• Proceedings of the Korean Information Science Society Conference
• /
• 2000.04a
• /
• pp.704-706
• /
• 2000

두 명 또는 그 이상의 통신 참가자가 통신 채널을 개설하여 통신을 종료하기까지를 하나의 세션으로 정의하였을 때, 기존의 세션 키 생성 프로토콜은 하나의 세션에서 하나의 비밀 세션 키만을 생성한다. 방대하고 다양한 정보를 빠른 시간에 전송하는 초고속 네트워크 환경에서는 하나의 통신 세션에서 하나의 세션 키만을 사용하는 기존의 방법만으로는 안전한 데이터의 전송이 보장되지 않는다. 본 논문에서는 하나의 세션에서 별도의 키 분배 프로토콜의 수행 없이 서로 다른 다수의 세션 키를 생성하여 사용할 수 있도록 함으로써, 초고속 네트워크 상에서 보다 안전한 데이터의 전송이 이루어질 수 있도록 한다. 이를 위해 키드 해쉬 함수(keyed hash function)를 이용하여 간단하고 효율적인 멀티 세션 키 생성 프로토콜을 제시한다.

• Proceedings of the IEEK Conference
• /
• 2004.08c
• /
• pp.581-584
• /
• 2004

Currently, there are many subscriber access networks: PSTN, ADSL, Cellular Network, IMT200 and so on. To these service providers that provide above network service, it is important that they authenticate and authorize legal subscribers and account for their usage. At present, There exist the several protocols that Support AAA(Authentication, Authorization and Accounting) service : RADIUS, Diameter, TACACS+. Nowadays, RADIUS has used for AAA service widely. It has been extended to support other access network environment. So, we extend RADIUS to support environment of Mobile IPv6. Mobile IPv6 uses IPsec as a security mechanism, basically. But, IPsec is a heavy security technology for small, portable, mobile device. Especially, it is serious at IKE, the subset of IPsec. IKE is a key distribution protocol that distributes the key to the endpoints of IPsec. In t:lis paper, we extend RADIUS to support environment of Mobile IPv6 and simplify the IKE phase of IPsec by AAA system distributing the keys by using its security communication channel. Namely, we propose the key distribution method for IPsec SA establishment between mobile node and home agent. The suggested method was anticipated to be effective at low-power, low computing deyice. Finally, end users feel the faster authentication.

• IEIE Transactions on Smart Processing and Computing
• /
• v.1 no.1
• /
• pp.65-71
• /
• 2012

Mobile RFID is a new application that uses a mobile phone as an RFID reader with wireless technology and provides a new valuable service to users by integrating RFID and ubiquitous sensor network infrastructures with mobile communication and wireless Internet. Whereas the mobile RFID system has many advantages, privacy violation problems on the reader side are very concerning to individuals and researchers. Unlike in regular RFID environments, where the communication channel between the server and reader is assumed to be secure, the communication channel between the backend server and the RFID reader in the mobile RFID system is not assumed to be safe. Therefore it has become necessary to devise a new communication protocol that secures the privacy of mobile RFID-enabled devices. Recently, Lo et al. proposed a mutual key agreement protocol that secures the authenticity and privacy of engaged mobile RFID readers by constructing a secure session key between the reader and server. However, this paper shows that this protocol does not meet all of the necessary security requirements. Therefore we developed an enhanced mutual key agreement protocol for mobile RFID-enabled devices that alleviates these concerns. We further show that our protocol can enhance data security and provide privacy protection for the reader in an unsecured mobile RFID environment, even in the presence of an active adversary.

• The KIPS Transactions:PartC
• /
• v.15C no.5
• /
• pp.359-366
• /
• 2008

As the use of Internet and information communication technology is being generalized, the SSL protocol is essential in Internet because the important data should be transferred securely. While the SSL protocol is designed to defend from active attack such as message forgery and message alteration, the cipher suite setting can be easily modified. If the attacker draw on a malfunction of the client system and modify the cipher suite setting to the symmetric key algorithm which has short key length, he should eavesdrop and cryptanalysis the encrypt data. In this paper, we examine the domestic web site whether they generate the security session through the symmetric key algorithm which has short key length and propose the solution of the cipher suite setting problem.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2007.06a
• /
• pp.823-826
• /
• 2007

