• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.15 no.1
• /
• pp.17-27
• /
• 2005

With the development of wire and wireless based networks, a various security protocols have been proposed to protect important resources and user information against attackers. However, many security protocols have found oかy to be later vulnerable to attacks. In this Paper, we introduce the formal methodology to verify the safety of security protocols in the design phase, and we take advantage of the formal methodology which uses Casper/CSP and FDR tools by introducing the verification example of EKE protocol and BCY protocol. Lastly, we propose a new BCY protocol after verifying it's safety.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2002.11a
• /
• pp.369-372
• /
• 2002

An anonymous authentication scheme allows a user to identify himself as a member of a group of users in a secure and anonymous way. It seems to be crucial and indispensable components in English auction, electronic voting and open procurement, which are getting very popular business areas in E-commerce. First, we briefly describe the previous anonymous authentication protocols how to work and what cryptographic techniques adopted to increase performance and achieve anonymity. Second, we compare those protocols from the viewpoint of the communication and computation complexity and the specific cryptographic techniques used in their protocols.

• ETRI Journal
• /
• v.31 no.4
• /
• pp.460-462
• /
• 2009

The emerging wireless networks require the design of new authentication protocols due to their dynamic nature and vulnerable-to-attack structure. Recently, Wu and others proposed a wireless authentication protocol which is claimed to be an improvement of the authentication protocol proposed by Lee and others which provides user anonymity. In this letter, we show that these protocols have a common flaw and that these protocols fail to provide user anonymity. We also propose a modification method to solve this problem.

• International Journal of Computer Science & Network Security
• /
• v.21 no.8
• /
• pp.17-27
• /
• 2021

Non-abelian group based cryptosystems are a latest research inspiration, since they offer better security due to their non-abelian properties. In this paper, we propose a novel approach to non-abelian group based public-key cryptographic protocols using semidirect products of finite groups. An intractable problem of determining automorphisms and generating elements of a group is introduced as the underlying mathematical problem for the suggested protocols. Then, we show that the difficult problem of determining paths and cycles of Cayley graphs including Hamiltonian paths and cycles could be reduced to this intractable problem. The applicability of Hamiltonian paths, and in fact any random path in Cayley graphs in the above cryptographic schemes and an application of the same concept to two previous cryptographic protocols based on a Generalized Discrete Logarithm Problem is discussed. Moreover, an alternative method of improving the security is also presented.

• Journal of Korea Multimedia Society
• /
• v.11 no.10
• /
• pp.1403-1408
• /
• 2008

A number of three party key exchange protocols using smart card in effort to reduce server side workload and two party password based key exchange authentication protocols has been proposed. In this paper, we introduce the survey and analysis on security vulnerability of smart card based three party authenticated key exchange protocols. Furthermore, we analyze Kwak et al's password based key exchange and authentication protocols which have shown security weakness such as Shim et al's off-line password guessing attack and propose the countermeasure to deter such attack.

• International Journal of Computer Science & Network Security
• /
• v.21 no.1
• /
• pp.207-213
• /
• 2021

Networks in Mobile ad hoc contain distribution and do not have a predefined structure which practically means that network modes can play the role of being clients or servers. The routing protocols used in mobile Ad-hoc networks (MANETs) are characterized by limited bandwidth, mobility, limited power supply, and routing protocols. Hybrid routing protocols solve the delay problem of reactive routing protocols and the routing overhead of proactive routing protocols. The Ant Colony Optimization (ACO) algorithm is used to solve other real-life problems such as the travelling salesman problem, capacity planning, and the vehicle routing challenge. Bio-inspired methods have probed lethal in helping to solve the problem domains in these networks. Hybrid routing protocols combine the distance vector routing protocol (DVRP) and the link-state routing protocol (LSRP) to solve the routing problem.

• The KIPS Transactions:PartC
• /
• v.14C no.1 s.111
• /
• pp.55-64
• /
• 2007

Behind the popularity of VoIP in these days, it may present significant security challenges in privacy and accounting. Authentication and message encryption are considered to be essential mechanisms in VoIP to be comparable to PSTN. SIP is responsible for setting up a secure call in VoIP. SIP employs TLS, DTLS or IPSec combined with TCP, UDP or SCTP as a security protocol in VoIP. These security mechanisms may introduce additional overheads into the SIP performance. However, this overhead has not been understood in detail by the community. In this paper we present the effect of the security protocol on the performance of SIP by comparing the call setup delays among security protocols. We implement a simulation of the various combinations of three security protocols and three transport layer protocols suggested for SIP. UDP with any combination of security protocols performs a lot better than the combination of TCP. TLS over SCTP may impose higher impact on the performance in average because TLS might have to open secure channels as the same number of streams in SCTP. The reasons for differences in the SIP performances are given.

• Journal of Convergence for Information Technology
• /
• v.10 no.12
• /
• pp.22-30
• /
• 2020

With the development of information and communication technology, DDoS and DRDoS continue to become security issues, and gradually develop into advanced techniques. Recently, IT companies have been threatened with DRDoS technology, which uses protocols from normal servers to exploit as reflective servers. Reflective traffic is traffic from normal servers, making it difficult to distinguish from security equipment and amplified to a maximum of Tbps in real-life cases. In this paper, after comparing and analyzing the DNS amplification and Memcached amplification used in DRDoS attacks, a countermeasure that can reduce the effectiveness of the attack is proposed. Protocols used as reflective traffic include TCP and UDP, and NTP, DNS, and Memcached. Comparing and analyzing DNS protocols and Memcached protocols with higher response sizes of reflective traffic among the protocols used as reflective traffic, Memcached protocols amplify ±21% more than DNS protocols. The countermeasure can reduce the effectiveness of an attack by using the Memcached Protocol's memory initialization command. In future studies, various security-prone servers can be shared over security networks to predict the fundamental blocking effect.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.6 no.2
• /
• pp.751-765
• /
• 2012

Key establishment protocols are fundamental for establishing secure communication channels over public insecure networks. Security must be given the topmost priority in the design of a key establishment protocol. In this work, we provide a security analysis on two recent key establishment protocols: Harn and Lin's group key transfer protocol and Dutta and Barua's group key agreement protocol. Our analysis shows that both the Harn-Lin protocol and the Dutta-Barua protocol have a flaw in their design and can be easily attacked. The attack we mount on the Harn-Lin protocol is a replay attack whereby a malicious user can obtain the long-term secrets of any other users. The Dutta-Barua protocol is vulnerable to an unknown key-share attack. For each of the two protocols, we present how to eliminate their security vulnerabilities. We also improve Dutta and Barua's proof of security to make it valid against unknown key share attacks.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.20 no.1
• /
• pp.85-94
• /
• 2010

As an automatic identification technology, in which electronic tags are attached to items and system auto-identifies informations of the items using wireless communication technology, use of RFID system is increasing in various fields. According to that, related security problems are becoming important issue. Up to now, many authentication protocols have been proposed to solve security problem of RFID system. In this paper, We show that the RFID authentication protocols in [9, 10], which are compatible with Type C RFID system in ISO 18000-6 Amd1[8], are vulnerable to a spoofing attack. In addition, we propose improved protocols having small additional cost over the original protocols.