Your search keyword '"Dooho Choi"' showing total 26 results

1. Two-Factor Fuzzy Commitment for Unmanned IoT Devices Security

Author

Yousung Kang, Dooho Choi, Yoon-Seok Oh, and Seung-Hyun Seo

Subjects

Computer Networks and Communications, Computer science, business.industry, Physical unclonable function, 020206 networking & telecommunications, Cryptography, 02 engineering and technology, Computer security, computer.software_genre, Fuzzy logic, Computer Science Applications, Image (mathematics), Hardware and Architecture, Factor (programming language), Signal Processing, 0202 electrical engineering, electronic engineering, information engineering, Key (cryptography), 020201 artificial intelligence & image processing, business, computer, Information Systems, computer.programming_language

Abstract

To create an environment for IoT devices, securely, it is necessary to establish a cryptographic key for those devices. Conventionally, this key has been stored on the actual device, but this leaves the key vulnerable to physical attacks in the IoT environment. To solve this problem, several research studies have been conducted on how best to conceal the cryptographic key. Recently, these studies have most often focused on generating the key dynamically from noisy data using a fuzzy extractor or providing secure storage using a fuzzy commitment. Thus, far, all of these studies use only one type of noisy source data, such as biometric data or physical unclonable function (PUF). However, since most IoT devices are operated in unmanned environments, where biometric data is unavailable, the method using biometric data cannot be utilized for unmanned IoT devices. Although the method using PUF is applied to these unmanned devices, these are still vulnerable against physical attacks including unintended move or theft. In this paper, we present a novel way to use the fuzzy commitment on such devices, called two-factor fuzzy commitment scheme. The proposed method utilizes two noisy factors from the inside and outside of the IoT device. Therefore, although an attacker acquiring the IoT device can access the internal noisy source, the attacker cannot extract the right key from that information only. We also give a prototype implementation for ensuring the feasibility of our two-factor fuzzy commitment concept by utilizing the image data and PUF data for two noisy factors.

Published

2019

2. Secure IoT Device Authentication Scheme using Key Hiding Technology

Author

Yousung Kang, Seoungyong Yoon, Dooho Choi, and Byoung-Koo Kim

Subjects

Authentication, business.industry, Computer science, Data Protection Act 1998, Authentication scheme, Internet of Things, business, Key management, Computer security, computer.software_genre, computer

Abstract

As the amount of information distributed and processed through IoT(Internet of Things) devices is absolutely increased, various security issues are also emerging. Above all, since IoT technology is directly applied to our real life, there is a growing concern that the dangers of the existing cyberspace can be expanded into the real world. In particular, leaks of keys necessary for authentication and data protection of IoT devices are causing economic and industrial losses through illegal copying and data leakage. Therefore, this paper introduces the research trend of hardware and software based key hiding technology to respond to these security threats, and proposes IoT device authentication techniques using them. The proposed method fundamentally prevents the threat of exposure of the authentication key due to various security vulnerabilities by properly integrating hardware and software based key hiding technologies. That is, this paper provides a more reliable IoT device authentication scheme by using key hiding technology for authentication key management.

Published

2020

3. Is It Possible to Hide My Key into Deep Neural Network?

Author

Dooho Choi, Taek-Young Youn, and Taehyuk Kim

Subjects

Password, Key generation, Security analysis, Correctness, Computer science, business.industry, Physical unclonable function, Cryptography, Computer security, computer.software_genre, Robustness (computer science), Key (cryptography), business, computer

Abstract

The use of cryptographic functions has become vital for various devices, such as PCs, smart phones, drones, and smart appliances; however, the secure storage of cryptographic keys (or passwords) is a major issue. One way to securely store such a key is to register the key using secret data such as biometric data and then regenerate the key whenever it is needed. In this paper, we present a novel methodology for hiding cryptographic keys inside a deep neural network (DNN), and is termed as the DNN-based key hiding scheme. In this method, DNNs are constructed and trained with noisy data to hide the key within the network. To prove that our methodology works in practice, we propose an example of the DNN-based key hiding scheme and prove its correctness. For its robustness, we propose two basic security analysis tools to be able to check the example’s security. To the best of our knowledge, this is the first attempt of its kind.