In ubiquitous environment, mobile devices, which users carry, tend to be resource-constraint, thus resulting in the need for an authentication protocol, which provides light-weight computations as well as strong security. Recently S/Key based protocols, which satisfy such a requirement by achieving light-weight computations, strong authentication and session key exchange, have been proposed. In particular, You and Jung's protocol is more efficient and secure than others. In this paper, we compare and analyze You-Jung with other protocols. Also, we design an authentication scenario and status of mobile devices while implementing the protocol.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.7 no.8
• /
• pp.1732-1742
• /
• 2003

WPP protocol based a Credit card payment in mobile Internet uses WTLS which is security protocol of WAP. WTLS can't provide End­to­End security in network. In this paper, we propose a protocol both independent in mobile Internet platform and allow a security between user and VASP using Mobile Gateway in AIP. In particular, our proposed protocol is suitable in mobile Internet, since session key for authentication and initial payment process is generated using Weil Diffie­Hellman key exchange method that use additive group algorithm on elliptic curve.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.14 no.5
• /
• pp.23-36
• /
• 2004

This paper presents a password based authentication and key exchange protocol which can be used for both authenticating users and exchanging session keys for a subsequent secure communication over an untrusted network. Our idea is to increase a randomness of the password verification data, i.e., we split the password, and then amplify the split passwords in the high entropy-structured password verification data. And in order to prevent the verifier-compromised attack, we construct our system such that the password verification data is encrypted with the verifier's key and the private key of verifier used to encrypt it is stored in a secure place like a smart cards. Also we propose the distributed password authentication scheme utilizing many authentication servers in order to prevent the server-compromised attack occurred when only one server is used. Furthermore, the security analysis on the proposed protocol has been presented as a conclusion.

• The KIPS Transactions:PartC
• /
• v.11C no.7 s.96
• /
• pp.971-980
• /
• 2004

This paper describes the design and implementation of the video conferencing system using public key infrastructure which is used for user authentication and encryption. Public key infrastructure reinforces the authentication process for conference participant, and the symmetric key system blocks malicious access to information and protect conference control information. This paper shows the implementation of the trans portation layer secure protocol in conformity with Korea public key authentication algorithm standard and symmetric encryption algorithm (DES, 3DES and AES) for media stream encryption. In this paper, we deal with two ways of protecting information : transportation layer secure protocol secures user authentication process and the conference control information; while public key-based authentication system protects personal information of users when they connect to the network. When distributing the session keys for encryption, Internet Key Exchange is used for P2P communication, and secure protocol is employed for 1 : N multi-user communication in the way of distributing the public key-based en-cryption key.

• Journal of Broadcast Engineering
• /
• v.13 no.2
• /
• pp.251-260
• /
• 2008

In this paper, we present two verifier-based multi-party PAKE (password-authenticated key exchange) protocols. The shared key can be used for secure content transmission. The suggested protocols are secure against server compromise attacks. Our first protocol is designed to provide forward secrecy and security against known-key attacks. The second protocol is designed to additionally provide key secrecy against the server which means that even the server can not know the session keys of the users of a group. The suggested protocols have a constant number of rounds are provably secure in the standard model. To the best of our knowledge, the proposed protocols are the first secure multi-party PAKE protocols against server compromise attacks in the literature.

• The KIPS Transactions:PartC
• /
• v.14C no.4
• /
• pp.331-340
• /
• 2007

Mobile network environments are the environments where mobile devices are distributed invisible in our daily lives so that we can conventionally use mobile services at my time and place. The fact that we can work with mobile devices regardless of time and place, however, means that we are also in security threat of leaking or forging the information. In particular, without solving privacy concern, the mobile network environments which serve convenience to use, harmonized without daily lives, on the contrary, will cause a serious malfunction of establishing mobile network surveillance infrastructure. On the other hand, as the mobile devices with various sizes and figures, public key cryptography techniques requiring heavy computation are difficult to be applied to the computational constrained mobile devices. In this paper, we propose efficient PKI-based user authentication and java-based cryptography module for the privacy-preserving in mobile network environments. Proposed system is support a authentication and digital signature to minimize encrypting and decrypting operation by compounding session key and public key based on Korean standard cryptography algorithm(SEED, KCDSA, HAS160) and certificate in mobile network environment. Also, it has been found that session key distribution and user authentication is safety done on PDA.