• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2017.10a
• /
• pp.584-586
• /
• 2017

In this paper we provide a unified crypto core that integrates lightweight symmetric cryptography and authentication. The crypto core implements a unified 128 bit key architecture of PRESENT encryption algorithm and a new lightweight encryption algorithm. The crypto core also consist of an authentication unit which neglects the use of hashing algorithms. Four algorithms are used for authentication which come from the Hopper-Blum (HB) and Hopper-Blum-Munilla-Penado (HB-MP) family of lightweight authentication algorithms: HB, HB+, HB-MP and HB-MP+. A unified architecture of these algorithms is implemented in this paper. The unified cryptosystem is designed using Verilog HDL, simulated with Modelsim SE and synthesized with Xilinx Design Suite 14.3. The crypto core synthesized to 1130 slices at 189Mhz frequency on Spartan6 FPGA device.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2012.10a
• /
• pp.791-792
• /
• 2012

RFID security protocol is widely discussed as an important issue, while the mutual authentication with the security agreement is mostly discussed enthusiastically. In this paper we improve HB family to achieve the property of mutual authentication, so that the user privacy can be protected. The future direction is to adapt the protocol for cloud computing.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.4
• /
• pp.593-607
• /
• 2013

The In-Vehicle-Networking(IVN) of modern cars is constituted by an small electronic control device called ECU. In the past, there was no way to be able to access the IVN of a driving car. so IVN has been recognized as a closed environment so there is no need to exist authentication protocol between devices which are to configure the internal network and to communicate with other devices. However, constant improvements made it possible to access the IVN in many different ways as the communication technology evolves. This possibility created a need for device authentication in IVN. HB-Family are representative authentication schemes in RFID environment which has similar restrictions to IVN. In this paper, we propose an implementation method of HB-Family for device authentication between ECU considering ECU has low computing power and the message field of CAN protocol has restricted size of 8 bytes. In order to evaluate the efficiency and availability of the authentication schemes adopted our method, we have evaluated the performance based on DSP-28335 device. Further, it was possible to improve the efficiency rate of at lest 10%, up to 36%, and we then analyze this result in various aspects of the IVN.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.1
• /
• pp.117-123
• /
• 2011

Lightweight authentication protocols are necessary in RFlD systems since a RFlD tag has computation constraints. Over recent years, many protocols have been proposed, In this paper, we examine the HB protocol and its variants, and their vulnerabilities to attacks, We analyze the problem of Piramuthu's attack on the HB++ protocol and propose solutions to it.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.33 no.11C
• /
• pp.883-891
• /
• 2008

In 2006, Lee and Ahn proposed a matrix-based RFID authentication protocol which eliminates the security problems in HB and $HB^+$ RFID authentication protocols. Their proposed protocol provides the following three merits: (1) it reduces the computational costs of the RFID tag. (2) it reduces the communication overhead between the reader and the tag. (3) it protects the user privacy. However, this paper points out that Lee and Ahn's proposed protocol is insecure to various attacks because it does not provide mutual authentication which the RFID tag does not authenticate the legality of the RFID reader unlike their claims. In addition, this paper proposes an improved matrix-based RFID mutual authentication protocol that can provide the mutual authentication. As a result, the proposed protocol not only can provide strong security and but also guarantee high efficiency because it reduces the communication rounds compare with Lee-Ahn's protocol.

• Convergence Security Journal
• /
• v.6 no.1
• /
• pp.83-90
• /
• 2006

Recently, the security for RFID/USN environment is divided into network security and RFID security. The authentication protocol design for RFID security is studied to protect user privacy in RFID system. However, the study of efficient authentication protocol for RFID system is not satisfy a security for low-cost RFID tag and user privacy. Therefore, this paper proposes a secure matrix-based RFID authentication protocol that decrease communication overhead and computation. In result, the Matrix-based RFID authentication protocol is an effective authentication protocol compare with HB and $HB^+$ in traffic analysis attack and trace location attack.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.5
• /
• pp.993-999
• /
• 2015

OTP(One time password) is widely used as an authentication method for financial and other security-sensitive transactions. OTP provides strong security since each password is used only one time while normal password-based authentications use passwords as long term secrets. However, OTP-based authentications relatively lack usability since they require users to hold an OTP card or generator. To overcome such a problem, smartphones start replacing OTP cards and such a method is called smart OTP. However, smart OTP inherits security vulnerabilities that smartphones have. In this paper, we propose a smart OTP authentication based on an extremely light authentication protocol called HB+. HB+ protocol is developed for low-cost devices and has small communication and computation costs. We present our solution and discuss its security, efficiency and practicality. Our contribution is providing a method to securely use smart OTP without losing its efficiency and usability.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.4 no.2
• /
• pp.154-173
• /
• 2010

Database outsourcing is unavoidable in the near future. In the scenario of data stream outsourcing, the data owner continuously publishes the latest data and associated authentication information through a service provider. Clients may register queries to the service provider and verify the result's correctness, utilizing the additional authentication information. Research on On-line Stream Analytics (OLSA) is motivated by extending the data cube technology for higher multi-level abstraction on the low-level-abstracted data streams. Existing work on OLSA fails to consider the issue of database outsourcing, while previous work on stream authentication does not support OLSA. To close this gap and solve the problem of OLSA query authentication while outsourcing data streams, we propose MDAHRB and MDAHB, two multi-dimensional authentication approaches. They are based on the general data model for OLSA, the stream cube. First, we improve the data structure of the H-tree, which is used to store the stream cube. Then, we design and implement two authentication schemes based on the improved H-trees, the HRB- and HB-trees, in accordance with the main stream query authentication framework for database outsourcing. Along with a cost models analysis, consistent with state-of-the-art cost metrics, an experimental evaluation is performed on a real data set. It exhibits that both MDAHRB and MDAHB are feasible for authenticating OLSA queries, while MDAHRB is more scalable.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.35 no.3B
• /
• pp.462-473
• /
• 2010

The RFID system has the security problem of location tracking and user privacy. In order to solve this problem, the cryptographic access method using hash function is difficult to in real applications. Because there is a limit of computing and storage capacity of Tag, but the safety is proved. The lightweight authentication methods like HB and LMAP guarantee the high efficiency, but the safety is not enough to use. In this paper, we use the AES for RFID Authentication, and solve the problem of using fixed key with key change step by step. The symmetric keys of the tag and server are changed by the random number generated by tag, reader and server successively. This could prevent the key exposure. As a result, the output of the tag and reader always changes. These key changes could make it possible to prevent eavesdropping, replay attack, location tracking and spoofing.