• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.9 no.12
• /
• pp.4987-5014
• /
• 2015

The bilinear pairing, also known as Weil pairing or Tate pairing, is widely used in cryptography and its properties help to construct cryptographic schemes for different applications in which the security of the transmitted data is a major concern. In remote login authentication schemes, there are two major requirements: i) proving the identity of a user and the server for legitimacy without exposing their private keys and ii) freedom for a user to choose and change his password (private key) efficiently. Most of the existing methods based on the bilinear property have some security breaches due to the lack of features and the design issues. In this paper, we develop a new scheme using the bilinear property of an elliptic point and the biometric characteristics. Our method provides many features along with three major goals. a) Checking the correctness of the password before sending the authentication message, which prevents the wastage of communication cost; b) Efficient password change phase in which the user is asked to give a new password after checking the correctness of the current password without involving the server; c) User anonymity - enforcing the suitability of our scheme for applications in which a user does not want to disclose his identity. We use BAN logic to ensure the mutual authentication and session key agreement properties. The paper provides informal security analysis to illustrate that our scheme resists all the security attacks. Furthermore, we use the AVISPA tool for formal security verification of our scheme.

• Journal of information and communication convergence engineering
• /
• v.10 no.1
• /
• pp.53-60
• /
• 2012

Attribute-based encryption (ABE) is an encryption scheme in which the user is able to decrypt a ciphertext with associated attributes. However, the scheme does not offer the capability of decryption to others when the user is offline. For this reason, the attribute-based proxy re-encryption (ABPRE) scheme was proposed, which combines traditional proxy re-encryption with ABE, so a user is able to empower designated users to decrypt the re-encrypted ciphertext with the associated attributes of designated users. However, previous ABPRE schemes demands a number of pairing operations that imply huge computational overhead. To reduce the number of pairing operations, we reduce the pairing operations with exponent operations. This paper provides a novel approach to an ABPRE scheme with constant pairing operation latency.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.38A no.5
• /
• pp.443-450
• /
• 2013

We consider user pairing and resource allocation for the uplink of cellular systems employing virtual multiple input multiple output (MIMO). As a multiple access scheme, discrete Fourier transform spread orthogonal frequency division multiple access (DFTS-OFDMA) is adopted for more flexible resource allocation than single carrier (SC)-OFDMA adopted in the Long Term Evolution (LTE) system. We formulate the optimization problems of user pairing and resource allocation to maximize the throughput of the DFTS-OFDMA system under different constraints. The DFTS-OFDMA allowing non-contiguous subcarrier allocation and redundant user assignment provides a better throughput than the SC-FDMA at lower complexity in finding the optimal solution but at the cost of the increased control information indicating the allocated resources.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.6
• /
• pp.1483-1490
• /
• 2017

Wearable devices need a host device to be paired with because of connectivity, functionality and ease personalization. There should be frequent update and backup processes between the paired devices even without user's consciousness. Due to pairing process, user-specific data are copied from smartphone and transferred to paired smartwatch. We focus on what happens in smartwatch because of pairing process. We perform an experiment study by observing and extracting data from smartwatch under real world usage phases. With a survey of user awareness on smartwatch regarding security and privacy, moreover, we suggest risk assessment on smartwatch in five levels, particularly considering pairing process based on security and privacy.

• KIPS Transactions on Computer and Communication Systems
• /
• v.5 no.12
• /
• pp.481-490
• /
• 2016

Bluetooth utilizes a symmetric key that is exchanged at the first pairing to establish a secure channel. There are four authentication modes which enables device authentication, Just work, Passkey Entry, Out of Band, and Numeric Comparison. Up to now, Just work has been considered as the authentication mode that is vulnerable to Man-In-The-Middle (MITM) Attack. In addition, it is possible to intentionally change any authentication mode to Just work mode, in order to succeed in MITM Attack under Just work mode. However, this kind of attacks have just worked under the assumption that users should not notice that authentication mode was changed. In this paper, We analyze the specification of Secure Simple Pairing, LE Legacy Pairing and LE Secure Connection Pairing. When using Passkey Entry mode on each approach, it seems the MITM attack is possible. Also it offers Passkey Entry MITM attack that does not require assumptions about the user's fault, because it isn't change verification process of the authentication mode unlike traditional attacks. We implement the proposed MITM attacks. Also we presents a scenario in which an attack can be exploited and a countermeasure.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2003.10a
• /
• pp.215-218
• /
• 2003

