• Journal of Internet Technology
• /
• v.22 no.5
• /
• pp.1069-1082
• /
• 2021

The Internet of Things (IoT) is vulnerable to a wide range of security risks, which can be effectively mitigated by applying Cyber Threat Intelligence (CTI) sharing as a proactive mitigation approach. In realizing CTI sharing, it is of paramount importance to guarantee end-to-end protection of the shared information as unauthorized disclosure of CTI is disastrous for organizations using IoT. Furthermore, resource-constrained devices should be supported through lightweight operations. Unfortunately, the aforementioned are not satisfied by the Hypertext Transfer Protocol Secure (HTTPS), which state-of-the-art CTI sharing systems mainly depends on. As a promising alternative to HTTPS, Ephemeral Diffie-Hellman over COSE (EDHOC) can be considered because it meets the above requirements. However, EDHOC in its current version contains several security flaws, most notably due to the unprotected initial message. Consequently, we propose a lightweight end-to-end privacy-preserving security protocol that improves the existing draft EDHOC protocol by utilizing previously shared keys and keying materials while providing ticket-based optimized reauthentication. The proposed protocol is not only formally validated through BAN-logic and AVISPA, but also proved to fulfill essential security properties such as mutual authentication, secure key exchange, perfect forward secrecy, anonymity, confidentiality, and integrity. Also, comparing the protocol's performance to that of the EDHOC protocol reveals a substantial improvement with a single roundtrip to allow frequent CTI sharing.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.5 no.1
• /
• pp.33-41
• /
• 2009

Network industry is complex combined with various fields of industry, such as communication, broadcast, construction, and home appliances. Moreover, it's fairly lucrative since the growth industry makes lots of added values, interacting with the others.The network industry, usually called 'Ubiquitous', connects some home appliances and makes an integrated system that you can use them with whenever and wherever. A demand for network security, however, has skyrocketed due to the relatively low safety. It's been expected that the market of home security is going to be grown up nearly 30 percent every year. Recently, analog surveilance cameras have been replaced with digital ones, and they will be providing stronger security services taking advantage of mutual interaction with related industies. In this paper, a mobile monitoring system for home security is proposed, which makes it possible to supervise all home appliances wherever you're, using the conventional wired/wireless network infra.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.15 no.4
• /
• pp.71-84
• /
• 2019

Various researchers conducted the research on two-factor authentication suitable for wireless sensor networks (WSNs) after Das first proposed two-factor authentication combining the smart card and password. After then, To improve the security of user authentication, elliptic curve cryptography(ECC)-based authentication protocols have been proposed. Jiang et al. proposed a privacy-aware two-factor authentication protocol based on ECC for WSM for resolving various problems of ECC-based authentication protocols. However, Jiang et al.'s protocol has the vulnerabilities on a lack of mutual authentication, a risk of SID modification and a lack of sensor anonymity, and user's ID exposed on sensor node Therefore, this paper proposed security enhanced privacy-aware two-factor authentication protocol for wireless sensor networks to solve the problem of Jiang et al.'s protocol, and security analysis was conducted for the proposed protocol.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2002.11a
• /
• pp.59-63
• /
• 2002

본 논문에서는 DIA.METER AAA(Authentication, Authorization and Accounting) 하부 구조를 가지고 Mobile IP 액세스 기법을 사용하는 cdma2000 패킷 데이터 서비스에서 MN(mobile node)와 AAAH(home AAA server)간의 상호 인증과 Mobile IP 개체들간에 안전한 세션키 분배를 위한 방법을 제안한다. 제안된 프로토콜은 DIAMETER AAA 하부 구조론 가정하며 DIAMETER AAA의 비효율성을 개선하고, 인증과 키 분배 프로토콜의 시큐리티 요구 사항들을 모두 만족한다.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 1997.11a
• /
• pp.120-127
• /
• 1997

