• KIPS Transactions on Computer and Communication Systems
• /
• v.9 no.8
• /
• pp.165-170
• /
• 2020

As the IoT (Internet of Things) era is activated, a lot of information including personal information is being transmitted through IoT devices. For information protection, it is important to perform cryptography communication, and it is required to use a lightweight security protocol due to performance limitations. Currently, most of the encryption methods used in the security protocol use RSA and ECC (Elliptic Curve Cryptography). However, if a high performance quantum computer is developed and the Shor algorithm is used, it can no longer be used because it can easily solve the stability problems based on the previous RSA and ECC. Therefore, in this paper, we designed a security protocol that is resistant to the computational power of quantum computers. The code-based crypto ROLLO, which is undergoing the NIST (National Institute of Standards and Technology) post quantum cryptography standardization, was used, and a hash and XOR computation with low computational consumption were used for mutual communication between IoT devices. Finally, a comparative analysis and safety analysis of the proposed protocol and the existing protocol were performed.

• Journal of KIISE:Information Networking
• /
• v.32 no.3
• /
• pp.327-338
• /
• 2005

Since the IEEE 802.11 wireless LANs were known to have several critical weaknesses in the aspect of security, a lot of works have been done to reduce such weaknesses of the wireless LAN security, Among them IEEE 802.lli may be the ultimate long-term solution that requires new security platform with new wireless LAM products. However, it might not be the best solution for small organizations due to its high cost where the cost is a critical issue. This paper proposes FR-WEP, a light-weight key management for wireless LANs that can be used with small changes of the existing Products. FR-WEP is an extension to a lightweight key management, WEP'(9), which was proposed lately. It makes up for the weak points of WEP' by providing lightweight mutual authentication with both host keys and user keys, and seamless key-refresh for authenticated users with fast re-authentication. It would be a good alternative to the heavy standards for wireless LAN security, especially to small organizations hoping for better security.

• Convergence Security Journal
• /
• v.15 no.6_1
• /
• pp.25-31
• /
• 2015

It depend on relative combat power, patriotism and cohesion of citizen to victory in the battlefield. This stu dy try to analysis why the Germany army fail 'the Battle of the Bulge'. The Germany army plan of maneuve r to attack the France army was surprise attack in the beginning of World War II. The Germany army have initiative to make breakthrough Ardennes Ridge. The operation of the Ardennes Offensive Operation and the Battle of the Bulge is the typical features of blitzkrieg shock. However, the results are extremely different. In the course of the operational planning and decision the course of action, military security is most important fa ctor. We can see the truth in 'the Battle of the Bulge'.

• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.46 no.2
• /
• pp.73-80
• /
• 2009

Security is critically important for ubiquitous sensor networks that are usually used for the military and serveillance in environments that are opened to attacks, such as, eavesdroping, replay attacks of abnormal messages, forgery of the messages to name a few. ZigBee has emerged as a strong contender for ubiquitous sensor networks. ZigBee is used for low data rate and low power wireless sensor network applications. To deploy ubiquitous sensor networks, the collected information requires protection from an adversary over the network in many cases. The security mechanism should be provided for collecting the information over the network. However, the ZigBee protocol has some security weaknesses. In this paper, these weaknesses are discussed and a method to improve security aspect of the ZigBee protocol is presented along with a comparison of the message complexity of the proposed security protocol with that of the current ZigBee protocol.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.30 no.6C
• /
• pp.601-606
• /
• 2005

Recently with the high expectation of voice over WLAN service, to supped fast inter-AP security transition in WLAN AP is one of the most actively investigating issues. It is also very important to minimize inter-AP security transition latency, while maintaining constantly the secure association from old AP when a station transits to new AP. Hence, this paper first defines secure transition latency as a primary performance metric of AP system in WLAN supporting IEEE802.11i, 802.1x, and 802.11f, and then presents low latency inter-AP security transition mechanism and its security FSM whose objective is to minimize inter-AP transition latency. Experiment shows that the proposed scheme outperforms the legacy 802.1X AP up to $79\%$ with regard to the transition latency.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.40 no.3
• /
• pp.568-574
• /
• 2015

