• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.7 no.7
• /
• pp.1737-1753
• /
• 2013

Current group key agreement protocols, which are often tree-based, have unnecessary delays that are caused when members with low-performance computer systems join a group key computation process. These delays are caused by the computations necessary to balance a key tree after membership changes. An alternate approach to group key generation that reduces delays is the dynamic prioritizing mechanism of queue-based group key generation. We propose an efficient group key agreement protocol and present the results of performance evaluation tests of this protocol. The queue-based approach that we propose is scalable and requires less computational overhead than conventional tree-based protocols.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.11 no.7
• /
• pp.3720-3746
• /
• 2017

At present, numerous hospitals and medical institutes have implemented Telecare Medicine Information Systems (TMIS) with authentication protocols to enable secure, efficient electronic transactions for e-medicine. Numerous studies have investigated the use of authentication protocols to construct efficient, robust health care services, and recently, Liu et al. presented an authenticated key agreement mechanism for TMIS. They argued that their mechanism can prevent various types of attacks and preserve a secure environment. However, we discovered that Liu et al.'s mechanism presents some vulnerabilities. First, their mechanism uses an improper identification process for user biometrics; second, the mechanism is not guaranteed to protect against server spoofing attacks; third, there is no session key verification process in the authentication process. As such, we describe how the above-mentioned attacks operate and suggest an upgraded security mechanism for TMIS. We analyze the security and performance of our method to show that it improves security relative to comparable schemes and also operates in an efficient manner.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.16 no.5
• /
• pp.1687-1707
• /
• 2022

With the development of multiuser online meetings, more group-oriented technologies and applications for instance collaborative work are becoming increasingly important. Authenticated Group Key Agreement (AGKA) schemes provide a shared group key for users with after their identities are confirmed to guarantee the confidentiality and integrity of group communications. On the basis of the Public Key Cryptography (PKC) system used, AGKA can be classified as Public Key Infrastructure-based, Identity-based, and Certificateless. Because the latter type can solve the certificate management overhead and the key escrow problems of the first two types, Certificateless-AGKA (CL-AGKA) protocols have become a popular area of research. However, most CL-AGKA protocols are vulnerable to Public Key Replacement Attacks (PKRA) due to the lack of public key authentication. In the present work, we present a CL-AGKA scheme that can resist PKRA in order to solve impersonation attacks caused by those attacks. Beyond security, improving scheme efficiency is another direction for AGKA research. To reduce the communication and computation cost, we present a scheme with only one round of information interaction and construct a CL-AGKA scheme replacing the bilinear pairing with elliptic curve cryptography. Therefore, our scheme has good applicability to communication environments with limited bandwidth and computing capabilities.

• Imaging Science in Dentistry
• /
• v.48 no.3
• /
• pp.177-184
• /
• 2018

Purpose: This study was performed to evaluate the influence of voxel size and the accuracy of 2 cone-beam computed tomography (CBCT) systems in the detection of vertical root fracture (VRF) in the presence of intracanal metallic posts. Materials and Methods: Thirty uniradicular extracted human teeth were selected and randomly divided into 2 groups(VRF group, n=15; and control group, n=15). The VRFs were induced by an Instron machine, and metallic posts were placed in both groups. The scans were acquired by CBCT with 4 different voxel sizes: 0.1 mm and 0.16 mm (for the Eagle 3D V-Beam system) and 0.125 mm and 0.2 mm (for the i-CAT system) (protocols 1, 2, 3, and 4, respectively). Interobserver and intraobserver agreement was assessed using the Cohen kappa test. Sensitivity and specificity were evaluated and receiver operating characteristic analysis was performed. Results: The intraobserver coefficients indicated good (0.71) to very good (0.83) agreement, and the interobserver coefficients indicated moderate (0.57) to very good (0.80) agreement. In respect to the relationship between sensitivity and specificity, a statistically significant difference was found between protocols 1 (positive predictive value: 0.710, negative predictive value: 0.724) and 3 (positive predictive value: 0.727, negative predictive value: 0.632) (P<.05). The least interference due to artifact formation was observed using protocol 2. Conclusion: Protocols with a smaller voxel size and field of view seemed to favor the detection of VRF in teeth with intracanal metallic posts.

