• Journal of KIISE:Information Networking
• /
• v.33 no.4
• /
• pp.310-323
• /
• 2006

In this paper, we describe a secure cluster-routing protocol based on a multi-layer scheme in ad hoc networks. We propose efficient protocols, Authentication based on Multi-layer Clustering for Ad hoc Networks (AMCAN), for detailed security threats against ad hoc routing protocols using the selection of the cluster head (CH) and control cluster head (CCH) using a modification of cluster-based routing ARCH and DMAC. This protocol provides scalability of Shadow Key using threshold authentication scheme in ad hoc networks. The proposed protocol comprises an end-to-end authentication protocol that relies on mutual trust between nodes in other clusters. This scheme takes advantage of Shadow Key using threshold authentication key configuration in large ad hoc networks. In experiments, we show security threats against multilayer routing scheme, thereby successfully including, establishment of secure channels, the detection of reply attacks, mutual end-to-end authentication, prevention of node identity fabrication, and the secure distribution of provisional session keys using threshold key configuration.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.9 no.3
• /
• pp.727-733
• /
• 2008

An authentication between a user's terminal and a Access Control Router (ACR) is preceded so that a user receives secure WiBro services. Otherwise they can be exposed from many attack risks. So the Telecommunications Technology Association (TTA) constituted a mechanism of the mutual authentication for WiBro service. In mechanism a user executes the mutual authentication between a Portable Equipment (PE) and the ACR by using Portable Internet Subscriber Identity Module (PISIM). But this standard needs many message to authenticate the ACR and the users cann't use wireless Internet service. Therefore in this paper we propose the key agreement protocol between the PSS and the ACR to authenticate the PSS to ACR. At this time Power Support Device (PSD) fer supporting the calculated quantity of the PSS is participated in the key agreement protocol. The ACR sends a generated key to Key Authentication Server (KAS) via secure IPsec tunnel and then it preserves the identity of the PSS and the value of key after it enciphered them. In conclusion we analyze the security and efficiency of the proposed protocol.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.17 no.2
• /
• pp.139-144
• /
• 2007

Due to the increasing use of Internet and spread of ubiquitous environment the security of private information became an important issue. For this reason, many suggestions have been made in order to protect the privacy of users. In the study of authentication system using a smart card which is one of the methods for protecting private information, the main idea is to offer user anonymity. In 2004, Das et al. suggested an authentication system that guarantees anonymity by using a dynamic ID for the first time. However, this scheme couldn't guarantee complete anonymity as the identity of the user became revealed at log-in phase. In 2005, Chien at al. suggested a authentication system that guarantees anonymity, but this was only safe to the outsider(attacker). In this paper, we propose a scheme that enables the mutual authentication between the user and the sewer by using a smart card. For the protection of the user privacy, we suggest an efficient user authentication system that guarantees perfect anonymity to both the outsider and remote server.

• Journal of the Korea Society of Computer and Information
• /
• v.10 no.5 s.37
• /
• pp.161-170
• /
• 2005

The Certificate Revocation List(CRL) or the Online Certificate Status Protocol(OCSP)has been used to validate certificates. However, the CRL cannot validate certificates in realtime because of the Time-Gap problem and the OCSP server overloads in a large scale secure system. In addition, the client cannot access a wired LAN until the client has been authenticated by the authentication server on the IEEE 802. 1x framework. Therefore, the client cannot validate the authentication server's certificate using a certificate validation server. Thus, the client cannot authenticate the authentication server in realtime. To solve these problems this paper designed a secure system that can protect the content of communications and authenticate users in realtime on a wireless LAN The designed certificate validation protocol was proved that the stability and efficiency of the system was very high, the result of the validation had the presence, the speed of the validation was not affected by the system scale, the number of authorities user must trust was reduced to one, and the overload of the validation server was Protected. And the designed user authentication and key exchange protocols were Proved that the mutual authentication was possible in realtime and the fact of the authentication could be authorized by the CA because of using the authorized certificates.

• Journal of the Korea Society of Computer and Information
• /
• v.17 no.10
• /
• pp.79-88
• /
• 2012

In this paper, we design a mutual authentication protocol which divided sessions from an authenticated session are updated periodically. And in order to minimize the traffic overhead for session authentication, we also introduce dynamic session management according to sampling rate of medical sensor type. And randomize the divided session time. This model has the effect of blocking the integrity and confidentiality intrusion of rogue gateway. Moreover, efficiency is provided through medical data to be transmitted have different sampling rate. In order to evaluate this model, it was embodied and experimented in TinyOS 2.1 environment. The result, we got an overall validity from three types of experiment.