Recently RFID not only is widely utilized in various fields such as inventory management, merchandize logistics, etc., but also, has evolved as an important component of the Internet of Things (IoT). According to increasing the utilization field of RIFD, studies for security and privacy for RFID system have been made diverse. Among them, the ownership transfer protocols for RFID tags have also been proposed in connection with the purchase of products embedded with RFID tag. Recently, Kapoor and Piramuthu proposed a RFID ownership transfer protocol to solve the problems of security weakness of the previous RFID ownership transfer protocols. In this paper, we show that Kapoor-Piramuthu's protocol also has security problems and provide a new protocol to resolve them. Security analysis of newly proposed protocol shows the security concerns are resolved.

• Journal of the Institute of Electronics and Information Engineers
• /
• v.53 no.3
• /
• pp.29-36
• /
• 2016

In cloud storages, as security of stored files and privacy of users become regarded as important concerns, secure cloud storages have been proposed, where stored files are encrypted with file owner's password and even the cloud service provider can not open the file contents. However, if the file owner forgets one's password, one can no longer access the file. To solve this problem, we propose a scheme for changing password for the secure cloud based on proxy re-encryption, which make the file owner enable to change password even when one forgets it. With the proposed scheme, only the file owner can change the password and re-encrypt the files securely because other user and even the service provider can not see the file contents.

• Journal of the Korea Convergence Society
• /
• v.10 no.2
• /
• pp.7-11
• /
• 2019

Due to diversification and popularization of devices that use rapid transmission, there are many security issues related to radio waves. As the disturbance and interference of the radio wave can cause a direct inconvenience to a life, it is a very important issue. In this paper, as a means to prevent radio disturbance and interference, the projected image of the reference grid and the deformed grid is obtained by measuring the projected $moir{\acute{e}}$ using the white light source, projecting grid and the light source, and a $moir{\acute{e}}$ pattern is generated with an image processing algorithm by applying a phase diagram algorithm, and generated $moir{\acute{e}}$ pattern phase diagram creates a three-dimensional shape. By making an encrypted token using this measured face shape, the transmission of the information through token ring is determined in order to transmit the horizontal transmission having the dynamic security characteristics which includes authentication strength and caller information, etc. And by confirming the uniqueness of the token and by sending and receiving the horizontal transmission using java serialization and deserialization function, a problem solving method is suggested.

• The Journal of Society for e-Business Studies
• /
• v.23 no.4
• /
• pp.153-169
• /
• 2018

Previous e-financial anomalies analysis and detection technology collects large amounts of electronic financial transaction logs generated from electronic financial business systems into big-data-based storage space. And it detects abnormal transactions in real time using detection rules that analyze transaction pattern profiling of existing customers and various accident transactions. However, deep analysis such as attempts to access e-finance by insiders of financial institutions with large scale of damages and social ripple effects and stealing important information from e-financial users through bypass of internal control environments is not conducted. This paper analyzes the management status of e-financial security programs of financial companies and draws the possibility that they are allies in security control of insiders who exploit vulnerability in management. In order to efficiently respond to this problem, it will present a comprehensive e-financial security management environment linked to insider threat monitoring as well as the existing e-financial transaction detection system.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2014.10a
• /
• pp.398-401
• /
• 2014

Due to recent arise of cybercrime, importance of cyber security is highlighted more than ever. Korean government has been running Korea Cryptographic Module Validation Program, namely KCMVP, to validate security level of cryptographic modules for public organizations: indeed, many are achieving the validation. According to the program, operating environments for any specific cryptographic module are fixed. In other words, running validated module in other software environment is strictly prohibited. However, this paper asserts that it is possible for a C language based module to operate in Java based environment as long as the module is running on a validated environment. We expect this paper to help saving great amount of money and time for developing another cryptographic modules for the same operating environment. Also, this method will provide an idea for developing faster modules.