Injoo Jang

Modified token-update scheme for site authentication

This paper proposes a new site authentication algorithm using a token-update. One-time password and smart card schemes are widely studied to protect servers from various malicious activities. Most papers discuss schemes with nounce and token updates. Since the LAN card’ ID could be used to identify a PC, an authentication scheme with LAN card’s Mac address might strengthen the conventional token update method. The suggested modified token-upgrade method algorithm is shown to be very effective in site authentication.

Personal Information Classification for Privacy Negotiation

Privacy has been recognized as a critical topic in the Internet for a long time, and technical developments in this area are ongoing. With the proliferation of various network sites and the unification of them, it has become more evident that the problem of privacy is not bounded by the perimeters of a specific system. Nowadays, many network services rapidly drive toward unification. In this paper, we mainly consider unified personal information. We propose an evaluation method of privacy sensitivity-level. The information sensitivity level (SL) is evaluated with four main factors; the degree of conjunction (DC), the principle of identity (JA), the principle of privacy (PA), and the value of analogism (aA), SL:= sigma(DC, JA, PA , AA). If we classify the information based on the information sensitivity level (SL), it can show the objective validity. Finally, we outline new research directions for currently existing methods for privacy-preserving data analysis in the combined social network environment.

A provable secure authentication protocol given forward secure session key

This paper proposes a key distribution and authentication protocol between user, service provider and key distribution center (KDC). This protocol is based on symmetric cryptosystem, challenge-response, Diffie-Hellman component and hash function. In proposed protocol, user and server update the session key under token-update operation, and user can process repeated efficient authentications by using updated session keys. Another merit is that KDC needs not to totally control the session key between user and server in proposed protocol. Even if an attacker steals the parameters from the KDC, the attacker still can not calculate session key. We use BAN logic to proof these merits of our proposed protocol. Also according to the comparison and analysis with other protocols, our proposed protocol provides good efficiency and forward secure session key.

An Inside Attacker Proof Intrusion Detection System

Recently, an intrusion detection system which named CONFIDANT was proposed, which utilized file integrity analyzers and mobile agent for intrusion detection and aimed to detection of malicious activity by insiders. But CONFIDANT has vulnerabilities in security aspect, the sensor agents in the lowest echelon are easily compromised by malicious platforms. Therefore, we integrate a security mechanism which named clone agent protocol into CONFIDANT. We improved the structure of CONFIDANT to protect those agents and strengthen its security, make sure them finish their computation and detect malicious hosts even though there are a few malicious platforms.

An efficient electronic marketplace bidding auction protocol with bid privacy

We modified the multi-agent negotiation test-bed which was proposed by Collins et al. In 2004, Jaiswal et al. have modified Collinss scheme, but Jaiswals scheme still has some security weaknesses: such as replay data attack and DOS (denial-of-service) attack, anonymity disclosure, collision between customers and a certain supplier. So the proposed protocol tries to reduce DOS attack and avoids replay data attack by providing ticket token and deal sequence number to the supplier. It utilizes efficient LPN-based authentication method to accomplish lightweight authentication. And it publishes an interpolating polynomial for sharing the determination process data and avoids collusion between a customer and a certain supplier. Also the proposed scheme relaxes the trust assumptions for three-party in Jaiswals scheme. According to comparison and analysis with other protocols, our proposed protocol shows good security and less computation cost.

Pseudorandom number generator using optimal normal basis

This paper proposes a simple pseudorandom number generator [PRNG] by using optimal normal basis. It is well known that the squaring and multiplication in finite field with optimal normal basis is very fast and the basis can be transformed to a canonical form. The suggested PRNG algorithm combines typical multiplications and exclusive-or bit operations, both operations can be easily implemented. It is shown that the algorithm passes all terms of the Diehard and the ENT tests for long sequences. This algorithm can be applied in various applications such as financial cryptography.

Chosen Ciphertext Secure Fuzzy Identity-Based Encryption Scheme with Short Ciphertext

In this paper, we present an improved biometric identity based encryption scheme which is based on Baek et al’s scheme. By using fuzzy extractor to construct the public key of a user, we reduce the number of exponentiations of encryption algorithm, the number of MaptoPoint hash function and the length of ciphertext from O(n) to O(1). Furthermore, we proved the proposed scheme satisfy the security requirement under indistinguishability of encryptions under fuzzy selective-ID, chosen ciphertext attack (IND-FSIDCCA).

A Sealed-Bid Electronic Marketplace Bidding Auction Protocol by Using Ring Signature

We modified the multi-agent negotiation test-bed auction scheme which was proposed by Collins et al. In 2004, Jaiswal et al. have modified Collins’s scheme, but Jaiswal’s scheme still has some security weaknesses: such as replay data attack and DOS (denial-of-service) attack, collision between customers and a certain supplier. So the proposed protocol tries to reduce DOS attack and avoid replay data attack by using improved ring signature scheme, also it achieves perfect anonymity. And it publishes an interpolating polynomial for sharing the determination process data and avoids collusion between a customer and a certain supplier. Furthermore, the proposed scheme relaxes the trust assumptions for three-party in Jaiswal’s scheme. According to comparison and analysis with other protocols, our proposed protocol shows good security

Complementary Scheme of Remote User Access over Insecure Networks

Password authentication over unreliable networks is the most popular method in the Internet and mobile communication environments. Lately, Peyravian and Jeffries proposed the password-based remote user authentication protocol, password change, and session key establishment over insecure networks without requiring and any additional private- key or public-key infrastructure. However, Peyravian-Jeffriess protocols have the security flaws against off-line password guessing attacks and DOS attacks. In this paper we suggest a complementary protocol to solve the security flaws of Peyravian- Jeffriess protocol.

Efficient multi-bit shifting algorithm in multiplicative inversion problems

This paper proposes an efficient inversion algorithm for Galois field GF(2n) by using a modified multi-bit shifting method. It is well known that the efficiency of arithmetic algorithms depends on the basis and many foregoing papers use either polynomial or optimal normal basis. An inversion algorithm, which modifies a multi-bit shifting based on the Montgomery algorithm, is studied. Trinomials and AOPs (all-one polynomials) are tested to calculate the inverse. It is shown that the suggested inversion algorithm reduces the computation time 1 ~ 26% of the forgoing multi-bit shifting algorithm. The modified algorithm can be applied in various applications and is easy to implement.