• Journal of the Korea Society of Computer and Information
• /
• v.29 no.8
• /
• pp.103-112
• /
• 2024

This study was initiated with the aim of authenticating that inputs have not been tampered with without disclosing them in the case of computations where multiple inputs are entered by participants using the same key. In general, in the authentication stage, authentication is performed after the input value is disclosed, but we do not want to reveal the inputs until the end. This is a case of deviating from the traditional security model in which malicious participants exist in cryptography, but it is a malicious attack method that can actually occur enough. Privacy infringement or distortion of calculation results can occur due to malicious manipulation of input values. To prevent this, this study studied a method that can authenticate that the message is not a modified message without disclosing the message using the signature system, zero-knowledge proof, and commitment scheme. In particular, by modifying the ElGamal signature system and combining it with the commitment scheme and zero-knowledge proof, we designed and proved a verification protocol that the input data is not a modified data, and the efficiency was improved by applying batch verification between authentication.

• Proceedings of the Korean Society of Propulsion Engineers Conference
• /
• 2017.05a
• /
• pp.201-204
• /
• 2017

An comparative analysis between two engine type certification specifications which are FAR Part 33 and EASA CS-E has been performed to provide fundamental information for validity assessment of civil certified engine when it is installed to a military rotorcraft. The analysis result has been used to build a traceability information between CS-E and MIL-HDBK-516C by which the substantiation data for engine type certification can be used as parts of aircraft propulsion system airworthiness substantiation.

• Journal of Advanced Navigation Technology
• /
• v.25 no.3
• /
• pp.185-193
• /
• 2021

The system needs to be modified to improve the performance of the aircraft in operation or to satisfy the requirements of related laws. Appropriate standards are required for the technical skills for remodeling the aircraft system, design verification for airworthiness of the aircraft, and supplemental type certification (STC) certification procedures for type certification. This study analyzes the current status and demand of domestic aircraft remodeling, examines the current supplementary type certification procedure, and diagnoses the problem. In addition, as a result of researching measures to improve remodeling technology and certification capabilities to extend the life of the aircraft, improvements in the education system were derived to improve the domestic additional type certification process, such as approval of remodeling agencies and appointment of qualifications for each professional technician.

• KIPS Transactions on Computer and Communication Systems
• /
• v.9 no.12
• /
• pp.315-320
• /
• 2020

Identity authentication is an important technology that has long been used in society to identify individuals and provide appropriate services. With the development of the Internet infrastructure, many areas have expanded into online areas, and identity authentication technologies have also expanded online. However, there is still a limit to identity authentication technology that relies entirely on trusted third parties like the government. A centralized identity management system makes the identification process between agencies with different identity management systems very complex, resulting in a waste of money and time for users. In particular, the limits of the centralized identity management system were clearly revealed in the face mask shortage in the 2020 COVID-19 crisis. A Decentralized Identity (DID) is a way for users to manage their identity on their own, and recently, a number of DID platform based on blockchain technology have been proposed. In this paper, we analyze the limitations of the existing centralized identity management system and propose a DID system that can be utilized in future national emergency situations such as COVID-19.

• Journal of Internet Computing and Services
• /
• v.13 no.6
• /
• pp.55-62
• /
• 2012

Grid web applications by standard Web technology are increasingly used to provide grid service to users as normal Web user interface and service. It is however difficult to integrate a grid security system such as Grid Security Infrastructure (GSI) into Web applications because the delegation way of standard Web security is not the same as the one of Grid security. This can be solved by allowing Web applications to get a Grid credential by using an online credential repository system such as MyProxy. In this paper, we investigate the problem that occurs when MyProxy, which assumes mutual trust between a user and Grid web application, is adapted for achieving security integration between Web and Grid, and we propose a new Grid proxy delegation service to delegate a Grid credential to the Web without assuming mutual trust. In the service, the X.509 proxy delegation process is added to OAuth protocol for credential exchange, and authentication can be done by an external service such as OpenID. So, users can login onto the Grid web application in a single sign-on manner, and are allowed to securely delegate and retrieve multiple credentials for one or more Virtual Organizations.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2022.11a
• /
• pp.216-218
• /
• 2022

