• The KIPS Transactions:PartC
• /
• v.9C no.2
• /
• pp.189-196
• /
• 2002

IPSec is a protocol which provides data encryption, message authentication and data integrity on public and open network transmission. In IPSec, ESP protocol is used when it needs to Provide data encryption, authentication and integrity in real transmission Packets. ESP protocol uses DES-CBC encryption mode when sender encrypts packets and receiver decrypts data through this mode IV is used at that tome. This vague has many risks of attack during transmission by attacker because it is transferred clean and opened. If IV value is modified, then decryption of ESP data is impossible and higher level information is changed. In this paper we propose a new algorithm that it encrpty IV values using DES-ECB mode for preventing IV attack and checks integrity of whole ESP data using message authentication function. Therefore, we will protect attacks of IV and data, and guarantee more safe transmission on the public network.

• Journal of Korea Multimedia Society
• /
• v.11 no.4
• /
• pp.492-503
• /
• 2008

With the recent development and increasing importance of personal identification systems, biometric technologies with less risk of loss or unauthorized use are being popularized rapidly. In particular, because of their high identification rate and convenience, fingerprint identification systems are being used much more commonly than other biometric systems such as iris recognition, face recognition and vein pattern recognition. However, a fingerprint identification system has the problem that artificially forged finger-prints can be used as input data. Thus, in order to solve this problem, the present study proposed a method for detecting forged fingerprints by measuring the degree of attenuation when the light from an optical fingerprint sensor passes through the finger and analyzing changes in the transmission of light over stages at fixed intervals. In order to prove improvement in the performance of the proposed system, we conducted an experiment that compared the system with an existing multi-sensor recognition system that measures also the temperature of fingerprint. According to the results of the experiment, the proposed system improved the forged fingerprint detection rate by around 32.6% and this suggests the possibility of solving the security problem in fingerprint identification systems.

• The KIPS Transactions:PartD
• /
• v.11D no.4
• /
• pp.855-864
• /
• 2004

Programmers can be got the test-related information for implementation without interference of source code complexity by use of the formal specification. Especially the external inputs and system responses can be represented precisely by formal specification in testing phase of web-based software systems. This paper suggests a method of extracting test cases by use of formal specification. Object-Z formal specification represents various test-related information for complex functions of web-based applications. State Transition Models could be built from the formal specification so that test scenarios were extracted from STDs from the highest level to detail levels. The target system for verification of this method is a web-based banking system which is necessary to be secured and critical on errors. This method would be an important factor in automatizing test procedure for web-based application software systems combining the user-base test technique.

• Journal of Digital Convergence
• /
• v.19 no.10
• /
• pp.377-382
• /
• 2021

A fuzzy relation between X and Y as fuzzy subset of X × Y was proposed by Zadeh. Subsequently, several researchers have applied the notion of fuzzy subsets to various branches of mathematics and computer sciences. Murali an Nemitz have studied fuzzy relations connected with fuzzy equivalence relations and fuzzy functions. Ounalli and Jaoua defined a fuzzy difunctional relation on a set. difunctional relations are versatile mathematical tool, which can be used in software design and in database theory. Their work have revealed the usefulness of difunctional relations in program specification and in defining program correctness. The main goal of this paper is to define a fuzzy deterministic relation on a set, characterize the fuzzy deterministic relation as its level subsets and investigate some properties in connection with fuzzy deterministic relation. In particular we prove that a fuzzy relation R is fuzzy deterministic iff R is a fuzzy function.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.17 no.3
• /
• pp.101-108
• /
• 2007

We follow the promising recent results of deploying the public key cryptography in sensor networks. Recent results have shown that the public key algorithms are computationally feasible on the typical sensor nodes. However, once the public key cryptography is brought to the sensor network, security services such like key authentication will be critically required. In this paper we investigate the public key authentication problem in the sensor network and provide several authentication protocols. Our protocols are mainly based on the non-solvable overhearing in the wireless environment and a distributed voting mechanism. To show the value of our protocols, we provide an extensive analysis of the used resources and the resulting security level. As well, we compare our work with other existing works. For further benefit of our protocols, we list several additional applications in the sensor network where our protocols provide a sufficient authentication under the constrained resources.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.5
• /
• pp.49-57
• /
• 2008

