• Convergence Security Journal
• /
• v.11 no.3
• /
• pp.25-30
• /
• 2011

WEP is proposed networks dominate the market in the future wireless LAN encryption and authentication features to provide a secure protocol. However, WEP does not suggest a specific measures when generating the initial values used for the creation cipher text, the initial value problem because tile size and no-encryption if you have been raised about the safety issue. In this paper pointed out the vulnerabilities of WEP and the proposed improvement plan for this improvement was proposed based on the initial value to avoid re-creating the initial value of the system and using a block cipher in CBC mode for confidentiality and to provide mutual authentication New WLAN security model was proposed.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.13 no.5
• /
• pp.105-112
• /
• 2003

In this raper, we propose two simple and efficient key agreement protocols, called SEKA-H and SEKA-E, which use a pre-shared password between two parties for mutual authentication and agreeing a common session key. The SEKA-H protocol uses a hash function to verify an agreed session key. The SEKA-E Protocol, a variant of SEKA-H, uses an exponentiation operation in the verification phase. They are secure against the man-in-the-middle attack the password guessing attack and the Denning-Sacco attack and provide the perfect forward secrecy. The SEKA-H protocol is very simple in structure and provides good efficiency compared with other well-known protocols. The SEKA-E protocol is also comparable with the previous protocols.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.12 no.1
• /
• pp.3-10
• /
• 2002

This paper proposes an ID-based entity-aunthentication and authenticated key exchange protocol with ECC via two-pass communications between two parties who airs registered to the trusted third-party KC in advance. The proposed protocol developed by applying ECDSA and Diffie-Hellman key exchange scheme to the ID-based key distribution scheme over ECC proposed by H. Sakazaki, E. Okamoto and M. Mambo(SOM scheme). The security of this protocol is based on the Elliptic Curve Discrete Logarithm Problem(ECDLP) and the Elliptic Curve Diffie-Hellman Problem(ECDHP). It is strong against unknown key share attack and it provides the perfect forward secrecy, which makes up for the weakness in SOM scheme,

• Journal of the Korean Society for Aviation and Aeronautics
• /
• v.29 no.4
• /
• pp.142-152
• /
• 2021

The International Civil Aviation Organization (ICAO) and the World Customs Organization (WCO) emphasize securing supply chain security through mutual cooperation between aviation security and customs by establishing a standardized security system by regulations, procedures and practices of international air cargo. Accordingly, in accordance with the Aviation Security Act, the known consignors system aims to secure cargo security before loading air cargo into the aircraft, while the customs AEO system is a public-private cooperation program that focuses on simplification of customs clearance procedures. These systems basically have the same purpose of effectively identifying high-risk cargo through a risk-based approach in international air cargo transportation and preventing risks in advance, and the content that a common basic standard for cargo security must be established is also similar. Therefore, it is necessary to establish a cooperation system by simplifying problems such as cumbersome and redundant authentication procedures and on-site verification through coordination of security requirements for mutual recognition between the two systems. As a result, it is necessary to establish a process for coordinating security and customs' supply chain security program and maximize the effect of harmonizing supply chain security by strengthening the linkage between known consignors and AEO.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.5
• /
• pp.71-82
• /
• 2011

The RFID system provides undeniable advantages so that it is used for various application. However recent RFID system is vulnerable to some attacks as eavesdropping, replay attack, message hijacking, and tag tampering, because the messages are transmitted through the wireless channel and the tags are cheap. Above attacks cause the tag and reader impersonation, denial of service by invalidating tag, and the location tracking concerning bearer of tags, A lot of RFID authentication protocol bas been proposed to solve the vulnerability. Since Weis, Sanna, Rivest, and Engel, proposed the bash-based RFID authentication protocol, many researchers have improved hash-based authentication protocol and recent bash-based authentication protocols provide security and desirable privacy. However, it remains open problem to reduce the tag identification time as long as privacy and security are still guaranteed. Here we propose a new protocol in which the tags generate the message depending on the state of previous communitions between tag and reader. In consequence, our protocol allows a server to identify a tag in a reasonable amount of time while ensuring security and privacy, To be specific, we reduced the time for the server to identify a tag when the last session finished abnormally by at least 50% compared with other bash-based schemes that ensure levels of security and privacy similar to ours.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.1
• /
• pp.75-86
• /
• 2014

