We propose new key exchange and authentication protocols, which are efficient in protecting a poorly-chosen weak secret from guessing attacks, based on the use of a one-time pad and a strong one-way hash function. Cryptographic protocols assume that a strong secret should be shared between communication participants for authentication, in the light of an ever-present threat of guessing attacks. Cryptographically long secret would be better for security only if ordinary users could remember it. But most users choose an easy-to-remember password as a secret and such a weak secret can be guessed easily. In our previous work, we made much of introducing a basic concept and its application. In this paper, we describe our idea in more detail and propose more protocols which correspond to variants of our basic protocol using well-defined notations. Formal verification and efficiency comparison of the proposed protocols are also presented. By our scheme the password guessing attacks are defeated efficiently, and a session key is exchanged and participants are authenticated securely.

In this paper, we propose two mechanisms for the priority added automatic call gapping method under the fairness scheme and analyze the effect of those mechanisms. Both mechanisms provide good overload controllability and work well on the priority calls. We also define a measure of priority achievement. Both mechanisms show good performance on the pass probability and priority achievement.

For integrated WLAN/cellular networks, we propose an energy-efficient vertical handover mechanism that both improves the energy efficiency of the mobile nodes and reduces the WLAN frame overhead.

In this paper, we investigate the issue of extending ATM technology to wireless networks. The PVC(Permanent Virtual Connection)-based handoff scheme is proposed to support the integration of the wireless and wireline networks. Without re-establishing procedure, a mobile connection can be handed over to a new base station through PVC which are reserved for handoff between neighboring mobility-enhanced ATM switches being connected to BS(Base Station)s. Therefore, this scheme can readily support a high speed of handoff connection processing mechanism utilizing wired link resources effectively. A simple analytical methodology is presented for overall system organization and for demonstrating the effectiveness of the proposed scheme.

We study how to generalize a key agreement and password authentication protocol on the basis of the well known hard problems such as a discrete logarithm problem and a Diffie-Hellman problem. The key agreement and password authentication protocol is necessary for networked or internetworked environments to provide the user knowledge-based authentication and to establish a new cryptographic key for the further secure session. The generalized protocol implies in this paper to require only weak constraints and to be generalized easily in any other cyclic groups which preserve two hard problems. The low entropy of password has made it difficult to design such a protocol and to prove its security soundness. In this paper, we devise a protocol which is easy to be generalized and show its security soundness in the random oracle model. The proposed protocol reduces the constraints extremely only to avoiding a smooth prime modulus. Our main contribution is in solving the password's low entropy problem in the multiplicative group for the generalization.

We propose a method to make new sequence number (SN*) for AAL 3/4 in ATM networks. This method observes the segment type (ST) and length indicator (LI) fields with sequence number (SN) to make the SN*. Our proposal also includes an example of the method.

A scheme is proposed to exploit statistical multiplexing to support connections with diverse characteristics and requirements. Previous designs on measurement-based admission control mainly focused on strategies that consider the worst case traffic source model to guarantee QoS bounds for all connections. In this paper, we develop a simple mechanism in which statistical multiplexing gain as well as QoS is considered to achieve higher bandwidth utilization. An accurate formula for the cell loss probability which combines measurments with the Gaussian approximation is presented for a new traffic model. Furthermore we enhance the performance of this mechanism through real-time measurements of traffic and monitoring of QoS.

Authentication protocols are necessary for the receiver of a message to ascertain its origin in a distributed environment. Since they exchange cryptographic messages at the beginning of communication, their security is an essential requirement. However, most of the protocols have suffered from several kinds of attacks. A replay attack is one kind of those attacks. Attackers could launch it easily by replaying an eavesdropped message. Moreover, there are many types of replay attacks while most of the formal methods are not capable of detecting them. [3] classified various kinds of replay attacks and proposed a taxonomy. Therefore, it is necessary to verify authentication protocols deliberately with such a taxonomy for a basis. In this paper, at first, we give a clear definition and several remarks on replay attacks. Secondly we review the taxonomy of replay attacks presented in [3], and comment on its minor mistake. Finally we examine on the basis of the taxonomy the password-based authentication protocol, K1P, which was proposed in our earlier papers for protecting weak secrets efficiently. As a result of the examination, we have found that three way mutual K1P shown in [2] was vulnerable to one of replay attacks. Therefore, we improve three way K1P on security against the replay attack. Improved three way K1P is secure against replay attacks as well as guessing attacks and therefore it may be useful for security services of various communication networks.

The most important design goal in Optical Burst Switching (OBS) networks is to reduce burst loss resulting from resource contention. Especially, the higher the congestion degree in the network is, the higher the burst loss rate becomes. The burst loss performance can be improved by employing a judicious congestion control. In this paper, to actively avoid contentions, we propose a peak load-based congestion control scheme that operates based on the highest (called peak load) of the loads of all links over the path between each pair of ingress and egress nodes in an OBS network. Simulation results show that the proposed scheme reduces the burst loss rate significantly, compared to existing OBS protocols, while maintaining reasonable throughput and fairness.

This letter proposes a vertical handoff scheme for integrated WLAN and UMTS that use the mobile Internet Protocol (IP) to reduce the packet loss caused by the ping-pong effect for high mobility users. The simulation results show that the proposed scheme efficiently increases the throughput of high mobility users.

We propose an interactive identification scheme based on the quadratic residue problem. Prover's identity can be proved without revealing his secret information with only one accreditation. The proposed scheme requires few computations in the verification process, and a small amount of memory to store the secret information, A digital signature based on this scheme is proposed, and its validity is then proved. Lastly, analysis about the proposed scheme is presented at the end of the paper.

The proposed method tracks the user location in a hierarchically distributed fashion. Call patterns in personal communications services (PCS) have the locality. The virtually hierarchical link (VHL) is used to support the call locality and makes the fast call set up possible. The locality consideration effectively reduces the query traffic compared with non-locality consideration.

A new method is proposed for generating synchronizable test sequences which can be applied in the distributed test architecture for protocol conformance testing. The method consists of a duplex digraph technique and a rural Chinese postman tour algorithm to generate a minimum-length synchronizable test sequence using distinguishing sequences.

Optical Burst Switching (OBS) is one of the most important switching technologies in future optical Internet. One of critical design issues in OBS is how to reduce burst dropping resulting from resource contention. Especially when traffic load is high, there should be frequent deflection routing as well as more contentions in an optical burst-switched network. The burst loss performance can be improved by implementing a proper deflection routing scheme. In this paper, we propose a limited deflection routing scheme to prevent injudicious deflection routing. The proposed scheme reduces unnecessary contentions resulting from deflection routing itself, increasing the utilization of network resource such as channels. Simulation tests were performed to evaluate the performance of the proposed scheme.