• Journal of the Korea Computer Industry Society
• /
• v.5 no.9
• /
• pp.891-902
• /
• 2004

Membership changing is deeply associated with scalability problem for group key management. If members of the group join or leave, new group key has to be geneerated and distributed to all remaining members of group. Group key changing is perform for group controller. The following parameters are important evaluating criteria of multicast key management scheme that generate and deliver new keys for rekeying: the number of keys stored by both controller and member, messages to deliver, keys to initially be delivered by controller, blocking capability of collusion attacks, messages to deliver at the batch rekeyng. Batch rekeying can reduce messages to deliver and operation costs of generation for message rather than removing members sequentially in fashion one after another. We propose efficient batch rekeying scheme applicable to Pegueroles scheme using random number and prove to be a efficient group key scheme for enhanced Pegueroles model with batch rekeying capability.

• IEMEK Journal of Embedded Systems and Applications
• /
• v.3 no.4
• /
• pp.207-217
• /
• 2008

A novel scheme is presented for Traffic Encryption Key (TEK) rekeying with low communication overhead for an Internet Protocol television (IPTV) conditional access system over Data-Over-Cable Service Interface Specifications (DOCSIS) 3.0. The proposed scheme utilizes the DOCSIS system synchronization for periodic TEK rekeying instead of a conventional TEK rekeying negotiation process. Analysis shows that the communication overhead is only 0.012 Kbps when TEK rekeying frequency is 1 second.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.3
• /
• pp.75-88
• /
• 2011

Messages need to transmit to the neighbors securely in wireless sensor network, because a sensor node is deployed in hostile area. Thus it is necessary to support secure communication. One of the most important communication part is secure multicast. Especially, group rekeying is a big problem for multicast key management. So, group rekeying must be proceed securely when secrete information is exposed by attacker. Many group rekeying schemes have been studied for ad hoc networks. However, these schemes are Ill1desirable in WSNs. In this paper, we proposed a novel group rekeying scheme in WSNs that it has very powerful security.

• Journal of Digital Contents Society
• /
• v.19 no.3
• /
• pp.579-586
• /
• 2018

Simple Power Analysis(SPA) and Differential Power Analysis(DPA) attacks are Side Channel Attacks(SCA) which were introduced in 1999 by Kocher et al [2]. SPA corresponds to attacks in which an adversary directly recovers key material from the inspection of a single measurement trace (i.e. power consumption or electromagnetic radiation). DPA is a more sophisticated attacks in which the leakage corresponding to different measurement traces (i.e. different plaintexts encrypted under the same key) is combined. Defenses against SPA and DPA are difficult, since they essentially only reduce the signal the adversary is reading, PA and DPA. This paper presents a study on rekeying and sponged-based approach against SCA with current secure schemes. We also propose a fixed ISAP scheme with more secure encryption and authentication based on secure re-keying and sponge functions.

• The Journal of Korean Association of Computer Education
• /
• v.9 no.2
• /
• pp.111-124
• /
• 2006

Multicast services are provided on the Internet in fast increasing. Therefore it is important to keep security for multicast communication. If a member of the group is removed, new group key has to be generated and distributed to all remaining members of group. Minimizing number of messages and operation cost for generation of the composite keys to be used to encrypting group key are important evaluating criteria of multicast key management scheme since generation and distribution of new keys for rekeying require expensive operation. Periodic batch rekeying can reduce these important parameters rather than rekeying sequentially in fashion one after another. In this paper, Hamming distance is calculated between every members to be removed. In batch rekeying the members with Hamming distance less than threshold are selected for rekeying procedure. With running the round assignment algorithm in the case of removing several members simultaneously, our scheme has advantages of reducing messages and operation cost for generation of the composite keys and eliminating possibility of collusion attack for rekeying. We evaluate performance of round assignment algorithm through simulation and show that our scheme is excellent after performance comparison of existent schemes and our scheme.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.15 no.6
• /
• pp.71-80
• /
• 2005

