• The Transactions of the Korea Information Processing Society
• /
• v.4 no.12
• /
• pp.3078-3087
• /
• 1997

The information security is very important in computer communication network, and the security system has been developed in many aspects to provide secure communication. The secret key distribution and mutual user authentication are essential element in designing security system, then many algorithms and implementation schemes have been proposed. But they don't consider communication protocol, so they are not easy to adapt a real communication network' In this paper, we propose a key distriburion and mutual user authentication scheme based on X.25 protocol which is the most popular in packet communication, and the proposed scheme maintains a protocol transparency and can select communication mode, so the security system is more capable.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.5
• /
• pp.125-134
• /
• 2008

A great number of RFID authentication protocols have been proposed for the secure RFID system. These are typically divided into three types according to primitive that they use : Hash-based, Re-encryption based, and XORing-based protocol. The well-known attacks in RFID system are eavesdropping. impersonating, location tracking, and so on. However, existing protocols could not provide security against above attacks, or it was not efficient to search for tags on database. Therefore, in this paper we present a protocol which is secure against above attacks by using hash function and makes Database search tags easily by attaining the state information of previous session through the shared values with all tags and database.

• The KIPS Transactions:PartC
• /
• v.16C no.3
• /
• pp.347-356
• /
• 2009

In an RFID search protocol, a reader uses designated query to determine whether a specific tag is in the vicinity of the reader. This fundamental difference makes search protocol more vulnerable to replay attacks than authentication protocols. Due to this, techniques used in existing RFID authentication protocols may not be suitable for RFID search protocols. In this paper, we propose two RFID search protocols, one based on static ID and the other based on dynamic ID, which use counter to prevent replay attacks. Moreover, we propose a security model for RFID search protocols that includes forward/backward traceability, de-synchronization and forgery attack. Based on this model, we analyze security of our protocols and related works.

• Journal of Digital Convergence
• /
• v.13 no.5
• /
• pp.213-218
• /
• 2015

In parallel with evolving information communication technology, M2M(Machine-to-Machine) industry has implemented multi-functional and high-performance systems, and made great strides with IoT(Internet of Things) and IoE(Internet of Everything). Authentication, confidentiality, anonymity, non-repudiation, data reliability, connectionless and traceability are prerequisites for communication security. Yet, the wireless transmission section in M2M communication is exposed to intruders' attacks. Any security issues attributable to M2M wireless communication protocols may lead to serious concerns including system faults, information leakage and privacy challenges. Therefore, mutual authentication and security are key components of protocol design. Recently, secure communication protocols have been regarded as highly important and explored as such. The present paper draws on hash function, random numbers, secret keys and session keys to design a secure communication protocol. Also, this paper tests the proposed protocol with a formal verification tool, Casper/FDR, to demonstrate its security against a range of intruders' attacks. In brief, the proposed protocol meets the security requirements, addressing the challenges without any problems.

• Journal of KIISE:Information Networking
• /
• v.28 no.1
• /
• pp.136-142
• /
• 2001

본논문에서는 X.509와 DNS를 연관하여 새로운 Kerberos 인증 메카니즘을 제안한다. Ker-beros에서는 영역간의 서비스에 대하여 언급을 하지 않았기 때문에 영역간 인증은 X.509와 DNS(Domain Name System)를 사용하여 키관리 방식을 갖고 있는데 Kerberos는 공통키에 기반을 두고 있는 반면에 X.509는 공개키 방식에 기반을 두고 있다. 따라서 본 논문에서는 이들을 상호 연동시키기 위해 연결 세션은 DS를 이용하였고 실제적인 인증을 위해서는 Kerberos를 적용하였다. 새로운 프로토콜은 통신복잡도와 관점에서 고찰하면 IETF CAT 작업반에서 제안한 인증 메커니즘보다 개선되었다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2019.05a
• /
• pp.188-189
• /
• 2019

