• Title, Summary, Keyword: De-synchronization attacks

Search Result 10, Processing Time 0.034 seconds

An Efficient Selective Method for Audio Watermarking Against De-synchronization Attacks

  • Mushgil, Baydaa Mohammad;Adnan, Wan Azizun Wan;Al-hadad, Syed Abdul-Rahman;Ahmad, Sharifah Mumtazah Syed
    • Journal of Electrical Engineering and Technology
    • /
    • v.13 no.1
    • /
    • pp.476-484
    • /
    • 2018
  • The high capacity audio watermarking algorithms are facing a main challenge in satisfying the robustness against attacks especially on de-synchronization attacks. In this paper, a robust and a high capacity algorithm is proposed using segment selection, Stationary Wavelet Transform (SWT) and the Quantization Index Modulation (QIM) techniques along with new synchronization mechanism. The proposed algorithm provides enhanced trade-off between robustness, imperceptibility, and capacity. The achieved watermarking improves the reliability of the available watermarking methods and shows high robustness towards signal processing (manipulating) attacks especially the de-synchronization attacks such as cropping, jittering, and zero inserting attacks. For imperceptibility evaluation, high signal to noise ratio values of above 22 dB has been achieved. Also subjective test with volunteer listeners shows that the proposed method has high imperceptibility with Subjective Difference Grade (SDG) of 4.76. Meanwhile, high rational capacity up to 176.4 bps is also achieved.

Optimal Handover Key Refresh Interval in 3GPP LTE/SAE Network (3GPP LTE/SAE 네트워크에서의 핸드오버 키 최적 갱신주기에 관한 연구)

  • Han, Chan-Kyu;Choi, Hyoung-Kee
    • The KIPS Transactions:PartC
    • /
    • v.18C no.4
    • /
    • pp.237-242
    • /
    • 2011
  • LTE/SAE has presented the handover key management to revoke the compromised keys and to isolate corrupted network devices. In this paper, we identify that the handover key management is vulnerable to so-called de-synchronization attacks, which is jeopardizing the forward secrecy of handover key management. We place an emphasis on periodic root key update to minimize the effect of the de-synchronization attacks. An optimal value for the root key update interval is suggested in order to minimize signaling load and ensure security of user traffic.

Enhancement of Password-based Mutual Authentication Protocol against De-synchronization Attacks (비동기 공격에 안전한 패스워드기반 상호 인증 프로토콜)

  • Yuk, Hyeong-Jun;Yim, Kang-Bin
    • The Journal of Advanced Navigation Technology
    • /
    • v.17 no.1
    • /
    • pp.24-32
    • /
    • 2013
  • Authentication is one of the necessary elements in the network environment. Many researches have detected security vulnerabilities to the existing authentication mechanisms and suggested secure mutual authentication protocols by resolving these vulnerabilities. The representative ones of them are SPMA(Strong Pass Mutual Authentication) and I-SPMA(Improved Strong Password Mutual Authentication). However, these protocols cause a critical problem when the shared secret information is de-synchronized between the server and the client. This paper proposes a revised protocol to resolve the de-synchronization problem. Based on a security assessment on the proposed protocol, we consider the proposed protocol is safer than the previous ones and possible to effectively make a user authentication system mre secure.

Security Weaknesses of Handover Key Management in 3GPP LTE Network (3GPP LTE 네트워크에서의 핸드오버 키 관리 기법의 약점 연구)

  • Han, Chan-Kyu;Choi, Hyoung-Kee
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.22 no.1
    • /
    • pp.25-31
    • /
    • 2012
  • LTE/SAE has presented the handover key management to revoke the compromised keys and to isolate corrupted network devices. In this paper, we identify that the handover key management is vulnerable to de-synchronization attacks, which is jeopardizing the forward secrecy of handover key management. Also, an adversary could prevent the UE from creating the secure link with eNodeB, which is delaying the handover procedure. In this paper, we present a counrermeasure to prevent above attacks, and analyze the performance issues of the proposed protocol.

Novel Trusted Hierarchy Construction for RFID Sensor-Based MANETs Using ECCs

  • Kumar, Adarsh;Gopal, Krishna;Aggarwal, Alok
    • ETRI Journal
    • /
    • v.37 no.1
    • /
    • pp.186-196
    • /
    • 2015
  • In resource-constrained, low-cost, radio-frequency identification (RFID) sensor-based mobile ad hoc networks (MANETs), ensuring security without performance degradation is a major challenge. This paper introduces a novel combination of steps in lightweight protocol integration to provide a secure network for RFID sensor-based MANETs using error-correcting codes (ECCs). The proposed scheme chooses a quasi-cyclic ECC. Key pairs are generated using the ECC for establishing a secure message communication. Probability analysis shows that code-based identification; key generation; and authentication and trust management schemes protect the network from Sybil, eclipse, and de-synchronization attacks. A lightweight model for the proposed sequence of steps is designed and analyzed using an Alloy analyzer. Results show that selection processes with ten nodes and five subgroup controllers identify attacks in only a few milliseconds. Margrave policy analysis shows that there is no conflict among the roles of network members.