본 논문에서는 해쉬함수 만을 이용한 상호 인증 및 세션키 공유 시스템을 안전하면서 적은 비용으로도 구현할 수 있는 프로토콜을 제안한다. 인증값을 계산하기 위하여 암호 알고리즘이나 모듈라 연산은 전혀 사용되지 않기 때문에 사용자 Terminal도 간단한 계산 능력을 갖추면 된다. 사용자는 패스워드를 암기하며 128비트 이상의 키가 저장된 간단한 메모리 디바이스를 소유한다.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2003.07a
• /
• pp.249-253
• /
• 2003

기존의 무선 랜의 보안상의 문제점들을 해결하기 위하여 사용자와 인증자사이의 상호인증과 키를 교환하는 메커니즘이 요구된다. 이것을 보안하기 위해 IEEE 802.11i에서 키 체계와 4-Way Handshake를 제안하였다. 본 논문에서 언급되는 키 생성 및 교환 메커니즘은 사용자와 서버간의 인증된 마스터키를 통한 사용자와 인증자의 상호인증과, 키 생성과 키 교환하는 방법에 초점을 맞추고 있다. 이러한 키를 생성하기 위한 Pairwise 키 체계와 키 교환을 위한 4-Way Handshake, 4-Way Handshake에서 사용되는 EAPOL-Key message에 대하여 분석하였다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.10 no.2
• /
• pp.21-30
• /
• 2000

본 논문에서는 이동통신환경의 특징과 기존의 키분배 프로토콜들에서 발생할 수 있는 공격들을 프로토콜 수행전 수행중, 수행후로 나누어서 살펴보고 이를 기반으로 이동통신환경에 적합한 키분배 프로토콜 설계에 필요한 요구사항 들을 제시한다 또한 제시된 요구사항을 기반으로 이동통신환경에 적합한 상호인증을 제공하는 키분배 프로토콜을 제안하고 제안한 프로토콜을 분석한다.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.19 no.2
• /
• pp.357-364
• /
• 2015

Tags and Readers is receiving and sending the data using the wireless communication in the RFID environment. Therefore, it could allow an attacker to participate in the network without the physical constraints, which can be easily exposed to a variety of attacks, such as taps and data forgery. Also, it is not easy to apply the security techniques to defend external attacks because the resource constraints of RFID tags is high. In this paper, new tag-reader mutual authentication protocol is proposed to protect the external cyber attacks such as spoofing attacks, replay attacks, traffic analysis attacks, location tracking attacks. The performance evaluation of the proposed mutual authentication protocol is performed and the simulation results are presented.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.14 no.1
• /
• pp.344-365
• /
• 2020

Providing security has been always on priority in all areas of computing and communication, and for the systems that are low on computing power, implementing appropriate and efficient security mechanism has been a continuous challenge for the researchers. Radio Frequency Identification (RFID) system is such an environment, which requires the design and implementation of efficient security mechanism. Earlier, the security protocols for RFID based on hash functions and symmetric key cryptography have been proposed. But, due to high strength and requirement of less key size in elliptic curve cryptography, the focus of researchers has been on designing efficient security protocol for RFID based on elliptic curves. In this paper, an efficient elliptic curve signcryption based security protocol for RFID has been proposed, which provides mutual authentication, confidentiality, non-repudiation, integrity, availability, forward security, anonymity, and scalability. Moreover, the proposed protocol successfully provides resistance from replay attack, impersonation attack, location tracking attack, de-synchronization attack, denial of service attack, man-in-the-middle attack, cloning attack, and key-compromise attack. Results have revealed that the proposed protocol is efficient than the other related protocols as it takes less computational time and storage cost, especially for the tag, making it ideal to be used for RFID systems.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.17 no.2
• /
• pp.41-49
• /
• 2007

USIM(UMTS Subscriber Identity Module) technology that accept 3GPP(3rd Generation Partnership Project) standards for information security supports security function in 3GPP. Supported security functions of USIM are confidentiality of user identity, mutual authentication and key agreement between end user and network, confidentiality of user data and data integrity. It is very important technology in wireless network. It makes secure environment that user and service provider can use securely mobile service in network. In this paper, design and implementation USIM security module that supports common network access method and authentication protocol in 3GPP and WLAN(Wireless LAN) and AAA (3A-Authentication Authorization Accounting) server system based RADIUS.