• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.14 no.1
• /
• pp.59-69
• /
• 2004

Password-based authenticated group key exchange protocols provide a group of user, communicating over a public(insecure) channel and holding a common human-memorable password, with a session key to be used to construct secure multicast sessions for data integrity and confidentiality. In this paper, we present a password-based authenticated group key exchange protocol and prove the security in the random oracle model and the ideal cipher model under the intractability of the decisional Diffie-Hellman(DH) problem and computational DH problem. The protocol is scalable, i.e. constant round and with O(1) exponentiations per user, and provides forward secrecy.

• Journal of Information Technology Services
• /
• v.8 no.2
• /
• pp.117-136
• /
• 2009

Over the years a password has been used as a popular authentication method between a client and a server because of its easy-to-memorize property. But, most password-based authentication services have focused on a same password authentication scheme which provides an authentication and key exchange between a client and a server with the same password. With rapid change of communication environments in the fields such as mobile networks, home networking, etc., the end-to-end security allowing users to hold different password is considered as one of main concerns. In this paper, we consider a new authentication service of how each client with different own password is able to authenticate each other, which is a quite new service paradigm among the existing services. This new service can be used in the current or next generation network environment where a mobile user in cell A wants to establish a secure end-to-end channel with users in ceil B, C, and D using only their memorable passwords. This end-to-end security service minimizes the interferences from the operator controlled by network components. To achieve this end-to-end security, we propose an authentication and key exchange service for group users in different realm, and analyze its security in a formal way. We also discuss a generic construction with the existing authentication schemes.

• Journal of Korea Multimedia Society
• /
• v.8 no.4
• /
• pp.525-535
• /
• 2005

A password-based authenticated tripartite key exchange protocol based on A. Joux's protocol was proposed. By using encryption scheme with shared password, we can resolve man-in-the-middle attack and lack of authentication problems. We also suggested a scheme to avoid the offline dictionary attack to which symmetric encryption schemes are vulnerable. The proposed protocol does not require a trusted party which is required in certificate or identity based authentication schemes. Therefore in a ad hoc network which is difficult to install network infrastructure, the proposed protocol would be very useful. The proposed protocol is more efficient in computation aspect than any existing password-based authenticated tripartite key exchange protocols. When it is used as a base line protocol of tree based group key exchange protocol, the computational weak points of the proposed protocol are compensated.

• Journal of the Korea Society of Computer and Information
• /
• v.17 no.4
• /
• pp.91-98
• /
• 2012

A group key exchange (GKE) protocol is designed to allow a group of parties communicating over a public network to establish a common secret key. As group-oriented applications gain popularity over the Internet, a number of GKE protocols have been suggested to provide those applications with a secure multicast channel. Among the many protocols is Yi et al.'s password-based GKE protocol in which each participant is assumed to hold their individual password registered with a trusted server. A fundamental requirement for password-based key exchange is security against off-line dictionary attacks. However, Yi et al.'s protocol fails to meet the requirement. In this paper, we report this security problem with Yi et al.'s protocol and show how to solve it.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.7 no.12
• /
• pp.3244-3260
• /
• 2013

A three-party password-based authenticated key exchange (PAKE) protocol allows two clients registered with a trusted server to generate a common cryptographic key from their individual passwords shared only with the server. A key requirement for three-party PAKE protocols is to prevent an adversary from mounting a dictionary attack. This requirement must be met even when the adversary is a malicious (registered) client who can set up normal protocol sessions with other clients. This work revisits three existing three-party PAKE protocols, namely, Guo et al.'s (2008) protocol, Huang's (2009) protocol, and Lee and Hwang's (2010) protocol, and demonstrates that these protocols are not secure against offline and/or (undetectable) online dictionary attacks in the presence of a malicious client. The offline dictionary attack we present against Guo et al.'s protocol also applies to other similar protocols including Lee and Hwang's protocol. We conclude with some suggestions on how to design a three-party PAKE protocol that is resistant against dictionary attacks.

