• Journal of the Korea Society of Computer and Information
• /
• v.16 no.3
• /
• pp.251-260
• /
• 2011

In this paper, we proposed a scheme that it safely exchanges encrypted keys without Trust Third Party (TTP) and Pre-distributing keys in multi-hop clustering sensor networks. Existing research assume that it exists a TTP or already it was pre-distributed a encrypted key between nodes. However, existing methods are not sufficient for USN environment without infrastructure. Some existing studies using a random number Diffie-Hellman algorithm to solve the problem. but the method was vulnerable to Replay and Man-in-the-middle attack from the malicious nodes. Therefore, authentication problem between nodes is solved by adding a ��TESLA. In this paper, we propose a modified Diffie-Hellman algorithm that it is safe, lightweight, and robust pair-wise agreement algorithm by adding One Time Password (OTP) with timestamp. Lastly, authentication, confidentiality, integrity, non-impersonation, backward secrecy, and forward secrecy to verify that it is safe.

• Journal of the Korea Society of Computer and Information
• /
• v.13 no.5
• /
• pp.229-236
• /
• 2008

In this paper, re proposed scheme that it safely exchange encrypted keys without Trust Third Party(TTP) and Pre-distributing keys in ubiquitous environments. Existing paper assume that exist a TTP or already pre-distributed encrypted keys between nodes. However, there methods are not sufficient for wireless environments without infrastructure. Some existing paper try to use the Diffie-Hellman algorithm for the problem, but it is vulnerable to Replay and Man-in-the middle attack from the malicious nodes. Therefore, Authentication problem between nodes is solved by modified the Diffie-Hellman algorithm using ${\mu}TESLA$. We propose safe, lightweight, and robust pair-wise agreement algorithm adding. One Time Password(OTP) using timestamp to modified the Diffie-Hellman in ubiquitous environments, and verify a safety about proposed algorithm.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.19 no.3
• /
• pp.73-82
• /
• 2009

This paper proposes an efficient and secure user authentication and key agreement scheme instead of the HTTP digest and TLS between the SIP UA and server. Although a number of security schemes for authentication and key exchange in SIP network are proposed, they still suffer from heavy computation overhead on the UA's side. The proposed scheme uses the HTIP Digest authentication and employs the Diffie-Hellman algorithm to protect user password against dictionary attacks. For a resource-constrained SIP UA, the proposed scheme delegates cryptographically computational operations like an exponentiation operation to the SIP server so that it is more efficient than the existing schemes in terms of energy consumption on the UA. Furthermore, it allows the proposed scheme to be easily applied to the deployed SIP networks since it does not require major modification to the signaling path associated with current SIP standard.

• The Journal of Korean Association of Computer Education
• /
• v.7 no.1
• /
• pp.45-53
• /
• 2004

Ad-Hoc network is wireless network architecture without infrastructure. We encounter new types of security problems in Ad-Hoc networks because such networks have little or no support from infrastructure. Thus, wireless communications need security mechanisms in order to guarantee the integrity and the privacy of the communication, as well as the authentication of the entities involved. Many practical systems have been proposed. The most familiar system is the Diffie-Hellman key distribution system. This algorithm allows the establishment of a cryptographic secret key between two entities. If more than two users want to compute a common key, then a group key agreement system is used. This paper discusses several group key agreement systems and presents two efficient fault tolerant methods to perform successful group key agreement.

• Proceedings of the Korean Information Science Society Conference
• /
• 2002.10c
• /
• pp.547-549
• /
• 2002

Seo와 Sweeny는 통신 당사자간의 직접적인 세션키(session key) 교환을 위해 SAKA(Simple Authenticated Key Agreement Algorithm)를 제안했다. SAKA는 패스워드(password)를 사용하여 사용자인증 기능을 제공하는 변형된 Diffie-Hellman 키 교환 프로토콜로써, 키 생성 및 사용자 인증 시 요구되는 계산량과 메시지 전송량을 고려할 때 효율적인 프로토콜이다. 그러나, 최근에 Lin은 SAKA의 안전성에 취약점이 있음을 지적하고 개선된 프로토콜을 제안하였다. 본 논문에서는 개선된 프로토콜이 여전히 재전송 공격(replay attack)에 안전하지 않기 때문에 사용자 인증을 제공 할 수 없음을 보인다.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2017.10a
• /
• pp.581-583
• /
• 2017

Elliptic curve cyptography is relatively a current cryptography based on point arithmetic on elliptic curves and the Elliptic Curve Discrete Logarithm Problem (ECDLP). This discrete logarithm problems enables perfect forward secrecy which helps to easily generate key and almost impossible to revert the generation which is a great feature for privacy and protection. In this paper, we provide a lightweight Elliptic Curve Diffie-Hellman (ECDH) Key exchange generator that creates a 163 bit long shared key that can be used in an Elliptic Curve Integrated Encryption Scheme (ECIES) as well as for key agreement. The algorithm uses a fast multiplication algorithm that is small in size and also implements the extended euclidean algorithm. This proposed architecture was designed using verilog HDL, synthesized with the vivado ISE 2016.3 and was implemented on the virtex-7 FPGA board.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.15 no.5
• /
• pp.3086-3092
• /
• 2014

The FTP that provides file transfer capabilities to/from another station cannot provides data confidentialities. The FTPS and SFTP can support a security functionalities. The FTPS needs a SSL layer and SFTP use a functions of SSH. And therefore the FTPS or SFTP needs an additional modules such as SSL or SSH. In this paper, we propose a new Secured FTP protocol that can support the security functions without extra security system. The Secured FTP uses Diffie-Hellman key agreement algorithm for shared secret key generation and AES-Counter algorithm for data encryption algorithm. Our designed Secured FTP is implemented in Linux environments and the proper operations of implemented Secured FTP is verified.

• Journal of KIISE:Information Networking
• /
• v.34 no.1
• /
• pp.62-72
• /
• 2007

Mobile Virtual Private Network (MVPN) provides VPN services without geographical restriction to mobile workers using mobile devices. Coexistence of Mobile IP (MIP) protocol for mobility and IPsec-based VPN technology are necessary in order to provide continuous VPN service to mobile users. However, Problems like registration failure or frequent IPsec tunnel re-negotiation occur when IPsec-based VPN Gateway (GW) and MIP are used together. In order to solve these problems, IETF proposes a mechanism which uses external home agent (x-HA) located external to the corporate VPN GW. In addition, based on the IETF proposal, a mechanism that assigns x-HA dynamically in the networks where MN is currently located was also proposed with the purpose to reduce handover latency as well as end-to-end delay. However, this mechanism has problems such as exposure of a session key for dynamic Mobility Security Association (MSA) or a long latency in case of the handover between different networks. In this paper, we propose a new MVPN protocol in order to minimize handover latency, enhance the security in key exchange, and to reduce data losses cause by handover. Through a course of simulation, the performance of proposed protocol is compared with the existing mechanism.