Published

2020

4. Security Enhancement for IoT Device using Physical Unclonable Functions

Author

Byoung-Koo Kim, Yousung Kang, Dooho Choi, and Seungyong Yoon

Subjects

Authentication, Key generation, Computer science, business.industry, Physical unclonable function, Computer security, computer.software_genre, Identifier, ComputingMilieux_MANAGEMENTOFCOMPUTINGANDINFORMATIONSYSTEMS, Authentication information, Security enhancement, Internet of Things, business, computer, Server-side

Abstract

In this paper, we propose a device authentication method using PUF (Physical Unclonable Function) for IoT (Internet of Things) device security enhancement. We propose security functions such as device identifier and secret key generation using PUF, efficient management of device authentication information on the server side, update of secret keys, and continuous authentication. It improves the security of IoT devices against various existing attacks.

Published

2019

5. Protecting secret keys in networked devices with table encoding against power analysis attacks

Author

Dooho Choi, Taesung Kim, Seungkwang Lee, and Hyunsoo Yoon

Subjects

Proactive secret sharing, Computer Networks and Communications, Computer science, 02 engineering and technology, Computer security, computer.software_genre, 020202 computer hardware & architecture, Power analysis, Hardware and Architecture, Encoding (memory), 0202 electrical engineering, electronic engineering, information engineering, Table (database), 020201 artificial intelligence & image processing, computer, Information Systems

Published

2016

6. An Improved Square-always Exponentiation Resistant to Side-channel Attacks on RSA Implementation

Author

Dooho Choi, Yongje Choi, Jae-Cheol Ha, and Hoon-Jae Lee

Subjects

Exponentiation, business.industry, Computer science, 020207 software engineering, Cryptography, 02 engineering and technology, Fault injection, Computer security, computer.software_genre, Collision, Theoretical Computer Science, Power analysis, Computational Theory and Mathematics, Artificial Intelligence, Injection attacks, 0202 electrical engineering, electronic engineering, information engineering, Cryptosystem, 020201 artificial intelligence & image processing, Side channel attack, business, computer, Software, Computer network

Abstract

Many cryptographic algorithms embedded in security devices have been used to strengthen home- land defense capability and protect critical information from cyber attacks. The RSA cryptosystem with the naive implementation of an exponentiation may reveal a secret key by two types of side-channel attacks, namely passive leakage information analysis and active fault injection attacks. Recently, a square-always exponentiation algorithm in which the multiplication is traded for squarings has been proposed. This novel algorithm for RSA implementation is faster than other regularity-based countermeasures and is resistant to SPA (simple power analysis) and fault injection attacks. This paper shows that the right-to-left version of square-always exponentiation algorithm is vulnerable to several side-channel attacks, namely collision distance-based doubling, chosen-message CPA (collision power analysis), and horizontal CPA-based combined attacks. Furthermore, an improved right-to-left square-always algorith...

Published

2016

7. A Solution for Reducing Redistribution Costs of HAIL

Author

Taek-Young Youn, Minseok Lee, Dooho Choi, and Taehyuk Kim

Subjects

Redistribution (election), File server, Database, Computer science, Download, Full data, Server, Data_FILES, computer.software_genre, Error detection and correction, Retrievability, computer, Original data

Abstract

The Proof of Retrievability (PoR) is a useful tool for securing data by monitoring the retrievability of a file stored in remote servers. But they are not secure if the full data stored in the storage server is attacked. HAIL has been proposed to solve this problem. It enables a client to verify that files stored in independent storage servers are intact and retrievable. If some servers are attacked, a client can reconstruct the original data using the data stored in remaining servers. Unfortunately, in HAIL, expensive redistribution costs occur if we need to reconstruct the original data, which was not considered in existing works. In this paper, we propose a solution for reducing redistribution costs by grouping file segments and applying HAIL to each group. It is unnecessary for clients to download all files in all servers when some files stored in a specific server are corrupted. Finally, we analyze the performance of our scheme.

Published

2017

8. Data Preprocessor for Order Preserving Encryption

Author

Dooho Choi, Sang Su Lee, and Suhyung Jo

Subjects

SQL, Web search query, Database, Computer science, business.industry, Plaintext, General Medicine, computer.software_genre, Encryption, Preprocessor, On-the-fly encryption, business, computer, computer.programming_language

Abstract

Sensitive data such as personal telephone number, address, social security number at database is prevented to access by SQL search query. In order to prevent security problems it needs to encrypt database. Order preserving encryption (OPE) is a method of encrypting data so that it's possible to make efficient inequality comparisons on the encrypted items without decrypting them. OPE data of database is available to make index without decryption. In this paper, the data preprocessor by reducing plaintext range, the performance of OPE is increased and sensitive data are protected at database.

