• Title, Summary, Keyword: weak keys

Search Result 22, Processing Time 0.031 seconds

A Method to Enhance the Security of ZKIP with Weak Keys and Its Application (약한 키를 가지는 대화식 영지식 증명의 안전성 강화 방법과 그 응용)

  • 양대헌
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.12 no.1
    • /
    • pp.33-42
    • /
    • 2002
  • We present a systematic way to armor a zero-knowledge interactive proof based identification scheme that has badly chosen keys. Keys are sometimes mistakenly chosen to be weak(neither random nor long), and a weak key is often preferred to a strong key so that it might be easy for human to remember. Weak keys severely degrade the security of ZKIP based identification schemes. We show using off-line guessing attack how the weak key threats the security of ZlKIP based identification schemes. For the proper usage of ZKIP, we introduce a specialized form of ZKIP, which has a secret coin-tossing stage. Using the secret coin tossing, a secure framework is proposed for ZKIP based identification schemes with weak key in the ideal cipher model. The framework is very useful in password based authentication and key exchange protocol

Genetic Symmetric Key Generation for IDEA

  • Malhotra, Nandini;Nagpal, Geeta
    • Journal of Information Processing Systems
    • /
    • v.11 no.2
    • /
    • pp.239-247
    • /
    • 2015
  • Cryptography aims at transmitting secure data over an unsecure network in coded version so that only the intended recipient can analyze it. Communication through messages, emails, or various other modes requires high security so as to maintain the confidentiality of the content. This paper deals with IDEA's shortcoming of generating weak keys. If these keys are used for encryption and decryption may result in the easy prediction of ciphertext corresponding to the plaintext. For applying genetic approach, which is well-known optimization technique, to the weak keys, we obtained a definite solution to convert the weaker keys to stronger ones. The chances of generating a weak key in IDEA are very rare, but if it is produced, it could lead to a huge risk of attacks being made on the key, as well as on the information. Hence, measures have been taken to safeguard the key and to ensure the privacy of information.

Analysis for Weak Keys of the Block Cipher SEED-192 (블록암호 SEED-192에 대한 취약키 분석)

  • Kim, Jong-Sung;Cho, Ki-Jo
    • The Journal of Advanced Navigation Technology
    • /
    • v.15 no.1
    • /
    • pp.69-75
    • /
    • 2011
  • In this paper, we analyze the key schedule of the block cipher SEED-192. According to the result of this paper, there exist weak keys in 16 out of 20 rounds of SEED-192 against the related-key rectangle/boomerang attack. This is the first cryptanalytic result for the key schedule of SEED-192.

Security Improvement of Authentication Method Using Transfer Agent in USN

  • Cho, Do-Eun
    • International Journal of Contents
    • /
    • v.7 no.4
    • /
    • pp.35-43
    • /
    • 2011
  • USN is a technology to detect human external environment. It is an important factor in buildinga ubiquitous computing environment. In this thesis, an authentication method was proposed to allow the sensor nodes, which have weak computing operation capability, to safely communicate with each other in USN and guarantee the anonymity of users for their privacy. In the proposed authentication method that takes into account the characteristics of sensor network, sensor nodes based on a symmetric key algorithm do not transfer keys directly, instead, they mix the random numbers received from AS to generate keys necessary for communications, having a master key and a pseudo-random number generator.In addition, in this thesis, TA was adopted to minimize the leakage of users' information, and a scheme through which virtual IDs received from AS are delivered to sensor nodes was applied to improve anonymity.

Study on Weak-Key Classes for KeeLoq (블록 암호 KeeLoq에 대한 취약키 공간에 관한 연구)

  • Lee, Yu-Seop;Kim, Jong-Sung;Hong, Seok-Hie
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.19 no.1
    • /
    • pp.25-32
    • /
    • 2009
  • KeeLoq is a very light block cipher with a 32-bit block and a 64-bit key. It is suitable for the wireless applications, and thus multiple automotive OEMs as Chrysler, GM, Honda, Toyota have used remote keyless entry systems and alarm systems in order to protect the their cars. In this paper, we introduce various weak-key classes that include $2^1{\sim}2^{32}$ keys and exploit the slide attack to propose key-recovery attacks under these weak-key classes.

A Key Management Scheme for Ad hoc Sensor Networks (애드 혹 센서 네트워크를 위한 키 관리 방안)

  • Kim Seung-Hae;Chung Byung-Ho;Wang Gi-Cheol;Cho Gi-Hwan
    • Journal of the Institute of Electronics Engineers of Korea TC
    • /
    • v.43 no.7
    • /
    • pp.32-40
    • /
    • 2006
  • It is very important to establish a pairwise key securely in wireless sensor networks. Because sensor networks consist of devices with weak physical security, they are likely to be compromised by an attacker. However, some approaches using key pre-distribution and other approaches using one hop local keys are known to be very vulnerable to threats caused by compromised nodes, even a small number. This paper proposes a scheme where each node establishes three hop local keys and employs them for a later pairwise key establishment. When any two nodes agree a pairwise key, all nodes on the route between two nodes contribute to the agreement of the pairwise key. Here, the initial three hop local keys are employed for encrypting a secret key delivered from a node to other nodes. Therefore, the proposed scheme bothers attackers to compromise much more nodes than the scheme using one hop local keys only. The simulation results have proven that the proposed scheme provides better performance and higher security than the scheme using one hop local keys in terms of message exchange, the number of encryption and decryption, and pairwise key exposure rate.

