• Journal of Korea Society of Industrial Information Systems
• /
• v.17 no.7
• /
• pp.51-57
• /
• 2012

This paper proposes a group key design based on ECDH(Elliptic Curve Diffie Hellman) which guarantees secure V2V and V2I communication. The group key based on ECDH generates the VGK(Vehicular Group key) which is a group key between vehicles, the GGK(Global Group Key) which is a group key between vehicle groups, and the VRGK(Vehicular and RSU Group key) which is a group key between vehicle and RSUs with ECDH algorithm without an AAA server being used. As the VRGK encrypted with RGK(RSU Group Key) is transferred from the current RSU to the next RSU through a secure channel, a perfect forward secret security is provided. In addition, a Sybil attack is detected by checking whether the vehicular that transferred a message is a member of the group with a group key. And the transmission time of messages and the overhead of a server can be reduced because an unnecessary network traffic doesn't happen by means of the secure communication between groups.

• Journal of Internet Computing and Services
• /
• v.19 no.5
• /
• pp.55-66
• /
• 2018

Since existing server-based authentications use vulnerable password-based authentication, illegal leak of personal data occurs frequently. Since this can cause illegal ID compromise, alternative authentications have been studied. Recently token-based authentications like OAuth 2.0 or JWT have been used in web sites, however, they have a weakness that if a hacker steals JWT token in the middle, they can obtain plain authentication data from the token, So we suggest a new authentication method using the verification token of authentic code to encrypt authentication data with effective time. The verification is to compare an authentication code from decryption of the verification-token with its own code. Its crypto-method is based on do XOR with ECDH session key, which is so fast and efficient without overhead of key agreement. Our method is outstanding in preventing the personal data leakage.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.20 no.10
• /
• pp.1912-1918
• /
• 2016

MPTCP(Multipath Transmission Control Protocol) is able to compose many TCP paths when two hosts connect and the data is able to be transported through these paths simultaneously. When a new path is added, the authentication between both hosts is necessary to check the validity of host. So, MPTCP exchanges a key when initiating an connection and makes a token by using this key for authentication. However the original MPTCP is vulnerable to MITM(Man In The Middle) attacks because the key is transported in clear text. Therefore, we applied a ECDH(Elliptic Curve Diffie-Hellman) key exchange algorithm to original MPTCP and replaced the original key to the ECDH public key. And, by generating the secret key after the public key exchanges, only two hosts is able to make the token using the secret key to add new subflow. Also, we designed and implemented a method supporting encryption and decryption of data using a shared secret key to apply confidentiality to original MPTCP.

• Journal of Digital Convergence
• /
• v.10 no.3
• /
• pp.105-111
• /
• 2012

Internet Protocol Television (IPTV) through broadband cable network is a subscriber-based system which consists of software and set-top box. However, a weakness for the current IPTV system is the lack of security between users and CAS. This paper proposes a user authentication protocol at STB, which limits the service by the user-valued attribute to prevent illegal IPTV users. User attribute values change the order with bit form according to the certain rule, and apply to one-way hash function and Diffie-Hellman's elliptic curve key-exchange algorithm. The proposed protocol is able to improve on user authentication and computation. Also, each user generates an authentication message by smart card and receives various services based on the user-valued attribute.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.16 no.10
• /
• pp.2192-2198
• /
• 2012

VANET is a network environment which provides the communication between vehicles and between vehicle and RSU using wireless communication. VANET is very important to protect safety and life of people. Because of that, security is considered enough and certification is very important when messages exchanged between vehicles. Recently, Zhang proposed using Diffie-Hellman key exchange protocol that is method exchanging messages in VANET system through RAISE. But this is many problems on weakness from various attacks. In this paper, proposed the method that establish symmetric key using ECDH key exchange protocol and confirm safety and time spending that generate key and exchange through comparison.

