• Title/Summary/Keyword: Forward secrecy

Search Result 139, Processing Time 0.025 seconds

Performance Analysis of Physical Layer Security based on Decode-and-Forward using Jammer (재머를 사용하는 복호 후 재전송 기반 물리 계층 보안의 성능 분석)

  • Park, Sol;Kong, Hyung-Yun
    • The Journal of the Institute of Internet, Broadcasting and Communication
    • /
    • v.18 no.3
    • /
    • pp.71-75
    • /
    • 2018
  • In this paper, we study the secrecy outage probability when using jammer in a relay system based on decode-and-forward. The jammer may be selected among the relays not selected to increase the security capacity in the physical layer so as to generate intentional noise. Jammer noise can equally interfere with the receiver and eavesdropper but can enhance the physical layer security by selecting an optimal jammer that makes the channel quality between the sender-eavesdropper links worse than the channel of the sender-receiver link. In this paper, we compute the theoretical formula of the secrecy outage probability with and without jammers, and compare the theoretical value with the simulation value to prove that the equation is valid.

Performance Analysis of Physical Layer Security based on Decode-and-Forward using Jammer and Diversity (재머와 다이버시티를 사용하는 복호 후 재전송 기반 물리 계층 보안의 성능 분석)

  • Park, Sol;Kong, Hyung-Yun
    • The Journal of the Institute of Internet, Broadcasting and Communication
    • /
    • v.18 no.2
    • /
    • pp.49-54
    • /
    • 2018
  • In this paper, we study the secrecy outage probability when using cooperative diversity and jammer in a relay system based on decode-and-forward. MRC method is used in receiver and eavesdroppers to obtain cooperative diversity. To use the MRC technique, direct links between the sender and receiver, and between the sender and the eavesdropper are used, respectively. Jammers are used to generate intentional noise siganls to increase security capacity. Jammers generate intentional noise, degrading the channel quality of the eavesdropper and helping physical layer security be realized. The secrecy outage probability is used to evaluate security performance. Assume that the system is under the Rayleigh fading channel.

An Escrow-Free Two-party Identity-based Key Agreement Protocol without Using Pairings for Distinct PKGs

  • Vallent, Thokozani Felix;Yoon, Eun-Jun;Kim, Hyunsung
    • IEIE Transactions on Smart Processing and Computing
    • /
    • v.2 no.3
    • /
    • pp.168-175
    • /
    • 2013
  • Key escrow is a default property that is inherent in identity-based cryptography, where a curious private key generator (PKG) can derive a secret value shared by communicating entities in its domain. Therefore, a dishonest PKG can encrypt and decrypt ciphers or can carry out any attack on the communicating parties. Of course, the escrow property is not completely unwanted but is acceptable in other particular applications. On the other hand, in more civil applications, this key escrow property is undesirable and needs to be removed to provide maximum communication privacy. Therefore, this paper presents an escrow-free identity-based key agreement protocol that is also applicable even in a distinct PKG condition that does not use pairings. The proposed protocol has comparable computational and communicational performance to many other protocols with similar security attributes, of which their security is based on costly bilinear pairings. The protocol's notion was inspired by McCullagh et al. and Chen-Kudla, in regard to escrow-free and multi-PKG key agreement ideas. In particular, the scheme captures perfect forward secrecy and key compromise impersonation resilience, which were lacking in McCullagh et al.'s study, as well as all other desirable security attributes, such as known key secrecy, unknown key-share resilience and no-key control. The merit in the proposed protocol is the achievement of all required security requirements with a relatively lower computational overhead than many other protocols because it precludes pairings.

  • PDF

A User Anonymous Mutual Authentication Protocol

  • Kumari, Saru;Li, Xiong;Wu, Fan;Das, Ashok Kumar;Odelu, Vanga;Khan, Muhammad Khurram
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.10 no.9
    • /
    • pp.4508-4528
    • /
    • 2016
  • Widespread use of wireless networks has drawn attention to ascertain confidential communication and proper authentication of an entity before granting access to services over insecure channels. Recently, Truong et al. proposed a modified dynamic ID-based authentication scheme which they claimed to resist smart-card-theft attack. Nevertheless, we find that their scheme is prone to smart-card-theft attack contrary to the author's claim. Besides, anyone can impersonate the user as well as service provider server and can breach the confidentiality of communication by merely eavesdropping the login request and server's reply message from the network. We also notice that the scheme does not impart user anonymity and forward secrecy. Therefore, we present another authentication scheme keeping apart the threats encountered in the design of Truong et al.'s scheme. We also prove the security of the proposed scheme with the help of widespread BAN (Burrows, Abadi and Needham) Logic.

Joint Beamforming and Power Splitting Design for Physical Layer Security in Cognitive SWIPT Decode-and-Forward Relay Networks

  • Xu, Xiaorong;Hu, Andi;Yao, Yingbiao;Feng, Wei
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.14 no.1
    • /
    • pp.1-19
    • /
    • 2020
  • In an underlay cognitive simultaneous wireless information and power transfer (SWIPT) network, communication from secondary user (SU) to secondary destination (SD) is accomplished with decode-and-forward (DF) relays. Multiple energy-constrained relays are assumed to harvest energy from SU via power splitting (PS) protocol and complete SU secure information transmission with beamforming. Hence, physical layer security (PLS) is investigated in cognitive SWIPT network. In order to interfere with eavesdropper and improve relay's energy efficiency, a destination-assisted jamming scheme is proposed. Namely, SD transmits artificial noise (AN) to interfere with eavesdropping, while jamming signal can also provide harvested energy to relays. Beamforming vector and power splitting ratio are jointly optimized with the objective of SU secrecy capacity maximization. We solve this non-convex optimization problem via a general two-stage procedure. Firstly, we obtain the optimal beamforming vector through semi-definite relaxation (SDR) method with a fixed power splitting ratio. Secondly, the best power splitting ratio can be obtained by one-dimensional search. We provide simulation results to verify the proposed solution. Simulation results show that the scheme achieves the maximum SD secrecy rate with appropriate selection of power splitting ratio, and the proposed scheme guarantees security in cognitive SWIPT networks.

