• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.15 no.5
• /
• pp.147-154
• /
• 2015

Satellite broadcasting networks, like if you have if you have just received information that everyone must bring the required security attributes this earth should be done as encryption. In this paper, a satellite communication network AH additional security header in transport mode IPsec VPN by applying the SHA-256 and MD-5 authentication algorithm to authenticate the data portion Error rate and analyze the BER and Throughput. First, to generate a normal IP packet added to IPsec transport mode security header AH were constructed internal authentication data by applying the SHA-256 and MD-5 algorithm. Channel coder was applied to the Rate Compatible Punctured Turbo Codes, packet retransmission scheme Hybrid-ARQ Type-II and Type-III were used. Modulation method was applied to the BPSK, the wireless channel Markov channel (Rician 80%, Rayleigh 20% and Rician 90%, Rayleigh 10%) as an authentication algorithm according to the satellite channel state analyzed how they affect the error rate and Throughput.

• Journal of Digital Convergence
• /
• v.11 no.9
• /
• pp.173-179
• /
• 2013

In a biometric authentication scheme, a user's biometric data that is unique to the user is used to prove the user's identity to the third party. Since the user should have to participate in every authentication sessions, it's not possible to delegate other users to authenticate instead of himself/herself. In a biometric signature scheme, contrary to authentication scheme, a user's biometric data is used to prove that "this message is signed by the signer who claims to be" to the third party. However, once the biometric key is created, it can be accessed by the signer. Thus, it's possible to lend the biometric key to other users. In this study, the server based biometric realtime signature scheme is proposed. The proposed scheme can be applied to sign the vote in electronic voting or to authenticate the copyright owner in DRM enabled mobile commerce where the proxy signatures are not allowed.

• Journal of Industrial Convergence
• /
• v.18 no.5
• /
• pp.23-29
• /
• 2020

The Internet of things (IoT) is the extension of Internet connectivity into various devices and everyday objects. Embedded with electronics, Internet connectivity and other forms of hardware. The IoT poses significant risk to the entire digital ecosystem. This is because so many of these devices are designed without a built-in security system to keep them from being hijacked by hackers. This paper proposed a mutual authentication protocol for IoT Devices using symmetric-key algorithm. The proposed protocol use symmetric key cryptographic algorithm to securely encrypt data on radio channel. In addition, the secret key used for encryption is random number of devices that improves security by using variable secret keys. The proposed protocol blocked attacker and enabled legal deives to communicate because only authenticated devices transmit data by a mutual authentication protocol. Finally, our scheme is safe for attacks such as eavesdropping attack, location tracking, replay attack, spoofing attack and denial of service attack and we confirmed the safety by attack scenario.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.4
• /
• pp.975-985
• /
• 2018

ICN architecture, one of future Internet technologies, proposes that content request packets toward a content source can be responded by several distributed nodes. So, ICN can solve network congestion which is happened around content sources and provide a seamless content distribution service regardless of the network and system statuses of content sources. Especially, CCN implements content caching functionality in network nodes so that such intermediated network nodes can themselves respond to content requests. However, when receiving content from distributed nodes, users receiving content cannot authenticate the nodes providing the content. So CCN is vulnerable to various attacks such as an impersonation attack, a data pollution attack, and so on. This paper first describes CCN content authentication and its weakness. Then it proposes an improved content authentication scheme based on a blockchain and evaluates the performance of the proposed scheme.

• KIPS Transactions on Computer and Communication Systems
• /
• v.7 no.9
• /
• pp.235-242
• /
• 2018

Various technologies have been developed to more efficiently share content such as P2P, CDN, and CCN. These technologies take a common approach that content request packets is responded by distributed network nodes or hosts, not by a single content distributor. Such approaches not only resolve network congestion around content distributors, but also make it possible to distribute content regardless of the system and network status of content distributors. However, when receiving content from distributed nodes/hosts, not from authenticated distributors, users cannot practically identify which node/host sent content to them. Due to this characteristic, various hacking caused by the malicious modification of content is possible. Therefore, to make such approaches more secure, a content authentication technique is required. In this paper, we propose a improved operation of MHT used in CCN for authenticating distributed content. Then we evaluate the proposed method by comparing its performance with the existing technology.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.11 no.8
• /
• pp.1519-1527
• /
• 2007

