• Title/Summary/Keyword: AVISPA

Search Result 15, Processing Time 0.02 seconds

The Specification and Verification of On-Line Secure E-passport Protocols Using AVISPA (AVISPA를 이용한 On-Line Secure E-passport Protocol의 명세 및 검증)

  • Kim, Hyun-Su;Choi, Jin-Young
    • Proceedings of the Korea Information Processing Society Conference
    • /
    • 2010.04a
    • /
    • pp.746-749
    • /
    • 2010
  • 현재 전자여권은 미국을 중심으로 도입이 시작, 전 세계 36개국에서 발행되고 있으며 우리나라도 2008년 시작으로 비자 면제국 가입을 위한 기본 조건으로 전자여권 전환 작업이 진행되고 있다. 전자여권의 도입과 함께 지문 정보 저장에 대한 프라이버시 문제 및 전자여권 내 정보 보호의 문제 등이 대두 되고 있다. 전자여권에서 사용 되고 있는 프로토콜 중의 하나인 OSEP의 취약점 및 문제점을 사전에 알아내 개인 정보 유출을 미연에 방지할 수 있도록 정형 명세 및 검증 도구인 AVISPA를 사용하여 접근해 보았다. 본 논문에서는 AVISPA를 이용한 명세 및 검증을 통해 OSEP(On-Line Secure E-passport Protocol)의 취약점을 효과적으로 발견할 수 있는 방법을 제안한다.

The Specification and Verification of RFID Security Protocols Using AVISPA (AVISPA을 이용한 RFID 보안 프로토콜의 명세 및 검증)

  • Kang, Mi-Young;Oh, Jung-Hyun;Lee, Song-Hee;Choi, Jin-Young
    • Proceedings of the Korean Information Science Society Conference
    • /
    • 2007.10d
    • /
    • pp.140-145
    • /
    • 2007
  • 최근 유비쿼터스 컴퓨팅에 관한 연구가 활발히 진행됨에 따라 핵심 기술인 RFID 프로토콜에 대한 연구가 활발히 진행되고 있다. 그러나 RF를 사용하며 무선통신을 함으로써 악의적인 공격자에 노출되는 보안상의 문제점이 발생한다. 본 논문은 기존의 RFID 보안 프로토콜의 문제점을 분석하여 새로운 프로토콜을 제안한다. 그리고 제안된 프로토콜을 AVISPA로 정형 명세하고 보안성을 정형 검증하여 안전함을 보여준다.

  • PDF

The Specification and Verification of Security Protocols on E-commerce System Using AVISPA (AVISPA를 이용한 전자상거래 시스템의 보안 프로토콜 명세 및 검증)

  • Jeong, Yeon-Oh;Kim, Joo-Bae;Kim, Hyun-Seok;Choi, Jin-Young
    • Proceedings of the Korean Information Science Society Conference
    • /
    • 2008.06d
    • /
    • pp.32-36
    • /
    • 2008
  • 최근 인터넷을 이용한 전자상거래(e-commerce)가 확산되면서 많은 편의를 제공하고 있다. 하지만, 인터넷을 통한 거래는 개인정보의 유출이나 주문 및 지불 정보의 유출 등의 취약점들에 대한 보안상의 요구를 만족하면서도 사용자들이 접근하기 쉽고 사용하기 편리해야 한다는 점에서 이중적인 어려움을 가지고 있다. 본 논문에서는 현재 전자상거래에서 사용되고 있는 보안 프로토콜들의 문제점들을 분석하고 이를 보완한 새로운 보안 프로토콜을 제안한다. 그리고 제안된 프로토콜을 정형검증 툴인 AVISPA를 이용하여 명세 및 검증함으로써 안전성을 검증한다.