Published

2015

9. New efficient batch verification for an identity-based signature scheme

Author

Hyun-Sook Cho, Jung Yeon Hwang, Boyeon Song, and Dooho Choi

Subjects

Scheme (programming language), Computer Networks and Communications, Computer science, Distributed computing, computer.software_genre, Signature (logic), Digital signature, Identity (object-oriented programming), Key (cryptography), Identity based system, Data mining, computer, Information Systems, computer.programming_language

Abstract

Batch verification is a method to verify multiple digital signatures at a batch in time less than total individual verification time. Batch verification for an identity-based signature scheme IBS is attractive because a short public identity such as an e-mail address can be used as a verification key.

Published

2015

10. Implementing Side Channel Analysis Evaluation Boards of KLA-SCARF system

Author

Yong-Je Choi, Jea-Cheol Ryou, and Dooho Choi

Subjects

Evaluation system, Key leakage, Computer science, business.industry, Certification, Smart card, Side channel attack, Computer security, computer.software_genre, business, Implementation, computer

Abstract

With increasing demands for security evaluation of side-channel resistance for crypto algorithm implementations, many equipments are developed at various research institutes. Indeed, commercial products came out for the purpose of evaluation and certification tool of security products. However, various types of security products exclusive a smart card make it difficult to implement a security evaluation system for them. In this paper, we describe implementation and characteristic of the side-channel evaluation boards of the KLA-SCARF, which is the p roject to develop domestic side-channel evaluation system. This report would be helpful for following researchers who inte nd to develop side-channel evaluation boards for other security devices.Keywords: Side Channel Analysis, KLA-SCARF, Security Evaluation Board접수일(2013년 12월 26일), 수정일(2014년 2월 3일), 게재확정일(2014년 2월 3일)* 본 연구는 ETRI의 연구개발 과제인 KLA-SCARF( 프로젝트로 수행하였음(암호키 누출 검증 및 방지 원천 기술 연구), www.k-scarf.or.kr, KLA-SCARF(Key Leakage Analysis - Side Channel Analysis Resistant Framework) †주저자, choiyj@etri.re.kr‡교신저자, jcryou@home.cnu.ac.kr (Corresponding author)

Published

2014

11. A Security Framework for a Drone Delivery Service

Author

Yousung Kang, Dooho Choi, Elisa Bertino, Jongho Won, and Seung-Hyun Seo

Subjects

Service (systems architecture), Engineering, Emergency management, business.industry, Control (management), Cryptography, Computer security, computer.software_genre, Drone, Attack model, Resource (project management), Order (exchange), business, computer

Abstract

Delivery drones are unmanned aerial vehicles (UAV) utilized to transport packages, food, medicine, or other goods. With high demand for a prompt and efficient delivery, a drone delivery system can be an effective solution for timely deliveries and especially for emergency management. However, current delivery drone systems lack crucial security functions. Drones may have to operate in unsupervised hostile areas, and therefore be vulnerable to physical capture in addition to conventional cyber attacks. A captured drone can be analyzed by a white-box attack model in which the attacker has full control over the execution environment of cryptographic modules in static and dynamic methods including all side-channel information. In this paper, we propose and evaluate a security framework which utilizes white-box cryptography in order to protect critical data and cryptographic keys in delivery drones from white-box attacks. The experimental results show that the proposed framework is cost effective in terms of resource usage and thus is suitable even for resource-limited UAV.

Published

2016

12. Security Analysis on RFID Mutual Authentication Protocol

Author

Maire O'Neill, Dooho Choi, You Sung Kang, and Elizabeth O'Sullivan

Subjects

Security analysis, Standardization, Computer science, business.industry, Air interface, Mutual authentication, Man-in-the-middle attack, Computer security, computer.software_genre, Ultra high frequency, Radio-frequency identification, business, computer, Vulnerability (computing), Computer network

Abstract

Radio frequency identification RFID has received much attention both in industry and academia in recent years. To this extent, the international standards group, ISO/IEC JTC 1/SC 31, is in the midst of standardization activity to define the security extension to the EPCglobal Generation 2 Gen2 ultra high frequency UHF air interface protocols for secure RFID communications. In this paper, we investigate a vulnerability of an RFID mutual authentication protocol that was highlighted in a recent letteri¾?[5]. Our analysis presents that the attack on the mutual authentication protocol is just a relay operation between a legitimate reader and a legitimate tag. We also propose the threshold values of data rate between a reader and a tag based on link timing parameters of passive UHF RFID systems.

