Kim-Kwang Raymond Choo

Learn More
Cyber security is an area of strategic and policy interest to governments and enterprises globally, which results in an increase in the demand for cyber security professionals. However, there is a lack of education based on sound theories, standards and practices. In this paper, we adapted the Situational Crime Prevention Theory and the NICE National(More)
We examine various indistinguishability-based proof models for key establishment protocols, proof models. We then consider several variants of these proof models, identify several subtle differences between these variants and models, and compare the relative strengths of the notions of security between the models. For each of the pair of relations between(More)
Proofs are invaluable tools in assuring protocol implementers about the security properties of protocols. However, several instances of undetected flaws in the proofs of protocols (resulting in flawed protocols) undermine the credibility of provably-secure protocols. In this work, we examine several protocols with claimed proofs of security by Boyd & Using(More)
We examine the role of session identifiers (SIDs) in security proofs for key establishment protocols. After reviewing the practical importance of SIDs we use as a case study the three-party server-based key distribution (3PKD) protocol of Bellare and Rogaway, proven secure in 1995. We show incidentally that the partnership function used in the existing(More)
We revisit the two-party identity-based authenticated key agreement protocol (2P-IDAKA) and its variant resistant to key-compromise impersonation due to McCullagh & Barreto (2005). Protocol 2P-IDAKA carries a proof of security in the Bellare & Rogaway (1993) model. In this paper, we demonstrated why both the protocol and its variant are not secure if the(More)
—In 2004, Zhu and Ma proposed a new and efficient authentication scheme claiming to provide anonymity for wireless environments. Two years later, Lee et al. revealed several previously unpublished flaws in Zhu-Ma's authentication scheme and proposed a fix. More recently in 2008, Wu et al. pointed out that Lee et al.'s proposed fix fails to preserve(More)