Cryptanalysis and improvement of a Multi-server Authentication protocol by Lu et al.

  • Irshad, Azeem;Sher, Muhammad;Alzahrani, Bander A.;Albeshri, Aiiad;Chaudhry, Shehzad Ashraf;Kumari, Saru
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.12 no.1
    • /
    • pp.523-549
    • /
    • 2018
  • The increasing number of subscribers and demand of multiplicity of services has turned Multi-Server Authentication (MSA) into an integral part of remote authentication paradigm. MSA not only offers an efficient mode to register the users by engaging a trusted third party (Registration Centre), but also a cost-effective architecture for service procurement, onwards. Recently, Lu et al.'s scheme demonstrated that Mishra et al.'s scheme is unguarded to perfect forward secrecy compromise, server masquerading, and forgery attacks, and presented a better scheme. However, we discovered that Lu et al.'s scheme is still susceptible to malicious insider attack and non-compliant to perfect forward secrecy. This study presents a critical review on Lu et al.'s scheme and then proposes a secure multi-server authentication scheme. The security properties of contributed work are validated with automated Proverif tool and proved under formal security analysis.

Electronic Payment Protocol using GDHP Blind Signature Scheme (GDHP 은닉서명기법을 이용한 전자지불 프로토콜)

  • Lee, Hyun-Ju;Rhee, Chung-Sei
    • The Journal of the Korea Contents Association
    • /
    • v.6 no.12
    • /
    • pp.12-20
    • /
    • 2006
  • In this paper, we propose electronic payment protocol using GDHP blind signature scheme to activate e-business in the wire/wireless integrated environment. The protocol applied elliptic curve algorithm on the GDHP base and improved the efficiency of the existing blind signature technique on the basis of communication frequency and calculation number. And the protocol accelerated speed and strengthened safety against man-in-the-middle attacks and forward secrecy because the certification between individuals is performed by the session key created by Weil paring using elliptic curve cryptosystem in the limited entity $F_q$ instead of the certification used in the existing PayWord protocol.

  • PDF

RFID Mutual Authentication Protocol Providing Stronger Security (강력한 보안성을 제공하는 RFID 상호 인증 프로토콜)

  • Ahn, Hae-Soon;Bu, Ki-Dong;Yoon, Eun-Jun;Nam, In-Gil
    • The KIPS Transactions:PartC
    • /
    • v.16C no.3
    • /
    • pp.325-334
    • /
    • 2009
  • This paper demonstrates that an attacker can impersonate a random RFID tag and then perform the spoofing attack in the previous RFID authentication protocol. To resolve such a security problem, we also propose a new secure and efficient RFID mutual authentication protocol. The proposed RFID mutual authentication protocol is not only to resolve many security problems with the existing RFID authentication mechanism and the vulnerability against spoofing attack, but also to guarantee reliable authentication time as reducing computational overhead performing by tag. As a result, the proposed RFID mutual authentication protocol provides stronger security including the forward secrecy and more efficiency.

Smart Card Based Password Authentication Scheme using Fuzzy Extraction Technology (퍼지추출 기술을 활용한 스마트 카드 기반 패스워드 인증 스킴)

  • Choi, Younsung
    • Journal of Korea Society of Digital Industry and Information Management
    • /
    • v.14 no.4
    • /
    • pp.125-134
    • /
    • 2018
  • Lamport firstly suggested password base authentication scheme and then, similar authentication schemes have been studied. Due to the development of Internet network technology, remote user authentication using smart card has been studied. Li et al. analyzed authentication scheme of Chen et al. and then, Li et al. found out the security weakness of Chen et al.'s scheme such forward secrecy and the wrong password login problem, and proposed an a new smart card based user password authentication scheme. But Liu et al. found out that Li et al.'s scheme still had security problems such an insider attack and man-in-the-middle attack and then Liu et al. proposed an efficient and secure smart card based password authentication scheme. This paper analyzed Liu et al.'s authentication and found out that Liu et al.'s authentication has security weakness such as no perfect forward secrecy, off-line password guessing attack, smart-card loss attack, and no anonymity. And then, this paper proposed security enhanced efficient smart card based password authentication scheme using fuzzy extraction technology.

Secure Handover Using Inter-Access Point Protocol in Wireless LAN (무선 LAN에서 Inter-Access Point Protocol을 이용한 안전한 핸드오버)

  • DaeHun Nyang
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.13 no.6
    • /
    • pp.107-112
    • /
    • 2003
  • Handover in IEEE 802.11 requires repeated authentication and key exchange procedures, which are an obstacle to seamless services of wireless LAM. We propose a fast authentication and key exchange mechanism using IEEE 802.11f. Especially, by proposing a modified version of the 4-way handshake of IEEE 802.11i, we solve the perfect forward secrecy problem that arises when the pre-authentication is adopted. The scheme can be implemented only using the Context Block of IEEE 802.11f and the 4-way handshake of IEEE 802.11i without involving authentications server's interaction or non-standard behavior between access points. Our scheme is applicable to devices not supporting the us-authentication of IEEE 802.11i and also, it can substitute the pre-authentication when the pre-authentication is failed.