Published

2016

13. Information Security Applications

Author

Dooho Choi and Sylvain Guilley

Subjects

Computer science, Information security, Computer security, computer.software_genre, computer

Published

2016

14. Countermeasures against Power Analysis Attacks for the NTRU Public Key Cryptosystem

Author

Mun-Kyu Lee, Dong-Guk Han, Dooho Choi, and Jeong Eun Song

Subjects

SIMPLE (military communications protocol), business.industry, Computer science, NTRU, Applied Mathematics, Lattice problem, Computer security, computer.software_genre, Computer Graphics and Computer-Aided Design, Public-key cryptography, Power analysis, Countermeasure, Signal Processing, Cryptosystem, Correlation power analysis, Electrical and Electronic Engineering, business, computer

Abstract

The NTRU cryptosystem is a public key system based on lattice problems. While its theoretical security has been well studied, little effort has been made to analyze its security against implementation attacks including power analysis attacks. In this paper, we show that a typical software implementation of NTRU is vulnerable to the simple power analysis and the correlation power analysis including a second-order power attack. We also present novel countermeasures to prevent these attacks, and perform experiments to estimate the performance overheads of our countermeasures. According to our experimental results, the overheads in required memory and execution time are only 8.17% and 9.56%, respectively, over a Tmote Sky equipped with an MSP430 processor.

Published

2010

15. A distributed file system over unreliable network storages

Author

Kyunghee Oh and Dooho Choi

Subjects

Computer science, business.industry, Stub file, Device file, computer.file_format, Unix file types, computer.software_genre, Virtual file system, Torrent file, Self-certifying File System, Backup, Server, Data_FILES, Operating system, Network File System, SSH File Transfer Protocol, business, Distributed File System, File synchronization, computer, File system fragmentation, Computer network

Abstract

Nowadays, an individual uses multiple ICT devices such as PCs, laptops, smart phones and others. And the content files are not dedicated to a specific device, but shared by the devices. One of the sharing services is the personal cloud computing. Users can backup, synchronize, share and manage their files with it. But most cloud systems have their own dedicated interfaces and it is not easy to use files in various applications. We propose a distributed file system which works with the legacy internet protocols. Applications on devices can share files with the general file i/o interface, and our system enhanced reliability of file storages in both aspects of failures of servers and security risks.

Published

2015

16. Side Channel Attacks on Cryptographic Module: EM and PA Attacks Accuracy Analysis

Author

Yong-Je Choi, Ndibanje Bruce, Dooho Choi, Hoon-Jae Lee, and HyunHo Kim

Subjects

Power analysis, Hardware implementations, Computer science, business.industry, Key (cryptography), Table (database), Cryptography, Side channel attack, Computer security, computer.software_genre, business, computer

Abstract

Extensive research on modern cryptography ensures significant mathematical immunity to conventional cryptographic attacks. However, different side channel techniques such as power analysis and electromagnetic attacks are such a powerful tool to extract the secret key from cryptographic devices. These techniques bring serious threat on hardware implementations of cryptographic algorithms. In this paper an extensive analysis of side channel analysis on cryptographic device is presented where we study on the EM and PA attacks methods as sideways attacks on the hardware implementation of the crypto-module. Finally we establish a comparison table among different attacks tools methods for the accuracy analysis.

Published

2015

17. Comments on an Improved RFID Security Protocol for ISO/IEC WD 29167-6

Author

Dooho Choi, Dong-Jo Park, and You Sung Kang

Subjects

Engineering, Authentication, General Computer Science, business.industry, Standard of Good Practice, Information security, Cryptographic protocol, Adversary, Computer security, computer.software_genre, Electronic, Optical and Magnetic Materials, Information sensitivity, Electrical and Electronic Engineering, business, Protocol (object-oriented programming), computer, Information security management system

Abstract

With the rapid progress of RFID security technologies, the international standard group ISO/IEC JTC 1/SC 31 is developing a few security technologies for RFID systems. One of the initial proposals is ISO/IEC working draft (WD) 29167-6. Recently, Song and others stated that Protocol 1 of ISO/IEC WD 29167-6 is vulnerable to a malicious adversary. However, their analysis comes from a misunderstanding regarding a communication parameter called Handle. In this letter, we point out that an adversary cannot obtain any sensitive information from intervening in Protocol 1.