  • PDF

The Specification and Verification of EAP-AKA Protocols on 3GPP Network Using AVISPA (AVISPA를 이용한 3GPP 네트워크의 EAP-AKA 프로토콜 명세 및 검증)

  • Kim, Hyun-Su;Choi, Jin-Young
    • Proceedings of the Korean Information Science Society Conference
    • /
    • 2010.06d
    • /
    • pp.47-51
    • /
    • 2010
  • 휴대인터넷(WiBro: Wireless Broadband)은 언제 어디서나 고속으로 무선 인터넷 접속이 가능한 서비스를 위한 기술이다. 노트북을 비롯한 휴대가 간편한 PDA, 스마트폰으로 사람이 보행 또는 차량 주행 중에서도 끊김 없이(seamless) 무선 인터넷 서비스가 가능하다. 이동성과 고속 무선 통신이 가능한 서비스에서 중요한 기술 요소 중 하나가 보안이다. 본 논문은 안전한 서비스를 제공하기 위하여 WiBro 무선 네트워크에서의 USIM 기반 EAP-AKA 인증 프로토콜 보안 요구사항 안전성을 정형기법 툴인 AVISPA를 이용하여 명세 및 검증해 본다.

  • PDF

AN EFFICIENT AND SECURE STRONG DESIGNATED VERIFIER SIGNATURE SCHEME WITHOUT BILINEAR PAIRINGS

  • Islam, Sk Hafizul;Biswas, G.P.
    • Journal of applied mathematics & informatics
    • /
    • v.31 no.3_4
    • /
    • pp.425-441
    • /
    • 2013
  • In literature, several strong designated verifier signature (SDVS) schemes have been devised using elliptic curve bilinear pairing and map-topoint (MTP) hash function. The bilinear pairing requires a super-singular elliptic curve group having large number of elements and the relative computation cost of it is approximately two to three times higher than that of elliptic curve point multiplication, which indicates that bilinear pairing is an expensive operation. Moreover, the MTP function, which maps a user identity into an elliptic curve point, is more expensive than an elliptic curve scalar point multiplication. Hence, the SDVS schemes from bilinear pairing and MTP hash function are not efficient in real environments. Thus, a cost-efficient SDVS scheme using elliptic curve cryptography with pairingfree operation is proposed in this paper that instead of MTP hash function uses a general cryptographic hash function. The security analysis shows that our scheme is secure in the random oracle model with the hardness assumption of CDH problem. In addition, the formal security validation of the proposed scheme is done using AVISPA tool (Automated Validation of Internet Security Protocols and Applications) that demonstrated that our scheme is unforgeable against passive and active attacks. Our scheme also satisfies the different properties of an SDVS scheme including strongness, source hiding, non-transferability and unforgeability. The comparison of our scheme with others are given, which shows that it outperforms in terms of security, computation cost and bandwidth requirement.

An Anonymous Authentication with Key-Agreement Protocol for Multi-Server Architecture Based on Biometrics and Smartcards

  • Reddy, Alavalapati Goutham;Das, Ashok Kumar;Yoon, Eun-Jun;Yoo, Kee-Young
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.10 no.7
    • /
    • pp.3371-3396
    • /
    • 2016
  • Authentication protocols for multi-server architectures have gained momentum in recent times due to advancements in computing technologies and associated constraints. Lu et al. recently proposed a biometrics and smartcards-based authentication scheme for multi-server environment. The careful analysis of this paper demonstrates Lu et al.'s protocol is susceptible to user impersonation attacks and comprises insufficient data. In addition, this paper proposes an improved authentication with key-agreement protocol for multi-server architecture based on biometrics and smartcards. The formal security of the proposed protocol is verified using the widely accepted AVISPA (Automated Validation of Internet Security Protocols and Applications) tool to ensure that our protocol can withstand active and passive attacks. The formal and informal security analysis, and performance analysis sections determines that our protocol is robust and efficient compared to Lu et al.'s protocol and existing similar protocols.

An Improved Lightweight Two-Factor Authentication and Key Agreement Protocol with Dynamic Identity Based on Elliptic Curve Cryptography

  • Qiu, Shuming;Xu, Guosheng;Ahmad, Haseeb;Xu, Guoai;Qiu, Xinping;Xu, Hong
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.13 no.2
    • /
    • pp.978-1002
    • /
    • 2019
  • With the rapid development of the Internet of Things, the problem of privacy protection has been paid great attention. Recently, Nikooghadam et al. pointed out that Kumari et al.'s protocol can neither resist off-line guessing attack nor preserve user anonymity. Moreover, the authors also proposed an authentication supportive session initial protocol, claiming to resist various vulnerability attacks. Unfortunately, this paper proves that the authentication protocols of Kumari et al. and Nikooghadam et al. have neither the ability to preserve perfect forward secrecy nor the ability to resist key-compromise impersonation attack. In order to remedy such flaws in their protocols, we design a lightweight authentication protocol using elliptic curve cryptography. By way of informal security analysis, it is shown that the proposed protocol can both resist a variety of attacks and provide more security. Afterward, it is also proved that the protocol is resistant against active and passive attacks under Dolev-Yao model by means of Burrows-Abadi-Needham logic (BAN-Logic), and fulfills mutual authentication using Automated Validation of Internet Security Protocols and Applications (AVISPA) software. Subsequently, we compare the protocol with the related scheme in terms of computational complexity and security. The comparative analytics witness that the proposed protocol is more suitable for practical application scenarios.

