• Title/Summary/Keyword: mitm

Search Result 42, Processing Time 0.016 seconds

A Study on IKE v2 Analysis Method for RealTime (NIKEv2 AR : IKE v2 실시간 분석 기술 연구)

  • Park, Junghyung;Ryu, Hyungyul;Ryou, Jaecheol
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.32 no.4
    • /
    • pp.661-671
    • /
    • 2022

  • Due to the COVID-19 pandemic, remote working, e-learning, e-teaching and online collaboration have widely spread and become popular. Accordingly, the usage of IPsec VPN for security reasons has also dramatically increased. With the spread of VPN, VPN vulunerabilities are becoming an important target of attack for attackers, and many studies have been conducted on this. IKE v2 analysis is an essential process not only for developing and building IPsec VPN systems but also for security analysis. Network packet analysis tools such as Wireshark and Tcpdump are used for IKE v2 analysis. Wireshark is one of the most famous and widely-used network protocol analyzers and supports IKE v2 analysis. However Wireshark has many limitations, such as requiring system administrator privileges for IKE v2 analysis. In this paper, we describe Wireshark's limitations in detatil and propose a new analysis method. The proposed analysis method can analyze all encrypted IKE v2 messages in real time from the session key exchange In addition, the proposed analysis method is expected to be used for dynamic testing such as fuzzing as packet manipulation.

  • https://doi.org/10.13089/JKIISC.2022.32.4.661 인용 PDF KSCI HTML

Key-Agreement Protocol between IoT and Edge Devices for Edge Computing Environments (에지 컴퓨팅 환경을 위한 IoT와 에지 장치 간 키 동의 프로토콜)

  • Choi, Jeong-Hee
    • Journal of Convergence for Information Technology
    • /
    • v.12 no.2
    • /
    • pp.23-29
    • /
    • 2022

  • Recently, due to the increase in the use of Internet of Things (IoT) devices, the amount of data transmitted and processed to cloud computing servers has increased rapidly. As a result, network problems (delay, server overload and security threats) are emerging. In particular, edge computing with lower computational capabilities than cloud computing requires a lightweight authentication algorithm that can easily authenticate numerous IoT devices.In this paper, we proposed a key-agreement protocol of a lightweight algorithm that guarantees anonymity and forward and backward secrecy between IoT and edge devices. and the proposed algorithm is stable in MITM and replay attacks for edge device and IoT. As a result of comparing and analyzing the proposed key-agreement protocol with previous studies, it was shown that a lightweight protocol that can be efficiently used in IoT and edge devices.

  • https://doi.org/10.22156/CS4SMB.2022.12.02.023 인용 PDF KSCI