• Title/Summary/Keyword: CBC-MAC

Search Result 24, Processing Time 0.025 seconds

Secure Mobile-in-Vehicle System with CBC-MAC authentication (CBC-MAC 방식을 적용한 보안 모바일기기 제어시스템)

  • Hwang, Jae-Young;Choi, Dong-Wook;Chung, Yeon-Ho
    • Journal of the Korea Institute of Information and Communication Engineering
    • /
    • v.14 no.12
    • /
    • pp.2657-2662
    • /
    • 2010
  • Demand on information security in mobile devices based control system grows rapidly with a view to counteracting information hacking and leakage. Among these techniques, encryption and authentication are most common. This paper presents CBC-MAC (Cipher Block Chaining-Message Authentication Code) based mobile devices control system. The system is termed as Secure Mobile in Vehicle (SMIV)We use CBC-MAC that is one of the most efficient authentication modes to protect information against any malicious attacks. By sharing the secret key of CBC-MAC between the transmitter and receiver, it asserts authentic information. The proposed system is verified in such a way that we develop mobile devices control system, apply the CBC-MAC algorithm to the control system and validate the received data. Unlike conventional systems where the development of control mechanism in mobile devices based control systems is main concern, this proposed system offers a secure communication link of the data in mobile devices control system and therefore would be useful to the design and implementation of various mobile devices based control systems.

An analysis on the security of the 3GPP MAC algorithm (3GPP MAC 알고리즘 안전성 분석)

  • 홍도원;신상욱;강주성;이옥연
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.11 no.2
    • /
    • pp.59-65
    • /
    • 2001
  • 3GPP proposed a variant CBC-MAC based on the block cipher KASUMI to provide the data integrity over a radio access link. We have studied deeply the Knudsen and Mitchell\`s attack. In this paper we proposed a definite performing algorithm of the Knudsen and Mitchell\`s alack and compute the success probability and complexity of that algorithm. Moreover We also analyze a security of 3GPP-MAC comparing with the original CBC-MAC.

Design and Implementation of IEEE 802.11i MAC Layer (IEEE 802.11i MAC Layer 설계 및 구현)

  • Hong, Chang-Ki;Jeong, Yong-Jin
    • The Journal of Korean Institute of Communications and Information Sciences
    • /
    • v.34 no.8A
    • /
    • pp.640-647
    • /
    • 2009
  • IEEE 802.11i is an amendment to the original IEEE 802.11/b,a,g standard specifying security mechanism by stipulating RSNA for tighter security. The RSNA uses TKIP(Temporal Key Integrity Protocol) and CCMP(Counter with CBC-MAC Protocol) instead of old-fashioned WEP(Wired Equivalent Privacy) for data encryption. This paper describes a design of a communication security engine for IEEE 802.11i MAC layer. The design includes WEP and TKIP modules based on the RC4 encryption algorithm, and CCMP module based on the AES encryption algorism. The WEP module suffices for compatibility with the IEEE 802.11 b,a,g MAC layer. The CCMP module has about 816.7Mbps throughput at 134MHz, hence it satisfies maximum 600Mbps data rate described in the IEEE 802.11n specifications. We propose a pipelined AES-CCMP cipher core architecture, which has lower hardware cost than existing AES cores, because CBC mode and CTR mode operate at the same time.

A RFID Privacy protection system using H/W friendly security algorithm Environment (하드웨어 친화적인 암호 알고리즘을 사용한 RFID 프라이버시 보호 시스템)

  • Kim, Jin-mook;Ryou, Hwang-Bin
    • Proceedings of the Korean Institute of Information and Commucation Sciences Conference
    • /
    • v.9 no.2
    • /
    • pp.280-284
    • /
    • 2005
  • In ubiquitous computing environment, An RFID system will be the important way that recognizing an object instead of Bar-code system. But a privacy infringement problem is predicted between a tag and leader to be serious. There is many difficulty that just uses an existing research method because it has an Hardware restriction. Therefore we will suggest that A RFID Privacy Protect system using Hareware friendly security algorithm. we will use RC5 and CBC_MAC because the tag has hardware restriction .To implement, We will simulate and test on One chip microprcessor environment. In the result of the experiment, We will know that a suggested system solves privacy problem on RFID system that it was using CBC-MAC and RC5 security algorithm.

  • PDF

Study on the OMAC-SNEP for Unattended Security System Using Wireless Sensor Networks (무선 센서 네트워크를 이용한 무인 경비 시스템에서의 OMAC-SNEP 기술에 관한 연구)

  • Lee Seong-Jae;Kim Hak-Beom;Youm Heung-Youl
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.16 no.1
    • /
    • pp.105-114
    • /
    • 2006
  • Ubiquitous Sensor Network consists of a number of sensor nodes with a limited computation power and limited communication capabilities, and a sensor node is able to communicate with each other at anytime and in any place. Due to the rapid research and development in sensor networks, it will rapidly grow into environments where hmm beings can interact in an intuitive way with sensing objects which can be PDAs, sensors, or even clothes in the future. We are aiming at realizing an Unattended Secure Security System to apply it to Ubiquitous Sensor Network. In this paper, the vulnerabilities in the Unattended security system are identified, and a new protocol called OMAC-SNEP is proposed for the Unattended Secure Security System. Because the CBC-MAC in SNEP is not secure unless the message length is fixed, the CBC-MAC in SNEP was replaced with OMAC in SNEP. We have shown that the proposed protocol is secure for my bit length of messages and is almost as efficient as the CBC-MAC with only one key. OMAC-SNEP can be used not only in Unattended Security System, but also any other Sensor Networks.