RFID Authentication Protocol Verification in Serverless Environment (Serverless 환경에서 RFID 인증프로토콜 검증)

  • Chung, Jang-Young;Hong, Young-Sik
    • Proceedings of the Korean Information Science Society Conference
    • /
    • 2008.06a
    • /
    • pp.140-145
    • /
    • 2008
  • 최근 바코드를 대신하여 많이 사용되는 RFID의 상용화와 이에 관련된 기술에 대한 연구가 활발히 진행되고 있다. 하지만 RF를 이용한 기술은 구조적 특성상 프로톨콜이 노출 되는 문제점이 발생한다. 또한 광범위한 지역에서 RFID사용과 임시적인 RFID사용은 비용상 문제점이 있다. 본 논문은 RFID의 요소 중 DB(Server)를 제외한 리더와 태그 간의 통신을 통한 인증 프로토콜을 제안한다. 또한 리더와 태크만의 구성으로 비용을 절감하고자 하며, AVISPA를 이용하여 제안한 프로토콜의 안전성을 검증 한다.

  • PDF

Blockchain-based Smart Meter Authentication Protocol in Smart Grid Environment (스마트 그리드 환경에서 블록체인 기반 스마트 미터 인증 프로토콜)

  • Jonghyun Kim;Myeonghyun Kim;Youngho Park
    • Journal of Korea Society of Industrial Information Systems
    • /
    • v.28 no.5
    • /
    • pp.41-54
    • /
    • 2023
  • Smart grid that supports efficient energy production and management is used in various fields and industries. However, because of the environment in which services are provided through open networks, it is essential to resolve trust issues regarding security vulnerabilities and privacy preservation. In particular, the identification information of smart meter is managed by a centralized server, which makes it vulnerable to security attacks such as device stolen, data forgery, alteration, and deletion. To solve these problems, this paper proposes a blockchain based authentication protocol for a smart meter. The proposed scheme issues an unique decentralized identifiers (DIDs) for individual smart meter through blockchain and utilizes a random values based on physical unclonable function (PUF) to strengthen the integrity and reliability of data. In addition, we analyze the security of the proposed scheme using informal security analysis and AVISPA simulation, and show the efficiency of the proposed scheme by comparing with related work.

An Efficient and Secure Authentication Scheme with Session Key Negotiation for Timely Application of WSNs

  • Jiping Li;Yuanyuan Zhang;Lixiang Shen;Jing Cao;Wenwu Xie;Yi Zheng;Shouyin Liu
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.18 no.3
    • /
    • pp.801-825
    • /
    • 2024
  • For Internet of Things, it is more preferred to have immediate access to environment information from sensor nodes (SNs) rather than from gateway nodes (GWNs). To fulfill the goal, mutual authentication scheme between user and SNs with session key (SK) negotiation is more suitable. However, this is a challenging task due to the constrained power, computation, communication and storage resources of SNs. Though lots of authentication schemes with SK negotiation have been designed to deal with it, they are still insufficiently secure and/or efficient, and some even have serious vulnerabilities. Therefore, we design an efficient secure authentication scheme with session key negotiation (eSAS2KN) for wireless sensor networks (WSNs) utilizing fuzzy extractor technique, hash function and bitwise exclusive-or lightweight operations. In the eSAS2KN, user and SNs are mutually authenticated with anonymity, and an SK is negotiated for their direct and instant communications subsequently. To prove the security of eSAS2KN, we give detailed informal security analysis, carry out logical verification by applying BAN logic, present formal security proof by employing Real-Or-Random (ROR) model, and implement formal security verification by using AVISPA tool. Finally, computation and communication costs comparison show the eSAS2kN is more efficient and secure for practical application.