• Journal of the Korea Society of Computer and Information
• /
• v.17 no.4
• /
• pp.91-98
• /
• 2012

A group key exchange (GKE) protocol is designed to allow a group of parties communicating over a public network to establish a common secret key. As group-oriented applications gain popularity over the Internet, a number of GKE protocols have been suggested to provide those applications with a secure multicast channel. Among the many protocols is Yi et al.'s password-based GKE protocol in which each participant is assumed to hold their individual password registered with a trusted server. A fundamental requirement for password-based key exchange is security against off-line dictionary attacks. However, Yi et al.'s protocol fails to meet the requirement. In this paper, we report this security problem with Yi et al.'s protocol and show how to solve it.

• Journal of Digital Convergence
• /
• v.14 no.12
• /
• pp.471-476
• /
• 2016

Recently, important information related with smart work such as office and video conference are handled in smart device quite a lot compare with before. Also, execution environment of smart devices is getting developed as open software environment. It brought convenience to download and use any kind of application software. By that, security side of smart devices became vulnerable. This paper will discuss characteristics of smart device security technology based on virtualization that is a mobile device platform with isolated secure execution area based on TEE (Trusted Execution Environment). Also, this paper will suggest an implementation method about safe smart device security platform based on domain separation for application software which can be executed in smart devices. The domain separation based smart device security platform technology in this paper blocks unauthorized access and leakage of sensitive information in device. Also it will be the solution can block transmission and execution of malicious code in various area including variety of IoT devices in internet rather than just smart devices.

• Journal of The Korean Association of Information Education
• /
• v.16 no.3
• /
• pp.283-289
• /
• 2012

A distance learning is diffusing rapidly in society. It is more difficult to confirm a learner's identity and learning processing in a distance learning. Distance learning has a checking attendance system because a teacher and student do not meet face to face. There are some checking attendance systems such as login check, SMS authenticating system, unexpected quiz, and so on. However, existing checking attendance system has some problems to check learner's attendance in a whole lesson. Therefore, this study designed and developed learner's attendance system based on PC camera's shot of certification in a whole lesson. This attendance checking system can judge real attendance of learners in a distance learning and distance evaluation. The system is expected to make trust of a distance learning higher.

• Journal of Digital Convergence
• /
• v.13 no.5
• /
• pp.219-226
• /
• 2015

OTP(One Time Password) is for user authentication of Internet banking and users should carry their security card or OTP generator to use OTP. If they lost their security card or OTP generator, there is at risk for OTP leak. This paper suggests a new User Authentication Framework using personal health information from diverse technology of u-Health. It will cover the problem of OTP loss and illegal reproduction A User Authentication Framework is worthy of use because it uses various combinations of user's physical condition which is inconstant. This protocol is also safe from leaking information due to encryption of reliable institutes. Users don't need to bring their OTP generator or card when they use bank, shopping mall, and game site where existing OTP is used.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.3
• /
• pp.313-323
• /
• 2020

With the development of smart grid technologies, a user can use the secure and reliable power services in smart gird environments. However, the users are not secure against various potential attacks because the smart gird services are provided through the public channel. Therefore, a secure and lightweight authentication and key agreement scheme has become a very important security issue in smart grid in order to guarantee user's privacy. In 2019, Zhang et al. proposed a lightweight authentication scheme for smart gird communications. In this paper, we demonstrate that Zhang et al.'s scheme is vulnerable to impersonation and session key disclosure attacks, and then we propose a secure authentication and key agreement scheme for smart grid environments without tamper-resistant devices. Moreover, we perform the informal security and the BAN logic analysis to prove that our scheme is secure various attacks and provides secure mutual authentication, respectively. We also perform the performance analysis compared with related schemes. Therefore, the proposed scheme is efficiently applicable to practical smart gird environments.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.28 no.6B
• /
• pp.533-543
• /
• 2003

