• Title/Summary/Keyword: Forward secrecy

Search Result 139, Processing Time 0.028 seconds

An ID-based entity-authentication and authenicated key exchange protocol with ECDSA (ECDSA를 적용한 ID 기반의 사용자 인증 및 키 교환 프로토콜)

  • 박영호;박호상;정수환
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.12 no.1
    • /
    • pp.3-10
    • /
    • 2002
  • This paper proposes an ID-based entity-aunthentication and authenticated key exchange protocol with ECC via two-pass communications between two parties who airs registered to the trusted third-party KC in advance. The proposed protocol developed by applying ECDSA and Diffie-Hellman key exchange scheme to the ID-based key distribution scheme over ECC proposed by H. Sakazaki, E. Okamoto and M. Mambo(SOM scheme). The security of this protocol is based on the Elliptic Curve Discrete Logarithm Problem(ECDLP) and the Elliptic Curve Diffie-Hellman Problem(ECDHP). It is strong against unknown key share attack and it provides the perfect forward secrecy, which makes up for the weakness in SOM scheme,

Vulnerability Attack for Mutual Password Authentication Scheme with Session Key agreement (세션 키 동의를 제공하는 상호인증 패스워드 인증 스킴에 대한 취약점 공격)

  • Seo Han Na;Choi Youn Sung
    • Convergence Security Journal
    • /
    • v.22 no.4
    • /
    • pp.179-188
    • /
    • 2022
  • Password authentication schemes (PAS) are the most common mechanisms used to ensure secure communication in open networks. Mathematical-based cryptographic authentication schemes such as factorization and discrete logarithms have been proposed and provided strong security features, but they have the disadvantage of high computational and message transmission costs required to construct passwords. Fairuz et al. therefore argued for an improved cryptographic authentication scheme based on two difficult fixed issues related to session key consent using the smart card scheme. However, in this paper, we have made clear through security analysis that Fairuz et al.'s protocol has security holes for Privileged Insider Attack, Lack of Perfect Forward Secrecy, Lack of User Anonymity, DoS Attack, Off-line Password Guessing Attack.

Forward Anonymity-Preserving Secure Remote Authentication Scheme

  • Lee, Hanwook;Nam, Junghyun;Kim, Moonseong;Won, Dongho
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.10 no.3
    • /
    • pp.1289-1310
    • /
    • 2016
  • Dynamic ID-based authentication solves the ID-theft problem by changing the ID in each session instead of using a fixed ID while performing authenticated key exchanges between communicating parties. User anonymity is expected to be maintained and the exchanged key kept secret even if one of the long-term keys is compromised in the future. However, in the conventional dynamic ID-based authentication scheme, if the server's long-term key is compromised, user anonymity can be broken or the identities of the users can be traced. In addition, these schemes are vulnerable to replay attacks, in which any adversary who captures the authentication message can retransmit it, and eventually cause the legitimate user to be denied service. This paper proposes a novel dynamic ID-based authentication scheme that preserves forward anonymity as well as forward secrecy and obviates replay attacks.

An Adaptive Group-Key Management Mechanism based Overlay multicast for Wired & Wireless services (오버레이 멀티캐스트 기반에서 유$\cdot$무선 서비스를 위한 적응적 그룹키 관리 기법)

  • Lee, Kwang-Kyum;Park, Sang-Jin;Kim, Dae-Won;Kim, Kyung-Min;Shin, Yong-Tae
    • Proceedings of the Korean Information Science Society Conference
    • /
    • 2005.11a
    • /
    • pp.103-105
    • /
    • 2005
  • 본 논문은 오버레이 멀티캐스트 기반에서 유무선 서비스를 위한 적등적 키관리 기법을 제안한다. IP 멀티캐스트의 라우터 기능을 어플리케이션에서 처리하고, 적응적인 그룹관리를 위해서 유니캐스트와 멀티캐스트의 두가지 통신기법으로 그룹키를 분배한다. 또한, 안전한 그룹키 관리를 위해 멤버의 그룹 가입과 탈퇴시에 키의 갱신을 수행하며, 주기적인 메시지 교환으로 멤버의 상태를 체크하여 비정상적인 그룹탈퇴의 경우에도 동적인 키의 갱신을 통하여 forward secrecy 와 backward secrecy의 보안적 요구사항을 충족시킨다. 그룹키는 갱신된 키의 분배를 우선적으로 하였으며, 대칭키를 이용한 암호화 기법과 이전의 그룹키를 사용하는 두 가지의 기법을 적응적으로 사용하는 기법에 대해서 제안한다.

