Showing papers by "Kee-Young Yoo published in 2010"
TL;DR: This paper demonstrates that recently proposed SIP authentication schemes are insecure against attacks such as off-line password guessing attacks, Denning-Sacco attacks and stolen-verifier attacks.
93 citations
TL;DR: It is demonstrated that Tsai’s authentication scheme is still vulnerable to offline password guessing attacks, Denning-Sacco attacks, and stolen-verifier attacked, and does not provide perfect forward secrecy, and a new secure and efficient authentication scheme based on the elliptic curve discrete logarithm problem is proposed in order to overcome such security problems.
Abstract: The session initiation protocol (SIP) is a powerful signaling protocol that controls communication on the Internet, establishing, maintaining, and terminating the sessions. The services that are enabled by SIP are equally applicable in the world of mobile and ubiquitous computing. In 2009, Tsai proposed an efficient nonce-based authentication scheme for SIP. The current paper, however, demonstrates that Tsai’s authentication scheme is still vulnerable to offline password guessing attacks, Denning-Sacco attacks, and stolen-verifier attacks, and does not provide perfect forward secrecy. We also propose a new secure and efficient authentication scheme based on the elliptic curve discrete logarithm problem for SIP in order to overcome such security problems.
63 citations
14 citations
TL;DR: This paper demonstrates that Shao et al.
Abstract: Deniable authentication protocol is a new technique of modern cryptography. The protocol not only enables an intended receiver to identify the source of a received message, but also prevents a third party from identifying the source of the message. Recently, Shao et al. pointed out that Wang et al.'s deniable authentication protocol based on ElGamal cryptosystem is insecure to a person-in-the-middle attack; that is, in the whole process, the receiver cannot be aware of the existence of this adversary as well as the modification of the messages. Furthermore, they also presented a modification of Wang et al.'s protocol to overcome the security flaw. However, this paper demonstrates that Shao et al.'s improved protocol is still susceptible to a malicious receiver's impersonation attack. To mitigate this security breach, we propose a robust deniable authentication protocol based on ElGamal cryptography.
11 citations
01 Sep 2010
TL;DR: The proposed scheme adopts three-factor (password, token, and biometrics) authentication technique to provide strong authentication in ECC to offer a level of security comparable to classical cryptosystems that use much larger key sizes.
Abstract: This paper proposes a new three-factor authenticated key agreement scheme for SIP on elliptic curve cryptosystem (ECC). In the proposed scheme, we adopts three-factor (password, token, and biometrics) authentication technique to provide strong authentication. In order to provide secure and efficient key agreement between the user client and the SIP server, the proposed scheme adopts ECC to offer a level of security comparable to classical cryptosystems that use much larger key sizes. As a result, the proposed scheme resists wellknown security attacks, while also providing efficiency which can be executed faster than other previously proposed related schemes.
10 citations
28 Jun 2010
TL;DR: A more efficient elliptic curve Diffie-Hellman two-party key agreement protocol providing same securities is proposed, which can withstand key-compromise impersonation attacks.
Abstract: In SAC'05, Strangio proposed protocol ECKE-1 as an efficient elliptic curve Diffie-Hellman two-party key agreement protocol using public key authentication. However, Wang et al. showed that the ECKE-1 protocol is vulnerable to key-compromise impersonation attacks. They also presented an improved protocol ECKE-1N, which can withstand such attacks. This paper proposes a more efficient elliptic curve Diffie-Hellman two-party key agreement protocol providing same securities.
9 citations
TL;DR: It is pointed out that the gateway-oriented password-based authenticated key exchange protocol recently developed by Shim was inefficiently and incorrectly designed to overcome an undetectable on-line password guessing attack, and an optimized GPAKE protocol (O-GPAKE) was proposed, which had considerably lower computational cost and provided mutual authentication.
Abstract: This research paper points out that the gateway-oriented password-based authenticated key exchange protocol recently developed by Shim (S-GPAKE) was inefficiently and incorrectly designed to overcome an undetectable on-line password guessing attack. To resolve the computation efficiency and security problems, an optimized GPAKE protocol (O-GPAKE), which was not only secure against various security attacks, but also had considerably lower computational cost and provided mutual authentication unlike previous related protocols including the S-GPAKE protocol was proposed.
7 citations
Proceedings Article•
28 Mar 2010TL;DR: A high hiding capacity reversible data hiding scheme with low distortion using double-embedding strategies is proposed, which uses the inverse embedding method in the second embedding strategy to increase the hiding capacity and decrease the distortion at the same time.
