• Journal of Convergence for Information Technology
• /
• v.7 no.3
• /
• pp.91-96
• /
• 2017

IoT which is an abbreviation of Internet of Things refers to the communication network service among various objects such as people-people, objects-objects interconnection. The characteristic of IoT that enables direct connection among each device makes security to be considered as more emphasized factor. Though a security module such as an authentication protocol for resolving various security problems that may occur in the IoT environment has been developed, some weak points in security are still being revealed. Therefore, this paper proposes a method for including a protocol including gateway authentication procedure and mutual authentication between the devices and gateways. Protocols with additional authentication procedures can appropriately respond to attackers' spoofing attacks. In addition, important information in the message used for authentication process is protected by encryption or hash function so that it can respond to wiretapping attacks.

• Journal of Digital Convergence
• /
• v.19 no.10
• /
• pp.287-293
• /
• 2021

Recently, public certificates issued by nationally-recognized certification bodies have been abolished, and internet companies have issued their own common certificates as certification authority. The Electronic Signature Act was amended in a way to assign responsibility to Internet companies. As the use of a joint certificate issued by Internet companies as a certification authority is allowed, it is expected that the fraud damage caused by the theft of public key certificates will increase. We propose an authentication model that can be used in a security gateway that combines PKI with a blockchain with integrity and security. and to evaluate its practicality, we evaluated the security of the authentication model using Sugeno's hierarchical fuzzy integral, an evaluation method that excludes human subjectivity and importance degree using Delphi method by expert group. The blockchain-based joint certificate is expected to be used as a base technology for services that prevent reckless issuance and misuse of public certificates, and secure security and convenience.

• The KIPS Transactions:PartC
• /
• v.8C no.5
• /
• pp.585-596
• /
• 2001

In this paper, a new stream cipher algorithm based on the chaos theory is proposed and is applied to a Web security system. The Web security system is composed of three parts： certificate authority (CA), Web client, and Web server. The Web client and server system include a secure proxy client (SPC) and a secure management server (SMS), respectively, for data encryption and decryption between them. The certificate is implemented based on X.509 and the RSA public key algorithm is utilized for key creation and distribution to certify both the client and server. Once a connection is established between the client and server, outgoing and incoming data are encrypted and decrypted, respectively, using one of the three cipher algorithms： chaos, SEED, and DES. The proposed chaos algorithm outperforms the other two conventional algorithms in processing time and complexity. Thus, the developed Web security system can be widely used in electronic commerce (EC) and Internet banking.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.6
• /
• pp.1045-1057
• /
• 2022

Recently, the National Institute of Standards and Technology (NIST) announced four cryptographic algorithms as a standard candidates of Post-Quantum Cryptography (PQC). In this paper, we show that private key can be exposed by a non-profiling-based power analysis attack such as Correlation Power Analysis (CPA) and Differential Deep Learning Analysis (DDLA) on CRYSTALS-KYBER algorithm, which is decided as a standard in the PKE/KEM field. As a result of experiments, it was successful in recovering the linear polynomial coefficient of the private key. Furthermore, the private key can be sufficiently recovered with a 13.0 Normalized Maximum Margin (NMM) value when Hamming Weight of intermediate values is used as a label in DDLA. In addition, these non-profiling attacks can be prevented by applying countermeasures that randomly divides the ciphertext during the decryption process and randomizes the starting point of the coefficient-wise multiplication operation.

• Proceedings of the Korean Society of Computer Information Conference
• /
• 2009.01a
• /
• pp.365-368
• /
• 2009

본 논문에서는 홈 네트워크 환경을 위하여 다양한 정보가전들에 서비스를 제공하고 운용하기 위해 OSGi 프레임워크를 이용하여 게이트웨이를 구성하였다. 홈 네트워크의 특성상 네트워크를 구성하는 정보가전들의 입력 수단에 대한 제약이 많고 자원이 한정적이다. 따라서 이러한 문제를 해결하기 위해 사용자에게 패스워드를 입력받지 않고 자동으로 인증 과정을 마치는 인증 메커니즘을 연구하였다. 패스워드를 입력받지 않음으로써 사용자 입력 대기 시간을 줄일 수 있고, 대칭키를 이용하여 암호화 과정의 연산량을 줄여 소규모로 구성되는 흠 네트워크 구조에 효율적으로 적용할 수 있었다.