• The KIPS Transactions:PartD
• /
• v.9D no.2
• /
• pp.307-312
• /
• 2002

In this paper we propose the efficient blind signature scheme based on Gap problem. We can find the short signature schemes for Weil pairing as the example of signature schemes based on Gap problem. Since short signature scheme is based on elliptic curve, our proposed signature scheme can be used in wireless PKI environment.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2002.11a
• /
• pp.479-486
• /
• 2002

본 논문에서는 국내 광대역 위성 액세스 망(BSAN: Broadband Satellite Access Network) 에 적용 가능한 보안 기능을 위한 가이드 라인을 살펴보고, RCST와 NCC간에 인증 및 키 관리 기능을 위하여 요구되는 주요 핵심 보안 메커니즘에 기술한다. 더불어 국내 광대역 위성 액세스망을 위한 가이드라인을 기술하고, ETSI 표준을 분석한다. 기종 표준안의 키 공유 프로토콜은 키의 신선도와 확신성을 제공하지 않는다. 따라서 본 논문에서는 키의 신선도와 확신성을 갖으면서 계산적 복잡도와 교환되는 데이터 량을 감소시키기 위한 세 가지 키분배 프로토콜을 제안하고 제안된 프로토콜의 특성을 비교 분석한다. 특히 이러한 특성을 갖는 ECDH(Elliptic Curve Diffie-Hellman)키 공유 프로토콜을 제안한다.

• Proceedings of the Korean Information Science Society Conference
• /
• 2002.04a
• /
• pp.892-894
• /
• 2002

본 논문은 유한 체 GF(/2 sup m/)상에서 A$B^2$연산을 위해 AOP(All One Polynomial)에 기반한 새로운 MSB(Most Significant bit) 유선 알고리즘을 제시하고, 제시한 알고리즘에 기반하여 병렬 입출력 세미시스톨릭 구조를 제안한다. 제안된 구조는 표준기저(standard basis)에 기반하고 모듈라(modoular) 연산을 위해 다항식의 계수가 모두 1인 m차의 기약다항식 AOP를 사용한다. 제안된 구조에서 AND와 XOR게이트의 딜레이(deray)를 각각 /D sub AND$_2$/와/D sub XOR$_2$/라 하면 각 셀 당 임계경로는 /D sub AND$_2$+D sub XOR/이고 지연시간은 m+1이다. 제안된 구조는 기존의 구조보다 임계경로와 지연시간 면에서 보다 효율적이다. 또한 구조 자체가 정규성, 모듈성, 병렬성을 가지기 때문에 VLSI 구현에 효율적이다. 더욱이 제안된 구조는 유한 체상에서 지수 연산을 필요로 하는 Diffie-Hellman 키 교환 방식, 디지털 서명 알고리즘 및 EIGamal 암호화 방식과 같은 알고리즘을 위한 기본 구조로 사용할 수 있다. 이러한 알고리즘을 응용해서 타원 곡선(elliptic curve)에 기초한 암호화 시스템(Cryptosystem)의 구현에 사용될 수 있다.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2006.06a
• /
• pp.506-510
• /
• 2006

3G 이동통신기술중 하나인 UMTS(Universal Mobile Telecommunications System)에서는 무선 구간의 안전한 통신을 위해 UMTS-AKA(Authentication and Key Agreement) 프로토콜이 사용된다. 그러나 SN(Serving Network)과 HN(Home Network)의 통신량 소비 문제, SQN(SeQuence Number) 동기화 문제 등 여러 가지 문제점이 제기되었다. 본 논문에서는 기존 프로토콜의 문제점과 IMSI(International Mobile Subscriber Identity)의 노출로 인한 프라이버시 문제점을 해결하고, ECDH(Elliptic Curve Diffie Hellman) 기법으로 완전한 전방향 안전성을 제공하는 프로토콜을 제안한다.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.6 no.12
• /
• pp.3366-3383
• /
• 2012

Reliance on the Internet has introduced Voice over Internet Protocol (VoIP) to various security threats. A reliable security protocol and an authentication scheme are thus required to prevent the aforementioned threats. However, an authentication scheme often demands additional cost and effort. Accordingly, a security framework for known participants in VoIP communication is proposed in this paper. The framework is known as Randomness-Optimized Self-Securing (ROSS), which performs authentication automatically throughout the session by optimizing the uniqueness and randomness of the communication itself. Elliptic Curve Diffie-Hellman (ECDH) key exchange and Salsa20 stream cipher are utilized in the framework correspondingly to secure the key agreement and the communication with low computational cost. Human intelligence supports ROSS authentication process to ensure participant authenticity and communication regularity. The results show that with marginal overhead, the proposed framework is able to secure VoIP communication by performing reliable authentication.