• Journal of Broadcast Engineering
• /
• v.13 no.2
• /
• pp.251-260
• /
• 2008

In this paper, we present two verifier-based multi-party PAKE (password-authenticated key exchange) protocols. The shared key can be used for secure content transmission. The suggested protocols are secure against server compromise attacks. Our first protocol is designed to provide forward secrecy and security against known-key attacks. The second protocol is designed to additionally provide key secrecy against the server which means that even the server can not know the session keys of the users of a group. The suggested protocols have a constant number of rounds are provably secure in the standard model. To the best of our knowledge, the proposed protocols are the first secure multi-party PAKE protocols against server compromise attacks in the literature.

• Journal of KIISE:Information Networking
• /
• v.32 no.6
• /
• pp.651-658
• /
• 2005

Mobile communication has become more pervasive and it is considered as one of main concerns oi conferencing, multi-user games and etc. in mobile environment. These applications need to secure communication in group. Most of the published protocols are based on model which consists of a stationary base station and a cluster of mobile devices. In this paper, we have focused on the extended model of which participants are several base stations and mobile devices in different cells. We present a new group key protocol among mobile devices in different cells and analyze its security And we also look at how password authentication can be used to our group key agreement protocol. The mobile device's computing load may be reduced by using password authentication.

• Journal of Information Processing Systems
• /
• v.6 no.3
• /
• pp.335-346
• /
• 2010

The present study investigates the difficulty of solving the mathematical problem, namely the DLP (Discrete Logarithm Problem) for ephemeral keys. The DLP is the basis for many public key cryptosystems. The ephemeral keys are used in such systems to ensure security. The DLP defined on a prime field $Z^*_p of random prime is considered in the present study. The most effective method to solve the DLP is the ICM (Index Calculus Method). In the present study, an efficient way of computing the DLP for ephemeral keys by using a new variant of the ICM when the factors of p-1 are known and small is proposed. The ICM has two steps, a pre-computation and an individual logarithm computation. The pre-computation step is to compute the logarithms of a subset of a group and the individual logarithm step is to find the DLP using the precomputed logarithms. Since the ephemeral keys are dynamic and change for every session, once the logarithms of a subset of a group are known, the DLP for the ephemeral key can be obtained using the individual logarithm step. Therefore, an efficient way of solving the individual logarithm step based on the newly proposed precomputation method is presented and the performance is analyzed using a comprehensive set of experiments. The ephemeral keys are also solved by using other methods, which are efficient on random primes, such as the Pohlig-Hellman method, the Van Oorschot method and the traditional individual logarithm step. The results are compared with the newly proposed individual logarithm step of the ICM. Also, the DLP of ephemeral keys used in a popular password key exchange protocol known as Chang and Chang are computed and reported to launch key recovery attack.

• Journal of the Korea Convergence Society
• /
• v.7 no.1
• /
• pp.49-55
• /
• 2016

In a delegate authentication, a user can lend his/her own authentication data to the third parties to let them be authenticated instead of himself/herself. The user authentication schemes based on the memory of unique data such as password, are vulnerable to this type of attack. Biometric authentication could minimize the risk of delegate authentication since it uses the biometric data unique by each person. Group authentication scheme is used to prove that each group member belongs to the corresponding group. For applications such as an electronic voting or a mobile meeting where the number of group members is changing dynamically, a new group authentication method is needed to reflect the status of group in real time. In this paper, we propose biometric authentication based dynamic group signature scheme. The proposed scheme is composed of biometric key generation, group public key creation, group signature generation, group signature verification and member update protocols. The proposed member update protocol is secure against colluding attacks of existing members and could reflect group status in real time.

• Journal of the Korea Society of Computer and Information
• /
• v.15 no.12
• /
• pp.85-92
• /
• 2010

There is an authentication method for participants with an encrypted ID and password as a symmetric-key in multilateral video conferencing. It is hard to manage when the security-keys makes many while the transportation processing for the encryption and decryption get complicated when the video conferencing involves a number of participants and the third party as an attackers to gain unauthorized symmetric-key to access video conference which makes a problem less secrecy. This study suggests three ways to enhance security in video conference: first, we present PKI-based X.509 certificate for authenticating the participants of multilateral conferencing and we suggest to encode and decode the video conference media data using a secrecy key created by each of the conference participants; second, a more secured multilateral video conferencing can be expected in a group communication by using the participants secrecy key in creating and distributing group keys, where the group key will be renewed whenever there is change in the group member; and finally, we suggest to encode the RTP payload of the media data before transmission.