• Journal of Digital Convergence
• /
• v.14 no.12
• /
• pp.201-208
• /
• 2016

The purpose of Email system is used to transmit important information between companies in today. But Email system has vulnerabilities such that changing email address of sender by attacker. So it is important to authenticate mail server and user using mail server. This paper proposed mail proxy located between mail servers that evaluate authority and authenticate sender and receiver. The proposed email platform has some functions to compose trusted domain and to authenticate mail servers in the domain. Also, if sender and recipient are valid users in mail system, each exchanges a key for confidentiality and the sender sends an e-mail encrypted with exchanged key to recipient. In this paper, we propose a key exchange scheme in proposed platform and verify this protocol using Casper which is the formal analysis tool. In the future research, we will study the overall platform of the domain configuration for the security of mail.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.40 no.10
• /
• pp.1958-1968
• /
• 2015

Things intelligence communication (M2M or IoT) service activation and global company of OneM2M-related business on aggressive investing and has led to the acceleration of change in the ICT market. But a variety of hacking security technology because of the possibility of secure communication (data exposure, theft, modification, deletion, etc.) has been issued as an important requirement. In this paper, we propose a mutual authentication protocol for secure communications chameleon hash based on the M2M environment. The results of performance analysis efficiency is encryption and decryption an average of 0.7%, calculated rate showed good results as compared to the target algorithm, equivalent to a 3%(Average 0.003 seconds) difference, mutual authentication and encryption region by using the key update advantage of ECC(Elliptic Curve Cryptography)based Chameleon hash function is signed of the operational efficiency, using a collision message verifiable properties demonstrated strong security of the communication section.

• Journal of the Institute of Electronics Engineers of Korea CI
• /
• v.46 no.5
• /
• pp.71-78
• /
• 2009

In RFID system, the communicated data can be easily eavesdropped and tampered with by an attacker because the communication between the reader and the tag is performed in an insecure channel. Therefore, authentication is an important role in RFID applications for providing security and privacy. In 2006, Lee, Asano and Kim proposed an RFID mutual authentication protocol (the LAK protocol) which utilizes a hash function and synchronized secret information. However, Cao and Shen showed that the LAK protocol is vulnerable to replay attack, and therefore an adversary can impersonate the tag. This paper proposes a new simple two-round RFID mutual authentication (TRMA) protocol based on secure one-way hash function. As a result, the proposed TRMA protocol not only can prevent various attacks and but also provides communication efficiency since they mutually authenticate by performing two-round between RFID tag and RFID reader.

• Journal of Industrial Convergence
• /
• v.18 no.5
• /
• pp.23-29
• /
• 2020

The Internet of things (IoT) is the extension of Internet connectivity into various devices and everyday objects. Embedded with electronics, Internet connectivity and other forms of hardware. The IoT poses significant risk to the entire digital ecosystem. This is because so many of these devices are designed without a built-in security system to keep them from being hijacked by hackers. This paper proposed a mutual authentication protocol for IoT Devices using symmetric-key algorithm. The proposed protocol use symmetric key cryptographic algorithm to securely encrypt data on radio channel. In addition, the secret key used for encryption is random number of devices that improves security by using variable secret keys. The proposed protocol blocked attacker and enabled legal deives to communicate because only authenticated devices transmit data by a mutual authentication protocol. Finally, our scheme is safe for attacks such as eavesdropping attack, location tracking, replay attack, spoofing attack and denial of service attack and we confirmed the safety by attack scenario.

• Journal of the Korea Society of Computer and Information
• /
• v.10 no.3 s.35
• /
• pp.237-247
• /
• 2005

Ubiquitous Sensor Network(USN) is the very core of a technology for the Ubiquitous environments. There is the weakness from various security attacks such that tapping of sensor informations, flowing of abnormal packets, data modification and Denial of Service(DoS) etc. And it's required counterplan with them. Especially it's restricted by the capacity of battery and computing. By reasons of theses. positively, USN security technology needs the lightweighted design for the low electric energy and the minimum computing. In this paper, we propose lightweight USN mutual authentication methology based on trust model to solve above problems. The proposed authentication model can minimize the measure of computing because it authenticates the sensor nodes based on trust information represented by subjective logic model. So it can economize battery consumption and resultingly increse the lifetime of sensor nodes.