Cryptanalysis and Improvement of a New Ultralightweight RFID Authentication Protocol with Permutation (순열을 사용한 새로운 초경량 RFID 인증 프로토콜에 대한 보안 분석 및 개선)

  • Jeon, Il-Soo;Yoon, Eun-Jun
    • Journal of the Korea Industrial Information Systems Research
    • /
    • v.17 no.6
    • /
    • pp.1-9
    • /
    • 2012
  • Low-cost RFID tags are used in many applications. However, since it has very limited power of computation and storage, it's not easy to make a RFID mutual authentication protocol which can resist from the various security attacks. Quite recently, Tian et al. proposed a new ultralightweight authentication protocol (RAPP) for low-cost RFID tags using the low computation cost operations; XOR, rotation, and permutation operations, which is able to resist from the various security attacks. In this paper, we show that RAPP is vulnerable to the de-synchronization attack and present an improved RAPP which overcomes the vulnerability of RAPP.

A secure and effective scheme providing comprehensive forward security to LTE/SAE X2 handover key management

  • Sun, Bangyi;Chu, Jianfeng;Hu, Liang;Li, Hongtu;Shi, Guangkun
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.11 no.9
    • /
    • pp.4609-4623
    • /
    • 2017
  • The commercialization of LTE/SAE technologies has begun a new era in which data can be transmitted at remarkably high rates. The security of the LTE/SAE network, however, remains problematic. The forward security in LTE/SAE X2 handover key management can be threatened by key compromise and de-synchronization attacks as base station in public spaces can be compromised. This study was conducted to address the lack of forward key security in X2 handover key management in scenarios in which an adversary controls a legal base station. We developed the proposed X2 handover key management by changing the parameter in the renewing step and adding a verification step. We compare the security and performance of our proposal with other similar schemes. Our enhancement scheme ensures forward separation security accompanied by favorable signal and computation load performance.

Improving Varying-Pseudonym-Based RFID Authentication Protocols to Resist Denial-of-Service Attacks

  • Chien, Hung-Yu;Wu, Tzong-Chen
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.18 no.6B
    • /
    • pp.259-269
    • /
    • 2008
  • Applying Varying Pseudonym (VP) to design of Radio Frequency Identification (RFID) authentication protocol outperforms the other existing approaches in several respects. However, this approach is prone to the well-known denial-ofservice (DOS) attack. In this paper, we examine the de-synchronization problems of VP-based RFID authentication protocols, and propose effective solutions to eliminate such weaknesses. We shall show that the proposed solutions indeed improve the security for these protocols, and moreover, these solutions require 0(1) computational cost for identitying a tag and 0(1) key space on the tag. These excellent performances make them very attractive to many RFID applications.

Efficient RFID Search Protocols Providing Enhanced User Privacy (강화된 사용자 프라이버시를 보장하는 효율적인 RFID 검색 프로토콜)

  • Lim, Ji-Hwan;Oh, Hee-Kuck;Nyang, Dae-Hun;Lee, Mun-Kyu;Kim, Sang-Jin
    • The KIPS Transactions:PartC
    • /
    • v.16C no.3
    • /
    • pp.347-356
    • /
    • 2009
  • In an RFID search protocol, a reader uses designated query to determine whether a specific tag is in the vicinity of the reader. This fundamental difference makes search protocol more vulnerable to replay attacks than authentication protocols. Due to this, techniques used in existing RFID authentication protocols may not be suitable for RFID search protocols. In this paper, we propose two RFID search protocols, one based on static ID and the other based on dynamic ID, which use counter to prevent replay attacks. Moreover, we propose a security model for RFID search protocols that includes forward/backward traceability, de-synchronization and forgery attack. Based on this model, we analyze security of our protocols and related works.

An improved Multi-server Authentication Scheme for Distributed Mobile Cloud Computing Services

  • Irshad, Azeem;Sher, Muhammad;Ahmad, Hafiz Farooq;Alzahrani, Bander A.;Chaudhry, Shehzad Ashraf;Kumar, Rahul
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.10 no.12
    • /
    • pp.5529-5552
    • /
    • 2016
  • Mobile cloud computing (MCC) has revolutionized the way in which the services can be obtained from the cloud service providers. Manifold increase in the number of mobile devices and subscribers in MCC has further enhanced the need of an efficient and robust authentication solution. Earlier, the subscribers could get cloud-computing services from the cloud service providers only after having consulted the trusted third party. Recently, Tsai and Lo has proposed a multi-server authenticated key agreement solution for MCC based on bilinear pairing, to eliminate the trusted third party for mutual authentication. The scheme has been novel as far as the minimization of trusted party involvement in authenticating the user and service provider, is concerned. However, the Tsai and Lo scheme has been found vulnerable to server spoofing attack (misrepresentation attack), de-synchronization attack and denial-of-service attack, which renders the scheme unsuitable for practical deployment in different wireless mobile access networks. Therefore, we have proposed an improved model based on bilinear pairing, countering the identified threats posed to Tsai and Lo scheme. Besides, the proposed work also demonstrates performance evaluation and formal security analysis.