Showing papers by "Kee-Young Yoo published in 2011"
TL;DR: A user friendly authentication scheme with anonymity for wireless communications that not only can overcome the weaknesses of the previous related schemes, but also can provide efficiency and security to suitable for battery-powered mobile devices in wireless communication systems.
51 citations
TL;DR: It is demonstrated that HS‐3PAKE protocol is vulnerable to undetectable online password guessing attacks and off‐line password guessing attack by any other user.
Abstract: In order to secure communications between two clients with a trusted server's help in public network environments, a three-party authenticated key exchange (3PAKE) protocol is used to provide the transaction confidentiality and the efficiency. In 2009, Huang proposed a simple three-party password-based authenticated key exchange (HS-3PAKE) protocol without any server's public key. By analysis, Huang claimed that the proposed HS-3PAKE protocol is not only secure against various attacks, but also more efficient than previously proposed 3PAKE protocols. However, this paper demonstrates that HS-3PAKE protocol is vulnerable to undetectable online password guessing attacks and off-line password guessing attacks by any other user. Copyright © 2010 John Wiley & Sons, Ltd.
48 citations
27 Jun 2011
TL;DR: It is demonstrated that Yuan et al.'s biometric-based user authentication scheme has some drawbacks: insider attack, impersonation attack by a malicious registered user, and GW-node or sensor node impersonate attacks.
Abstract: In 2010, Yuan et al. proposed a biometric-based user authentication scheme for wireless sensor networks (WSN). However, this paper demonstrates that Yuan et al.'s scheme has some drawbacks: insider attack, impersonation attack by a malicious registered user, and GW-node or sensor node impersonate attacks. To mitigate the security breaches, this paper also proposes a new biometric-based user authentication scheme without using password for WSN. The proposed scheme does not require the user password and uses only hash function. As a result, the proposed scheme has more efficiency and strong security compared with related schemes.
29 citations
TL;DR: This paper proposes a new efficient and secure anonymous authentication scheme for mobile satellite communication systems based on a secure one-way hash function for avoiding complex computations for both mobile users and network control center (NCC).
Abstract: This paper proposes a new efficient and secure anonymous authentication scheme for mobile satellite communication systems. Compared with the related schemes, the proposed scheme achieves the following three main advantages: (1) It is just based on a secure one-way hash function for avoiding complex computations for both mobile users and network control center (NCC), (2) it does not require sensitive verification table which may cause NCC to become an attractive target for numerous attacks (e.g., insertion attacks and stolen-verifier attacks), and (3) it provides higher security level (e.g., secure mutual authentication and key establishment, confidential communication, user's privacy, simple key management, and session key independence). As a result, the proposed scheme is very suitable for lightweight-device environments because of very low computation overload on the part of both mobile user and NCC.
19 citations
08 Sep 2011
TL;DR: This paper points out that Chen-Shih's RMA protocol for WSN has some drawbacks: (1) user impersonation attacks by a malicious registered user, (2) GW-node impersonation attacked by amalicious registered users, (3) sensor node impersonation attack by a malice registered user), (4) privileged insider attacks, and (5) time synchronization problem.
Abstract: Wireless sensor network (WSN) have been applied in many different areas. Mutual authentication is an important service in WSN. In 2010, Chen and Shih proposed a robust mutual authentication (RMA) protocol for WSN. However, this paper points out that Chen-Shih's RMA protocol has some drawbacks: (1) user impersonation attacks by a malicious registered user, (2) GW-node impersonation attacks by a malicious registered user, (3) sensor node impersonation attacks by a malicious registered user, (4) privileged insider attacks, and (5) time synchronization problem.
15 citations
12 Sep 2011
TL;DR: A new efficient and secure key agreement scheme forVSAT satellite communications based on elliptic curve cryptosystem (ECC) to minimize the complexity of computational costs between VSAT and HUB and fit VSAT satellite communication environments.