  • PDF

Key Establishment and Pairing Management Protocol for Downloadable Conditional Access System Host Devices

  • Koo, Han-Seung;Kwon, O-Hyung;Lee, Soo-In
    • ETRI Journal
    • /
    • v.32 no.2
    • /
    • pp.204-213
    • /
    • 2010
  • In this paper, we investigate the possible security threats to downloadable conditional access system (DCAS) host devices. We then propose a DCAS secure micro (SM) and transport processor (TP) security protocol that counters identified security threats using a secure key establishment and pairing management scheme. The proposed protocol not only resists disclosed SM ID and TP ID threats and indirect connection between TA and TP threats, but also meets some desirable security attributes such as known key secrecy, perfect forward secrecy, key compromised impersonation, unknown key-share, and key control.

A New Group Key Management Protocol for WSN

  • Gerelbayar, Tegshbayar;Lee, Sang-Min;Park, Jong-Sou
    • Convergence Security Journal
    • /
    • v.8 no.1
    • /
    • pp.143-152
    • /
    • 2008
  • Sensor networks have a wide spectrum of military and civil applications, particularly with respect to security and secure keys for encryption and authentication. This thesis presents a new centralized approach which focuses on the group key distribution with revocation capability for Wireless Sensor Networks. We propose a new personal key share distribution. When utilized, this approach proves to be secure against k-number of illegitimate colluding nodes. In contrast to related approaches, our scheme can overcome the security shortcomings while keeping the small overhead requirements per node. It will be shown that our scheme is unconditionally secure and achieves both forward secrecy and backward secrecy. The analysis is demonstrated in terms of communication and storage overheads.

  • PDF

Secrecy Capacity for Full-Duplex Massive MIMO Relaying Systems With Low-Resolution ADCs

  • Antwi-Boasiako, Bridget Durowaa;Lee, Kyoung-Jae
    • Proceedings of the Korean Institute of Information and Commucation Sciences Conference
    • /
    • 2019.05a
    • /
    • pp.286-287
    • /
    • 2019
  • In this paper, we consider an amplify-and-forward (AF) full duplex (FD) massive-antenna relay (or base station) aiding communication between K single-antenna source and destination pairs whose transmissions are overheard by one single-antenna eavesdropper. Maximum ratio combining (MRC) and maximum ratio transmission (MRT) processing is employed at the relay. The secrecy performance of the system is then derived with both relay and destination being equipped with low resolution analog-to-digital converters (ADCs). The results show the detrimental effect of the eavesdropper's presence on the sum rate of the system.

  • PDF

A Security Analysis of a Key Management Scheme for PCS/SCADA Sensor Networks (PCS/SCADA 센서 네트워크용 키 관리 프로토콜에 대한 보안 분석)

  • Park, DongGook
    • Journal of Korea Society of Digital Industry and Information Management
    • /
    • v.5 no.2
    • /
    • pp.123-131
    • /
    • 2009
  • Process Control Systems (PCSs) or Supervisory Control and Data Acquisition (SCADA) systems have recently been added to the already wide collection of wireless sensor networks applications. The PCS/SCADA environment is somewhat more amenable to the use of heavy cryptographic mechanisms such as public key cryptography than other sensor application environments. The sensor nodes in the environment, however, are still open to devastating attacks such as node capture, which makes designing a secure key management challenging. Recently, Nilsson et al. proposed a key management scheme for PCS/SCADA, which was claimed to provide forward and backward secrecies. In this paper, we define four different types of adversaries or attackers in wireless sensor network environments in order to facilitate the evaluation of protocol strength. We then analyze Nilsson et al. 's protocol and show that it does not provide forward and backward secrecies against any type of adversary model.

A Forward & Backward Secure Key Management in Wireless Sensor Networks for PCS/SCADA

  • Park, Dong-Gook
    • Journal of information and communication convergence engineering
    • /
    • v.7 no.2
    • /
    • pp.98-106
    • /
    • 2009
  • Process Control Systems (PCSs) or Supervisory Control and Data Acquisition (SCADA) systems have recently been added to the already wide collection of wireless sensor networks applications. The PCS/SCADA environment is somewhat more amenable to the use of heavy cryptographic mechanisms such as public key cryptography than other sensor application environments. The sensor nodes in the environment, however, are still open to devastating attacks such as node capture, which makes designing a secure key management challenging. In this paper, a key management scheme is proposed to defeat node capture attack by offering both forward and backward secrecies. Our scheme overcomes the pitfalls which Nilsson et al.'s scheme suffers from, and is not more expensive than their scheme.

Forward-Secure Blind Signature Scheme Based on the Strong RSA Assumption

  • Duc, Dang-Nguyen;Cheon, Jung-Hee;Kim, Kwangjo
    • Proceedings of the Korea Institutes of Information Security and Cryptology Conference
    • /
    • 2003.07a
    • /
    • pp.21-25
    • /
    • 2003
  • Key exposure is the most devastating attacks in any crytographic scheme. In this paper, we investigate key exposure problem in blind signature. We then present a variant of Okamoto-Guillou-Quisquater (OGQ for short) blind signature scheme guaranteeing forward secrecy. Namely, even if current secret key is revealed, forging any signature valid in the past is impossible. Our proposed scheme exhibits an efficient key updating protocol and introduces no significant communication overhead.

  • PDF