최근 출시되는 다양한 IoT 서비스 환경에 참여하고 있는 객체들은 각자 인터넷에 연결되어 다른 객체와 통신할 수 있다. 이전에는 디바이스가 직접 인터넷에 연결될 수 있는 능력이 없었기 때문에 게이트웨이와 같은 중간 연결 매개체를 통해 인터넷에 연결되었다. 이후 IoT 디바이스의 성능이 좋아짐에 따라 디바이스가 직접 인터넷에 연결되고, 다른 디바이스들과 직접 통신할 수 있게 되었다. 디바이스는 사용자의 스마트폰이 될 수 있고, 스마트홈이나 스마트시티를 구성하는 여러 디바이스들이 될 수 있으며, 이를 확인하고 안전하게 데이터를 송수신하기 위해서는 인증 및 키 관리가 필수적이다. 객체가 인터넷에 연결될 수 있음에도 불구하고 IoT 디바이스들은 제한된 환경에서 동작하는 특성을 가지기 때문에, 기존 인증 및 키 합의 프로토콜을 그대로 적용할 수 없다. 따라서 본 논문에서는 IoT를 구성하는 객체가 인터넷에 직접 연결되고 서로 안전하게 통신하기 위해 ECQV(Elliptic Curve Qu-Vanstone) 묵시적 인증서를 통해 상호 인증 후 키를 안전하게 합의할 수 있는 인증 및 키 합의 기법에 대해 연구한다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2005.11a
• /
• pp.877-880
• /
• 2005

본 논문에서는 센서네트워크에서 키 관리 및 안전한 채널을 통한 개체 인증, 메시지의 기밀성 및 무결성을 보장하는 프로토콜을 제안한다. 제안된 프로토콜은 레벨기반의 트리 라우팅 프로토콜을 지원하여 외부 공격, 노드 실패, 그리고 노트 전복에 대하여 강인하며, 노드 상호간의 통신을 위하여 경량 키 관리 알고리즘을 사용하였다. 또한, In-networking 프로세싱을 통해 Data-aggregation 과 Trusted-delivery 메커니즘을 적용하여 가볍고, 견고한 특성을 지니고 있다. 제안된 프로토콜은 TinyOS/Mica 플래폼을 기반으로 TinySec 과 함께 구현된 결과를 제시한다.

• Journal of Digital Convergence
• /
• v.13 no.4
• /
• pp.205-210
• /
• 2015

The auto industry has significantly evolved to the extent that much attention is paid to M2M (Machine-to-Machine) communication. In M2M communication which was first used in meteorology, environment, logistics, national defense, agriculture and stockbreeding, devices automatically communicate and operate in accordance with varying situations. M2M system is applied to vehicles, specifically to device-to-device communication inside cars, vehicle-to-vehicle communication, communication between vehicles and traffic facilities and that between vehicles and surroundings. However, communication systems are characterized by potential intruders' attacks in transmission sections, which may cause serious safety problems if vehicles' operating system, control system and engine control parts are attacked. Thus, device-to-device secure communication has been actively researched. With a view to secure communication between vehicular devices, the present study drew on hash functions and complex mathematical formulae to design a protocol, which was then tested with Casper/FDR, a tool for formal verification of protocols. In brief, the proposed protocol proved to operate safely against a range of attacks and be effective in practical application.

• Journal of the Korea Society of Computer and Information
• /
• v.10 no.2 s.34
• /
• pp.187-197
• /
• 2005

All sensors in Ubiquitous sensor network have to communicate with limited battery If we adopt current authentication, there are difficulties to keep sensor network because heavy calculation in each sensor needs more power and lifetime of sensor could be short relatively because of the effect. This paper suggests network structure which is using RM(RegisterManarer) and AM(AuthenticationManager) to solve power Problem on authentication, and su99ests mutual-authentication protocol with low Power which supports a session key by mutual-authentication. RM and AM manage algorithm with fast calculation to keep the safety by doing key generation. encryption/decryption. authentication instead of each sensor node . Processing time to authenticate sensor node is 2.96$\%$ fast in the same subnet, and 12.91$\%$ fast in different subnet. Therefore. the suggested way Provides expanded lifetime of censor node and is more effective as sensor network size is bigger and bigger.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.5
• /
• pp.859-870
• /
• 2020

The MQTT-SN (Message Queuing Telemetry Transport-Sensor Network) protocol is a message transmission protocol used in a sensor-based Internet of Things (IoT) environment. This MQTT-SN protocol is a publish-subscribe model with a broker in the middle of message transmission, and each IoT device sends and receives messages through an intermediary when delivering messages. However, the MQTT-SN protocol does not provide security-related functions such as message security, mutual authentication, access control, and broker security. Accordingly, various security problems have recently occurred, and a situation in which security is required has emerged. In this paper, we review the security requirements of MQTT-SN once again, and propose a modified protocol that improves security while satisfying the constraints in the environment where the resource of IoT to which this protocol is applied is limited. Unlike the existing protocol, the security field and authentication server have been added to satisfy the security requirements. In addition, the proposed protocol is actually implemented and tested, and the proposed protocol is evaluated for practical use in terms of energy consumption.