최근 공인인증서가 폐지되고 보다 발급이 간편하고 유효기간이 긴 사설인증서가 부상했다. 더불어 탈중앙화를 핵심 개념으로 하는 블록체인 기반 분산 신원 증명(Decentralized Identity, DID)기술이 대두되고 있다. 서비스 환경의 변화에 따라 사용자 인증 기술도 변화가 요구된다. 더욱이 메타버스라는 새로운 인터넷 환경이 조성되고 있는 바 현재 사용자 인증 기술의 동향을 살펴보고 미래에 사용자 인증이 나아갈 방향성을 제시하는 것은 의미가 있어 보인다. 본 논문에서는 사용자 인증 기술의 개요와 사용자 인증 기술의 변천과정을 시작으로 공개키 기반 구조(Public Key Infrastructure, PKI)와 분산 신원 증명을 중심으로 시장에서의 사용자 인증 기술의 동향을 살펴본다. 나아가 메타버스가 상용화되었을 시기에 사용자 인증 기술이 나아가야할 세가지 방향성(분산화, 플랫폼 초월, 생체 기반 인증 중심)을 제시한다.

• Journal of the Institute of Electronics and Information Engineers
• /
• v.50 no.3
• /
• pp.23-32
• /
• 2013

As the mobile communication technology is developed, the services for communication between the mobile devices are provided, and the amount of usage is increasing tremendously. For the device-to-device communication, the device should be verified if it is a service member. The existing verification schemes include interactions with the third party, while this may cause the problems that the bandwidth is dissipated and the devices which are out of the communication range of the base station cannot communicate with other devices. To solve such problems, we propose a new scheme for verification between mobile devices without interaction of third party. For the proposed scheme, we develop and employ a new zero-knowledge proof protocol, which verifies the device's membership and its expiration time. Furthermore, the scheme guarantees privacy of the mobile device since it checks the encrypted verification message without decrypting, and protects replaying attack since it uses challenge-response method.

• Journal of Convergence for Information Technology
• /
• v.11 no.11
• /
• pp.66-74
• /
• 2021

With the development of the Internet, user authentication technology that proves me online is improving. Existing ID methods pose a threat of personal information leakage if the service provider manages personal information and security is weak, and the information subject is to the service provider. In this study, as online identification technology develops, we propose a DID-based self-authentication model to prevent the threat of leakage of personal information from a centralized format and strengthen sovereignty. The proposed model allows users to directly manage personal information and strengthen their sovereignty over information topics through VC issued by the issuing agency. As a research method, a self-authentication model that guarantees security and integrity is presented using a decentralized identifier method based on distributed ledger technology, and the security of the attack method is analyzed. Because it authenticates through DID Auth using public key encryption algorithms, it is safe from sniffing, man in the middle attack, and the proposed model can replace real identity card.

• Journal of Aerospace System Engineering
• /
• v.15 no.3
• /
• pp.20-29
• /
• 2021

As the feasibility of urban air mobility (UAM) service using electric vertical take-off and landing (eVTOL) aircraft increases due to aircraft electrification, distributed propulsion, and artificial intelligence technologies, the U.S. and European aeronautical societies have been improving their certification system and regulations for the type certification of eVTOL. The improved certification system is expected to be ready in the near future, after the European Union Aviation Safety Agency (EASA) proposed the VTOL Special Condition, SC-VTOL in 2019. However, the current domestic certification system is still insufficient to properly respond to eVTOL. This study investigated the development trends of foreign eVTOL and certification systems, identified considerations to improve the domestic certification system, and proposed the measures for type certificates and type certificates validation of eVTOL based on the comparison between SC-VTOL and Korea airworthiness standards (KAS).

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.18 no.1
• /
• pp.150-156
• /
• 1993

This paper studies an Authentication sheme which is used polynomial equation over GF(2n)for reducing time to authenticate sender and his message in secret data communication. Also in order to maintain strong secrecy, this scheme use interactive Zero-knowledge proof protocol for generating information of sender's authentication via unprotected communication channel.