1. Field of the Invention
Apparatuses and methods consistent with the present invention relate to providing a security service in a home network, and more particularly, to providing a security service in a home network, which can decrease the complexity of messages transmitted within the home network and decrease the amount of computation required for setting and maintaining security.
2. Description of the Related Art
With the advent of the Internet, the frequency of data transmission between computers has increased, and the demand for protecting data transmitted over networks has steadily grown. The protection of data transmitted over networks is referred to as network security, which is differentiated from computer system security.
Network security may be performed in an Open System Interconnection (OSI) layer such as an application or a network layer. For example, in an IEEE 802.11-based wireless local area network (WLAN), the protection of data transmitted over wireless communication is carried out in a network layer by using a security technique such as Wired Equivalency Privacy (WEP) or WiFi Protected Access (WPA).
In a related art network security scheme, a server provides a public key and a server authenticating certificate, which is a public key certificate authenticated with an electronic signature by a certifying authority, to a client when the client accesses the server. Then, the client determines whether the server authenticating certificate has been signed by a reliable certifying authority and whether the server authenticating certificate is valid, and extracts the public key from the server authenticating certificate. Thereafter, the client encrypts an arbitrary message to be used as a session key with the extracted public key and transmits the encrypted arbitrary message to the server. The server decrypts the encrypted arbitrary message with its private key, thereby restoring the session key. Thereafter, the server encrypts a message with the restored session key by using a symmetric key encryption method, and transmits the encrypted message to the client.
However, the above-mentioned related art network security scheme involves encrypting and transmitting all messages regardless of whether the messages are for upper-layer applications, which increases the complexity of messages and decreases the speed of data transmitted over networks. Further, the above-mentioned related art network security scheme requires both a server and a client to obtain a certificate from a certificate authority and to authenticate the certificate in order to realize a secure communication between the server and the client, and thus may not be suitable for use in a home network including a plurality of consumer electronics (CE) devices.