• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.5
• /
• pp.27-33
• /
• 2011

At FDTC'05 and CISC-W'10, the authors showed that if they decrease the number of rounds of AES and Triple-DES by using the fault injections, it is possible to recover the secret key of the target algorithms, respectively. In this paper, we propose a key recovery attack on HMAC by using the main idea of these attacks. This attack is applicable to HMAC based on MD-family hash functions and can recover the secret key with the negligible computational complexity. Particularly, the attack result on HMAC-SHA-2 is the first known key recovery attack result on this algorithm.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.11 no.7
• /
• pp.1394-1399
• /
• 2007

In this paper we propose a Hybrid MAC(HMAC) to enhance the transmission throughput in Wireless Sensor Networks(WSNs). In the proposed HMAC, sender nodes send transmission request packets to the receiver nodes using CSMA/CA MAC protocol. And the receiver node assigns slots according to the network topology and the amount of traffics using TDMA. Using HMAC we get the enhanced throughput by lowering the duplicated slot assignment.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2002.04b
• /
• pp.813-816
• /
• 2002

현재 인터넷은 IPv4(Internetworking Protocol, version 4)를 사용하고 있다. 하지만 데이터 통신은 1970년대에 IPv4가 나온 이래에 발전을 거듭하여 왔다. IPv4는 빠르게 발전하는 인터넷에의 요구를 수용하기 위해 IPv6가 제안되었고 현재 표준이 되었다. IPv6에서는 암호화와 인증옵션들은 패킷의 신뢰성과 무결성을 등을 제공한다. 인터넷에서의 정보보호는 인터넷을 구성하는 여러 계층에서 이루어 질 수 있지만, IPsec에서는 AH(Authentication Header)프로토콜과 IPsec ESP(Encapsulating Security Payload)프로토콜 두 가지의 암호 프로토콜이 사용되지만 AH에서는 HMAC를 이용한 HMAC-MD5나 HMAC-SHA-1 중 하나를 반드시 기본 인증 알고리즘으로 지원하여야 한다. 본 논문에서는 MD5를 이용한 HMAC-MD5를 기준으로 설계하였으며, Iterative Architecture과 Full loop unrolling Architecture의 두 가지 구조를 설계하였다.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.11 no.1
• /
• pp.466-483
• /
• 2017

Zen Cart is an open-source online store management system. It is used all over the world because of its stability and safety. Today, Zen Cart's session security mechanism is mainly used to verify user agents and check IP addresses. However, the security in verifying the user agent is lower and checking the IP address can affect the user's experience. This paper, which is based on the idea of session protection as proposed by Ben Adida, takes advantage of the HTML5's sessionStorage property to store the shared keys that are used in HMAC-SHA256 encryption. Moreover, the request path, current timestamp, and parameter are encrypted by using HMAC-SHA256 in the client. The client then submits the result to the web server as per request. Finally, the web server recalculates the HMAC-SHA256 value to validate the request by comparing it with the submitted value. In this way, the Zen Cart's open-source system is reinforced. Owing to the security and integrity of the HMAC-SHA256 algorithm, it can effectively protect the session security. Analysis and experimental results show that this mechanism can effectively protect the session security of Zen Cart without affecting the original performance.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.19 no.2
• /
• pp.63-74
• /
• 2009

In 2005, Wang et al. discovered devastating collision attacks on the main hash functions from the MD4 family. After the discovery of Wang, many analysis results on the security of existing hash-based cryptographic schemes are presented. At CRYPTO'07, Fouque, Leurent and Nguyen presented full key-recovery attacks on HMAC/NMAC-MD4 and NMAC-MD5[4]. Such attacks are based on collision attacks on the underlying hash function, and the most expensive stage is the recovery of the outer key. At EUROCRYPT'08, Wang, Ohta and Kunihiro presented improved outer key recovery attack on HMAC/NMAC-MD4, by using a new near collision path with a high probability[2]. This improves the complexity of the full key-recovery attack on HMAC/NMAC-MD4 which proposed by Fouque, Leurent and Nguyen at CRYPTO'07: The MAC queries decreases from $2^{88}$ to $2^{72}$, and the number of MD4 computations decreases from $2^{95}$ to $2^{77}$. In this paper, we propose improved outer key-recovery attack on HMAC/NMAC-MD4 with $2^{77.1246}$ MAC queries and $2^{37}$ MD4 computations, by using divide and conquer paradigm.

