• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.12 no.4
• /
• pp.1779-1798
• /
• 2018

Heterogeneous wireless sensor networks (HEWSN) is a kind of wireless sensor networks (WSN), each sensor may has different attributes, HEWSN has been widely used in many aspects. Due to sensors are deployed in unattended environments and its resource constrained feature, the design of security and efficiency balanced authentication scheme for HEWSN becomes a vital challenge. In this paper, we propose a secure and lightweight user authentication and key agreement scheme based on biometric for HEWSN. Firstly, fuzzy extractor is adopted to handle the user's biometric information. Secondly, we achieve mutual authentication and key agreement among three entities, which are user, gateway and cluster head in the four phases. Finally, formal security analysis shows that the proposed scheme defends against various security pitfalls. Additionally, comparison results with other surviving relevant schemes show that our scheme is more efficient in term of computational cost, communication cost and estimated time. Therefore, the proposed scheme is well suitable for practical application in HEWSN.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.41 no.4
• /
• pp.479-488
• /
• 2016

For a secure communication system, it is necessary to use secure cryptographic algorithms and keys. Modern cryptographic system generates high entropy encryption key through standard key derivation functions. Using recent progress in quantum key distribution(QKD) based on quantum physics, it is expected that we can enhance the security of modern cryptosystem. In this respect, the study on the dual key agreement is required, which combines quantum and modern cryptography. In this paper, we propose two key derivation functions using dual key agreement based on QKD and RSA cryptographic system. Furthermore, we demonstrate several simulations that estimate entropy of derived key so as to support the design rationale of our key derivation functions.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.5 no.4
• /
• pp.822-839
• /
• 2011

Group key agreement protocols derive a shared secret key for a group of users to ensure data confidentiality or/and integrity among the users in the subsequent communications. In this paper, we inspect two group key agreement schemes which have been proposed by Shi et al. and Zheng et al. in 2005 and 2007 respectively. Although both schemes were claimed to be secure in a heuristic way, we reveal several flaws using the Bellare-Rogaway security model extended to multi-party setting by Bresson et al. These flaws are found to be originated from inappropriate selection of key derivation function, inadvertent exclusion of partners' identities from the protocol specification and insufficient consideration in preserving known temporary information security and key freshness properties. Furthermore, we suggest and discuss proper countermeasures to address such flaws.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.11 no.2
• /
• pp.73-82
• /
• 2001

In this paper we propose an efficient authentication and key agreement protocol which has been designed specifically for use with low powered computationally weak equipment such as Cellular phone and PDA(Personal Digital Assistant). Imple-menting the protocol based on the Rabin cryptosystem provides the efficiency requirements for mobile communications including minimum number of passes and low computational lead. The paper outlines the new protocol, examines it s various aspects, and compares them to those representative authentication and key agreement protocols.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.20 no.5
• /
• pp.111-124
• /
• 2010

AMI (Advanced Metering Infrastructure) is a core infrastructure of Smart Grid, and is promoting in various country. Wireless network is considered for cost savings and operational efficiencies in AMI. But various security problems are expected in wireless networks of AMI, so we should solve these problems. In this paper, we suggest a wireless network of AMI by using Binary CDMA and security countermeasures of AMI wireless network. Proposed security architecture is using BSIM (Binary Subscriber Identity Module) to perform user authentication and key agreement for the encryption and decryption over radio network to reduce security threats.

• IEIE Transactions on Smart Processing and Computing
• /
• v.2 no.1
• /
• pp.36-43
• /
• 2013

This paper provides an overview of the security in the System Architecture Evolution (SAE) / Long-Term Evolution (LTE) system. Security is an integral part of SAE/LTE with improvements over the Third Generation (3G) system. This paper reviews the SAE/LTE system architecture, and discusses the security requirements, algorithms, Authentication and Key Agreement (AKA), Security Mode Command (SMC), key hierarchy and security for mobility.

• The KIPS Transactions:PartC
• /
• v.9C no.6
• /
• pp.799-808
• /
• 2002

According to the wide-spread of information transmission system over network, the use of cryptographic system to provide the integrity of transmitted message over network is increasing and the importance of that is emphasized. Because the security of the cryptographic system totally relies on the key, key management is a essential part of cryptographic system. A number of key agreement protocols have been proposed to far, but their rigorous security analysis is still open. In this paper, we analyze the features of Diffie-Hellman based standard key agreement protocols and provide the security analysis of those protocols against several kinds of active attacks.

• The Journal of Korean Association of Computer Education
• /
• v.7 no.1
• /
• pp.45-53
• /
• 2004

Ad-Hoc network is wireless network architecture without infrastructure. We encounter new types of security problems in Ad-Hoc networks because such networks have little or no support from infrastructure. Thus, wireless communications need security mechanisms in order to guarantee the integrity and the privacy of the communication, as well as the authentication of the entities involved. Many practical systems have been proposed. The most familiar system is the Diffie-Hellman key distribution system. This algorithm allows the establishment of a cryptographic secret key between two entities. If more than two users want to compute a common key, then a group key agreement system is used. This paper discusses several group key agreement systems and presents two efficient fault tolerant methods to perform successful group key agreement.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.12 no.3
• /
• pp.103-118
• /
• 2002

To provide the privacy of transmitted message over network the use of cryptographic system is increasing gradually. Because the security and reliability of the cryptographic system is totally rely on the key, the key management is the most important part of the cryptographic system. Although there are a lot of security products providing encryption, the security of the key exchange protocols used in the product are not mostly proved yet. Therefore, we have to study properties and operation of key agreement protocols based on elliptic curve in ANSI X9.63. furthermore, we analyze the security of their protocols under passive and active attacker models and propose the most suitable application field taking the feature of the protocols into account.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2003.07a
• /
• pp.47-50
• /
• 2003

본 논문에서는 DH(Diffie-Hellman) 기반의 사용자 인증 및 키 교환 프로토콜인 SAK(Simple Authentication and Key-agreement)를 제안하고자 한다. 제안 프로토콜 SAK는 단순하고 사용하기 쉬운 패스워드와 이산 대수 문제의 어려움을 이용하여 안전하고 효율적이다. 패스워드 기반 프로토콜의 취약점인 사전 공격(Dictionary attack)과 알려진 공격으로부터 안전하고 DH 기반의 기존 프로토콜보다 적은 지수 계산량을 요구한다.