Okyeon Yi

Provable Security of KASUMI and 3GPP Encryption Mode f8

Within the security architecture of the 3GPP system there is a standardised encryption mode f8 based on the block cipher KASUMI. In this work we examine the pseudorandomness of the block cipher KASUMI and the provable security of f8. First we show that the three round KASUMI is not a pseudorandom permutation ensemble but the four round KASUMI is a pseudorandom permutation ensemble under the adaptive distinguisher model by investigating the properties of the round functions in a clear way. Second we provide the upper bound on the security of f8 mode under the reasonable assumption from the first result by means of the left-or-right security notion.

User Authentication Mechanism Using Java Card for Personalized IPTV Services

Internet protocol television (IPTV), becoming a popular business model, provides interactive and personalized service. IPTV provides identification, authentication and personalized services though Set-top box (STB) by a unique hardware identifier. This is based on box-level identification, which is inconsistent with IPTVs main intention of providing personalized services. The goal of the proposed system is to provide an opportunity to use the flexible user-centric authentication mechanism through Java card applets in the IPTV application server and 3G wideband code division multiple access (W-CDMA) networks. When a viewer watching IPTV is successfully authenticated, an authentication token allows the subscriber to conveniently use services which are adaptable to personal preference anywhere at anytime. In addition, this paper presents effectiveness and security analysis for verifying the proposal.

Fingerprint template protection using fuzzy vault

Biometric-based authentication can provide strong security guarantee about the identity of users. However, security of biometric data is particularly important as the compromise of the data will be permanent. To protect the biometric data, we need to store it in a non-invertible transformed version. Thus, even if the transformed version is compromised, the actual biometric data remains safe. In this paper, we propose an approach to protect fingerprint templates by using the idea of the fuzzy vault. Fuzzy vault is a recently developed cryptographic construct to secure critical data with the fingerprint data in a way that only the authorized user can access the secret by providing the valid fingerprint. We modify the fuzzy vault to protect fingerprint templates and to perform fingerprint verification with the protected template at the same time. This is challenging because the fingerprint verification is performed in the domain of the protected form. Based on the experimental results, we confirm that the proposed approach can perform the fingerprint verification with the protected template.

A Secure Handover Protocol Design in Wireless Networks with Formal Verification

This paper analyses security mechanisms in wireless networks, and designs for secure and efficient protocol for a handover reusing the key materials generated before the handover phase. In order to be sure that our handover protocol does not have any security flaws, we formally validated it using automatic protocol analyzer AVIPSA.

Study on NFC Security Analysis and UICC Alternative Effect

Near Field Communication is an emerging short-range wireless connectivity technology that offers proximity and different operating modes. Particularly, NFC technology has the potential to revolutionize mobile applications like payment and ticketing because NFC is more complex and mutual connectivity than RFID as the simple tag reader. Finally, NFC security technology defines the robust security protocols. This paper will specify and analyze the NFC security technology, and study the chance and its beneficial effect of the UICC card as the NFC Secure Element.

Pseudorandomness of MISTY-Type Transformations and the Block Cipher KASUMI

We examine the security of block ciphers on the view point of pseudorandomness. Firstly we show that the four round (unbalanced) MISTY-type and the three round dual MISTY-type transformations are pseudorandom permutation ensembles. Secondly we prove that the three round KASUMI is not a pseudorandom permutation ensemble but the four round KASUMI is a pseudorandom permutation ensemble. We provide simplified probability-theoretic proofs for non-adaptive distinguishers.

Methods for practical whitebox cryptography

White box cryptography is the new technique against attacks on white box attack environments. In white box attack model, the attacker is even stronger than in black box attack model, and the attacker can monitor all intermediate values. Therefore, safety algorithms are needed against all operation steps being exposure. Chow introduced secure white box cryptography with AES DES implementations against white box attack model [1,2]. However, slower performance by operating too many look up tables is a problem of practical use of white box cryptography. Also key updating on dynamic situations of white box cryptography is much harder than key updating of black box cryptography. Thus, this paper suggests using a specific mode of operation to improve speed of white box implementations, and show concrete examples of enhancement of performance. Also, it suggests a technique of key updating with dynamic and static tables in practically.

The Evidence Collection of DoS Attack in WLAN by Using WLAN Forensic Profiling System

Nowadays the more wireless mobile communication technology has been improved, the more wireless users has been increased. On the other hand, cyber crime in WLAN has been gradually increasing. To solve the cyber crime in wireless environment, WLAN forensic is not only counterproposal but also resolution of the cyber crime in WLAN. In this paper, we propose the evidence collection of Denial of Service (DoS) attack in WLAN by applying WLAN forensic profiling system.

A Fast and Efficient Authentication Protocol for a Seamless Handover between a WLAN and WiBro

A wireless network has a handover problem between heterogeneous or homogeneous network entitles. We describe in this paper a handover scenario between a WLAN and a WiBro network and propose a fast and efficient authentication scheme for the handover between a WLAN and a WiBro. In the scheme, a Serving Network(SN) plays a key distribution center role so that the Mobile Node (MN) can be quickly associated to a Target Nerwork(TN) before starting a full authentication scheme where a remote Authentication Center (AC) is involved.

CCM-UW Security Modes for Low-band Underwater Acoustic Sensor Networks

In this paper, we briefly describe an underwater media access control protocol based on the request to send/clear to send mechanism with security algorithms, which is proposed to provide data confidentiality, authenticity, and replay attack protection. The protocol includes the counter with cipher block chaining-message authentication code (CBC-MAC) for underwater (CCM-UW) mode that is the modified form of the counter with CBC-MAC (CCM*) mode for underwater acoustic communication, based on the advanced encryption standard/agency, research and institute, academy block cipher algorithm. CCM-UW security mechanism is suitable for underwater acoustic sensor networks (UWASNs) and offers six different security levels with different security strength, energy consumption and transmission time. The results in the paper show that the protocol is not impracticable for UWASNs since it is energy efficient and saves transmission time.