A Study on the Information Security Protocol in LLC/MAC Layer Architecture (LLC/MAC 계층 구조에서의 정보 보호 포로토콜에 관한 연구)

  • 류황빈;이재광
    • The Journal of Korean Institute of Communications and Information Sciences
    • /
    • v.17 no.10
    • /
    • pp.1164-1174
    • /
    • 1992
  • In this paper, an Information Security protocol in LLC/MAC Layer Architecture is discussed. This paper examines the security Vulnerability and threats, the security Service required to protect these threats, and architectural considerations of security protocol in IEEE 802 LAN architecture. To provide an Information security service, an information security protocol(SP2 : Security Protocol 2) PDU construction with LLC/MAC service primitives is suggested. To construct the SP2 protocol, the ECB, CBC mode of DES algorithm and DAA(Data Authentication Algorithm) of FIPS is used. The SP2 protocol suggested in this paper provides data origin authentication, data confidentiality, data integrity service.

  • PDF

Provable Security of 3GPP Integrity Algorithm f9 (3GPP 무결성 알고리즘 f9의 증명가능 안전성)

  • Hong, Do-won;Shin, Sang-Uk;Ryu, Heui-su;Chung, Kyo-Il
    • The KIPS Transactions:PartC
    • /
    • v.9C no.4
    • /
    • pp.573-580
    • /
    • 2002
  • Within the security architecture of the 3GPP system there is a standardised integrity algorithm f9. The integrity algorithm f9 computes a MAC to authenticate the data integrity and data origin of signalling data over a radio access link of W-CDMA IMT-2000. f9 is a variant of the standard CBC MAC based on the block cipher KASUMI. In this paper we provide the provable security of f9 We prove that f9 is secure by giving concrete bound on an adversary's inability to forge in terms of her inability to distinguish the underlying block cipher from a pseudorandom permutation.

A Design of AES-based CCMP core for IEEE 802.11i Wireless LAN Security (IEEE 802.11i 무선 랜 보안을 위한 AES 기반 CCMP 코어 설계)

  • Hwang Seok-Ki;Kim Jong-Whan;Shin Kyung-Wook
    • The Journal of Korean Institute of Communications and Information Sciences
    • /
    • v.31 no.6A
    • /
    • pp.640-647
    • /
    • 2006
  • This paper describes a design of AES-based CCMP(Counter mode with CBC-MAC Protocol) core for IEEE 802.11i wireless LAN security. To maximize the performance of CCMP core, two AES cores are used, one is the counter mode for data confidentiality and the other is the CBC node for authentication and data integrity. The S-box that requires the largest hardware in ARS core is implemented using composite field arithmetic, and the gate count is reduced by about 27% compared with conventional LUT(Lookup Table)-based design. The CCMP core was verified using Excalibur SoC kit, and a MPW chip is fabricated using a 0.35-um CMOS standard cell technology. The test results show that all the function of the fabricated chip works correctly. The CCMP processor has 17,000 gates, and the estimated throughput is about 353-Mbps at 116-MHz@3.3V, satisfying 54-Mbps data rate of the IEEE 802.11a and 802.11g specifications.

Implementation of Middleware Security System for Home Networking (홈 네트워킹을 위한 미들웨어 보안시스템 구현)

  • Seol, Jeong-Hwan;Lee, Ki-Young
    • Journal of the Korea Institute of Information and Communication Engineering
    • /
    • v.12 no.5
    • /
    • pp.863-869
    • /
    • 2008
  • In this paper, a system with sensor network security mechanism which can be applied to home network structure is designed and it is implemented on a virtual network of a home network middleware. The basic structure of home networking middleware supports one-to-one (unicast) or broadcast communication mode between the lookup server and service nodes on the network. Confidentiality and authentication are key security factors of the one-to-one communication and user authentication is crucial for broadcasting mode. One of the sensor network's security techniques SPINS consists of SNEP and ${\mu}TESLA$. The SNEP ensures confidentiality and authentication, and ${\mu}TESLA$ provides broadcast authentication. We propose a SPIN based home network middleware and it is implemented by using the CBC-MAC for MAC generation, the counter mode (CTR) for message freshness, the pseudo random function (PRF) and RC5 as encryption algorithm. The implementation result shows that an attacker cannot decrypt the message though he gets the secure key because of CTR mode. In addition, we confirmed that a received message of the server is authenticated using MAC.

A Design of Authentication/Security Processor IP for Wireless USB (무선 USB 인증/보안용 프로세서 IP 설계)

  • Yang, Hyun-Chang;Shin, Kyung-Wook
    • Journal of the Korea Institute of Information and Communication Engineering
    • /
    • v.12 no.11
    • /
    • pp.2031-2038
    • /
    • 2008
  • A small-area and high-speed authentication/security processor (WUSB_Sec) IP is designed, which performs the 4-way handshake protocol for authentication between host and device, and data encryption/decryption of wireless USB system. The PRF-256 and PRF-64 are implemented by CCM (Counter mode with CBC-MAC) operation, and the CCM is designed with two AES (Advanced Encryption Standard) encryption coles working concurrently for parallel processing of CBC mode and CTR mode operations. The AES core that is an essential block of the WUSB_Sec processor is designed by applying composite field arithmetic on AF$(((2^2)^2)^2)$. Also, S-Box sharing between SubByte block and key scheduler block reduces the gate count by 10%. The designed WUSB_Sec processor has 25,000 gates and the estimated throughput rate is about 480Mbps at 120MHz clock frequency.