• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.9 no.2
• /
• pp.811-829
• /
• 2015

One-way authenticated key agreement protocols, aiming at solving the problems to establish secure communications over public insecure networks, can achieve one-way authentication of communicating entities for giving a specific user strong anonymity and confidentiality of transmitted data. Public Key Infrastructure can design one-way authenticated key agreement protocols, but it will consume a large amount of computation. Because one-way authenticated key agreement protocols mainly concern on authentication and key agreement, we adopt multi-server architecture to realize these goals. About multi-server architecture, which allow the user to register at the registration center (RC) once and can access all the permitted services provided by the eligible servers. The combination of above-mentioned ideas can lead to a high-practical scheme in the universal client/server architecture. Based on these motivations, the paper firstly proposed a new one-way authenticated key agreement scheme based on multi-server architecture. Compared with the related literatures recently, our proposed scheme can not only own high efficiency and unique functionality, but is also robust to various attacks and achieves perfect forward secrecy. Finally, we give the security proof and the efficiency analysis of our proposed scheme.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.20 no.1
• /
• pp.94-102
• /
• 2016

In this work we propose a new method to countermeasure against the abatement attack to the security server that is induced by man-in-the-middle attack. To that purpose, we first investigate the state of the art in the current research about the abatement attack. After that, we propose a new countermeasure method that can cope with the unresolved problems in the current method, which can cover diverse types of network.

• Journal of KIISE:Computer Systems and Theory
• /
• v.29 no.3
• /
• pp.153-160
• /
• 2002

In this paper, we consider a secure and efficient metering scheme to measure the interaction between clients and servers in interned advertising. In most cases internet advertising is composed of clients, servers, and an audit agency who collects a metering information about the number of clients that were served by each server. The metering scheme should always be secure against fraud attempts by servers which maliciously try to inflate the number of their clients and against clients that attempt to disrupt the metering process. So we suggest secure and efficient metering schemes, based on some cryptographic techniques, which are also very accurate and robust.

• International Journal of Internet, Broadcasting and Communication
• /
• v.9 no.3
• /
• pp.35-43
• /
• 2017

In 2013, Lee-Lie proposed secure smart card based authentication scheme of Zhu's authentication for TMIS which is secure against the various attacks and efficient password change. In this paper, we discuss the security of Lee-Lie's smart card-based authentication scheme, and we have shown that Lee-Lie's authentication scheme is still insecure against the various attacks. Also, we proposed the improved scheme to overcome these security problems of Lee-Lie's authentication scheme, even if the secret information stored in the smart card is revealed. As a result, we can see that the improved smart card based user authentication scheme for TMIS is secure against the insider attack, the password guessing attack, the user impersonation attack, the server masquerading attack, the session key generation attack and provides mutual authentication between the user and the telecare system.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.12 no.1
• /
• pp.523-549
• /
• 2018

The increasing number of subscribers and demand of multiplicity of services has turned Multi-Server Authentication (MSA) into an integral part of remote authentication paradigm. MSA not only offers an efficient mode to register the users by engaging a trusted third party (Registration Centre), but also a cost-effective architecture for service procurement, onwards. Recently, Lu et al.'s scheme demonstrated that Mishra et al.'s scheme is unguarded to perfect forward secrecy compromise, server masquerading, and forgery attacks, and presented a better scheme. However, we discovered that Lu et al.'s scheme is still susceptible to malicious insider attack and non-compliant to perfect forward secrecy. This study presents a critical review on Lu et al.'s scheme and then proposes a secure multi-server authentication scheme. The security properties of contributed work are validated with automated Proverif tool and proved under formal security analysis.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.9 no.12
• /
• pp.5135-5149
• /
• 2015

Communications among multi-party must be fast, cost effective and secure. Today's computing environments such as internet conference, multi-user games and many more applications involve multi-party. All participants together establish a common session key to enable multi-party and secure exchange of messages. Multi-party password-based authenticated key exchange scheme allows users to communicate securely over an insecure network by using easy-to-remember password. Kwon et al. proposed a practical three-party password-based authenticated key exchange (3-PAKE) scheme to allow two users to establish a session key through a server without pre-sharing a password between users. However, Kwon et al.'s scheme cannot meet the security requirements of key authentication, key confirmation and anonymity. In this paper, we present a novel, simple and efficient multi-party password-based authenticated key exchange (M-PAKE) scheme based on the elliptic curve cryptography for mobile environment. Our proposed scheme only requires two round-messages. Furthermore, the proposed scheme not only satisfies security requirements for PAKE scheme but also achieves efficient computation and communication.

