• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제13권2호
• /
• pp.978-1002
• /
• 2019

With the rapid development of the Internet of Things, the problem of privacy protection has been paid great attention. Recently, Nikooghadam et al. pointed out that Kumari et al.'s protocol can neither resist off-line guessing attack nor preserve user anonymity. Moreover, the authors also proposed an authentication supportive session initial protocol, claiming to resist various vulnerability attacks. Unfortunately, this paper proves that the authentication protocols of Kumari et al. and Nikooghadam et al. have neither the ability to preserve perfect forward secrecy nor the ability to resist key-compromise impersonation attack. In order to remedy such flaws in their protocols, we design a lightweight authentication protocol using elliptic curve cryptography. By way of informal security analysis, it is shown that the proposed protocol can both resist a variety of attacks and provide more security. Afterward, it is also proved that the protocol is resistant against active and passive attacks under Dolev-Yao model by means of Burrows-Abadi-Needham logic (BAN-Logic), and fulfills mutual authentication using Automated Validation of Internet Security Protocols and Applications (AVISPA) software. Subsequently, we compare the protocol with the related scheme in terms of computational complexity and security. The comparative analytics witness that the proposed protocol is more suitable for practical application scenarios.

• International Journal of Computer Science & Network Security
• /
• 제21권9호
• /
• pp.1-10
• /
• 2021

The Internet of things (IoT) is the main advancement in data processing and communication technologies. In IoT, intelligent devices play an exciting role in wireless communication. Although, sensor nodes are low-cost devices for communication and data gathering. However, sensor nodes are more vulnerable to different security threats because these nodes have continuous access to the internet. Therefore, the multiparty security credential-based key generation mechanism provides effective security against several attacks. The key generation-based methods are implemented at sensor nodes, edge nodes, and also at server nodes for secure communication. The main challenging issue in a collaborative key generation scheme is the extensive multiplication. When the number of parties increased the multiplications are more complex. Thus, the computational cost of batch key and multiparty key-based schemes is high. This paper presents a Secure Multipart Key Distribution scheme (SMKD) that provides secure communication among the nodes by generating a multiparty secure key for communication. In this paper, we provide node authentication and session key generation mechanism among mobile nodes, head nodes, and trusted servers. We analyzed the achievements of the SMKD scheme against SPPDA, PPDAS, and PFDA schemes. Thus, the simulation environment is established by employing an NS 2. Simulation results prove that the performance of SMKD is better in terms of communication cost, computational cost, and energy consumption.

• International Journal of Computer Science & Network Security
• /
• 제23권3호
• /
• pp.169-176
• /
• 2023

The vehicular ad hoc network (VANET) is currently an important approach to improve personal safety and driving comfort. ANEL is a MAC-based authentication scheme that offers all the advantages of MAC-based authentication schemes and overcomes all their limitations at the same time. In addition, the given scheme, ANEL, can achieve the security objectives such as authentication, privacy preservation, non-repudiation, etc. In addition, our scheme provides effective bio-password login, system key update, bio-password update, and other security services. Additionally, in the proposed scheme, the Trusted Authority (TA) can disclose the source driver and vehicle of each malicious message. The heavy traffic congestion increases the number of messages transmitted, some of which need to be secretly transmitted between vehicles. Therefore, ANEL requires lightweight mechanisms to overcome security challenges. To ensure security in our ANEL scheme we can use cryptographic techniques such as elliptic curve technique, session key technique, shared key technique and message authentication code technique. This article proposes a new efficient and light authentication scheme (ANEL) which consists in the protection of texts transmitted between vehicles in order not to allow a third party to know the context of the information. A detail of the mapping from text passing to elliptic curve cryptography (ECC) to the inverse mapping operation is covered in detail. Finally, an example of application of the proposed steps with an illustration

• IEIE Transactions on Smart Processing and Computing
• /
• 제2권5호
• /
• pp.297-301
• /
• 2013

Key agreement protocols allow multi-parties exchanging public information to create a common secret key that is known only to those entities over an insecure network. Since Joux first published the pairing-based one round tripartite key agreement protocol, many authenticated protocols have been proposed. Unfortunately, many of them have been broken while others have been shown to be deficient in some desirable security attributes. In 2004, Cheng et al. presented two protocols aimed at strengthening Shim's certificate-based and Zhang et al.'s tripartite identity-based protocols. This paper reports that 1) In Cheng et al.'s identity-based protocol, an adversary can extract long-term private keys of all the parties involved; and 2) Cheng et al.'s certification-based protocol is weak against key integrity attacks. This paper suggests possible remedies for the security flaws in both protocols and then presents a modified Cheng et al.'s identity-based, one-round tripartite protocol that is more secure than the original protocol.