Published

2013

18. Secure Cryptographic Module Implementation and Mathematics

Author

Seungkwang Lee, Yongjae Choi, Yousung Kang, and Dooho Choi

Subjects

Cryptographic primitive, Cryptographic engineering, Random number generator attack, Computer science, Security of cryptographic hash functions, Cryptographic protocol, NSA Suite B Cryptography, Key management, Computer security, computer.software_genre, computer, Key exchange

Abstract

Cryptographic Engineering is defined by the discipline of using cryptography to solve human problems (from the Wikipedia [1]). Main focus of the cryptographic engineering is to implement the cryptographic primitives based on mathematics to the real world device as the manner of software or hardware. Therefore, to study the cryptographic engineering field, mathematics backgrounds are needed as well as the computer engineering and computer science. In this article, we briefly review the trend of the cryptographic engineering field for the last decade. After that, side-channel attack for the crypto modules are introduced and several efforts are explained for preventing the side-channel attack in the area of the cryptographic engineering.

Published

2014

19. Privacy-preserving cross-user source-based data deduplication in cloud storage

Author

Dooho Choi and Seungkwang Lee

Subjects

Information privacy, Database, Computer science, business.industry, Cloud computing, Client-side, computer.software_genre, Electronic mail, Privacy preserving, Server, Data_FILES, Data deduplication, business, Cloud storage, computer

Abstract

Cloud storage services possibly store only a single copy of redundant data to save disk space and provide links to that copy rather storing other actual copies of data. This is called deduplication. If deduplication is performed across different accounts at each client side, this is classified into cross-user source-based deduplication. However, cross-user source-based deduplication can server as a side-channel of breaching user's privacy. To protect user's privacy, Harnik et al. proposed a randomized solution for cross-user source-based deduplication, user's privacy is, however, still at risk with a high probability. In this paper, we propose a new cross-user source-based deduplication providing dramatically enhanced security.

Published

2012

20. Enforcing security in mobile RFID networks multilateral approaches and solutions

Author

Namje Park, Seungjoo Kim, Dongho Won, and Dooho Choi

Subjects

business.industry, Computer science, Mobile computing, Mobile RFID, Mobile Web, Computer security, computer.software_genre, Hardware_GENERAL, Mobile phone, Mobile station, Mobile search, Radio-frequency identification, Mobile telephony, business, computer, Computer network

Abstract

Mobile RFID (radio frequency identification) is a new application to use mobile phone as RFID reader with a wireless technology and provides new valuable services to user by integrating RFID and ubiquitous sensor network infrastructure with mobile communication and wireless Internet. However, there are an increasing number of concerns, and even some resistances, related to consumer tracking and profiling using RFID technology. Therefore, in this paper, we describe the security analysis and implementation leveraging globally networked mobile RFID service which complies with the Koreapsilas mobile RFID forum standard.

Published

2008

21. Security Management System for Sensor Network

Author

Namje Park, Shin-Kyung Lee, and Dooho Choi

Subjects

business.industry, Network security, Computer science, Computer security, computer.software_genre, Security information and event management, Network management application, Key distribution in wireless sensor networks, Security service, Network Access Control, Network security policy, business, computer, Network management station, Computer network

Abstract

Wireless sensor network which has more weak security than general network is not considering management principles although it is used in a various part. This paper is concerned with the security management system for sensor network including security function. We design the sensor network management functions and implement the system to manage the security information for detecting an attack from the illegal sensor node.

Published

2008

22. RFID Stamp with RFID Passive Reader

Author

Dooho Choi, Junki Kang, Namje Park, and Yousung Kang

Subjects

business.industry, Computer science, Mobile computing, Cryptography, Mobile telephony, Computer security, computer.software_genre, business, computer

Abstract

The RFID system is very much used until it reaches the various services including the physical distribution, circulation, military affairs, health care. The RFID system to a now came to the passive tag itself along the normal distribution route, we could not know. The RFID STAMP SYSTE to be proposed is designed so that it overcomes these disadvantages and we can trace the distribution route with each passive type reader.