• Journal of Korea Multimedia Society
• /
• v.18 no.12
• /
• pp.1483-1491
• /
• 2015

Applications of Internet of Things (IoT) supply various conveniences, however unsolved security problems such as personal privacy, data manipulation cause harm to persons, even nations and an limit the applicable areas of Internet of IoT technology. Therefore, study about secure and efficient security system on IoT are required. This paper proposes ID-based remote user authentication scheme in IoT environments. Proposed scheme provides untraceability of users by using different pseudonym identities in every session and reduces the number of variables. Our proposal is secure against inside attack, smart card loss attack, user impersonation attack, server masquerading attack, online/offline password guessing attack, and so on. Therefore, this can be applied to the lightweight IoT environments.

• The KIPS Transactions:PartD
• /
• v.15D no.5
• /
• pp.699-704
• /
• 2008

By the dependence on Web from popularization of internet and increasing number of users, web services capability and security problem of communication is becoming a great issue. Existing web services technology decrease the capability of web application server by limiting the number of synchronous client, decreasing the processing load and increasing average response time. The encryption process to secure communication and the early expense of handshake decrease transmission speed and server capability by increasing the calculation time for connecting. Accordingly, this paper executes an encryption procedure by elliptical encryption algorithm to satisfy secure demands, improve the overload of server for web services and get reliability and security of web server architecture and proposes an improved mobile web sever which provides better ability and the techniques for deferred processing.

• International Journal of Computer Science & Network Security
• /
• v.21 no.9
• /
• pp.1-10
• /
• 2021

The Internet of things (IoT) is the main advancement in data processing and communication technologies. In IoT, intelligent devices play an exciting role in wireless communication. Although, sensor nodes are low-cost devices for communication and data gathering. However, sensor nodes are more vulnerable to different security threats because these nodes have continuous access to the internet. Therefore, the multiparty security credential-based key generation mechanism provides effective security against several attacks. The key generation-based methods are implemented at sensor nodes, edge nodes, and also at server nodes for secure communication. The main challenging issue in a collaborative key generation scheme is the extensive multiplication. When the number of parties increased the multiplications are more complex. Thus, the computational cost of batch key and multiparty key-based schemes is high. This paper presents a Secure Multipart Key Distribution scheme (SMKD) that provides secure communication among the nodes by generating a multiparty secure key for communication. In this paper, we provide node authentication and session key generation mechanism among mobile nodes, head nodes, and trusted servers. We analyzed the achievements of the SMKD scheme against SPPDA, PPDAS, and PFDA schemes. Thus, the simulation environment is established by employing an NS 2. Simulation results prove that the performance of SMKD is better in terms of communication cost, computational cost, and energy consumption.

• International Journal of Computer Science & Network Security
• /
• v.22 no.9
• /
• pp.15-22
• /
• 2022

The Tactile Internet technology is considered as the evolution of the internet of things. It will enable real time applications in all fields like remote surgery. It requires extra low latency which must not exceed 1ms, high availability, reliability and strong security system. Since it appearance in 2014, tremendous efforts have been made to ensure authentication between sensors, actuators and servers to secure many applications such as remote surgery. This human to machine relationship is very critical due to its dependence of the human live, the communication between the surgeon who performs the remote surgery and the robot arms, as a tactile internet actor, should be fully and end to end protected during the surgery. Thus, a secure mutual user authentication framework has to be implemented in order to ensure security without influencing latency. The existing methods of authentication require server to stock and exchange data between the tactile internet entities, which does not only make the proposed systems vulnerables to the SPOF (Single Point of Failure), but also impact negatively on the latency time. To address these issues, we propose a lightweight authentication protocol for remote surgery in a Tactile Internet environment, which is composed of a decentralized blockchain and physically unclonable functions. Finally, performances evaluation illustrate that our proposed solution ensures security, latency and reliability.