• ETRI Journal
• /
• 제34권1호
• /
• pp.66-75
• /
• 2012

This paper proposes a privacy-preserving database encryption scheme that provides access pattern hiding against a service provider. The proposed scheme uses a session key to permute indices of database records each time they are accessed. The proposed scheme can achieve access pattern hiding in situations in which an adversary cannot access the inside of the database directly, by separating the entity with an index table and data table and permuting both the index and position where the data are stored. Moreover, it is very efficient since only O(1) server computation and communication cost are required in terms of the number of the data stored. It can be applied to cloud computing, where the intermediate entities such as cloud computing service provider can violate the privacy of users or patients.

• 아동학회지
• /
• 제20권4호
• /
• pp.75-89
• /
• 1999

Mother-Child Interactions during Problem Solving were analyzed in relation to the child's attachment security and temperament. Subjects were fifty-three 44-to 57-month-old children and their mothers. Attachment security was assessed by Attachment Q set (Waters, 1987); mother-child interactions were observed at home, and maternal ratings of child temperament were collected by questionnaire (Chun 1993). Attachment security scores were positively related to mother's cognitive assistance and positively interactions with the child and to the child's positive affect toward mother. The child's activity perceived by mother was negatively related to mother's efficient interactions and positively to the child's "reliance on mother." The child's behavior toward the mother in the task session and the child's temperament added variance above attachment in accounting for the mother's behavior.

• 융합보안논문지
• /
• 제14권2호
• /
• pp.65-72
• /
• 2014

본 논문에서는 DDoS 탐지를 위해 기존의 이중 방화벽에 다중 필터링 방법을 적용한다. 1차 방화벽에서는 외부에서 유입되는 패킷 경로를 분석하여 R-PA(Router Path Anlaysis) 패킷 필터링 알고리즘과 엄격한 홉 카운터 필터링을 적용한다. 2차 방화벽에서는 1차 방화벽을 거쳐서 온 패킷의 데이터를 검사하여 정상적인 패킷과 비정상적인 패킷을 구분하고, 패킷 트래픽이 사용자에게 할당 된 임계치를 초과하는지를 검사하여 DDoS 공격을 차단한다.

• International Journal of Internet, Broadcasting and Communication
• /
• 제8권3호
• /
• pp.41-49
• /
• 2016

Recently, many biometrics-based user authentication schemes for telecare medicine information systems (TMIS) have been proposed to improve the security problems in user authentication system. In 2014, Mishra et al. proposed an improvement of Awasthi-Srivastava's biometric based authentication for TMIS which is secure against the various attacks and provide mutual authentication, efficient password change. In this paper, we discuss the security of Mishra et al.'s authentication scheme, and we have shown that Mishra et al.'s authentication scheme is still insecure against the various attacks. Also, we proposed the improved scheme to remove these security problems of Mishra et al.'s authentication scheme, even if the secret information stored in the smart card is revealed. As a result, we can see that the improved biometric based authentication scheme is secure against the insider attack, the password guessing attack, the user impersonation attack, the server masquerading attack and provides mutual authentication between the user and the telecare system.

• 한국산업정보학회논문지
• /
• 제6권1호
• /
• pp.56-60
• /
• 2001

본 논문에서는 무선이동 통신시스템을 위한 인증 프로토콜을 제안한다. 제안한 프로토콜은 상호 인증과 세션 키 분배를 제공하기 위해서 키 해쉬 함수를 사용한다. 본 프로토콜은 이 동국에서의 계산량이 적다. 또한, 중간 전송 네트워크에서의 최소 보호설정을 제공하기 위하여 고정 망에서의 보호 설정을 하지 않았다.

• 정보보호학회논문지
• /
• 제15권4호
• /
• pp.101-105
• /
• 2005

2002년 Zheng은 대각행렬을 이용한 공개키 암호시스템을 소개하였다. 그러나 이 시스템은 근본적으로 안전성에 문제가 있었다. 이러한 문제점을 보완한 새로운 공개키 암호시스템을 소개하려고 한다. 이 시스템은 합성수 상의 합동다항식의 해를 구하는 것과 조르단 형식의 행렬을 이용한다.