In order to combat the security threats that sensor networks are exposed to, a cryptography protocol is implemented at sensor nodes for point-to-point encryption between nodes. Given that nodes have limited resources, symmetric cryptography that is proven to be efficient for low power devices is implemented. Data protection is integrated into a sensor's packet by the means of symmetric encryption with the Dragon stream cipher and incorporating the newly designed Dragon-MAC Message Authentication Code. The proposed algorithm was designed to employ some of the data already computed by the underlying Dragon stream cipher for the purpose of minimizing the computational cost of the operations required by the MAC algorithm. In view that Dragon is a word based stream cipher with a fast key stream generation, it is very suitable for a constrained environment. Our protocol regarded the entity authentication and message authentication through the implementation of authenticated encryption scheme in wireless sensor nodes.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.17 no.5
• /
• pp.15-25
• /
• 2007

According to augmentation about interesting and demanding of privacy over the rest few years, researches that provide anonymity have been conducted in a number of applications. The ad hoc routing with providing anonymity protects privacy of nodes and also restricts collecting network information to malicious one. Until recently, quite a number of anonymous routing protocols have been proposed, many of them, however, do not make allowance for authentication. Thus, they should be able to have vulnerabilities which are not only modifying packet data illegally but also DoS(denial of service) attack. In this paper, we propose routing protocol with providing both anonymity and authentication in the mobile ad hoc network such as MANET, VANET, and more. This scheme supports all of the anonymity properties which should be provided in Ad Hoc network. In addition, based on the group signature, authentication is also provided for nodes and packets during route discovery phase. Finally, route discovery includes key-agreement between source and destination in order to transfer data securely.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.13 no.5
• /
• pp.209-220
• /
• 2013

Handover is the technology to minimize data lose of mobile devices and make continuous communication possible even if the device could be moved from one digital cell site to another one. That is, it is a function that enables the mobile user to avoid the disconnection of phone conversations when moving from a specific mobile communication area to another. Today, there are a lot of ongoing researches for fast and efficient hand-over, in order to address phone call's delay and disconnection which are believed to be the mobile network's biggest problems, and these should essentially be resolved in all mobile networks. Thanks to recent technology development in mobile network, the LTE network has been commercialized today and it has finally opened a new era that makes it possible for mobile phones to process data at high speed. In LTE network environment, however, a new authentication key must be generated for the hand-over. In this case, there can be a problem that the authentication process conducted by the hand-over incurs its authentication cost and delay time. This essay suggests an efficient key caching hand-over method which simplifies the authentication process: when UE makes hand-over from oMME to nMME, the oMME keeps the authentication key for a period of time, and if it returns to the previous MME within the key's lifetime, the saved key can be re-used.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.20 no.2
• /
• pp.43-55
• /
• 2010

${\mu}TESLA$ broadcast authentication protocol have been developed by many researchers for providing authenticated broadcasting message between receiver and sender in sensor networks. Those cause authentication delay Tree-based ${\mu}TESLA$[3] solves the problem of authentication delay. But, it has new problems from Merkel hash tree certificate structure. Such as an increase in quantity of data transmission and computation according to the number of sender or parameter of ${\mu}TESLA$ chain. ${\mu}TPCT$-based ${\mu}TESLA$[4] has an advantages, such as a fixed computation cost by altered Low-level Merkel has tree to hash chain. However, it only use the sequential values of Hash chain to authenticate ${\mu}TESLA$ parameters. So, It can't ensure the success of authentication in lossy sensor network. This paper is to propose the improved method for Tree-based ${\mu}TESLA$ by using XOR-based chain. The proposed scheme provide advantages such as a fixed computation cost with ${\mu}$TPCT-based ${\mu}TESLA$ and a message loss-tolerant with Tree-based ${\mu}TESLA$.

• The Journal of the Korea Contents Association
• /
• v.18 no.6
• /
• pp.434-442
• /
• 2018

Recently, the threat to the security and damage of important data leaked by devices of intranet infected by malicious code through the Internet have been increasing. Therefore, the partitioned intranet model that blocks access to the server for business use by implementing authentication of devices connected to the intranet is required. For this, logical net partition with the VDI(Virtual Desktop Infrastructure) method is no information exchange between physical devices connected to the intranet and the virtual device so that it could prevent data leakage and improve security but it is vulnerable to the attack to expose internal data, which has access to the server for business connecting a nonregistered device into the intranet. In order to protect the server for business, we suggest a blockchain based network partition model applying blockchain technology to VDI. It contributes to decrease in threat to expose internal data by improving not only capability to verify forgery of devices, which is the vulnerability of the VDI based logical net partition, but also the integrity of the devices.