A Provable Authenticated Certificateless Group Key Agreement with Constant Rounds

  • Teng, Jikai;Wu, Chuankun
    • Journal of Communications and Networks
    • /
    • v.14 no.1
    • /
    • pp.104-110
    • /
    • 2012
  • Group key agreement protocols allow a group of users, communicating over a public network, to establish a shared secret key to achieve a cryptographic goal. Protocols based on certificateless public key cryptography (CL-PKC) are preferred since CL-PKC does not need certificates to guarantee the authenticity of public keys and does not suffer from key escrow of identity-based cryptography. Most previous certificateless group key agreement protocols deploy signature schemes to achieve authentication and do not have constant rounds. No security model has been presented for group key agreement protocols based on CL-PKC. This paper presents a security model for a certificateless group key agreement protocol and proposes a constant-round group key agreement protocol based on CL-PKC. The proposed protocol does not involve any signature scheme, which increases the efficiency of the protocol. It is formally proven that the proposed protocol provides strong AKE-security and tolerates up to $n$-2 malicious insiders for weak MA-security. The protocol also resists key control attack under a weak corruption model.

Distributed Key Management Using Regression Model for Hierarchical Mobile Sensor Networks (계층적인 이동 센서 네트워크에서 회귀모델을 이용한 분산 키 관리)

  • Kim Mi-Hui;Chae Ki-Joon
    • Journal of the Institute of Electronics Engineers of Korea TC
    • /
    • v.43 no.7
    • /
    • pp.1-13
    • /
    • 2006
  • In this paper, we introduce a novel key management scheme that is based on the key pre-distribution but provides the key re-distribution method, in order to manage keys for message encryption and authentication of lower-layer sensor nodes on hierarchical mobile sensor networks. The characteristics of our key management are as follows: First, the role of key management is distributed to aggregator nodes as well as a sink node, to overcome the weakness of centralized management. Second, a sink node generates keys using regression model, thus it stores only the information for calculating the keys using the key information received from nodes, but does not store the relationship between a node and a key, and the keys themselves. As the disadvantage of existing key pre-distributions, they do not support the key re-distribution after the deployment of nodes, and it is hard to extend the key information in the case that sensor nodes in the network enlarge. Thirdly, our mechanism provides the resilience to node capture(${\lambda}$-security), also provided by the existing key pre-distributions, and fourth offers the key freshness through key re-distribution, key distribution to mobile nodes, and scalability to make up for the weak points in the existing key pre-distributions. Fifth, our mechanism does not fix the relationship between a node and a key, thus supports the anonymity and untraceability of mobile nodes. Lastly, we compare ours with existing mechanisms, and verify our performance through the overhead analysis of communication, computation, and memory.

A Method to Enhance the Security of ZKIP with Weak Keys (약한 키를 가지는 대화식 영지식 증명의 안전성 강화 방법)

  • 양대헌
    • Proceedings of the Korea Institutes of Information Security and Cryptology Conference
    • /
    • /
    • pp.117-120
    • /
    • 2001
  • 본 논문에서는 약한 키를 가지는 대화식 영지식 증명을 이용한 인증 프로토콜의 안전성을 강화하는 방법을 제시한다. 일반적으로 대화식 영지식 증명을 이용한 인증 프로토콜은 충분히 길고 랜덤한 비밀키를 가정하고 그 비밀키에 대한 영지식 증명을 수행하게 된다. 하지만 때에 따라서 충분히 길지 않거나 랜덤하지 않은 비밀키가 선택될 수 있다. 즉, 좋지 않은 난수 발생기를 써야 하는 경우, 또는 패스워드처럼 의도적으로 약한 키를 사용하는 경우가 생기며, 대화식 영지식 증명은 이에 적합하지 않다고 알려져 있다. 본 논문에서는 비밀 동전 던지기(Secret Coin Tossing)라는 개념을 제시해서, 일반적인 영지식 증명을 이용한 인증 프로토콜을 약한 키를 가지는 영지식 증명 기반 인증 프로토콜로 쉽게 변환할 수 있는 프레임웍을 제안한다. 또한, 이 프레임웍을 이용해서 설계된 인증 프로토콜이 ideal cipher model에서 안전함을 보인다.

  • PDF

PARTIAL KEY EXPOSURE ATTACKS ON RSA AND ITS VARIANT BY GUESSING A FEW BITS OF ONE OF THE PRIME FACTORS

  • Sarkar, Santanu;Maitra, Subhamoy
    • Bulletin of the Korean Mathematical Society
    • /
    • v.46 no.4
    • /
    • pp.721-741
    • /
    • 2009
  • Consider RSA with N = pq, q < p < 2q, public encryption exponent e and private decryption exponent d. We first study cryptanalysis of RSA when certain amount of the Most Significant Bits (MSBs) or Least Significant Bits (LSBs) of d is known. The basic lattice based technique is similar to that of Ernst et al. in Eurocrypt 2005. However, our idea of guessing a few MSBs of the secret prime p substantially reduces the requirement of MSBs or LSBs of d for the key exposure attack. Further, we consider the RSA variant proposed by Sun and Yang in PKC 2005 and show that the partial key exposure attack works significantly on this variant.