• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.38B no.5
• /
• pp.394-400
• /
• 2013

WoT (Web of Things) was proposed to realize intelligent thing to thing communications using WEB standard technology. It is difficult to adapt security protocols suited for existing Internet communications into WoT directly because WoT includes LLN(Low-power, Lossy Network) and resource constrained sensor devices. Recently, IETF standard group propose to use DTLS protocol for supporting security services in WoT environments. However, DTLS protocol is not an efficient solution for supporting end to end security in WoT since it introduces complex handshaking procedures and high communication overheads. We, therefore, divide WoT environment into two areas- one is DTLS enabled area and the other is an area using lightweight security scheme in order to improve them. Then we propose a mutual authentication scheme and a session key distribution scheme for the second area. The proposed system utilizes a smart device as a mobile gateway and WoT proxy. In the proposed authentication scheme, we modify the ISO 9798 standard to reduce both communication overhead and computing time of cryptographic primitives. In addition, our scheme is able to defend against replay attacks, spoofing attacks, select plaintext/ciphertext attacks, and DoS attacks, etc.

• The KIPS Transactions:PartC
• /
• v.19C no.2
• /
• pp.99-118
• /
• 2012

In PMIPv6-based network, mobile nodes can be made smaller and lighter because the network nodes perform the mobility management-related functions on behalf of the mobile nodes. The one of the protocols, Fast Handovers for Proxy Mobile IPv6(FPMIPv6)[1] has studied by the Internet Engineering Task Force(IETF). Since FPMIPv6 adopts the entities and the concepts of Fast Handovers for Mobile IPv6(FMIPv6) in Proxy Mobile IPv6(PMIPv6), it reduces the packet loss. Conventional scheme has proposed that it cooperated with an Authentication, Authorization and Accounting(AAA) infrastructure for authentication of a mobile node in PMIPv6, Despite the best efficiency, without begin secured of signaling messages, PMIPv6 is vulnerable to various security threats such as the DoS or redirect attAcks and it can not support global mobility between PMIPv. In this paper, we analyze Kang-Park & ESS-FH scheme, and then propose an Enhanced Security scheme for FPMIPv6(ESS-FP). Based on the CGA method and the pubilc key Cryptography, ESS-FP provides the strong key exchange and the key independence in addition to improving the weaknesses for FPMIPv6. The proposed scheme is formally verified based on Ban-logic, and its handover latency is analyzed and compared with that of Kang-Park scheme[3] & ESS-FH and this paper propose inter-domain fast handover sheme for PMIPv6 using proxy-based FMIPv6(FPMIPv6).

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.16 no.5
• /
• pp.93-106
• /
• 2006

With the rapid growth of the wireless Internet communication, a new generation of mobile devices have made possible the broad distribution of mobile digital contents, such as image, music, video, games and applications over the wireless Internet. Mobile devices are rapidly becoming the major means to extend communication channels without copy Protection, usage rule controlling and authentication. As a result, mobile digital contents may be illegally altered, copied and distributed among unauthorized mobile devices. In this paper, we take a look at Open Mobile Alliance (OMA) DRM v2.0 in general, its purpose and function. The OMA is uniquely the focal point for development of an open standard for mobile DRM. Next we introduces features for an active content and illustrates the difference between an active content and an inactive content. Enabling fast rendering of an active content, we propose an OMA-based DRM framework. This framework include the following: 1) Extending DCF Header for supporting an selective encryption, 2) Content encryption key management, 3) Rendering API for an active content. Experimental results show that the proposed framework is able to render an active content fast enough to satisfy Quality of Experience. %is framework has been proposed for a mobile device environment, but it is also applicable to other devices, such as portable media players, set-top boxes, or personal computer.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.20 no.5
• /
• pp.23-36
• /
• 2010

Signcryption is a cryptographic primitive which offers authentication and confidentiality simultaneously with a cost lower than signing and encrypting the message independently. We propose a new cryptographic notion called Identity-based online/offline signcryption. The notion of online/offline scheme can be divided into two phases, the first phase is performed offline prior to the arrival of a message to be signed or encrypted and the second phase is performed online phase after knowing the message and the public key of recipient. The Online phase does not require any heavy computations such as pairings or exponents. It is particularly suitable for power-constrained devices such as smart cards. In this paper, we propose ID-based signcryption scheme and ID-based online/offline signcryption scheme where the confidentiality and authenticity are simultaneously required to enable a secure and trustable communication environment. To our best knowledge, this is the first ID-based online/offline signcryption scheme that can be proven secure in the standard model.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.1
• /
• pp.241-259
• /
• 2014