Abstract: A satellite communication is suitable for broadcasting service and long-hual transmission based on telecommunications. In the satellite communication environment, unauthorized user should not have to obtain his/her required services from the satellite communication systems without authentication. Therefore, authentication is an important security technique to prevent illegal service requests. Quite recently, Lee-Lin-Hwang proposed a secure scheme based on key agreement scheme with mutual authentication to solve the security problems on the VSAT satellite communications. However, Lee-Lin-Hwang's scheme is inefficiently designed because it is based on the RSA cryptosystem. Therefore, the scheme cannot be applicable for the low-power satellite communication environments because it involves high communication and computation costs. Based on these motivations, this paper proposes a new efficient and secure key agreement scheme for VSAT satellite communications based on elliptic curve cryptosystem (ECC) to minimize the complexity of computational costs between VSAT and HUB and fit VSAT satellite communication environments. Compared with previous schemes, the newly proposed scheme has the following more practical merits: (1) it provides secure session key agreement function by adopting elliptic curve cryptosystem, (2) it can reduce the total execution time and memory requirement due to the elliptic curve cryptography, and (3) it not only is secure against well-known cryptographical attacks but also provides perfect forward secrecy. As a result, the proposed scheme is extremely suitable for use in satellite communication environments since it provides security, reliability, and efficiency. http://dx.doi.org/10.5755/j01.itc.40.3.634
9 citations
TL;DR: This paper proposes a new secure broadcasting cryptosystem that can withstand various security attacks and is applicable to grid computing environment and is more secure and practical compared with previous related broadcasting cryptsystems.
7 citations
Journal Article•
21 Dec 2011-World Academy of Science, Engineering and Technology, International Journal of Computer, Electrical, Automation, Control and Information Engineering
TL;DR: This paper points out that the Jia et al. scheme is vulnerable to privileged insider attack, forgery attack and server spoofing attack because it does not provide mutual authentication between the user and the remote server.
Abstract: Recently, Jia et al. proposed a remote user authentication scheme using bilinear pairings and an Elliptic Curve Cryptosystem (ECC). However, the scheme is vulnerable to privileged insider attack at their proposed registration phase and to forgery attack at their proposed authentication phase. In addition, the scheme can be vulnerable to server spoofing attack because it does not provide mutual authentication between the user and the remote server. Therefore, this paper points out that the Jia et al. scheme is vulnerable to the above three attacks. Keywords—Cryptography, authentication, smart card, password, cryptanalysis, bilinear pairings.
6 citations
TL;DR: The proposed B3AKE protocols are very useful in limited computation and communication resource environments to access remote information systems since it provides security, reliability, and efficiency.
Abstract: This paper proposes secure and efficient biometric-based three-party authenticated key establishment (B3AKE) protocols to minimize the computation costs of each participant and fit three-party communication. The proposed B3AKE protocols adopts a three-factor authentication mechanism which uses biometric, token, and passwords for users unlike the related protocols. In addition, the proposed B3AKE protocols are composed of four sub-protocols, which are registration, biometric-based three-party authenticated key transport, biometric-based three-party authenticated key agreement (B3AKA), and password update. In order to exploit the key block size, speed, and security jointly, the proposed B3AKA protocol is based on symmetric key cryptosystems and elliptic curve cryptography. As a result, the proposed B3AKE protocols not only are secure against well-known cryptographical attacks but also provide perfect forward secrecy. Furthermore, the number of rounds is smaller by one round than the related protocols and the asymmetric key encryption/decryption operations do not need to establish a session key and authenticate between two users and a server. Thus, the proposed B3AKE protocols are very useful in limited computation and communication resource environments to access remote information systems since it provides security, reliability, and efficiency.
6 citations
5 citations
18 Nov 2011
TL;DR: A new secure and efficient key exchange protocol for IPTV service based on a one-way hash function and Elliptic Curve Diffie-Hellman key exchange algorithm to minimize the complexity of computational costs between the smart card and the STB and fit low-power IPTV broadcasting service environments.
Abstract: In IPTV (Internet Protocol Television) broadcasting service environments, service providers charge subscription fee by scrambling the program in CAS (Conditional Access System). These techniques avoid unauthorized users to receive or watch the programs. A smart card is widely used to encrypt or decrypt the Control Words (CW) and transfer them back to the STB (Set-Top Box) in order to descramble the scrambled program. Therefore, secure communication between STB and smart card is directly related to the benefit of the service providers and the legal rights of users, while key exchange is the essential part of a secure communication. This paper presents a new secure and efficient key exchange protocol for IPTV service based on a one-way hash function and Elliptic Curve Diffie-Hellman key exchange algorithm to minimize the complexity of computational costs between the smart card and the STB and fit low-power IPTV broadcasting service environments. Compared with previous schemes, the newly proposed protocol has the following more practical merits: (1) it provides secure session key agreement function by adopting elliptic curve cryptosystem, (2) it can reduce the total execution time and memory requirement due to the elliptic curve cryptography, and (3) it not only is secure against well-known cryptographical attacks but also provides perfect forward secrecy. As a result, the proposed protocol is extremely suitable for use in IPTV broadcasting service environments since it provides security, reliability, and efficiency.
