• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.6 no.12
• /
• pp.3366-3383
• /
• 2012

Reliance on the Internet has introduced Voice over Internet Protocol (VoIP) to various security threats. A reliable security protocol and an authentication scheme are thus required to prevent the aforementioned threats. However, an authentication scheme often demands additional cost and effort. Accordingly, a security framework for known participants in VoIP communication is proposed in this paper. The framework is known as Randomness-Optimized Self-Securing (ROSS), which performs authentication automatically throughout the session by optimizing the uniqueness and randomness of the communication itself. Elliptic Curve Diffie-Hellman (ECDH) key exchange and Salsa20 stream cipher are utilized in the framework correspondingly to secure the key agreement and the communication with low computational cost. Human intelligence supports ROSS authentication process to ensure participant authenticity and communication regularity. The results show that with marginal overhead, the proposed framework is able to secure VoIP communication by performing reliable authentication.

• ETRI Journal
• /
• v.45 no.2
• /
• pp.346-357
• /
• 2023

Hardware security primitives, also known as physical unclonable functions (PUFs), perform innovative roles to extract the randomness unique to specific hardware. This paper proposes a novel hardware security primitive using a commercial off-the-shelf flash memory chip that is an intrinsic part of most commercial Internet of Things (IoT) devices. First, we define a hardware security source model to describe a hardware-based fixed random bit generator for use in security applications, such as cryptographic key generation. Then, we propose a hardware security primitive with flash memory by exploiting the variability of tunneling electrons in the floating gate. In accordance with the requirements for robustness against the environment, timing variations, and random errors, we developed an adaptive extraction algorithm for the flash PUF. Experimental results show that the proposed flash PUF successfully generates a fixed random response, where the uniqueness is 49.1%, steadiness is 3.8%, uniformity is 50.2%, and min-entropy per bit is 0.87. Thus, our approach can be applied to security applications with reliability and satisfy high-entropy requirements, such as cryptographic key generation for IoT devices.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.3
• /
• pp.3-8
• /
• 2008

Ephemeral data are easily revealed if state specific information is stored in insecure memory or a random number generator is corrupted. In this letter, we show that Nam et al.'s group key agreement scheme, which is an improvement of Bresson et al.'s scheme, is not secure against session-state reveal attacks. We then propose an improvement to fix the security flaw.

• Convergence Security Journal
• /
• v.8 no.2
• /
• pp.1-6
• /
• 2008

Designing efficient and secure electronic payment is important for M-Commerce. In this paper, we propose an efficient Micro-payment protocol that allows multiple transactions using ID-based public key encryption-system. The proposed payword system requires to generate authenticated key generated by Weil-pairing which uses an elliptic curve cryptosystem over finite field Fq for transactions. Therefore, it is more secure in known key attacks as well as man-in-the middle attacks.

• Journal of the Korea Society of Computer and Information
• /
• v.23 no.1
• /
• pp.57-66
• /
• 2018

It is known that a single-key and a related-key attacks on AES-128 are possible for at most 7 and 8 rounds, respectively. The security of CMAC, a typical block-cipher-based MAC algorithm, has very high possibility of inheriting the security of the underlying block cipher. Since the attacks on the underlying block cipher can be applied directly to the first block of CMAC, the current security margin is not sufficient compared to what the designers of AES claimed. In this paper, we consider HMAC-DM-AES-128 as an alternative to CMAC-AES-128 and analyze its security for reduced rounds of AES-128. For 2-round AES-128, HMAC-DM-AES-128 requires the precomputation phase time complexity of $2^{97}$ AES, the online phase time complexity of $2^{98.68}$ AES and the data complexity of $2^{98}$ blocks. Our work is meaningful in the point that it is the first security analysis of MAC based on hash modes of AES.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.15 no.1
• /
• pp.67-76
• /
• 2005

Bresson et al. have recently proposed an efficient group key agreement scheme well suited for a wireless network environment. Although it is claimed that the proposed scheme is provably secure under certain intractability assumptions, we show in this paper that this claim is unfounded, breaking the allegedly secure scheme in various ways.

• IEIE Transactions on Smart Processing and Computing
• /
• v.2 no.3
• /
• pp.168-175
• /
• 2013

Key escrow is a default property that is inherent in identity-based cryptography, where a curious private key generator (PKG) can derive a secret value shared by communicating entities in its domain. Therefore, a dishonest PKG can encrypt and decrypt ciphers or can carry out any attack on the communicating parties. Of course, the escrow property is not completely unwanted but is acceptable in other particular applications. On the other hand, in more civil applications, this key escrow property is undesirable and needs to be removed to provide maximum communication privacy. Therefore, this paper presents an escrow-free identity-based key agreement protocol that is also applicable even in a distinct PKG condition that does not use pairings. The proposed protocol has comparable computational and communicational performance to many other protocols with similar security attributes, of which their security is based on costly bilinear pairings. The protocol's notion was inspired by McCullagh et al. and Chen-Kudla, in regard to escrow-free and multi-PKG key agreement ideas. In particular, the scheme captures perfect forward secrecy and key compromise impersonation resilience, which were lacking in McCullagh et al.'s study, as well as all other desirable security attributes, such as known key secrecy, unknown key-share resilience and no-key control. The merit in the proposed protocol is the achievement of all required security requirements with a relatively lower computational overhead than many other protocols because it precludes pairings.

• International Journal of Computer Science & Network Security
• /
• v.24 no.1
• /
• pp.196-204
• /
• 2024

The security of data and information using encryption algorithms is becoming increasingly important in today's world of digital data transmission over unsecured wired and wireless communication channels. Hybrid encryption techniques combine both symmetric and asymmetric encryption methods and provide more security than public or private key encryption models. Currently, there are many techniques on the market that use a combination of cryptographic algorithms and claim to provide higher data security. Many hybrid algorithms have failed to satisfy customers in securing data and cannot prevent all types of security threats. To improve the security of digital data, it is essential to develop novel and resilient security systems as it is inevitable in the digital era. The proposed hybrid algorithm is a combination of the well-known RSA algorithm and a simple symmetric key (SSK) algorithm. The aim of this study is to develop a better encryption method using RSA and a newly proposed symmetric SSK algorithm. We believe that the proposed hybrid cryptographic algorithm provides more security and privacy.

• The KIPS Transactions:PartC
• /
• v.9C no.6
• /
• pp.799-808
• /
• 2002

According to the wide-spread of information transmission system over network, the use of cryptographic system to provide the integrity of transmitted message over network is increasing and the importance of that is emphasized. Because the security of the cryptographic system totally relies on the key, key management is a essential part of cryptographic system. A number of key agreement protocols have been proposed to far, but their rigorous security analysis is still open. In this paper, we analyze the features of Diffie-Hellman based standard key agreement protocols and provide the security analysis of those protocols against several kinds of active attacks.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.5
• /
• pp.27-33
• /
• 2011

At FDTC'05 and CISC-W'10, the authors showed that if they decrease the number of rounds of AES and Triple-DES by using the fault injections, it is possible to recover the secret key of the target algorithms, respectively. In this paper, we propose a key recovery attack on HMAC by using the main idea of these attacks. This attack is applicable to HMAC based on MD-family hash functions and can recover the secret key with the negligible computational complexity. Particularly, the attack result on HMAC-SHA-2 is the first known key recovery attack result on this algorithm.