Demand for the femtocell is largely credited to the surge in a more always best connected communication conscious public. 3GPP defines new architecture and security requirement for Release 9 to deal with femtocell, Home eNode B referred as HeNB. In this paper, we analyze the HeNB security with respect to mutual authentication, access control, and secure key agreement. Our analysis pointed out that a number of security vulnerabilities have still not been addressed and solved by 3GPP technical specification. These include eavesdropping, man-in-the-middle attack, compromising subscriber access list, and masquerading as valid HeNB. To the best of our knowledge, any related research studying HeNB security was not published before. Towards this end, this paper proposes an improved authentication and key agreement mechanism for HeNB which adopts proxy-signature and proxy-signed proxy-signature. Through our elaborate analysis, we conclude that the proposed not only prevents the various security threats but also accomplishes minimum distance from use-tolerable authentication delay.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.19 no.4
• /
• pp.800-806
• /
• 2015

WAVE(Wireless Access in Vehicular Environments) system is wireless communication technology that vehicle sends and receives packets between vehicles or between vehicles and infrastructure in a high-speed mobile environment. In this study, we have designed and implemented a CRL(Certificate Revocation List) download protocol that is used to verify certificate revocation status of the other party when the vehicles communicate with WAVE system. This protocol operates over UDP. And to support security features, also, ECDSA(Elliptic Curve Digital Signature Algorithm) is used for mutual authentication and ECIES(Elliptic Curve Integrated Encryption Scheme) is used to ensure the confidentiality. Moreover, this protocol ensures the integrity of data by adding MAC(Message Authentication Code) to the end of packet and support the error and flow control mechanisms.

• Journal of Korea Multimedia Society
• /
• v.10 no.7
• /
• pp.902-911
• /
• 2007

GSM platform is a hugely successful wireless technology and an unprecedented story of global achievement. In less than ten years since the first GSM network was commercially launched, it became the world's leading and fastest growing mobile standard, using over 1 billion GSM subscribers across more than 200 countries of the world. GSM platform evolved into 3th generation mobile communication which includes not only voice call services but also the international roaming and various kinds of the multimedia services. GSM is an essential element techniques a safe data transmission and a personal private protection while support services. However, a crypto algorithm and a secure protocol for a safe data communication using GSM are indicating various kinds of problems. In this paper, we propose a more safer and more efficient authentication protocol in 3th generation network through analysis of GSM security mechanism of 2th/2.5th generation. This security protocol offers enforced security efficiency by using user verification between SIM/ME and reduction of authentication and key agreement step between SIM/ME/AuC.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.37 no.8C
• /
• pp.697-702
• /
• 2012

In 2011, C.-T. Li et al. proposed a secure user authentication scheme, which is an improvement over Kim et al.'s scheme to resolve several security flaws such as off-line password guessing attack and masquerading attack. C.-T. Li et al. claimed that their scheme prevents smart card security related attacks. Moreover, it provides mutual authentication and session key establishment. However, we found that their scheme is vulnerable to password guessing attack through password change phase, smart card forgery attack and stolen verifier attack. Moreover, C.-T. Li et al.'s scheme is not secure against password guessing attack as they claimed. In this paper, we also point out that their scheme is not practical to use.

• Convergence Security Journal
• /
• v.12 no.6
• /
• pp.25-30
• /
• 2012

As the network composed of numerous sensor nodes, sensor network conducts the function of sensing the surrounding information by sensor and of the sensed information. Our military has also developed ICT(Information and Communication Technology) along with the methods for effective war by sharing smooth information of battlefield resources through network with each object. In this paper, a sensor network is clustered in advance and a cluster header (CH) is elected for clusters. Before deployment, a certificate is provided between the BS and the sensor nodes, and after clustering, authentication is done between the BS and the sensor nodes. Moreover, inter-CH authentication technique is used to allow active response to destruction or replacement of sensor nodes. Also, because authentication is done twice, higher level of security can be provided.