• Korean Journal of Radiology
• /
• v.22 no.11
• /
• pp.1777-1785
• /
• 2021

Objective: To investigate the accuracy of the Agatston score obtained with the ultra-high-pitch (UHP) acquisition mode using tin-filter spectral shaping (Sn150 kVp) and a kVp-independent reconstruction algorithm to reduce the radiation dose. Materials and Methods: This prospective study included 114 patients (mean ± standard deviation, 60.3 ± 9.8 years; 74 male) who underwent a standard 120 kVp scan and an additional UHP Sn150 kVp scan for coronary artery calcification scoring (CACS). These two datasets were reconstructed using a standard reconstruction algorithm (120 kVp + Qr36d, protocol A; Sn150 kVp + Qr36d, protocol B). In addition, the Sn150 kVp dataset was reconstructed using a kVp-independent reconstruction algorithm (Sn150 kVp + Sa36d, protocol C). The Agatston scores for protocols A and B, as well as protocols A and C, were compared. The agreement between the scores was assessed using the intraclass correlation coefficient (ICC) and the Bland-Altman plot. The radiation doses for the 120 kVp and UHP Sn150 kVp acquisition modes were also compared. Results: No significant difference was observed in the Agatston score for protocols A (median, 63.05; interquartile range [IQR], 0-232.28) and C (median, 60.25; IQR, 0-195.20) (p = 0.060). The mean difference in the Agatston score for protocols A and C was relatively small (-7.82) and with the limits of agreement from -65.20 to 49.56 (ICC = 0.997). The Agatston score for protocol B (median, 34.85; IQR, 0-120.73) was significantly underestimated compared with that for protocol A (p < 0.001). The UHP Sn150 kVp mode facilitated an effective radiation dose reduction by approximately 30% (0.58 vs. 0.82 mSv, p < 0.001) from that associated with the standard 120 kVp mode. Conclusion: The Agatston scores for CACS with the UHP Sn150 kVp mode with a kVp-independent reconstruction algorithm and the standard 120 kVp demonstrated excellent agreement with a small mean difference and narrow agreement limits. The UHP Sn150 kVp mode allowed a significant reduction in the radiation dose.

• The Journal of Korea Institute of Information, Electronics, and Communication Technology
• /
• v.8 no.6
• /
• pp.520-527
• /
• 2015

The key exchange protocols are very crucial tools to provide the secure communication in the broadband satellite access network. They should be required to satisfy various requirements such as security, key confirmation, and key freshness. In this paper, we present the security functions in ETSI(European Telecommunications Standards Institute), and analyze the specification of the security primitives and the key exchange protocols for the authenticated key agreement between RCST(Return Channel Satellite Terminal) and NCC(Network Control Centre). ETSI key exchange protocols consists of Main Key Exchange, Quick Key Exchange, and Explicit Key Exchange. We analyse the pros and cons of key exchange protocols based on performance analysis and performance evaluation.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2003.12a
• /
• pp.620-624
• /
• 2003

In［5］, the bit security of keys obtained from protocols based on pairings has been discussed. However it was not able to give bit security of tripartite authenticated key(TAK) agreement protocol of type 4. This paper shows the bit security of keys obtained from TAK-4 protocol.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.5 no.4
• /
• pp.822-839
• /
• 2011

Group key agreement protocols derive a shared secret key for a group of users to ensure data confidentiality or/and integrity among the users in the subsequent communications. In this paper, we inspect two group key agreement schemes which have been proposed by Shi et al. and Zheng et al. in 2005 and 2007 respectively. Although both schemes were claimed to be secure in a heuristic way, we reveal several flaws using the Bellare-Rogaway security model extended to multi-party setting by Bresson et al. These flaws are found to be originated from inappropriate selection of key derivation function, inadvertent exclusion of partners' identities from the protocol specification and insufficient consideration in preserving known temporary information security and key freshness properties. Furthermore, we suggest and discuss proper countermeasures to address such flaws.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.11 no.2
• /
• pp.73-82
• /
• 2001

In this paper we propose an efficient authentication and key agreement protocol which has been designed specifically for use with low powered computationally weak equipment such as Cellular phone and PDA(Personal Digital Assistant). Imple-menting the protocol based on the Rabin cryptosystem provides the efficiency requirements for mobile communications including minimum number of passes and low computational lead. The paper outlines the new protocol, examines it s various aspects, and compares them to those representative authentication and key agreement protocols.

• IEIE Transactions on Smart Processing and Computing
• /
• v.2 no.3
• /
• pp.168-175
• /
• 2013

Key escrow is a default property that is inherent in identity-based cryptography, where a curious private key generator (PKG) can derive a secret value shared by communicating entities in its domain. Therefore, a dishonest PKG can encrypt and decrypt ciphers or can carry out any attack on the communicating parties. Of course, the escrow property is not completely unwanted but is acceptable in other particular applications. On the other hand, in more civil applications, this key escrow property is undesirable and needs to be removed to provide maximum communication privacy. Therefore, this paper presents an escrow-free identity-based key agreement protocol that is also applicable even in a distinct PKG condition that does not use pairings. The proposed protocol has comparable computational and communicational performance to many other protocols with similar security attributes, of which their security is based on costly bilinear pairings. The protocol's notion was inspired by McCullagh et al. and Chen-Kudla, in regard to escrow-free and multi-PKG key agreement ideas. In particular, the scheme captures perfect forward secrecy and key compromise impersonation resilience, which were lacking in McCullagh et al.'s study, as well as all other desirable security attributes, such as known key secrecy, unknown key-share resilience and no-key control. The merit in the proposed protocol is the achievement of all required security requirements with a relatively lower computational overhead than many other protocols because it precludes pairings.