• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제14권1호
• /
• pp.299-322
• /
• 2020

Vehicular ad hoc networks (VANETs) enable wireless communication between vehicles and roadside infrastructure to provide a safer and more efficient driving environment. However, due to VANETs wireless nature, vehicles are exposed to several security attacks when they join the network. In order to protect VANETs against misbehaviours, one of the vital security requirements is to revoke the misbehaved vehicles from the network. Some existing revocation protocols have been proposed to enhance security in VANETs. However, most of the protocols do not efficiently address revocation issues associated with group signature-based schemes. In this paper, we address the problem by constructing a revocation protocol particularly for group signatures in VANETs. We show that this protocol can be securely and efficiently solve the issue of revocation in group signature schemes. The theoretical analysis and simulation results demonstrate our work is secure against adversaries and achieves performance efficiency and scalability.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제7권12호
• /
• pp.3244-3260
• /
• 2013

A three-party password-based authenticated key exchange (PAKE) protocol allows two clients registered with a trusted server to generate a common cryptographic key from their individual passwords shared only with the server. A key requirement for three-party PAKE protocols is to prevent an adversary from mounting a dictionary attack. This requirement must be met even when the adversary is a malicious (registered) client who can set up normal protocol sessions with other clients. This work revisits three existing three-party PAKE protocols, namely, Guo et al.'s (2008) protocol, Huang's (2009) protocol, and Lee and Hwang's (2010) protocol, and demonstrates that these protocols are not secure against offline and/or (undetectable) online dictionary attacks in the presence of a malicious client. The offline dictionary attack we present against Guo et al.'s protocol also applies to other similar protocols including Lee and Hwang's protocol. We conclude with some suggestions on how to design a three-party PAKE protocol that is resistant against dictionary attacks.

• 한국정보보호학회:학술대회논문집
• /
• 한국정보보호학회 2002년도 종합학술발표회논문집
• /
• pp.225-229
• /
• 2002

The electronic voting becomes new challenging area in cryptographic application. A variety of schemes are designed and implemented based on cryptographic protocols. Initiated by ICU, one of best practices was votopia[1] which was successfully served into the Internet voting based on modified Ohkubo et al.'s scheme[2] under Public Key Infrastructure (PKI) and Java technology. Votopia was used to select the Most Valuable Player and Best Goal Keepers of 2002 FIFA World Cup Korea/Japan$\^$TM/ through the Internet where most voters can access and cast their ballots from any place and at any time. However, votopia assumed that the resources of the Internet voters only connected via wired environment. In this paper, we suggest how to extend votopia to mobile voting which has limited computing resources.

• 정보처리학회논문지C
• /
• 제14C권6호
• /
• pp.471-474
• /
• 2007

이 논문에서는 사전 연산이 가능한 세션 키와 복잡한 암호 프로토콜 디자인에 도움이 될 수 있는 변형된 Diffie-Hellman 키 교환 프로토콜을 보인다. 제안된 프로토콜은 Diffie-Hellman 키 교환 프로토콜을 간결화 하였으며 본래의 프로토콜과 같은 보안성을 가진다.

• 한국컴퓨터정보학회논문지
• /
• 제4권4호
• /
• pp.9-14
• /
• 1999

공개키 암호화 알고리즘을 사용하는 인증기법은 비밀키로 인증값을 생성하여 자신을 증명하고. 공개키를 통하여 검증하는 방법이다. 본 연구에서는 대칭형 암호화 알고리즘을 이용한 인증에서의 문제점이었던 비밀키의 분배 및 관리의 문제점은 해결하고 공개키 리스트에 대한 관리 문제를 인증센타를 통하여 인증서를 발급받는 형태의 방법을 제공하여 공개키 관리를 효율적으로 할 수 있는 알고리즘을 제시한다.

