• Journal of Korea Society of Digital Industry and Information Management
• /
• v.12 no.1
• /
• pp.35-41
• /
• 2016

Internet of Things (IoT) services are widely used in appliances of daily life and industries. IoT services also provide various conveniences to users and are expected to affect value added of all industries and national competitiveness. However, a variety of security threats are increased in IoT environments and lowers reliability of IoT devices and services that make some obstacles for commercialization. The attacks arising in IoT environments are making industrial and normal life accidents unlike existing information leak and monetary damages, and can expand damage scale of leakage of personal information and privacy more than existing them. To solve these problems, we design a session key based access control scheme for secure communications in IoT environments. The proposed scheme reinforces message security by generating session key between device and access control network system. We analyzed the stability of the proposed access scheme in terms of data forgery and corruption, unauthorized access, information disclosure, privacy violations, and denial of service attacks. And we also evaluated the proposed scheme in terms of permission settings, privacy indemnity, data confidentiality and integrity, authentication, and access control.

• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.46 no.2
• /
• pp.81-88
• /
• 2009

This paper proposed a session key exchange and authentication scheme on non-interactive key distribution algorithm using a community member's ID in ubiquitous networks. In ubiquitous network environment, User's context-awareness information is collected and used to provide a context-awareness service for someone who need it. However, in ubiquitous network environment, this kind of the Context-awareness information could be abused by a malicious nodes. The proposed scheme using the community member ID provides a session key exchange and mutual authentication between community members, and supports secure data communication. Also, when exchanging the session key and authenticating each other, this scheme reduces communication overhead and authentication delay compared to the AAA server scheme.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.3
• /
• pp.3-8
• /
• 2008

Ephemeral data are easily revealed if state specific information is stored in insecure memory or a random number generator is corrupted. In this letter, we show that Nam et al.'s group key agreement scheme, which is an improvement of Bresson et al.'s scheme, is not secure against session-state reveal attacks. We then propose an improvement to fix the security flaw.

• Journal of information and communication convergence engineering
• /
• v.3 no.2
• /
• pp.93-95
• /
• 2005

In order to create security session, security keys are preconfigured between communication objects. For this purpose, Handshake Protocol exists. The pre-master secret key that is used in this process needs to interpreted by a server to create master secret key, whose process requires a big calculation, resulting in deteriorating system's transmission performance. Therefore, it is helpful in increasing transmission speed to reuse secret keys rather than to create them at every connection.

• Journal of Digital Convergence
• /
• v.13 no.10
• /
• pp.343-351
• /
• 2015

With the diverse services of the current M2M environment being expanded to the organizations, the corporations, and the daily lives, the possibility of the occurrence of the vulnerabilities of the security of the related technologies have become an issue. In order to solve such a problem of the vulnerability of the security, this thesis proposes the technique for applying the cryptography algorithm for the protection of the device key of the M2M environment. The proposed technique was based on the elliptic curve cryptography Through the key exchange and the signature exchange in the beginning, the security session was created. And the white box cipher was applied to the encryption that creates the white box table using the security session key. Application results cipher algorithm, Elliptic Curve Cryptography provides a lightweight mutual authentication, a session key for protecting the communication session and a conventional white-box cipher algorithm and was guaranteed the session key used to encrypt protected in different ways. The proposed protocol has secure advantages against Data modulation and exposure, MITM(Man-in-the-middle attack), Data forgery and Manipulation attack.

• Proceedings of the Korean Information Science Society Conference
• /
• 2002.10c
• /
• pp.610-612
• /
• 2002

전송계층에서의 안전한 통신을 위한 Secure Sockets Layer(SSL)와 Transport Layer Security(TLS)의 Handshake 프로토콜에서 Session ID의 저장이 매우 짧은 시간 동안 저장됨으로 전체적인 Full Handshake의 횟수가 증가한다. 따라서, 안전한 Session resume 보장함으로 서버의 session cache 기한을 연장할 수 있으며 전체적인 Full Handshake 프로토콜의 횟수를 줄일 수 있다. 본 논문에서는 Handshake 프로토콜의 성능 개선을 위하여 S/key와 같은 해쉬의 일방향 성질을 이용하는 개선된 Session resume의 방안을 제안한다.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.10 no.3
• /
• pp.181-196
• /
• 2014

Cloud computer technology currently provides diverse services based on a comprehensive environment ranging from hardware to solution, network and service. While the target of services has been extended from institutions and corporations to personal infrastructure and issues were made about security problems involved with protection of private information, measures on additional security demands for such service characteristics are insufficient. This paper proposes a multi-session authentication technique based on the characteristics of SaaS (Software as a Service) among cloud services. With no reliable authentication authority, the proposed technique reinforced communication sessions by performing key agreement protocol safe against key exposure and multi-channel session authentication, providing high efficiency of performance through key renewal using optimzied key table. Each formed sessions have resistance against deprivation of individual confirmation and service authority. Suggested confirmation technique that uses these features is expected to provide safe computing service in clouding environment.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.11 no.8
• /
• pp.4025-4042
• /
• 2017

Session initiation protocol (SIP) is a kind of powerful and common protocols applied for the voice over internet protocol. The security and efficiency are two urgent requirements and admired properties of SIP. Recently, Hamed et al. proposed an efficient authentication and key agreement scheme for SIP. However, we demonstrate that Hamed et al.'s scheme is vulnerable to de-synchronization attack and cannot provide anonymity for users. Furthermore, we propose an improved and efficient authentication and key agreement scheme by using elliptic curve cryptosystem. Besides, we prove that the proposed scheme is provably secure by using secure formal proof based on Burrows-Abadi-Needham logic. The comparison with the relevant schemes shows that our proposed scheme has lower computation costs and can provide stronger security.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.10 no.12
• /
• pp.1355-1360
• /
• 2015

Recently MANET application is diversified studies on the MANET routing security and the reliable authentication mechanism is actively in progress. Stand-alone network structure of a MANET is an important field of ubiquitous computing environment of interest, Authentication techniques are already provided safety when applied to MANET reliability and efficiency in a secure authentication mechanism using the session key. However, most of the MANET environment, the model has been based on the assumption that the safety is guaranteed, When applied to an actual network situation, we can not rule out a variety of threats. This study is the testing and analysis to add the malicious node extracted at random to demonstrate the safety and efficacy of the session key certification techniques of the MANET environment.

• Journal of Internet Computing and Services
• /
• v.9 no.2
• /
• pp.83-88
• /
• 2008

Session initiation protocol (SIP) is an application-layer prolocol to initiate and control multimedia client session. When client ask to use a SIP service, they need to be authenticated in order to get service from the server. Authentication in a SIP application is the process in which a client agent present credentials to another SIP element to establish a session or be granted access to the network service. In 2005, Yang et al. proposed a key exchange and authentication scheme for use in SIP applications, which is based on the Diffie-Hellman protocol. But, Yang et al.'s scheme is not suitable for the hardware-limited client and severs, since it requires the protocol participant to perform significant amount of computations (i.e., four modular exponentiations). Based on this observation. Huang and Wei have recently proposed a new efficient key exchange and authentication scheme thor improves on Yang et al.'s scheme. As for security, Huang and Wei claimed, among others, that their scheme is resistant to offline dictionary attacks. However, the claim turned out to be untrue. In this paper, we show thor Huang and Wei's key exchange and authentication scheme is vulnerable to on offline dictionary attack and forward secrecy.