A PUF is a technology for distinguishing a device from other devices like biological information such as humans' iris or fingerprints. Over the past decade, many researchers studied various methods for implementing PUFs and utilizing them in identification, random number generation, key distribution and authentication. However, various attacks on the PUFs are the major reason to inhibiting the proliferation of PUF. For the reasons, various technologies are being studied to enhance safety of PUFs. In this paper, we will see several PUF implementations and various attacks on PUFs, and suggest guidelines for securely implementing PUFs. We expect our guidelines would be the foundation for implementing the secure and reliable PUFs.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.20 no.1
• /
• pp.35-44
• /
• 2020

The growing use of public blockchain-based virtual cryptocurrency calls for secure management of blockchain account information managed through cryptocurrency wallet programs. The previously proposed wallet program has high security in terms of managing an account's private key, but low security in managing an account's recovery phrase. Therefore, in this paper, we propose a safe management system of blockchain account recovery string based on the new user authentication method using the user's mobile device information and OTP technique to overcome the problem of the existing account recovery string management method. It also conducts an analysis of the proposed blockchain account recovery string management system based on the expected behavior scenario.

• Journal of Digital Convergence
• /
• v.14 no.10
• /
• pp.295-302
• /
• 2016

Many countries, especially ICT powers, are supporting IoT-based technology at a national level and this technology is actively being researched in the businesses and research institutes in an aim to develop technology and create an ecosystem. Roads in the Seoul city are building public facilities based on IoT to provide various services and conveniences for the users. However, for the full-fledged introduction and development of IoT, there are many cases where infringement on security and privacy and threat for life and safety happen. Also, as the IoT environment includes various environment technologies such as the existing sensor network, heterogeneous communication network, and devices optimized for the IoT environment, it inherits the existing security threat and various attack techniques. This paper researches the attribute based encryption technology for safe communication in the IoT environment. The data collected from the device is transmitted utilizing the attribute based encryption and by designing the key generation protocol, grades and authorities for the device and users are identified to transmit safe messages.

• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.43 no.4 s.346
• /
• pp.13-21
• /
• 2006

An mobile ad hoc network(MANET) is a collection of wireless computers (nodes), communicating among themselves over multi-hop paths, without the help of any infrastructure such as base stations or access points. Prior research in MANET has generally studied the routing problem in a non-adversarial setting, assuming a trusted environment. In this paper, we design and evaluate the Secure Zone Routing Protocol(T-ZRP), a secure ad hoc network routing protocol is based on the design of the hash chain. In order to support use with nodes of limited CPU processing capability, and to guard against Denial-of-Service attacks in which an attacker attempts to cause other nodes to consume excess network bandwidth or processing time, we use efficient one-way hash functions and don't use asymmetric cryptographic operations in the protocol. Proposed algorithm can safely send to data through authentication mechanism and integrity about routing establishment.

• Journal of Korea Multimedia Society
• /
• v.13 no.4
• /
• pp.575-581
• /
• 2010

With widespread use of the Internet and improvements in streaming media and compression technology, digital music, video, and image can be distributed instantaneously across the Internet to end-users. However, most conventional Digital Right Management are often not secure and not fast enough to process the vast amount of data generated by the multimedia applications to meet the real-time constraints. The SVC offers temporal, spatial, and SNR scalability to varying network bandwidth and different application needs. Meanwhile, for many multimedia services, security is an important component to restrict unauthorized content access and distribution. This suggests the need for new cryptography system implementations that can operate at SVC. In this paper, we propose a new scrambling encryption for reserving the characteristic of scalability in MPEG4-SVC. In the base layer, the proposed algorithm is applied and performed the selective scambling. And it encrypts various MVS and intra-mode scrambling in the enhancement layer. In the decryption, it decrypts each encrypted layers by using another encrypted keys. Throughout the experimental results, the proposed algorithms have low complexity in encryption and the robustness of communication errors.

• Journal of the Korea Computer Industry Society
• /
• v.2 no.10
• /
• pp.1269-1284
• /
• 2001

The Secure Sockets Layer is a protocol for encryption TCP/IP traffic that provides confidentiality, authentication and data integrity. Also the SSL is intended to provide the widely applicable connection-oriented mechanism which is applicable for various application-layer, for Internet client/server communication security. SSL, designed by Netscape is supported by all clients' browsers and server supporting security services. Now the version of SSL is 3.0. The first official TLS vl.0 specification was released by IETF Transport Layer Security working group in January 1999. As the version of SSL has had upgraded, a lot of vulnerabilities were revealed. SSL and TLS generate the private key with parameters exchange method in handshake protocol, a lot of attacks may be caused on this exchange mechanism, also the same thing may be come about in record protocol. In this paper, we analyze SSL protocol, compare the difference between TLS and SSL protocol, and suggest what developers should pay attention to implementation.