• IEIE Transactions on Smart Processing and Computing
• /
• 제2권3호
• /
• pp.176-187
• /
• 2013

Message replay, malicious Access Point (AP) associations and Denial of Service (DoS) attacks are the major threats in Wireless LANs. These threats are possible due to a lack of proper authentication and insecure message communications between wireless devices. Current wireless authentication & key exchange (AKE) schemes and security protocols (WEP, WPA and IEEE 802.11i) are not sufficient against these threats. This paper presents a novel Secure WLAN Authentication Scheme (SWAS). The scheme introduces the delegation concept of mobile authentication in WLANs, and provides mutual authentication to all parties (Wireless Station, Access Point and Authentication Server). The messages involved in the process serve both authentication and key refreshing purposes. The scheme enhances the security by protecting the messages through cryptographic techniques and reduces the DoS impact. The results showed that cryptographic techniques do not result in extra latencies in authentication. The scheme also reduces the communication cost and network overhead.

• 정보기술과데이타베이스저널
• /
• 제7권1호
• /
• pp.67-82
• /
• 2000

In this paper we have developed a message transfer protocol, CMP, which improves MSP's message processing capability. The proposed method has taken into account document classification to improve the efficiency of message processing. The difference between the conventional MSP and CMP has been addressed. The CMP's performance has been shown by various experiments including number, alphabet, Korean letter, Chinese letter, music sound and compression file transmission. And security capability of both protocols has been compared based on the specification of FIPS 140-2. The CMP's overall performance is shown to be superior to that of MSP on the processing speed in the performance perspective and on the function of cryptographic module interface and cryptographic key management in the security perspective respectively.

• 정보처리학회논문지C
• /
• 제12C권1호
• /
• pp.29-36
• /
• 2005

키 분배 프로토콜은 안전한 암호 시스템을 구성하기 위한 필수적인 요소이며, 키 분배 프로토콜에 대한 연구${\cdot}$개발은 꾸준히 이루어지고 있다. 공개키 암호 방식을 이용하는 대부분의 키 분배 프로토콜은 Diffie-Hellman 방식에 기반하므로 세션키 설정에 요구되는 계산량이 많아 무선 인터넷 환경에는 적용하기 어렵다. 본 논문에서는 proxy 서버론 이용하여 무선 단말기 사용자에게 요구되는 계산량을 줄일 수 있는 개선된 키 분배 프로토콜을 제안한다. 제안하는 방식은 두 사용자간에 키 분배가 이루어지는 기존의 키 분배 프로토콜의 안전성을 그대로 유지하면서 단말 사용자에게 요구되는 계산량을 줄일 수 있다는 장점이 있다.

• 디지털산업정보학회논문지
• /
• 제5권4호
• /
• pp.139-150
• /
• 2009

Authentication and key exchange are fundamental for establishing secure communication channels over public insecure networks. Password-based protocols for authenticated key exchange are designed to work even when user authentication is done via the use of passwords drawn from a small known set of values. There have been many protocols proposed over the years for password authenticated key exchange in the three-party scenario, in which two clients attempt to establish a secret key interacting with one same authentication server. However, little has been done for password authenticated key exchange in the more general and realistic four-party setting, where two clients trying to establish a secret key are registered with different authentication servers. In fact, the recent protocol by Yeh and Sun seems to be the only password authenticated key exchange protocol in the four-party setting. But, the Yeh-Sun protocol adopts the so called "hybrid model", in which each client needs not only to remember a password shared with the server but also to store and manage the server's public key. In some sense, this hybrid approach obviates the reason for considering password authenticated protocols in the first place; it is difficult for humans to securely manage long cryptographic keys. In this work, we introduce a key agreement protocol and a key distribution protocol, respectively, that requires each client only to remember a password shared with its authentication server.

• Journal of Communications and Networks
• /
• 제14권1호
• /
• pp.104-110
• /
• 2012

Group key agreement protocols allow a group of users, communicating over a public network, to establish a shared secret key to achieve a cryptographic goal. Protocols based on certificateless public key cryptography (CL-PKC) are preferred since CL-PKC does not need certificates to guarantee the authenticity of public keys and does not suffer from key escrow of identity-based cryptography. Most previous certificateless group key agreement protocols deploy signature schemes to achieve authentication and do not have constant rounds. No security model has been presented for group key agreement protocols based on CL-PKC. This paper presents a security model for a certificateless group key agreement protocol and proposes a constant-round group key agreement protocol based on CL-PKC. The proposed protocol does not involve any signature scheme, which increases the efficiency of the protocol. It is formally proven that the proposed protocol provides strong AKE-security and tolerates up to $n$-2 malicious insiders for weak MA-security. The protocol also resists key control attack under a weak corruption model.