributed key generation (DKG) with trustless setup is a cryptographic protocol that distributes Shamir secret shares of a private key to participants while keeping the actual private key hidden to the participants. Also, by extending it to a threshold signature protocol, digital signatures can be generated without construction of private keys. This paper proposes a recovery protocol maintaining trustless setup assumptions, in particular to the useful (1,3) share structure. The proposed protocol meets same levels of security requirements with DKG in terms of correctness and secrecy. The protocol can also enable delegation and revocation of digital sign rights for blockchain-based asset management.

A Fair-Exchange E-Payment Protocol For Digital Products With Customer Unlinkability

  • Yen, Yi-Chung;Wu, Tzong-Chen;Lo, Nai-Wei;Tsai, Kuo-Yu
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.6 no.11
    • /
    • pp.2956-2979
    • /
    • 2012
  • Along with the development of Information Technology, online transactions through Internet have become more popular for the reasons of convenience and efficiency. In order to provide secure and reliable online transactions, an effective electronic payment protocol is crucial. In this paper, we propose a novel electronic payment protocol for digital product transactions with an offline arbiter to achieve fair exchange, automated dispute resolution, customer anonymity, and customer unlinkability. In our protocol a product token is adopted to eliminate the need of key management for digital product decryption in the offline arbiter. In addition, Elliptic Curve Cryptography (ECC)-based self-certified public key is utilized to further reduce computing overheads. According to our analysis, the efficiency of our protocol can be greatly increased in comparison with previous literatures.

APPLICATION OF $(\upsilon,\kappa,\lambda)$-CONFIGURATION TO GENERATION OF A CONFERENCE KEY

  • Chung, Il-Yong
    • Journal of applied mathematics & informatics
    • /
    • v.8 no.2
    • /
    • pp.531-537
    • /
    • 2001
  • In order for all participants at video conference to communicate mutually, the conference key should be necessary. In this paper, we present the communication protocol that generates a conference key efficiently based on $(\upsilon,\kappa,\lambda)$-configuration, one class of block designs, which minimizes message transmission overhead needed for this key. Especially, in the case of ${\lambda}=1$, the protocol requires only $O(\sqrt[v]{v})$ messages, where v is the number of participants.

A Study on Key Information Service Protocol for Secure XML Web Service (안전한 XML 웹 서비스를 위한 키 정보 서비스 프로토콜에 관한 연구)

  • Park, Nam-Je;Moon, Ki-Young;Sohn, Sung-Won
    • The KIPS Transactions:PartC
    • /
    • v.10C no.6
    • /
    • pp.769-778
    • /
    • 2003
  • XKMS(XML Key Management Specification), one of XML Security specification, defines the protocol for distributing and registering public keys for verifying digital signatures and enciphering XML documents of web service applications with various and complicate functions. In this paper, we propose XML Key Information protocol service model and implements reference model of protocol component based on standard specification. Also describes the analysis and security method of Key Information Service(XKIS) for Secure XML Web Service,paying attention to the features of XML based security service. This protocol component supported includes public key location by given identifier information, the binding of such keys to edentifier information. This reference model offers the security construction guideline for future domestric e-Business Frameworks.

Design of protocol for RFID/USN security (RFID/USN 보안을 위한 프로토콜 설계)

  • Park, Sang-Hyun;Park, Sang-Min;Shin, Seung-Ho
    • Journal of the Korea Safety Management & Science
    • /
    • v.9 no.3
    • /
    • pp.103-109
    • /
    • 2007
  • Payment and security requirement are playing an increasingly critical role in RFID system, allegedly the core of the ubiquitous, especially in logistics. Therefore, security technology has been playing essential role gradually unlike the past when only the perception of equipment was considered important technology. The current encoding system allows the access only to the user who has the secret key. Many encoding algorithm has been studied to ensure the security of secret key. Security protocol is the most typical way to authorize appropriate user perception by using the data and secret key to proceed the encoding and transmit it to the system in order to confirm the user. However, RFID system which transmits more than dozens of data per second cannot be used if the algorithm and protocol of the existing wired system are used because the performance will degrade as a consequence. Security protocol needs to be designed in consideration of property of RFID and hardware. In this paper, a protocol was designed using SNEP(Sensor Network Encryption Protocol), the security protocol used for the sensor similar to RFID- not the current system used in wired environment- and ECC (Elliptic Curve Cryptography: oval curve encoding), the encoding algorithm.

Practical Password-Authenticated Three-Party Key Exchange

  • Kwon, Jeong-Ok;Jeong, Ik-Rae;Lee, Dong-Hoon
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.2 no.6
    • /
    • pp.312-332
    • /
    • 2008
  • Password-based authentication key exchange (PAKE) protocols in the literature typically assume a password that is shared between a client and a server. PAKE has been applied in various environments, especially in the “client-server” applications of remotely accessed systems, such as e-banking. With the rapid developments in modern communication environments, such as ad-hoc networks and ubiquitous computing, it is customary to construct a secure peer-to-peer channel, which is quite a different paradigm from existing paradigms. In such a peer-to-peer channel, it would be much more common for users to not share a password with others. In this paper, we consider password-based authentication key exchange in the three-party setting, where two users do not share a password between themselves but only with one server. The users make a session-key by using their different passwords with the help of the server. We propose an efficient password-based authentication key exchange protocol with different passwords that achieves forward secrecy in the standard model. The protocol requires parties to only memorize human-memorable passwords; all other information that is necessary to run the protocol is made public. The protocol is also light-weighted, i.e., it requires only three rounds and four modular exponentiations per user. In fact, this amount of computation and the number of rounds are comparable to the most efficient password-based authentication key exchange protocol in the random-oracle model. The dispensation of random oracles in the protocol does not require the security of any expensive signature schemes or zero-knowlegde proofs.

A Security Analysis of a Key Management Scheme for PCS/SCADA Sensor Networks (PCS/SCADA 센서 네트워크용 키 관리 프로토콜에 대한 보안 분석)

  • Park, DongGook
    • Journal of Korea Society of Digital Industry and Information Management
    • /
    • v.5 no.2
    • /
    • pp.123-131
    • /
    • 2009
  • Process Control Systems (PCSs) or Supervisory Control and Data Acquisition (SCADA) systems have recently been added to the already wide collection of wireless sensor networks applications. The PCS/SCADA environment is somewhat more amenable to the use of heavy cryptographic mechanisms such as public key cryptography than other sensor application environments. The sensor nodes in the environment, however, are still open to devastating attacks such as node capture, which makes designing a secure key management challenging. Recently, Nilsson et al. proposed a key management scheme for PCS/SCADA, which was claimed to provide forward and backward secrecies. In this paper, we define four different types of adversaries or attackers in wireless sensor network environments in order to facilitate the evaluation of protocol strength. We then analyze Nilsson et al. 's protocol and show that it does not provide forward and backward secrecies against any type of adversary model.