• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.13 no.4
• /
• pp.1839-1848
• /
• 2012

Recently, smartphone communications using Wi-Fi channel are increasing rapidly to provide diverse internet services. The WPA security protocol was used for data protection between user and wireless AP. However, WPA-PSK protocol was known to be weak to the dictionary attack. In this paper, we proposed a secure WPA-PSK protocol to resist the dictionary attack. Since the proposed method was designed to generate a strong encryption key which is combined the Diffie-Hellman key agreement scheme with secrecy property of PSK(Pre-Shared Key), we can protect the Wi-Fi channel from Man-In-The-Middle attack and Rogue AP impersonation attack.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.10 no.9
• /
• pp.1573-1581
• /
• 2006

To utilize actively the agent which is one of the elements of revitalization of Agro-Foods Mobile I-commerce, an essential prerequisite is agent security. IF using partial PKI(Public Key Infrastructure)-based confirmation mechanism providing security for the agent, the size of agent is becoming larger, the result of the transmission speed is slow, and the confirmation speed is tardy as well because of performing calculation of public keys such as RSA and needing linkage with the CA for the valid examination of certificates. This paper suggests a mechanism that can cross certification and data encryption of each host in the side of improving the problems of key distribution on agent by shaping key chain relationship. This mechanism can guarantee the problem of ky distribution by using agent cipher key(ACK) module and generating random number to fit mobile surroundings and to keep the secret of the agent. Suggested mechanism is a thing that takes into consideration security and efficiency to secure agent for the revitalization of M-Commerce, and is a code skill to make the agent solid and is a safe mechanism minimizing the problems of memory overflow.

• The KIPS Transactions:PartC
• /
• v.9C no.3
• /
• pp.313-322
• /
• 2002

In this paper, proposes Kerberos certification mechanism that improve certification service of PKINIT base that announce in IETF CAT Working Ggroup. Did to certificate other realm because search position of outside realm through DNS and apply X.509 directory certification system, acquire public key from DNS server by chain (CertPath) between realms by certification and Key exchange way that provide service between realms applying X.509, DS/BNS of PKINIT base. In order to provide regional services, Certification and key exchange between realms use Kerberos' symmetric method and Session connection used Directory service to connection X.509 is designed using an asymmetric method. Excluded random number ($K_{rand}$) generation and duplex encryption progress to confirm Client. A Design of Kerberos system that have effect and simplification of certification formality that reduce Overload on communication.

• Journal of the Korean Data and Information Science Society
• /
• v.28 no.1
• /
• pp.163-171
• /
• 2017

With the advance of function of smart phone system and internet services, mobile trade grows more popular in the area of e-business or banking. These environmental changes, it makes the needs of authorized certificates. Authorized certificate is not only important in these days but also future society. In 2015, 27 millions of Korean people used public key certificate, but most of them does not know the details on the public key certificate. Therefore, in this paper, we explain and investigate the characteristics on the public certificate and explain the relation ship between authorized certificate and public key encrytion. By investigating several papers, internet data, newspapers and books, we found the historical changes, substantial aspects, the encryption systems on the authorized certificate. Also we study the pros and cons of authorized certificate. Finally we predict the number of issued authorized certificate for the future society based on nonparametric statistical method.

• Journal of Korea Multimedia Society
• /
• v.11 no.8
• /
• pp.1101-1110
• /
• 2008

Nespot provides a convenient wireless internet connection service. The existing IEEE 802.1X EAP-MD5 authentication mechanism can be achieved based on ID/password information for a wireless connection. The Nespot system offers an advanced accounting and authorization procedure for providing wireless user authentication mechanism. However, many problems were found on the existing Nespot EAP-MD5 mechanism such as a ill value exposure, a leakage of personal information on wireless authentication procedure and a weakness on Nespot mutual authentication mechanism. Therefore, we analyzed the limitation of the existing IEEE 802.1X EAP-MD5 certification system, and suggested a one-time session key based authentication mechanism. And then we offered a simplified encryption function on the Nespot certification process for providing secure mutual authentication process.