In the near future, various aplications on the Internet will be based on the multicast group communication, so that the efficient group key management is essential for managing the frequent group join and leave events. In this paper, we propose several batch rekeying schemes extended from conventional individual rekeying schemes, and analyze the efficiencies of them in terms of both the number of encryption and one-way hash function as well as multicast message size. Considering multiple member leaves, a probabilistic approach is need to compute the average computational amounts for rekeying.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2008.10a
• /
• pp.274-277
• /
• 2008

Rekeying is the process of changing the encryption key of an ongoing communication. The main objective is to limit the amount of data encrypted with the same key. The IEEE 802.11 standard defines the Wired Equivalent Privacy, or WEP, encapsulation of 802.11 data frames. MAC at sender encrypts the payload (frame body and CRC) of each 802.11 frame before transmission using RC4 stream cipher. MAC at receiver decrypts and passes data to higher level protocol. WEP uses symmetric key stream cipher (RC4) where same key will be used for data encryption and decryption at the sender and the receiver. WEP is not promising with the advancement of the wireless technology existing today. We propose to use the existing information to define the security attributes. This will eliminate the steps that regenerated keys have to be sent to each other over certain period. The rekeying scheme is according to the number of bytes transmitted. Therefore, even the attacker has recorded the packets, it will be insufficient information and time for the attacker to launch the attacks as the key is not deterministic. We develop a packet simulation software for packet transmission and simulate our propose scheme. From the simulation, our propose scheme will overcome the weak WEP key attack and provide an alternative solution to wireless packet transmission. Besides that, our solution appears to be a software approach where only driver updates are needed for the wireless client and server.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2017.04a
• /
• pp.373-375
• /
• 2017

Side-channel attacks and in particular differential power analysis (DPA) attacks pose a serious threat to cryptographic implementations. One approach to counteract such attacks is cryptographic schemes based on fresh re-keying. In settings of pre-shared secret keys, such schemes render DPA attacks infeasible by deriving session keys and by ensuring that the attacker cannot collect side-channel leakage on the session key during cryptographic operations with different inputs. This paper present a study on rekeying approach against side channel attacks with current secure schemes and their rekeying functions.

• Journal of Communications and Networks
• /
• v.14 no.4
• /
• pp.418-428
• /
• 2012

With the requirement for providing multiple levels of access control for group members, many group key management schemes designed for hierarchical access control have been put forward. However, most of these schemes focus on the efficiency of group key establishment and rekeying in centralized environments. This paper proposes an integrated group key agreement (IGK) scheme for contributory environments. The IGK scheme employs the integrated key graph to remove key redundancies existing in single key trees, and reduces key establishment and rekeying time while providing hierarchical access control. Performance analyses and simulations conducted with respect to computation and communication overheads indicate that our proposed IGK scheme is more efficient than the independent group key agreement scheme.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.7 no.11
• /
• pp.2769-2792
• /
• 2013

In this paper, we propose an authenticated key agreement scheme, TinyIBAK, based on the identity-based cryptography and bilinear paring, for large scale sensor networks. We prove the security of our proposal in the random oracle model. According to the formal security validation using AVISPA, the proposed scheme is strongly secure against the passive and active attacks, such as replay, man-in-the middle and node compromise attacks, etc. We implemented our proposal for TinyOS-2.1, analyzed the memory occupation, and evaluated the time and energy performance on the MICAz motes using the Avrora toolkits. Moreover, we deployed our proposal within the TOSSIM simulation framework, and investigated the effect of node density on the performance of our scheme. Experimental results indicate that our proposal consumes an acceptable amount of resources, and is feasible for infrequent key distribution and rekeying in large scale sensor networks. Compared with other ID-based key agreement approaches, TinyIBAK is much more efficient or comparable in performance but provides rekeying. Compared with the traditional key pre-distribution schemes, TinyIBAK achieves significant improvements in terms of security strength, key connectivity, scalability, communication and storage overhead, and enables efficient secure rekeying.