• Journal of the Institute of Electronics Engineers of Korea CI
• /
• v.42 no.5
• /
• pp.21-30
• /
• 2005

Recently, a mobile IPv6 binding update protocol using Address Based Keys (BU-ABK) was proposed. This protocol applies Address Based Keys (ABK), generated through identity-based cryptosystem, to enable strong authentication and secure key exchange without any global security infrastructure. However, because it cannot detect that public cryptographic parameters for ABKs are altered or forged, it is vulnerable to man-in-the-middle attacks and denial of service attacks. Furthermore, it has heavy burden of managing the public cryptographic parameters. In this paper, we show the weaknesses of BU-ABK and then propose an enhanced BU-ABK (EBU-ABK). Furthermore, we provide an optimization for mobile devices with constraint computational power. The comparison of EBU-ABK with BU-ABK shows that the enhanced protocol achieves strong security while not resulting in heavy computation overhead on a mobile node.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.16 no.5
• /
• pp.59-66
• /
• 2006

A Certification Authority issues X.509 public key certificates to bind a public key to a subject. The subject is specified through one or more subject names in the 'subject' or 'subjectAltName' fields of a certificate. In reality, however, there are individuals that have the same or similar names. This ambiguity can be resolved by including a 'permanent identifier' in all certificates issued to the same subject, which is unique across multiple CAs. But, a person's unique identifier is regarded as a sensitive personal data. Such an identifier cannot simply be included as part of the subject field, since its disclosure may lead to misuse. We present a new method for secure and accurate user authentication through the PEPSI included in the standard certificate extension of a X.509 certificate. The PEPSI can be served not only for user authentication but also for the user anonymity without divulging personal information.

• Journal of the Institute of Electronics Engineers of Korea CI
• /
• v.47 no.1
• /
• pp.1-14
• /
• 2010

With the rapid growth of 3D content industry fields, 3D content-based hashing (or hash function) has been required to apply to authentication, trust and retrieval of 3D content. A content hash can be a random variable for compact representation of content. But 3D content-based hashing has been not researched yet, compared with 2D content-based hashing such as image and video. This paper develops a robust 3D content-based hashing based on key-dependent 3D surface feature. The proposed hashing uses the block surface coefficient using shape coordinate of 3D SSD and curvedness for 3D surface feature and generates a binary hash by a permutation key and a random key. Experimental results verified that the proposed hashing has the robustness against geometry and topology attacks and has the uniqueness of hash in each model and key.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.3
• /
• pp.477-489
• /
• 2019

In this paper, we experimentally verify the expected differential probability under the markov cipher assumption and the distribution of the differential probability. Firstly, we validate the expected differential probability of 6round-PRESENT of the lightweight block cipher under the markov cipher assumption by analyzing the empirical differential probability. Secondly, we demonstrate that even though the expected differential probability under the markov cipher assumption seems valid, the empirical distribution does not follow the well-known distribution of the differential probability. The results was deduced from the 4round-GIFT. Finally, in order to analyze whether the key-schedule affects the mis-matching phenomenon, we collect the results while changing the XOR positions of round keys on GIFT. The results show that the key-schedule is not the only factor to affect the mis-matching phenomenon. Leveraging on GPGPU technology, the data collection process can be performed about 157 times faster than using CPU only.

• The KIPS Transactions:PartC
• /
• v.12C no.4 s.100
• /
• pp.473-480
• /
• 2005

We can obtain useful information by deploying large scale sensor networks in various situations. Security is also a major concern in sensor networks, and we need to establish pairwise keys between sensor nodes for secure communication. In this paper, we propose new pairwise key establishment mechanism based on clustering and polynomial sharing. In the mechanism, we divide the network field into clusters, and based on the polynomial-based key distribution mechanism we create bivariate Polynomials and assign unique polynomial to each cluster. Each pair of sensor nodes located in the same cluster can compute their own pairwise keys through assigned polynomial shares from the same polynomial. Also, in our proposed scheme, sensors, which are in each other's transmission range and located in different clusters, can establish path key through their clusterheads. However, path key establishment can increase the network overhead. The number of the path keys and tine for path key establishment of our scheme depend on the number of sensors, cluster size, sensor density and sensor transmission range. The simulation result indicates that these schemes can achieve better performance if suitable conditions are met.