• Journal of the Korea Convergence Society
• /
• v.8 no.3
• /
• pp.115-121
• /
• 2017

Hospital medical services are making great efforts to provide prompt medical services to patients or improve the quality of medical services by convergence patient's healthcare information. However, recent research suggests problems about safety and efficiency when trying to transmit patient's healthcare information to hospital server via radio and wireless. In this paper, we propose a color model - based patient authentication key establishment protocol method to securely transmit patient healthcare information. The proposed method extracts randomly three color information used in the color model and vectorizes the extracted arbitrary information to obtain the key information required for user authentication as the sum of orthogonal vectors to improve the efficiency. In addition, the proposed method can securely generate key information used for user authentication without using an additional encryption algorithm. In performance evaluation result, proposed method shows that the server processing time of the sensed information is 8.1% higher than the existing method and 7.7% lower than the existing method.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.22 no.1
• /
• pp.75-82
• /
• 2018

As user of mobile device increases, various user authentication methods are actively researched. The user authentication methods includes a method of using a user ID and a password, a method of using user biometric feature, a method of using location based, and a method of authenticating secondary authentication such as OTP(One Time Password) method is used. In this paper, we propose a user system which improves the problem of existing authentication method and encryption can proceed in a way that user desires. The proposed authentication system is composed of an authentication factor collection module that collects authentication factors using a mobile device, a security key generation module that generates a security key by combining the collected authentication factors, and a module that performs authentication using the generated security key module.

• The KIPS Transactions:PartC
• /
• v.16C no.2
• /
• pp.199-208
• /
• 2009

Recently,IP-based broadcasting systems,such as Mobile-TV and IP-TV, have been widely deployed. These systems require a security system to allow only authorized subscribers access to broadcasting services. We analyzed the Conditional Access System, which is a security system used in the IP-based Pay-TV systems. A weakness of the system is that it does not scale well when the system experiences frequent membership changes. In this paper, we propose a group key distribution protocol which overcomes the scalability problem by reducing communication and computation overheads without loss of security strength. Our experimental results show that computation delay of the proposed protocol is smaller than one of the Conditional Access System. This is attributed to the fact that the proposed protocol replaces expensive encryption and decryption with relatively inexpensive arithmetic operations. In addition, the proposed protocol can help to set up a secure channel between a server and a client with the minimum additional overhead.

• Journal of KIISE:Computer Systems and Theory
• /
• v.32 no.3
• /
• pp.125-132
• /
• 2005

Wireless access always has to include the authentication of communication partners and the encryption of communication data in order to use secure M-Commerce services. However, wireless systems have limitations compared with the wired systems, so we need an efficient authentication and key exchange protocol considering these limitations. In this paper, we propose an efficient authentication and key exchange protocol for M-Commerce users using elliptic curve crypto systems. The proposed protocol reduces the computational load of mobile users because the wireless service provider accomplishes some parts of computations instead of the mobile user, and it uses the password-based authentication in wireless links. Also, it guarantees the anonymity of the mobile user not to reveal directly the real identity of the user to the M-Commerce host, and preserves the confidentiality of communication data between the M-Commerce host and the user not to know the contents of communication between them to others including the wireless service provider.

• Smart Media Journal
• /
• v.7 no.4
• /
• pp.52-60
• /
• 2018

Energy Management System(EMS) of Microgrid(MG) collects and analyzes data from devices in the microgrid to provide information to operators, users and other systems. In the middle of the process, it is required to securely provide information through both wired and wireless communication networks. In this paper, we design and implement a module that provides encryption and decryption, key management, key distribution, and message authentication functions, thus enabling the development of a system which is safe from the exposure and modulation of data potentially occurrable during data transmission between RTU(Remote Terminal Unit) and EMS. Our method can increase the efficiency of connection and key management for RTU by connecting a virtual device(VD) to RTU.