• Proceedings of the Korea Multimedia Society Conference
• /
• 2012.05a
• /
• pp.336-339
• /
• 2012

본 논문에서는 비선형 MLCA(Maximum Length Cellular Automata)와 1D CAT(One-Dimensional Cellular Automata Transform)를 이용하여 의료 영상 암호화 방법을 제안한다. 암호화 방법은 먼저, Wolfram Rule 행렬에 의해 전이행렬 T를 생성한다. 그 후, 암호화하려는 원 영상에 생성된 전이 행렬 T를 곱하여 원 영상의 픽셀 값을 변환한다. 또한 변환된 원 영상을 여원 벡터 F와 XOR 연산하여 비선형 MLCA가 적용된 영상으로 변환한다. 다음, 게이트웨이 값을 설정하여 1D CAT 기저함수를 생성한다. 그리고, 비선형 MLCA가 적용된 영상에 생성된 1D CAT 기저함수를 곱하여 암호화를 한다. 마지막으로 키 공간 분석을 통하여 제안한 방법이 높은 암호화 수준의 성질을 가졌음을 검증한다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2018.10a
• /
• pp.939-942
• /
• 2018

최근 LED 조명을 활용한 가시광 통신(VLC: Visible Light Communications)기술이 주목을 받고 있다. 가시광 통신 기술은 Bluetooth, ZigBee 등과 함께 새로운 인터넷 접속 기술로 활용될 수 있으나 전송 용량의 한계 때문에 실제 적용이 힘든 상황이다. 본 논문에서는 이 문제를 해결하기 위해 키-값 데이터베이스 패러다임을 적용한 가시광 통신 기반의 사물인터넷(IoT: Internet of Things) 모델을 제시한다. 제안하는 IoT 환경은 플렛폼 서버, 게이트웨이, VLC 송신기 및 VLC 수신기로 구성된다. IoT 통신을 위한 각 장비의 기능 및 프로토콜 스텍을 설계하고 실험 환경에서 각 장치의 초기화 절차 및 데이터 전송 과정을 검증하였다. 실험결과, 각 장비의 초기 구동 시간을 포함하여 1분 이내에 VLC 기반의 IoT 환경 구축이 가능함을 확인하였다.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.35 no.9B
• /
• pp.1330-1341
• /
• 2010

Power analysis (PA) is known as a powerful physical attack method in the field of information security. This method uses the statistical characteristics of leaked power consumption signals measured from security devices to reveal the secret keys. However, when measuring a leakage power signal, it may be easily distorted by the noise due to its low magnitude values, and thus the PA attack shows different performances depending on the noise level of the measured signal. To overcome this vulnerability of the PA attack, we propose a noise-reduction method based on wavelet de-noising. Experimental results show that the proposed de-noising method improves the attack efficiency in terms of the number of signals required for the successful attack as well as the reliability on the guessing key.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.34 no.2B
• /
• pp.162-169
• /
• 2009

Message Authentication Code (MAC) assures integrity of messages. In Mobile WiMAX, 128-bit Cipher-based MAC (CMAC) is calculated for management messages but only the least significant half is actually used truncating the most significant 64 bits. Naming these unused most significant 64bits Shared Authentication Information (SAI), we suggest that SAI can be applied to protect the network from DDoS attack which exploits idle mode vulnerabilities. Since SAI is the unused half of CMAC, it is as secure as 64bits of CMAC and no additional calculations are needed to obtain it. Moreover, SAI doesn't have to be exchanged through air interface and shared only among MS, BS, and ASN Gateway. With these good properties, SAI can efficiently reduce the overheads of BS and ASN GW under the DDoS attack.

• The Transactions of the Korea Information Processing Society
• /
• v.5 no.9
• /
• pp.2294-2301
• /
• 1998

The aim of this paper is to extract features from each news scenes for example, symbol icon which can be distinct each broadcasting corp, icon and caption which are has feature and important information for the scene in respectively, In this paper, we propose extraction methods of caption that has important prohlem of news videos and it can be classified in three steps, First of al!, we converted that input images from video frame to YIQ color vector in first stage. And then, we divide input image into regions in clear hy using equalized color histogram of input image, In last, we extracts caption using edge histogram based on vertical and horizontal line, We also propose the method which can extract news icon in selected key frames by the difference of inter-histogram and can divide each scene by the extracted icon. In this paper, we used comparison method of edge histogram instead of complex methcxls based on color histogram or wavelet or moving objects, so we shorten computation through using simpler algorithm. and we shown good result of feature's extraction.