01 Jan 2011
21 Sep 2011
TL;DR: This paper proposes an improvement of HWang et al.'s scheme that can withstand Rasslan et al.'s proposed message forgery attacks and was added conversion phase to provide non-repudiation when the signer repudiates his/her signature.
Abstract: An authenticated encryption scheme is very useful for transmitting a confidential message in insecure communication networks. In 2010, Rasslan et al.'s pointed out that HWang et al.'s authenticated encryption scheme is not secure by presenting another message forgery attack. However, Rasslan et al. do not proposed a countermeasure of the HWang et al.'s scheme. This paper proposes an improvement of HWang et al.'s scheme that can withstand Rasslan et al.'s proposed message forgery attacks. Unlike HWang et al.'s scheme, the proposed scheme was added conversion phase to provide non-repudiation when the signer repudiates his/her signature. As a result, the proposed scheme is more practical than HWang et al.'s scheme because it not only provides computational efficiency but also achieves all security requirements.
27 May 2011
TL;DR: It is pointed out that Lee-Chen's protocol is still insecure to a forgery attack and cannot provide perfect forward secrecy.
Abstract: In 2010, Lee-Chen proposed an authenticated multiple keys exchange protocol based on bilinear pairings. Lee-Chen claimed that their proposed protocol not only is secure to a forgery attack, but also provides perfect forward secrecy. However, this paper points out that Lee-Chen's protocol is still insecure to a forgery attack and cannot provide perfect forward secrecy.
24 Aug 2011
TL;DR: This paper points out that Tzeng et al.'s scheme cannot provide forward secrecy and then proposes an improvement that can provideforward secrecy for practical application.
Abstract: Authenticated encryption scheme is very useful for transmitting a confidential message in insecure networks. Recently, Tzeng et al. proposed a convertible authenticated encryption scheme with message linkages. However, this paper points out that Tzeng et al.'s scheme cannot provide forward secrecy and then proposes an improvement that can provide forward secrecy for practical application.
TL;DR: A robust authentication scheme for the remote autonomous object based on AES (Advanced Encryption Standard) symmetric cryptosystem is proposed, which not only resists various security attacks but also provides computation and communication efficiency.
Abstract: Autonomous objects represent active database objects which can be distributed over the Internet. This paper proposes a robust authentication scheme for the remote autonomous object based on AES (Advanced Encryption Standard) symmetric cryptosystem. Compared with related schemes, the proposed scheme not only resists various security attacks but also provides computation and communication efficiency.
26 Apr 2011
TL;DR: This paper demonstrates that Shao's protocol has two drawbacks: forward/backward secrecy problem and message confidentiality problem and proposes an improved deniable authentication protocol based on the generalized ElGamal signature scheme that can applicable for E-learning.
Abstract: The importance of correctly identifying and authenticating a student in an e-learning environment comes from the necessity to avoid fraud or cheating. A new deniable authentication protocol based on the generalized ElGamal signature scheme was proposed by Shao in [11]. However, this paper demonstrates that Shao's protocol has two drawbacks: forward/backward secrecy problem and message confidentiality problem. To mitigate the security breaches, we also propose an improved deniable authentication protocol based on the generalized ElGamal signature scheme that can applicable for E-learning. As a result, the proposed protocol has same efficiency and strong security compared with Shao's protocol.
24 Aug 2011
TL;DR: Compared with the related AMKE protocols, the proposed SAMKE protocol is more efficient and holds stronger security, and is more suitable for practical application such as secure key exchange in the ubiquitous and pervasive computing setting.
Abstract: In 2011, Cheng-Ma proposed an improved authenticated multiple key exchange (AMKE) protocol based on bilinear pairings with reflection attack resilience. However, Chang-Ma's AMKE protocol designed inefficiently because it requires additional pairing computations and scalar multiplications on an elliptic curve to prevent their proposed reflection attacks. Based on this motivation, this paper proposes a simple authenticated multiple key exchange (SAMKE) protocol. Compared with the related AMKE protocols, the proposed SAMKE protocol is more efficient and holds stronger security. As a result, the proposed SAMKE protocol is more suitable for practical application such as secure key exchange in the ubiquitous and pervasive computing setting.