• Journal of KIISE:Information Networking
• /
• v.35 no.6
• /
• pp.465-473
• /
• 2008

The MQV protocol has been regarded as the most efficient authenticated Diffie- Hellman key exchange protocol, and standardized by many organizations including the US NSA. In Crypto 2005, Hugo Krawczyk showed vulnerabilities of MQV to several attacks and suggested a hashed variant of MQV, called HMQV, which provides the same superb performance of MQV and provable security in the random oracle model. In this paper we suggest an efficient authenticated Diffie-Hellman key exchange protocol providing the same functionalities and security of HMQV without random oracles. So far there are no authenticated Diffie-Hellman protocols which are provably secure without using random oracles and achieve the same level of security goals of HMQV efficiently yet.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2006.06a
• /
• pp.197-201
• /
• 2006

추이 서명 스킴은 edge에 대한 서명을 연결하여 경로에 대한 서명을 만드는 서명 스킴이다. 본 논문은 강한 Diffie-Hellman 가정을 이용하여 랜덤 오라클을 가정하지 않은 추이서명 스킴을 제안한다

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.12 no.1
• /
• pp.3-10
• /
• 2002

This paper proposes an ID-based entity-aunthentication and authenticated key exchange protocol with ECC via two-pass communications between two parties who airs registered to the trusted third-party KC in advance. The proposed protocol developed by applying ECDSA and Diffie-Hellman key exchange scheme to the ID-based key distribution scheme over ECC proposed by H. Sakazaki, E. Okamoto and M. Mambo(SOM scheme). The security of this protocol is based on the Elliptic Curve Discrete Logarithm Problem(ECDLP) and the Elliptic Curve Diffie-Hellman Problem(ECDHP). It is strong against unknown key share attack and it provides the perfect forward secrecy, which makes up for the weakness in SOM scheme,

• Bulletin of the Korean Mathematical Society
• /
• v.46 no.2
• /
• pp.245-253
• /
• 2009

A new hard problem called the vector decomposition problem (VDP) was recently proposed by Yoshida et al., and it was asserted that the VDP is at least as hard as the computational Diffie-Hellman problem (CDHP) under certain conditions. Kwon and Lee showed that the VDP can be solved in polynomial time in the length of the input for a certain basis even if it satisfies Yoshida's conditions. Extending our previous result, we provide the general condition of the weak instance for the VDP in this paper. However, when the VDP is practically used in cryptographic protocols, a basis of the vector space ${\nu}$ is randomly chosen and publicly known assuming that the VDP with respect to the given basis is hard for a random vector. Thus we suggest the type of strong bases on which the VDP can serve as an intractable problem in cryptographic protocols, and prove that the VDP with respect to such bases is difficult for any random vector in ${\nu}$.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.17 no.3
• /
• pp.27-33
• /
• 2007

Recently, a new hard problem on a two dimensional vector space called vector decomposition problem (VDP) was proposed by M. Yoshida et al. and proved that it is at least as hard as the computational Diffe-Hellman problem (CDHP) on a one dimensional subspace under certain conditions. However, in this paper we present the VDP relative to a specific basis can be solved in polynomial time although the conditions proposed by M. Yoshida on the vector space are satisfied. We also suggest strong instances based on a certain type basis which make the VDP difficult for any random vector relative to the basis. Therefore, we need to choose the basis carefully so that the VDP can serve as the underlying intractable problem in the cryptographic protocols.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.13 no.4
• /
• pp.1839-1848
• /
• 2012

Recently, smartphone communications using Wi-Fi channel are increasing rapidly to provide diverse internet services. The WPA security protocol was used for data protection between user and wireless AP. However, WPA-PSK protocol was known to be weak to the dictionary attack. In this paper, we proposed a secure WPA-PSK protocol to resist the dictionary attack. Since the proposed method was designed to generate a strong encryption key which is combined the Diffie-Hellman key agreement scheme with secrecy property of PSK(Pre-Shared Key), we can protect the Wi-Fi channel from Man-In-The-Middle attack and Rogue AP impersonation attack.

• Journal of Communications and Networks
• /
• v.8 no.4
• /
• pp.461-474
• /
• 2006

A group key exchange protocol is a cryptographic primitive that describes how a group of parties communicating over a public network can come up with a common secret key. Due to its significance both in network security and cryptography, the design of secure and efficient group key exchange protocols has attracted many researchers' attention over the years. However, despite all the efforts undertaken, there seems to have been no previous systematic look at the growing problem of key exchange over combined wired and wireless networks which consist of both stationary computers with sufficient computational capabilities and mobile devices with relatively restricted computing resources. In this paper, we present the first group key exchange protocol that is specifically designed to be well suited for this rapidly expanding network environment. Our construction meets simplicity, efficiency, and strong notions of security.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.7 no.8
• /
• pp.2010-2026
• /
• 2013

The combination of biometrics and cryptography gains a lot of attention from both academic and industry community. The noisy biometric measurement makes traditional identity based cryptosystems unusable. Also the extraction of key from biometric information is difficult. In this paper, we propose an efficient biometric identity based signature scheme (Bio-IBS) that makes use of fuzzy extractor to generate the key from a biometric data of user. The component fuzzy extraction is based on error correction code. We also prove that the security of suggested scheme is reduced to computational Diffie-Hellman (CDH) assumption instead of other strong assumptions. Meanwhile, the comparison with existing schemes shows that efficiency of the system is enhanced.

• Journal of KIISE:Computer Systems and Theory
• /
• v.33 no.1_2
• /
• pp.110-118
• /
• 2006

Cryptographic protocol design in a two-party setting has of tel ignored the possibility of simultaneous message transmission by each of the two parties (i.e., using a duplex channel). In particular, most protocols for two-party key exchange have been designed assuming that parties alternate sending their messages (i.e., assuming a bidirectional half-duplex channel). However, by taking advantage of the communication characteristics of the network it may be possible to design protocols with improved latency. This is the focus of the present work. We present three provably-secure protocols for two-party authenticated key exchange (AKE) which require only a single round. Our first, most efficient protocol provides key independence but not forward secrecy. Our second scheme additionally provides forward secrecy but requires some additional computation. Security of these two protocols is analyzed in the random oracle model. Our final protocol provides the same strong security guarantees as our second protocol, but is proven secure in the standard model. This scheme is only slightly less efficient (from a computational perspective) than the previous ones. Our work provides the first provably- secure one-round protocols for two-party AKE which achieve forward secrecy.

• Journal of the Institute of Electronics and Information Engineers
• /
• v.50 no.3
• /
• pp.23-32
• /
• 2013

As the mobile communication technology is developed, the services for communication between the mobile devices are provided, and the amount of usage is increasing tremendously. For the device-to-device communication, the device should be verified if it is a service member. The existing verification schemes include interactions with the third party, while this may cause the problems that the bandwidth is dissipated and the devices which are out of the communication range of the base station cannot communicate with other devices. To solve such problems, we propose a new scheme for verification between mobile devices without interaction of third party. For the proposed scheme, we develop and employ a new zero-knowledge proof protocol, which verifies the device's membership and its expiration time. Furthermore, the scheme guarantees privacy of the mobile device since it checks the encrypted verification message without decrypting, and protects replaying attack since it uses challenge-response method.