Abstract: Data hiding is a technology that communicates the secret data by the multimedia carrier, such like image, audio, and video files. A good data hiding scheme can hide huge secret data in the multimedia carrier without degrading the quality of the carrier. In this paper, a high hiding capacity reversible data hiding scheme with low distortion using double-embedding strategies is proposed. The proposed scheme uses the inverse embedding method in the second embedding strategy to increase the hiding capacity and decrease the distortion at the same time. The experimental results demonstrate that the proposed scheme has a very excellent performance in both hiding capacity and stego image quality.
5 citations
Journal Article•
TL;DR: This paper proposes a secure and efficient RFID authentication system to not only authenticate patients' authenticity but also protect patients' personal medical informations on the high technology medical environments such as u-Hospital and u-Healthcare.
Abstract: Recently, RFID technology can successfully be used to reduce medical errors. This technology can aid in the accurate matching of patients with their medications and treatments. The enthusiasm for using RFID technology in medical settings has been tempered by privacy concerns. In this paper, we propose a secure and efficient RFID authentication system to not only authenticate patients' authenticity but also protect patients' personal medical informations. The proposed system consists of RFID-based patient authentication protocol and database security protocol. As a result, since the proposed RFID authentication system provides strong security and efficiency, it can be used practically for patient authentication and personal medical information protection on the high technology medical environments such as u-Hospital and u-Healthcare.
5 citations
06 Dec 2010
TL;DR: This paper demonstrates that how the attack can be launched and also provides an enhanced construction in order to solve the problem of protecting privacy at link-layer privacy and has almost the same performance as that of Lu et al. in terms of both computation and communication cost, while it provides much better security results.
Abstract: Recently, the problem of protecting privacy at link-layer is of great importance in wireless environments, mainly due to the fact that the wireless link layer is not protected by current technologies used in wireless networks. This leads to many potential threats to security and user privacy. Very recently, Lu et al. proposed an authentication scheme for wireless link-layer privacy which is based on the idea of identity-based encryption from bilinear pairings. The scheme however does not support the security against the type of known-key attack, called key-compromise impersonation. This limits the use of the scheme in that such a security hole can potentially be extended to many additional attacks, causing more serious consequences in practice. In this paper, we demonstrate that how the attack can be launched and also provide an enhanced construction in order to solve the problem. Our scheme has almost the same performance as that of Lu et al. in terms of both computation and communication cost, while it provides much better security results.
5 citations
TL;DR: This paper presents an entire chaos-based biometric remote user authentication scheme on tokens without using passwords based on the chaotic hash function and chaotic pseudo-random number generator to provide secure mutual authentication over an insecure channel between the user and remote server.
Abstract: This paper presents an entire chaos-based biometric remote user authentication scheme on tokens without using passwords. The proposed scheme is based on the chaotic hash function and chaotic pseudo-random number generator to provide secure mutual authentication over an insecure channel between the user and remote server. Compared with the related biometric authentication schemes, the proposed scheme does not require the user password to provide convenience to users. It also does not require time synchronization or delay-time limitations between the user and remote server to resolve time synchronization problems.
TL;DR: This paper shows that both Yeh-Tsai's and Yum et al.'s security mechanisms still do not provide perfect forward secrecy and are susceptible to an off-line guessing attack and Denning-Sacco attack, and proposes a new security mechanism to overcome the weaknesses of the previous related security mechanisms.
Abstract: In 2006, Yeh and Tsai proposed a mobile commerce security mechanism. However, in 2008, Yum et al. pointed out that Yeh-Tsai security mechanism is not secure against malicious WAP gateways and then proposed a simple countermeasure against the attack is to use a cryptographic hash function instead of the addition operation. Nevertheless, this paper shows that both Yeh-Tsai's and Yum et al.'s security mechanisms still do not provide perfect forward secrecy and are susceptible to an off-line guessing attack and Denning-Sacco attack. In addition, we propose a new security mechanism to overcome the weaknesses of the previous related security mechanisms.
TL;DR: It is demonstrated that Rozouvan's scheme is not secure to the following three different classical types of attacks: chosen plaintext, chosen ciphertext, and known plaintext.
28 Jun 2010
TL;DR: The proposed CC3EKE protocols have enhanced computational and communicational efficiency and are extremely suitable for use in various applications over distributed three-party network environments such as the Internet and the mobile e-commerce.
Abstract: This paper proposes computation-and communication-efficient three-party encrypted key exchange (CC3EKE) protocols to minimize the complexity of computational and communicational costs among all users and fit three-party communication environments. Compare with related 3EKE protocols, the proposed CC3EKE protocols have enhanced computational and communicational efficiency. As a result, the proposed protocols are extremely suitable for use in various applications over distributed three-party network environments such as the Internet and the mobile e-commerce.