Published

2008

23. Product Authentication Service of Consumer's mobile RFID Device

Author

Inseop Kim, Juhan Kim, Howon Kim, and Dooho Choi

Subjects

Mobile radio, Service (business), Authentication, Computer science, business.industry, Mobile RFID, Mutual authentication, Computer security, computer.software_genre, Secure communication, Mobile phone, Location-based service, business, computer

Abstract

We propose a product authentication service which is anti-counterfeiting technology and can be applied to both the supply chain (SCM) and forthcoming mobile RFID environment. It aims to become aware of distribution of spurious products with fake RFID tags and to provide a product authentication service to consumers with mobile RFID devices like mobile phone which has a RFID reader. We also propose an authentication mechanism between a tag and an information server through the device. The mechanism is designed to be appropriated for EPC Class-1 Generation-2 UHF tags. The tags, one of RFID tag types, is expected that most companies are planning to use it in the SCM in the short term and in consumer packaging in the long term due to its inexpensive cost. Because of the very cost, however, its resources are extremely scarce and it is hard to have any valuable security algorithms in it. It causes security vulnerabilities, in particular cloning the tags for counterfeits. The mechanism provides secure mutual authentication between a tag and a server. It can be applied to the mobile RFID environment that any mobile RFID reader can be placed in the interface between the tag and the server. It means that the mechanism provides secure communication between them even the reader is not trusted. On basis of this tag authentication, the service makes use of location information especially from LBS (location based service) of the consumers' devices. Thanks to it, the service can make fine-grained decision about authentication of a product. At the same time the server utilize the information to extend its management area where legacy SCM could not reach thanks to consumers' mobile RFID devices

Published

2006

24. A secure mobile IP authentication based on identification protocol

Author

Dooho Choi, Kyoil Jung, and Hyungon Kim

Subjects

Authentication, business.industry, Computer science, Node (networking), Cryptography, Loose Source Routing, Computer security, computer.software_genre, IP tunnel, Mobile IP, Message authentication code, business, Replay attack, computer, Computer network

Abstract

Mobile IP, which was designed at the working group of IETF, intended to enable nodes to move from one IP subnet to another. That is, it can support node mobility across heterogeneous networks. For this mobility support, a mobile node (MN) must achieve registration at a home agent (HA) when the MN is away from home. In this article, we propose a mobile IP authentication that is based on an identification scheme using a one-way function. It ensures a secure mobile IP authentication against replay attack and man-in-the-middle attack. Furthermore, its implementation is expected to be efficient, since it does not use any public key cryptography operations.

Published

2005

25. Session Key Exchange Based on Dynamic Security Association for Mobile IP Fast Handoff

Author

Hyun Gon Kim and Dooho Choi

Subjects

Authentication, business.industry, Computer science, Node (networking), Authorization, Computer security, computer.software_genre, Security association, Mobile IP, Session key, Session (computer science), business, computer, Key exchange, Computer network

Abstract

For Low Latency Handoffs(LLH) [1] to be fast and effective, the Mobile IP session keys distributed by home AAA(Authentication, Authorization, and Accounting) server should be reused [2]. This can decrease the number of signaling messages to the home network, and reduce the signaling delay when a mobile node moves from one foreign agent to another, within the same visited domain. To reuse the session keys in a secure fashion, we present a method that performs the LLH without requiring further involvement by home AAA server. To prevent session stealing attack, the method provides the confidentiality and integrity of session keys in the phase of key exchange between old foreign agent and new foreign agent by using Diffie-Hellman key agreement. It allows the mobile node to perform LLH with fast as well as secure operation.

Published

2004

26. Mobile IP and WLAN with AAA authentication protocol using identity-based cryptography

Author

Dooho Choi, Byung-Gil Lee, Hyungon Kim, Seungwon Sohn, and Kil-Houm Park

Subjects

Challenge-Handshake Authentication Protocol, Computer science, computer.internet_protocol, Mobile computing, Computer security, computer.software_genre, Authentication server, Electronic mail, Public-key cryptography, Wireless lan, Wireless, Message authentication code, Authentication, business.industry, ComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKS, Authorization, Mutual authentication, IP tunnel, Mobile IP, Authentication protocol, The Internet, Diameter protocol, Roaming, business, computer, Diameter, Computer network

Abstract

The Mobile IP application of AAA (Diameter protocol) provides authentication, authorization, and accounting (AAA) services to a mobile ISP network for achieving legitimate mobility using e-mail-styled NAI and MAC valued keys in wireless IP access. In the rapidly expanding mobile environment, the introduction of identity-based cryptographic schemes has many advantages ranging from easy migration to public key cryptography. Accordingly, the current paper proposes a secure wireless Internet roaming service and WLAN service using identity(ID)-based cryptography. To support secure Mobile IP authentication between a mobile node and the authentication server, Mobile IP with an AAA protocol of mutual authentication is proposed using an ID-based signature scheme instead of a conventional MAC valued, symmetric, and single authentic protocol. Furthermore, the proposed protocol can also be implemented using algorithms based on elliptic curves.

Published

2003