User authentication and key agreement are very important components to provide secure home network service. Although the TTA adopted the EEAP-PW protocol as a user authentication and key transmission standard, it has some problems including not to provide forward secrecy. This paper first provides an analysis of the problems in EEAP-PW and then proposes a new attribute-based authenticated key agreement protocol, denoted by EEAP-AK. to solve the problems. The proposed protocol supports the different level of security by diversifying network accessibility for the user attribute after the user attribute-based authentication and key agreement protocol steps. It efficiently solves the security problems in the EEAP-PW and we could support more secure home network service than the EEAP-AK.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.3
• /
• pp.525-536
• /
• 2012

This paper proposes methods of securing Smart Grid system against various types of cyber threats by separating AMI networks from the public network, the Internet, and providing an AMI specific authentication framework. Due to the fact that thousands and millions of AMI devices to be deployed would be directly or indirectly connected to the public network without any authentication procedures for access control, currently being developed AMI architectures could be widely exposed to considerable number of penetrating attacks. Furthermore, there have not been a sufficient number of researches on authentication frameworks with basis on the specific circumstances of AMI networking that should support varied authentication protocols among security associations and AMI linking devices. This work makes a proposal of isolating smart meters from HAN devices and the Internet and integrating network/application level authentication frameworks with an EAP-based authentication architecture. These approaches are beneficial to deploy AMI with security and efficiency.

• Korean Journal of Optics and Photonics
• /
• v.33 no.3
• /
• pp.106-112
• /
• 2022

A two-dimensional optical code division multiple access (OCDMA) encoder/decoder, which is composed of add/drop filters and all-pass filters for delay operation, is proposed. An example design is presented, and its feasibility is illustrated through numerical simulations. The chip area of the proposed OCDMA encoder/decoder could be about one-third that of a previous OCDMA device employing delay waveguides. Its performance is numerically investigated using the transfer-matrix method combined with the fast Fourier transform. The autocorrelation peak level over the maximum cross-correlation level for incorrect wavelength hopping and spectral phase code combinations is greater than 3 at the center of the correctly decoded pulse, which assures a bit error rate lower than 10^-3, corresponding to the forward error-correction limit.

• Journal of the Institute of Electronics Engineers of Korea CI
• /
• v.45 no.2
• /
• pp.1-9
• /
• 2008

As the security requirements of mobile phones have been increasing, there have been extensive researches using one biometric feature (e.g., an iris, a fingerprint, or a face image) for authentication. Due to the limitation of uni-modal biometrics, we propose a method that combines face and iris images in order to improve accuracy in mobile environments. This paper presents four advantages and contributions over previous research. First, in order to capture both face and iris image at fast speed and simultaneously, we use a built-in conventional mega pixel camera in mobile phone, which is revised to capture the NIR (Near-InfraRed) face and iris image. Second, in order to increase the authentication accuracy of face and iris, we propose a score level fusion method based on SVM (Support Vector Machine). Third, to reduce the classification complexities of SVM and intra-variation of face and iris data, we normalize the input face and iris data, respectively. For face, a NIR illuminator and NIR passing filter on camera are used to reduce the illumination variance caused by environmental visible lighting and the consequent saturated region in face by the NIR illuminator is normalized by low processing logarithmic algorithm considering mobile phone. For iris, image transform into polar coordinate and iris code shifting are used for obtaining robust identification accuracy irrespective of image capturing condition. Fourth, to increase the processing speed on mobile phone, we use integer based face and iris authentication algorithms. Experimental results were tested with face and iris images by mega-pixel camera of mobile phone. It showed that the authentication accuracy using SVM was better than those of uni-modal (face or iris), SUM, MAX, NIN and weighted SUM rules.

• Journal of Broadcast Engineering
• /
• v.17 no.2
• /
• pp.374-387
• /
• 2012

In this paper, we implement a new hardware for finding the significant coefficients of a digital hologram and ciphering them using discrete wavelet packet transform (DWPT). Discrete wavelet transform (DWT) and packetization of subbands is used, and the adopted ciphering technique can encrypt the subbands with various robustness based on the level of the wavelet transform and the threshold of subband energy. The hologram encryption consists of two parts; the first is to process DWPT, and the second is to encrypt the coefficients. We propose a lifting based hardware architecture for fast DWPT and block ciphering system with multi-mode for the various types of encryption. The unit cell which calculates the repeated arithmetic with the same structure is proposed and then it is expanded to the lifting kernel hardware. The block ciphering system is configured with three block cipher, AES, SEED and 3DES and encrypt and decrypt data with minimal latency time(minimum 128 clocks, maximum 256 clock) in real time. The information of a digital hologram can be hided by encrypting 0.032% data of all. The implemented hardware used about 200K gates in $0.25{\mu}m$ CMOS library and was stably operated with 165MHz clock frequency in timing simulation.