01 Jun 2010
TL;DR: The experimental results show that the proposed scheme resist on cropping reconstruction attack, and also achieve better invisibility than Lin et al’s scheme.
Abstract: Many DCT-based watermarking schemes have been proposed in the past few years. In 2009, Lin et al proposed a scheme that focused on resisting JPEG compression attack. However, it fails to verify ownership when cropping reconstruction attack is applied, and the watermarked image degrades quite significantly after embedding watermark bits. In order to solve these problems of Lin et al’s scheme, an improved scheme was proposed in this paper. The experimental results show that the proposed scheme resist on cropping reconstruction attack, and also achieve better invisibility than Lin et al’s scheme.
TL;DR: It is pointed out that the schemes have some errors and cannot operate correctly, contrary to their claims, and improvements of Jeong et al.'s scheme that can withstand the proposed attacks are proposed.
Abstract: In 2009, Jeong et al. proposed a secure binding encryption scheme and an efficient secret broadcast scheme. This paper points out that the schemes have some errors and cannot operate correctly, contrary to their claims. In addition, this paper also proposes improvements of Jeong et al.'s scheme that can withstand the proposed attacks.
18 Aug 2010
TL;DR: No matter how much secret data is embedded, the stego image quality is about 54dB in the proposed scheme, which uses the multi-layer embedding to increase the hiding capacity.
Abstract: Reversible data hiding is very useful for some extremely image such like medical images and military images. In the reversible data hiding schemes, some schemes are good performance at hiding capacity but have a bad stego image quality, some schemes are good stego image quality but have a low hiding capacity. It is difficult to find the balance between the hiding capacity and stego image quality. In this paper, a novel reversible data hiding scheme is proposed. The proposed scheme uses a new embedding method, which is called Even-Odd embedding method, to keep the stego image quality in an acceptable level, and uses the multi-layer embedding to increase the hiding capacity. The experimental results demonstrate that no matter how much secret data is embedded, the stego image quality is about 54dB in the proposed scheme.
TL;DR: A virtual three-dimension (3D) CA PRNG based on the Moore neighborhood structure is proposed which uses new methods which are the rule numbering function that provides a high-quality randomness and cell position function that diminishes correlations between global states.
Abstract: The security of most of the cryptosystems depend on the secret key generator. However, implementation for hardwares, of this key generator is inefficient because secret key generators depend on mathematical problem to generate the high randomness quality. Cellular automata (CA) pseudorandom number generator (PRNG) is more efficiently implemented rather than mathematical problem based PRNGs because a structure of CA PRNG is highly regular and simpler than the other PRNGs. In this paper, a virtual three-dimension (3D) CA PRNG based on the Moore neighborhood structure is proposed. The proposed PRNG uses new methods which are the rule numbering function that provides a high-quality randomness and cell position function that diminishes correlations between global states. In order to evaluate the quality of randomness, the ENT and DIEHARD test suites are used. The results of these tests show that the quality of randomness is superior to previous PRNGs.
TL;DR: This letter proposes a robust biometric authenticated key agreement (BAKA) protocol for a secure token to provide strong security and minimize the computation cost of each participant.
Abstract: This letter proposes a robust biometric authenticated key agreement (BAKA) protocol for a secure token to provide strong security and minimize the computation cost of each participant. Compared with other related protocols, the proposed BAKA protocol not only is secure against well-known cryptographical attacks but also provides various functionality and performance requirements.
TL;DR: An improved remote user authentication scheme based on Khan et al.
Abstract: ABSTRACT A remote user authentication is a mechanism to authenticate remote users over insecure communication networks. It is evident that, with the passage of time, the volume of mobile user authentication is increasing because of the ease in accessing resources from any remote location. In 2008, Khan et al. proposed an efficient and practical chaotic hash-based fmgerprint biometric remote user authentication scheme for mobile devices. The current paper, however, demonstrates that Khan et al.’s scheme is vulnerable to a privileged insider’s attack and impersonation attacks by using lost or stolen mobile devices. In order to isolate such problems, the current paper also presents an improved remote user authentication scheme based on Khan et al.’s scheme.
TL;DR: Jeong et al.'s schemes are vulnerable to off-line keyword guessing attacks, where an adversary can retrieve information of certain keyword from any captured query message of the scheme.
Abstract: In 2009, Jeong et al. proposed a new searchable encryption scheme with keyword-recoverability which is secure even if the adversaries have any useful partial information about the keyword. They also proposed an extension scheme for multi-keywords. However, this paper demonstrates that Jeong et al.'s schemes are vulnerable to off-line keyword guessing attacks, where an adversary (insider/outsider) can retrieve information of certain keyword from any captured query message of the scheme.