In this paper, we propose a protocol both allow a End-to-End security between user and service provider and independent in mobile Internet platform in AIP. In particular, our proposed protocol generates a session key using Weil pairing by ID-based public key system. We analysis a security and efficient of protocol when on-line certification authority participates in authentication process.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.8 no.5
• /
• pp.1638-1653
• /
• 2014

A sequential optimization algorithm (SOA) for resource allocation in a cyclic-prefixed single-carrier cognitive relay system is proposed in this study. Both subcarrier pairing (SP) and power allocation are performed subject to a primary user interference constraint to minimize the mean squared error of frequency-domain equalization at the secondary destination receiver. Under uniform power allocation at the secondary source and optimal power allocation at the secondary relay, the ordered SP is proven to be asymptotically optimal in maximizing the matched filter bound on the signal-to-interference-plus-noise ratio. SOA implements the ordered SP before power allocation optimization by decoupling the ordered SP from the power allocation. Simulation results show that SOA can optimize resource allocation efficiently by significantly reducing complexity.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2013.05a
• /
• pp.679-682
• /
• 2013

스마트카드는 편리성과 안전성의 특성으로 인해 원격 시스템 인증에 다양하게 사용된다. 카드를 사용해서 통신하는 분야에서는 스마트카드에 대한 보안과 카드 소지자의 인증이 매우 중요하다. 기존 패스워드와 스마트카드를 이용한 원격 사용자 인증 기법은 공격자에 의해서 정당한 아이디와 패스워드 쌍을 쉽게 만들 수 있게 됨으로써 위장 공격이 가능한 취약점이 존재한다. 본 연구에서는 카드 보안 기술의 특징을 기반으로 하여 안전하고 편리한 사용자 인증 서비스를 제공하기 위해 키 생성 알고리즘인 ID-based Bilinear Pairing 암호방식을 이용해서 스마트카드 사용자와 서버 사이에 인증 스킴을 제안한다.

• International Journal of Computer Science & Network Security
• /
• v.21 no.3
• /
• pp.60-70
• /
• 2021

In this paper we study the problem of implementation of security issues of blue tooth, especially secure simple pairing, with the help of an efficient four user authenticated key (4UAK) for an elliptic curve cryptography (ECC). This paper also deals with the design, implement and performance evaluation of secure simple pairing (SSP) using an elliptic curve cryptography, such as Diffie Hellman protocol when four users are involved. Here, we also compute the best, worst and average case step counts (time complexities). This work puts forth an efficient way of providing security in blue tooth. The time complexity of O(n⁴) is achieved using Rabin Miller Primality methodology. The method also reduces the calculation price and light communication loads.

• Journal of applied mathematics & informatics
• /
• v.31 no.3_4
• /
• pp.425-441
• /
• 2013

In literature, several strong designated verifier signature (SDVS) schemes have been devised using elliptic curve bilinear pairing and map-topoint (MTP) hash function. The bilinear pairing requires a super-singular elliptic curve group having large number of elements and the relative computation cost of it is approximately two to three times higher than that of elliptic curve point multiplication, which indicates that bilinear pairing is an expensive operation. Moreover, the MTP function, which maps a user identity into an elliptic curve point, is more expensive than an elliptic curve scalar point multiplication. Hence, the SDVS schemes from bilinear pairing and MTP hash function are not efficient in real environments. Thus, a cost-efficient SDVS scheme using elliptic curve cryptography with pairingfree operation is proposed in this paper that instead of MTP hash function uses a general cryptographic hash function. The security analysis shows that our scheme is secure in the random oracle model with the hardness assumption of CDH problem. In addition, the formal security validation of the proposed scheme is done using AVISPA tool (Automated Validation of Internet Security Protocols and Applications) that demonstrated that our scheme is unforgeable against passive and active attacks. Our scheme also satisfies the different properties of an SDVS scheme including strongness, source hiding, non-transferability and unforgeability. The comparison of our scheme with others are given, which shows that it outperforms in terms of security, computation cost and bandwidth requirement.