Time filter

Source Type

Seo J.,Samsung | Kim M.,Information and Communications Examination Bureau | Hur I.,LG Corp | Choi W.,Hankuk University of foreign Studies | Choo H.,Sungkyunkwan University

Recent studies have shown that in realistic wireless sensor network environments links are extremely unreliable. To recover from corrupted packets, most routing schemes with an assumption of ideal radio environments use a retransmission mechanism, which may cause unnecessary retransmissions. Therefore, guaranteeing energy-efficient reliable data transmission is a fundamental routing issue in wireless sensor networks. However, it is not encouraged to propose a new reliable routing scheme in the sense that every existing routing scheme cannot be replaced with the new one. This paper proposes a Distributed and Reliable Data Transmission (DRDT) scheme with a goal to efficiently guarantee reliable data transmission. In particular, this is based on a pluggable modular approach so that it can be extended to existing routing schemes. DRDT offers reliable data transmission using neighbor nodes, i.e., helper nodes. A helper node is selected among the neighbor nodes of the receiver node which overhear the data packet in a distributed manner. DRDT effectively reduces the number of retransmissions by delegating the retransmission task from the sender node to the helper node that has higher link quality to the receiver node when the data packet reception fails due to the low link quality between the sender and the receiver nodes. Comprehensive simulation results show that DRDT improves end-to-end transmission cost by up to about 45% and reduces its delay by about 40% compared to existing schemes. © 2010 by the authors. Source

Nam J.,Konkuk University | Choo K.-K.R.,University of South Australia | Kim M.,Information and Communications Examination Bureau | Paik J.,Sungkyunkwan University | Won D.,Sungkyunkwan University
KSII Transactions on Internet and Information Systems

A three-party password-based authenticated key exchange (PAKE) protocol allows two clients registered with a trusted server to generate a common cryptographic key from their individual passwords shared only with the server. A key requirement for three-party PAKE protocols is to prevent an adversary from mounting a dictionary attack. This requirement must be met even when the adversary is a malicious (registered) client who can set up normal protocol sessions with other clients. This work revisits three existing three-party PAKE protocols, namely, Guo et al.'s (2008) protocol, Huang's (2009) protocol, and Lee and Hwang's (2010) protocol, and demonstrates that these protocols are not secure against offline and/or (undetectable) online dictionary attacks in the presence of a malicious client. The offline dictionary attack we present against Guo et al.'s protocol also applies to other similar protocols including Lee and Hwang's protocol. We conclude with some suggestions on how to design a three-party PAKE protocol that is resistant against dictionary attacks. © 2013 KSII. Source

Nam J.,Konkuk University | Kim M.,Information and Communications Examination Bureau | Paik J.,Sungkyunkwan University | Jeon W.,Sungkyunkwan University | And 2 more authors.
Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

Group key establishment protocols allow a set of communicating parties to establish a common secret key. Due to their significance in building a secure multicast channel, a number of group key establishment protocols have been suggested over the years for a variety of settings. Among the many protocols is Harn and Lin's group key transfer protocol based on Shamir's secret sharing. This group key transfer protocol was designed to work in the setting where a trusted key generation center shares a long-term secret with each of its registered users. As for security, Harn and Lin claim that their protocol prevents the long-term secret of each user from being disclosed to other users. But, we found this claim is not true. Unlike the claim, Harn and Lin's protocol cannot protect users' long-term secrets against a malicious user. We here report this security problem with the protocol and show how to address it. © 2011 Springer-Verlag. Source

Nam J.,Konkuk University | Kim M.,Information and Communications Examination Bureau | Paik J.,Sungkyunkwan University | Won D.,Sungkyunkwan University
KSII Transactions on Internet and Information Systems

Key establishment protocols are fundamental for establishing secure communication channels over public insecure networks. Security must be given the topmost priority in the design of a key establishment protocol. In this work, we provide a security analysis on two recent key establishment protocols: Harn and Lin's group key transfer protocol and Dutta and Barua's group key agreement protocol. Our analysis shows that both the Harn-Lin protocol and the Dutta-Barua protocol have a flaw in their design and can be easily attacked. The attack we mount on the Harn-Lin protocol is a replay attack whereby a malicious user can obtain the long-term secrets of any other users. The Dutta-Barua protocol is vulnerable to an unknown key-share attack. For each of the two protocols, we present how to eliminate their security vulnerabilities. We also improve Dutta and Barua's proof of security to make it valid against unknown key share attacks. © 2012 KSII. Source

Lim H.-J.,Financial Security Agency | Kim M.,Information and Communications Examination Bureau | Lee J.-H.,French Institute for Research in Computer Science and Automation | Seo D.-H.,Electronics and Telecommunications Research Institute | Chung T.M.,Sungkyunkwan University
IEEE Transactions on Vehicular Technology

In this paper, we present a practical public key certificate structure that is combined with an authentication protocol for roaming across different wireless Internet service providers (ISPs). The design rationale is to enable the mutual authentication between the roaming mobile device (MD) and the visited network to be locally performed without invoking the MD's home ISP. The mutual authentication ensures that the visited network has authenticity as well as a mechanism for establishing the appropriate revenue stream for the roaming MD. The proposed scheme guarantees that the overhead associated with the authentication time is significantly reduced and that the impact of this overhead on the roaming MD is also minimized, although the nested depth of the network mobility is increased. In this paper, we use analytical comparisons to show that the proposed scheme creates less overhead than that of the previous approaches in terms of security and communication performance. © 2010 IEEE. Source

Discover hidden collaborations