• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.3
• /
• pp.609-612
• /
• 2016

Authenticated key exchange protocol achieves its authentication by using hash-based authenticator with input of common message and session key that agrees between participants. In the letter, we show that this approach cannot satisfy the entire security, through a recent example protocol that is proposed by Tsai et al, 2014, if the input of authenticator has been insecurely designed.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.13 no.3
• /
• pp.177-181
• /
• 2013

As smart devices and OS with communication capabilities based latest NFC (Near Field Communication) have been spreaded, many applications with using existing RFID are being replaced to NFC. Smart NFC technology and existing services and devices can be easily combined convergence and advantage of smart phones, such as authentication and billing, medical care, the creation of a new paradigm of Network Communication are to be expected. By developing H/W, S/W of the Smart NFC Security Authenticator(SNSA), satisfying with wireless communication test results within accepted reference value, analyzing and testing the impact of topology, the signal performance of Daisy Chain Topology was much better than Star Topology's.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.29 no.4C
• /
• pp.581-593
• /
• 2004

The interest in wireless LAN security is on the increase owing to a role of high-speed wireless Internet infrastructure of wireless LAN. Wi-Fi has released WPA standard in order to overcome drawbacks of WEP algorithm that is security element of current IEEE 802.11-based wireless LAN system. Pairwise key management and group key management in a mixed-mode which supports both terminals running WPA and terminals running original WEP security are very complicate. In this paper, we analyze flaws in WPA authenticator key management state machine for key distribution and propose the countermeasures to overcome the analyzed problems. Additionally, WPA authenticator key management state machine to which the solutions are applied is described. The reconstructed WPA authenticator key management state machine helps the AP perform efficiently group key exchange and group key update in the mixed-mode.

• International Journal of Computer Science & Network Security
• /
• v.23 no.4
• /
• pp.111-115
• /
• 2023

Knowledge Based Authentication is the most well-known technique for user authentication in a computer security framework. Most frameworks utilize a straightforward PIN (Personal Identification Number) or psssword as an data authenticator. Since password based authenticators typically will be software based, they are inclined to different attacks and weaknesses, from both human and software.Some of the attacks are talked about in this paper.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2002.11b
• /
• pp.1329-1332
• /
• 2002

최근에 공공장소에서의 보다 안정적이고 고속의 무선 인터넷 접속에 대한 욕구가 커지면서 무선랜에 대한 수요가 많아지고 있고, 유무선 사업자들은 무선랜 시장을 선점하기 위해서 서비스를 서두르고 있다. 이와 같은 무선랜환경에서 안전하게 사용자를 인증하고 서비스를 제공하기 위해서 802.1x 표준이 정의되었다. 이와 같은 802.1x 표준의 관리를 위한 MIB 구조가 IEEE 802.1x MIB에 정의되어 있다. 본 논문에서는 무선단말 사용자를 인증시켜 주고 무선랜서비스를 허가해주는 authenticator의 입장에서 AP를 관리하기 위한 관리 시스템을 위의 MIB 을 기준으로 해서 설계하고 구현하였다.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2006.06a
• /
• pp.365-369
• /
• 2006

Multiple Message Authentication Codes can be represented by one of the Short MAC, Bloom Filter or Compressed Bloom Filler to reduce communication overheads. However, this will inevitably increase false positive rate (fpr) which is a false authentication probability of adversarial messages in trade-off of communication efficiency. While the simple short MAC scheme has the lowest fpr, one cannot choose arbitrary authenticator size. Bloom filter, randomized data structure often used for membership queries, can represent multiple MACs more flexibly with slightly higher fpr. Furthermore, compressed Bloom filter has the same fpr with the short MAC while maintaining its flexibility. Through our detailed analysis, we show that pros and cons of the three schemes are scenario specific. Therefore one can choose appropriate scheme under given parameters to achieve both communication efficiency and security based on our results.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2002.11a
• /
• pp.473-476
• /
• 2002

본 논문에서는 ad-hoc wireless network에서 상호간의 사전지식 없이 상대편을 authenticate하는 프로토콜을 제시한다. 기존에 Dirk Balfanz et al에 의해 제시된 변형된interactive Guy Fawkes protocol은 해쉬함수의, 전달하고자 하는 메시지와 그 authenticator의 해쉬값을 보내고, 다음 단계에서 그 원본을 밝히는 원리를 이용한 것으로, PKI 없이 해쉬함수 만으로 상호인증과 메시지의 무결성을 보장함으로써 전반적인 ID 체계와 public key encryption, decryption 연산에 대한 부담을 덜었다. 하지만, 이것은 여전히 eavesdropping같은 passive attack에 노출되어 있다[1]. 본 논문에서는 zero-knowledge 기반의 프로토콜을 이용하여 상호 정보를 교환할 수 없는 환경에서도 안전하게 상호 authentication을 가능하게 하는 방법을 제시한다.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.13 no.6
• /
• pp.3299-3315
• /
• 2019

Deniable authentication (DA) is a protocol in which a receiver can generate an authenticator that is probabilistically indistinguishable from a sender. DA can be applied in many scenarios that require user privacy protection. To enhance the security of DA, in this paper, we construct a new deniable authenticated encryption (DAE) scheme that realizes deniable authentication and confidentiality in a logical single step. Compared with existing approaches, our approach provides proof of security and is efficient in terms of performance analysis. Our scheme is in an identity-based environment; thus, it avoids the public key certificate-based public key infrastructure (PKI). Moreover, we provide an example that shows that our protocol is applicable for e-voting systems.

• Journal of the Korea Society of Computer and Information
• /
• v.17 no.7
• /
• pp.107-115
• /
• 2012

Recently, Li and Hwang scheme proposed a biometrics-based remote user authentication scheme using smart card. It is asserted that this scheme has very excellent benefits by the operation cost efficiency based on the smart card, one-way function and biometrics using random numbers. But this scheme cannot provide the properly authentication, especially, it is analyzed as the vulnerable security scheme for Denial-of-Service(DoS) attacks by impersonate attacks. The attacker controls the insecure channel, they can easily fabricate messages to pass the user's or server's authentication, and the malicious attacker can impersonate the user to cheat the server and can impersonate the server to cheat the user without knowing any secret information. This paper proposes the strong improved scheme which can respond to multiple attacks by supplementing the function of integrity check from the server which applied variable authenticator and OSPA without exposing the user's password information. It is supplemented pregnable of disguise attack and mutual authentication of Li and Hwang scheme.