• Journal of the Korea Society of Computer and Information
• /
• v.23 no.1
• /
• pp.57-66
• /
• 2018

It is known that a single-key and a related-key attacks on AES-128 are possible for at most 7 and 8 rounds, respectively. The security of CMAC, a typical block-cipher-based MAC algorithm, has very high possibility of inheriting the security of the underlying block cipher. Since the attacks on the underlying block cipher can be applied directly to the first block of CMAC, the current security margin is not sufficient compared to what the designers of AES claimed. In this paper, we consider HMAC-DM-AES-128 as an alternative to CMAC-AES-128 and analyze its security for reduced rounds of AES-128. For 2-round AES-128, HMAC-DM-AES-128 requires the precomputation phase time complexity of $2^{97}$ AES, the online phase time complexity of $2^{98.68}$ AES and the data complexity of $2^{98}$ blocks. Our work is meaningful in the point that it is the first security analysis of MAC based on hash modes of AES.

• 제어로봇시스템학회:학술대회논문집
• /
• 2005.06a
• /
• pp.374-376
• /
• 2005

In this paper, we presented our implementation of 3DES and HMAC-MD5 processing functionality in Intel? IXP 2400 platform. It can be used as encryption and authentication engine for VPNs such as IPsec and SSL.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.2
• /
• pp.345-358
• /
• 2016

In this paper, we present a security tool which called Digital Legal Seal. The Digital Legal Seal scans a barcode on a paper and print it with the tag generated by Hash-based Message Authentication Code(HMAC) in text format on a display device. The result of HMAC can be used for user authentication or secure message transmission on both online and offline. We examine not only how the Digital Legal Seal can make up the weak points of security card and OTP (One Time Password), but also the possibility of reducing the forgery of promissory note on offline.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2008.11a
• /
• pp.1228-1231
• /
• 2008

유선 네트워크와는 달리 WLAN 메쉬 네트워크는 비용면이나, 이동성면에서 장점을 많이 가지고 있다. 이에 대한 표준화가 진행 중에 있지만 많은 문제점과 기술적으로 해결해야 할 부분들이 남아있다. 특히 무선 전송기술인 DCF는 WLAN 메쉬 네트워크에 직접적으로 적용시키기에는 많은 문제점을 가지고 있다. DCF를 사용할 경우에는 무선자원을 공유하는 노드의 수가 증가하고 보내려는 패킷이 증가할수록 프레임간 충돌횟수가 급격히 증가해 무선자원의 사용 효율이 현저히 떨어지기 때문이다. 반면 PCF는 노드에게 일정시간 채널을 점유할 권리를 부여함으로써 프레임간 충돌을 없애 무선자원의 사용 효율을 향상시킬 수 있다. 하지만 트래픽이 적은 경우에는 불필요한 조사 프레임 전송, 조사목록 갱신 등으로 무선자원을 낭비하는 단점이 있다. 따라서 이 두 기술의 장점을 이용하여 WLAN 메쉬 네트워크에 적용시킨다면 데이터 전송의 효율을 증대시킬 수 있다. WLAN 메쉬 네트워크의 기본 통신범위 내에는 많은 노드들이 있으며 이를 계층적으로 나눌 경우 계층에 따라 트래픽의 양에 많은 차이를 보인다. 따라서 본 논문에서는 WLAN 메쉬 네트워크에서 DCF와 PCF를 트래픽에 따라 유연하게 사용함으로써 전송 효율을 증대시키는 적응형 HMAC 알고리즘을 제안한다. 시뮬레이션 결과 WLAN 메쉬 네트워크가 DCF에 전적으로 의존하는 경우에 비하여 적응형 HMAC 알고리즘이 적용된 WLAN 메쉬 네트워크는 트래픽이 증가할수록 수율, 지연 등에서 더 좋은 성능을 나타내었다.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.10 no.12
• /
• pp.3708-3714
• /
• 2009

Recently, most of information services are provided by the computer network, since the technology of computer communication is developing rapidly, and the worth of information over the network is also increasing with expensive cost. But various attacks to quietly intercept the informations is invoked with the technology of communication developed, and then most of the financial agency currently have used OTP, which is generated by a token at a number whenever a user authenticates to a server, rather than general static password for some services. A 2-factor OTP generating method using the OTP token is mostly used by the financial agency. However, the method is vulnerable to real attacks and therefore the OTP token could be robbed and disappeared. In this paper, we propose a 3-factor OTP way using HMAC to conquer the problems and analyze the security of the proposed scheme.