• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.43 no.11 s.353
• /
• pp.159-167
• /
• 2006

IEEE 802.11i standard specifies full authentication and preauthentication for secure handoff in 802.11 wireless LAN (WLAN). However, the full authentication is too slow to provide seamless services for handoff users, and preauthentication may fail in highly populated WLAN where it is highly probable that the cache entry of a preauthenticated user is evicted by other users before handoff. In this paper, we propose a fast and secure handoff scheme by reducing authentication and key management delay in the handoff process. When a user handoffs, security context established between the user and the previous access point (AP) is forwarded from the previous AP to the current AP, and the session key is reused before the handoff session terminates. The freshness of session key is maintained by regenerating session keys after handoff session is terminated. The proposed scheme can achieve considerable reduction in handoff delay with providing the same security level as 802.1X authentication by letting an AP authenticate a handoff user before making an robust security network association (RSNA) with it.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.6 no.6
• /
• pp.931-936
• /
• 2002

By emphasize and enhance security in encryption of same viewdata in this research, constructed video conference system that apply real time video encryption techniques that confidentiality and integrity aspect are emphasized than video conference system that depend on existent user certification techniques. Sender's image transmits Vernam's encryption process to listener by packet. Listener can display image through image's decipher process and uncompress after unite receiving transmited image. This time, solved transmission speed delay problem by video's real time encryption using Vernam's algorithm that encryption and the decipher speed are fast. Simplification problem of Vernam algorithm wished to solve Session Key that use security Key that is used encipherment and decipher in channel between Client and Server using RSA algorithm.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.1
• /
• pp.3-10
• /
• 2012

In this paper, we propose a fault injection attack on stream cipher A5/3 used in GSM. The fault assumption of this attack is based on that of fault injection attacks proposed in FDTC'05 and CISC-W'10. This attack is applicable to A5/3 supporting 64/128-bit session key, respectively, and can recover the session key by using a small number of fault injections. These works are the first known key recovery attack results on A5/3.

• IEIE Transactions on Smart Processing and Computing
• /
• v.2 no.5
• /
• pp.297-301
• /
• 2013

Key agreement protocols allow multi-parties exchanging public information to create a common secret key that is known only to those entities over an insecure network. Since Joux first published the pairing-based one round tripartite key agreement protocol, many authenticated protocols have been proposed. Unfortunately, many of them have been broken while others have been shown to be deficient in some desirable security attributes. In 2004, Cheng et al. presented two protocols aimed at strengthening Shim's certificate-based and Zhang et al.'s tripartite identity-based protocols. This paper reports that 1) In Cheng et al.'s identity-based protocol, an adversary can extract long-term private keys of all the parties involved; and 2) Cheng et al.'s certification-based protocol is weak against key integrity attacks. This paper suggests possible remedies for the security flaws in both protocols and then presents a modified Cheng et al.'s identity-based, one-round tripartite protocol that is more secure than the original protocol.

• Journal of the Korea Institute of Military Science and Technology
• /
• v.15 no.1
• /
• pp.46-56
• /
• 2012

Traitor Tracing schemes are broadcast encryption systems where at least one of the traitors who were implicated in the construction of a pirate decoder can be traced. This traceability is required in various contents delivery system like satellite broadcast, DMB, pay-TV, DVD and so on. In this paper, we propose a public key traitor tracing scheme with key-update method. If the system manager can update a secret key which is stored in an authorized decode, it makes a pirate decoder useless by updating a secret key A pirate decoder which cannot update a secret key does not decrypt contents in next session or during tracing a traitor, this scheme has merits which will make a pirate decoder useless, therefore this scheme raises the security to a higher level.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.15 no.4
• /
• pp.83-92
• /
• 2005

D-OCSP-KIS proposed by Koga and Sakurai not only reduces the number or OCSP Responder's certificate but also criers the certificate status validation about OCSP Responder to the client. Therefore, D-OCSP-KIS is an effective method that can reduce the communication cost, computational time and storage consumption in client, but it has some problems. In case an attacker accidentally acquires an OCSP Responder's session private key in a time period (e.g., one day), she can disguise as the OCSP Responder in the time period unless the OCSP Responder recognizes. She can offer the wrong response to the client using the hash value intercepted. And the server and user on I-commerce can have a serious confusion and damage. And the computation and releasing of hash chain can be a load to CA. Thus, we propose a method detecting immediately the exposure of an OCSP Responder's session private key and the abuse of hash value in D-OCSP-KIS.

• Journal of the Korea Convergence Society
• /
• v.5 no.4
• /
• pp.101-106
• /
• 2014

Most peoples are used to prefer to view the video contents rather than the other contents since the video contents are more easy to understand with both their eyes and ears. As the wide spread use of smartphones, the demands for the contents services are increasing rapidly. To promote the contents business, it's important to provide security of subscriber authentication and corresponding communication channels through which the contents are delivered. Generally, symmetric key encryption scheme is used to protect the contents in the channel, and the session key should be upadated periodically for the security reasons. In addition, to protect viewing paid contents by illegal users, the proxy authentication should not be allowed. In this paper, we propose biometric based user authentication and one time key generation models. The proposed model is consist of biometric template registration, session key generation and chanel encryption steps. We analyze the difference and benefits of our model with existing CAS models which are made for CATV contents protection, and also provides applications of our model in electronic commerce area.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.32 no.11A
• /
• pp.1128-1137
• /
• 2007

Recently, according to being advanced internet, mobile communication technique, Telematics environment which users in vehicle can use internet service in LAN(Local Area Network) via mobile device has being realized. In this paper, we propose the remote user authentication protocol to solve these issues. Additionally, we use biometrics(fingerprint) for our user authentication protocol cause it can provide to avoid critical weakness that can be lost, stolen, or forgotten and to make authentication easily. In our user authentication protocol, to protect the biometric we use session key which is generated from master key distributed in our key distribution protocol. In particular, we propose secure protocol between APs considering weakness of security in mobile environment. Based on implementation of our proposed protocol, we conform that our proposed protocols are secure from various attack methods and provide real-time authentication.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.37 no.5C
• /
• pp.410-419
• /
• 2012

This paper proposes a secure and efficient anonymous authentication scheme for health information push service based on indoor location in hospital. The proposed scheme has the following benefits: (1)It is just based on a secure one-way hash function for avoiding complex computations for both health care operations users and health care centers. (2)It does not require sensitive verification table which may cause health care centers to become an attractive target for numerous attacks(e.g., insertion attacks and stolen-verifier attacks), (3)It provides higher security level (e.g., secure mutual authentication and key establishment, confidential communication, user's privacy, simple key management, and session key independence). As result, the proposed scheme is very suitable for various location-based medical information service environments using lightweight-device(e.g., smartphone) because of very low computation overload on the part of both health care operations users and health care centers.

• The KIPS Transactions:PartC
• /
• v.14C no.6
• /
• pp.471-474
• /
• 2007

In this paper, we propose a variant of Diffie-Hellman key exchange protocol to provide pre-computable session key and to give another version of Diffie-Hellman key exchange protocol that might be useful in designing more sophisticated cryptographic protocols. We prove the security of the key exchange protocol by reducing DH key exchange protocol to ours.