• Proceedings of the Korea Water Resources Association Conference
• /
• 2011.05a
• /
• pp.232-236
• /
• 2011

우리나라의 물관련 정보는 국토해양부 및 관련 기관에서 구축 및 운영, 개발 중에 있다. 이러한 시스템들은 치수, 이수, 환경 및 생태분야에 다양한 정보를 제공하고 있으나 제방에 관련된 다양하고 구체적인 정보를 획득하지 못하며, 시스템 DB간의 상호 연계가 어려운 실정이다. 따라서 제방에 대한 DB관리 및 향후 제방의 안전모니터링을 위해 정확하고 다양한 제방관련 DB구축이 요구된다. 이러한 제방관련 DB구축을 위한 과정은 다음과 같다. 제방제원 및 관리정보의 DB구축을 위하여 국내에서 수행하고 있는 사업인 하천일람의 "하천이력관리체계", 유역조사사업의 "WAMIS", 하천정보를 제공하고 있는 "RIMGIS"의 관련 자료를 분석한다. 기구축된 시스템과의 연계를 고려하여 물관리정보 표준과 RIMGIS 관련코드를 적용한 도형 및 속성 정보의 테이블 설계를 수행하며, 기구축된 시스템의 제방관련 수집자료 DB 및 관련 항목을 추가함으로써 제방제원 및 관리정보의 DB를 구축하도록 한다. 또한 향후 제방의 안전모니터링을 위한 관련항목을 포함하여 제방 유지 및 보수에 활용될 수 있도록 한다. 제방관련 DB구축은 치수시설물 안전모니터링의 기초를 마련하여 홍수방어 및 관리시스템 구축에 활용되어 인명 및 재산피해를 절감하고 기술수준을 향상시킴으로서 홍수 재해로부터 안전한 국토 건설 및 국민의 삶의 질을 향상시킬 것이다. 이러한 제방관련 DB구축은 기구축된 시스템과 연계하여 국가 홍수관리 시스템 구축, 치수능력증대, 장래유역단위 통합홍수방어 및 관리기술 개발에 기여할 것으로 판단된다.

• Journal of Korea Spatial Information System Society
• /
• v.5 no.2 s.10
• /
• pp.23-31
• /
• 2003

As the results of the information project, manufacturing of the digital map and various thematic maps of the national land has been completed. Furthermore, it is necessary to organize a systemized management system, which can control and utilize all artificial features (e.g. buildings, roads, bridges etc.) as well as natural geographic features (e.g. rivers etc). Howener, it has difficulties in managing NGIS as a unified system, because of the discordance of DB of each geographic management organizations. Therefore, this study has been conducted to apply to the system and method providing geographic UFID that can be a key in order to managing, searching and utilizing geographic and artificial features and that makes it be able to estimate the location with the only identifier. Moreover, the system and method, providing geographic UFID, applies to systemized management of NGIS DB as well as consistency of information.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.13 no.1
• /
• pp.95-102
• /
• 2009

In 2006, Haddad, Krishnan and Soliman proposed a Cryptographically Generated Address based protocol as a standard for protecting HMIPv6. Though this protocol can provide both the strong message authentication and binding update key negotiation based on the public-key cryptography, it is still vulnerable to several attacks such as denial of service attacks and redirection attacks. This paper improves the problems caused by the protocol. The improved protocol is analyzed in terms of security and performance, and then is shown to be better than the previous one considering the two factors together.

• The KIPS Transactions:PartC
• /
• v.10C no.1
• /
• pp.1-10
• /
• 2003

In this paper, we propose a secure communication framework for interaction and information sharing between a server and agents in DS-NVSA(Detection System of Network Vulnerability Scan Attacks) proposed in〔1〕. For the scalability and interoperability with other detection systems, we design the proposed IDMEF and IAP that have been drafted by IDWG. We adapt IDMEF and IAP to the proposed framework and provide SKTLS(Symmetric Key based Transport Layer Security Protocol) for the network environment that cannot afford to support public-key infrastructure. Our framework provides the reusability of heterogeneous intrusion detection systems and enables the scope of intrusion detection to be extended. Also it can be used as a framework for ESM(Enterprise Security Management) system.

• Journal of the Korea Society of Computer and Information
• /
• v.14 no.7
• /
• pp.81-88
• /
• 2009

Fingerprinting scheme is a technique which supports the copyright protection to track redistributors of digital content using cryptographic techniques. These schemes enable the original merchant to identify the original buyer of the digital data by embedding fingerprints into digital contents. Asymmetric property of fingerprinting schemes is important to keep the buyer's privacy. In this paper, we propose a symmetric encryption based fingerprinting protocol without trusted third party. Our scheme enables the reduction of computational costs for the encryption using symmetric key encryption scheme. Since a trusted third party doesn't take part in making the fingerprint of each buyer, the protocol doesn't need to control the trusted third party and it is more secure against collusion attack.