• Journal of Information Processing Systems
• /
• v.7 no.4
• /
• pp.691-706
• /
• 2011

Since security and privacy problems in RFID systems have attracted much attention, numerous RFID authentication protocols have been suggested. One of the various design approaches is to use light-weight logics such as bitwise Boolean operations and addition modulo $2^m$ between m-bits words. Because these operations can be implemented in a small chip area, that is the major requirement in RFID protocols, a series of protocols have been suggested conforming to this approach. In this paper, we present new attacks on these lightweight RFID authentication protocols by using the Gr$\ddot{o}$bner basis. Our attacks are superior to previous ones for the following reasons: since we do not use the specific characteristics of target protocols, they are generally applicable to various ones. Furthermore, they are so powerful that we can recover almost all secret information of the protocols. For concrete examples, we show that almost all secret variables of six RFID protocols, LMAP, $M^2AP$, EMAP, SASI, Lo et al.'s protocol, and Lee et al.'s protocol, can be recovered within a few seconds on a single PC.

• International Journal of Internet, Broadcasting and Communication
• /
• v.11 no.1
• /
• pp.17-26
• /
• 2019

The Constrained Application Protocol (CoAP) is a specialized web transfer protocol proposed by the IETF for use in IoT environments. CoAP was designed as a lightweight machine-to-machine protocol for resource constrained environments. Due to the strength of low overhead, the number of CoAP devices is expected to rise rapidly. When CoAP runs over UDP for wireless sensor networks, CoAP needs to support congestion control mechanisms. Since the default CoAP defines a minimal mechanism for congestion control, several schemes to improve the mechanism have been proposed. To keep CoAP lightweight, the majority of the schemes have been focused mainly on how to measure RTT accurately and how to set RTO adaptively according to network conditions, but other approaches such as rate-based congestion control were proposed more recently. In this paper, we survey the literature on congestion control for CoAP and discuss the future research directions.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.6
• /
• pp.1309-1317
• /
• 2018

Although the IoT market is steadily growing, there is still a lack of consideration for increasing security threats in the IoT environment. In particular, it is difficult to apply existing IP security technology to resource-constrained devices. Therefore, there is a demand for reliable end-to-end communication security measures to cope with security threats such as information tampering and leakage that may occur during communication between heterogeneous networks do. In this paper, we propose an end-to-end message security protocol based on lightweight cipher that increases security and lowers security overhead in resource-constrained IoT device communication. Through simulation of processing time, we verified that the proposed protocol has better performance than the existing AES-based protocol.

• Journal of Internet Computing and Services
• /
• v.10 no.2
• /
• pp.41-51
• /
• 2009

Recently, there are many researches on security to remove vulnerability which is caused by wireless communication in wireless sensor networks. To guarantee secure communication, we should basically provide key management for each node, mutual authentication and key agreement protocol between two nodes. Although many protocols are presented to supply these security services, some of them require plentiful storage memory, powerful computation and communication capacity. In this paper, we propose a lightweight and efficient authentication and key agreement protocol between two sensor nodes, which is an enhanced version of Juang's scheme. In Juang's protocol, sensor node's information used to share a secret key should be transmitted to registration center via a base station. On the contrary, since node's information in our protocol is transmitted up to only base station, the proposed scheme can decrease computation and communication cost for establishing the shared key between two nodes.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.15 no.1
• /
• pp.21-28
• /
• 2019

Internet of Things(IoT) is a technology or environment that collects data by attaching sensors to objects and transmits the collected information to each other through wired / wireless communication in real time. It is expected that when the Internet of objects is activated, many objects can identify and recognize each other by themselves and provide various services to facilitate our lives through mutual information exchange. In addition, the internet market for things is growing rapidly each year, and various IT technologies are expected to converge. In the Internet environment of objects, data exchange technology between object devices, that is, message protocol, is classified as one of important technologies. In this paper, we examine various lightweight message protocols suitable for the Internet environment of objects, and compare the reliability of the CoAP protocol structure with the MQTT protocol for a limited environment. Finally, we confirm the reliability of TCP / TLS and WebSockets-based CoAP transmission protocol of IETF's CoRE WG that can use various transport layers other than UDP in Internet environment including cloud infrastructure.

• Journal of information and communication convergence engineering
• /
• v.9 no.4
• /
• pp.441-446
• /
• 2011

Radio frequency identification (RFID) tags are cheap and simple devices that can store unique identification information and perform simple computation to keep better inventory of packages. Security protocol for RFID tags is needed to ensure privacy and authentication between each tag and their reader. In order to accomplish this, in this paper, we analyzed a lightweight privacy and authentication protocol for passive RFID tags.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2011.10a
• /
• pp.253-254
• /
• 2011

Most of existing RFID authentication protocols either suffer from some security weaknesses or require costly operations that are not available on low-cost tags. In this paper, we analyzed the security mechanism of a lightweight authentication protocol.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.15 no.4
• /
• pp.29-38
• /
• 2005

Because IEEE 802.11 has several security vulnerabilities, IEEE 802.11i was proposed and accepted. But IEEE 802.11i has much overhead for most of users for the web surfing. Besides not only node the authentication but also the packet authentication is needed to communicate. Although IEEE 802.11i uses TKIP(Temporal Key integrity Protocol) and CCMP(CTR with CBC-MAC Protocol), they have a lot of overheads. In this paper, Lightweight Packet Authentication(LIPA) is proposed. LIPA has less overhead and short delay so that it can be affordable for simple web-surfing which does not need stronger security. After comparing performances of LIPA with those of TKIP and CCMP, LIPA is more efficient than other schemes for transmitting packets.

• Journal of Korea Society of Industrial Information Systems
• /
• v.20 no.4
• /
• pp.11-23
• /
• 2015

In this paper, we propose a communication middleware for development of HACCP(Hazard Analysis and Critical Control Point) automation system, which is composed of lightweight devices and a server, to support effective HACCP data management. To provide the proper HACCP data to lightweight devices, we design the communication message protocol based on HACCP management regulation model. Moreover, we develop the communication middleware that performs various functions, such as processing of communication protocols for HACCP data, analyzing of messages between devices and a server, and providing database managements tools. In addition, it takes a role to guarantee sharing consistent data among the devices and server, through the active updates for information on devices. Actually, the proposed communication middleware can be a part of critical system to develop a HACCP automation system with lightweight devices, because it implements the HACCP communication protocols making lightweight devices execute every HACCP task.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.11 no.4
• /
• pp.61-68
• /
• 2011

Recently arithmetic circuit of lightweight AES symmetric key algorithm that can apply to passive tag have been developed, then security protocol of RFID system using AES symmetric encryption techniques have been proposed. This paper proposed security enhancement protocol of RFID system using lightweight AES arithmetic circuit and random number generator of passive tag. The proposed protocol have AES algorithm and random number generator at server, reader, tag, and transmit encrypted message by separate secret key using random number at each session. The mutual authentication of tag and reader used reader random number and tag random number. As a result, proposal protocol reduce authentication steps of the existing mutual authentication protocol, and reduce amount of computation of tag, and demonstrate as secure protocol to every attack type of attacker by decrease communication step of Air Zone.