Recently, according to the rapid increase of Web users, various kinds of Web applications have been being developed. Hence, Web QoS(Quality of Service) becomes a critical issue in the Web services, such as e-commerce, Web hosting, etc. Nevertheless, most Web servers currently process various requests from Web users on a FIFO basis, which can not provide differentiated QoS. This paper presents two approaches to provide differentiated Web QoS. The first is the kernel-level approach, which is adding a real-time scheduling processor to the operating system kernel to maintain the priority of user requests determined by the scheduling processor of Web server. The second is the load-balancing approach, which uses If-level masquerading and tunneling technology to improve reliability and response speed upon user requests.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.2
• /
• pp.365-375
• /
• 2019

A PLC (Programmable Logic Controller) is a highly-reliable industrial digital computer which supports real-time embedded control applications for safety-critical control systems. Real-time operating systems such as uC/OS have been used for PLCs and must meet real-time constraints. As PLCs have been widely used for industrial control systems and connected to the Internet, they have been becoming a main target of cyberattacks. In this paper, we propose an execution code sanitizer to enhance the security of PLC systems. The proposed sanitizer analyzes PLC programs developed by an IDE before downloading the program to a target PLC, and mitigates security vulnerabilities of the program. Our sanitizer can detect vulnerable function calls and illegal memory accesses in development of PLC programs using a database of vulnerable functions as well as the other database of code patterns related to pointer misuses. Based on these DBs, it detects and removes abnormal use patterns of pointer variables and existence of vulnerable functions shown in the call graph of the target executable code. We have implemented the proposed technique and verified its effectiveness through experiments.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.13 no.2
• /
• pp.69-80
• /
• 2003

Verifiable encryption is an encryption technique with which one can verify what has been encrypted even if one can not decrypt the ciphertext. This technique can be used in fair exchange to convince the counterpart of his or her receiving an item by presenting an encrypted form in advance. In this paper, a method that can guarantee the payment atomicity is proposed by applying verifiable encryption to an electronic cash system based on the representation problem. With the new method, the process of dispute settlement is improved in the fact that the trusted third party do not have to interact with the bank to resolve disputes. This method is also flexible in a sense that clients and shops can request for dispute settlement regardless of any deadline constraint. However, additional proof is necessary to apply verifiable encryption during payment. We discuss the security and the atomicity of our method, and compare ours with others.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.26 no.6
• /
• pp.897-906
• /
• 2022

In this paper, we propose a novel MAC protocol based on the harmonic transmission of ACK, called HAT-LoRa, for improving the reliability and the utilization in multiple gateway LoRa Networks. LoRa is basically vulnerable to collision due to the primitive pure ALOHA-like MAC. Whereas data frame delivery can be guaranteed by the transparent bridge of multiple receiving gateways, ACK is still transmitted by a single gateway in LoRa Network. HAT-LoRa provides the augmented reception opportunity of ACK via the simultaneous transmissions of identical ACK in multiple spreading factors. The proposed method reduces the expected transmission times of ACK double gateway environment as well as single gateway environment, by 55 and 60% in maximum, by 35% and 40% in average, in a single- and double-gateway environment, respectively. Especially, it outperforms under the environment where the distance between end device and gateways are similar to each other.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.27 no.1
• /
• pp.69-75
• /
• 2023

Small communication devices used in the Internet of Things are vulnerable to various hacking because they do not apply advanced encryption techniques due to their low memory capacity or slow computation speed. In order to increase the authentication reliability of small-sized transmitters operating in 433MHz band, we introduce an RF fingerprint and adopt a convolutional neural network (CNN) as a classification algorithm. The preamble signal transmitted by each transmitter are extracted and collected using software-defined-radio to constitute a training data set, which is used for training the CNN. We tested identification of 20 transmitters in four different scenarios and obtained high identification accuracy. In particular, the accuracy of 95.8% and 92.6% was obtained, respectively in the scenario where the test was performed at a location different from the transmitter's location at the time of collecting training data, and in the scenario where the transmitter moves at walking speed.