• Journal of the Korea Society of Computer and Information
• /
• v.14 no.6
• /
• pp.27-32
• /
• 2009

Recently, most of information services are provided by the computer network, since the technology of computer communication is developing rapidly, and the worth of information over the network is also increasing with expensive cost. But various attacks to quietly intercept the informations is invoked with the technology of communication developed, and then most of the financial agency currently have used OTP, which is generated by a token at a number whenever a user authenticates to a server, rather than general static password for some services. A 2-Factor OTP generating method using the OTP token is mostly used by the financial agency. However, the method is vulnerable to real attacks and therefore the OTP token could be robbed and disappeared. In this paper, we propose a 3-Factor OTP way using HMAC to conquer the problems and analyze the security of the proposed scheme.

• Proceedings of the Korean Information Science Society Conference
• /
• 2002.10e
• /
• pp.277-279
• /
• 2002

전자상거래, 무선 인터넷 등의 활성화를 위해서는 신뢰성 있는 통신 서비스를 제공하는 IPv6용 보안시스템이 필요하다. 이를 위한 기존의 암호화 알고리즘은 소프트웨어 및 하드웨어로 많이 구현되어 있으나 IPv4를 기반으로 한 운영체제에 종속되어 있다. 이를 해결하기 위하여 운영체제 없이 고성능의 보안서비스를 제공하는 IPv6용 보안시스템이 하드웨어로 구현되었다. 본 논문에서는 이러한 IPv6용 하드웨어 보안시스템에 요구되는 암호화알고리즘 중에서 HMAC-SHA-1을 하드웨어 모듈로 구현하였다. 그리고 구현한HMAC-SHA-1 모듈에 대하여 시뮬레이션 테스트를 수행하고 IPv6 하드웨어 보안시스템과 연동함으로써 기능을 검증하였다.

• Proceedings of the IEEK Conference
• /
• 2002.06b
• /
• pp.117-120
• /
• 2002

In this paper, we construct cryptographic accelerators using hardware Implementations of HMACS based on a hash algorithm such as MD5.It is basically a secure version of his previous algorithm, MD4 which is a little faster than MD5 The algorithm takes as Input a message of arbitrary length and produces as output a 128-blt message digest The input is processed In 512-bit blocks In this paper, new architectures, Iterative and full loop, of MD5 have been implemented using Field Programmable Gate Arrays(FPGAS). For the full-loop design, the performance Is about 500Mbps @ 100MHz

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.20 no.4
• /
• pp.769-776
• /
• 2016

TELNET is vulnerable to network attack because it was designed without considering security. SSL/TLS and SSH are used to solve this problem. However it needs additional secure protocol and has no backward compatibility with existing TELNET in this way. In this paper, we have suggested STELNET(Secured Telnet) which supports security functionalities internally so that has a backward compatibility. STELNET supports a backward compatibility with existing TELNET through option negotiation. On STELNET, A client authenticates server by a certificate or digital signature generated by using ECDSA. After server is authenticated, two hosts generate a session key by ECDH algorithm. And then by using the key, they encrypt data with AES and generate HMAC by using SHA-256. After then they transmit encrypted data and generated HMAC. In conclusion, STELNET which has a backward compatibility with existing TELNET defends MITM(Man-In-The-Middle) attack and supports security functionalities ensuring confidentiality and integrity of transmitted data.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.37C no.12
• /
• pp.1256-1262
• /
• 2012

Mobile ad hoc networks (MANETs) are infrastructure-less, autonomous, and stand-alone wireless networks with dynamic topologies. Recently, cluster-based ad hoc networks which enhance the security and efficiency of ad hoc networks are being actively researched. And routing protocols for cluster-based ad hoc networks are also studied. However, there are few studies about secure routing protocols in cluster-based ad hoc networks. In this paper, we propose secure routing protocol for cluster-based ad hoc networks. We use Diffie-Hellman key agreement, HMAC, and digital signature to support integrity of routing messages, and finally can perform secure routing.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.25 no.4B
• /
• pp.700-707
• /
• 2000

In this paper, we address vulnerabilities of legacy VOD system and implement secure-VOD system to protect security holes of it. Our secure-VOD system provide user authentication using one-time password, message authentication and encryption/decryption for video server information. To improve security of existing fixed password system, our secure-VOD system use one-time password. Also, our secure-VOD system provides integrity for video server information by generating and verifying message authentication code using HMAC-HAS 160 algorithm. Finally, our secure-VOD system uses RC5 encryption algorithm to guarantee confidentiality for video server information.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.29 no.7C
• /
• pp.1007-1014
• /
• 2004

In this paper, H.235 based security mechanism for H.323 multimedia applications was implemented in embedded environment. H.235 covers authentication using HMAC-SHAI -96, authenticated Diffie-Hellman key exchange, security capability exchange, session key management for voice encryption, and encryption functions such as DES, 3DES, RC2. H.235-based mechanisms were also analyzed in terms of its security and possible attacks.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.20 no.4
• /
• pp.747-754
• /
• 2016

DHCP(Dynamic Host Configuration Protocol) is a protocol for efficiency and convenience of the IP address management. DHCP automatically assigns an IP address and configuration information needed to run the TCP/IP communication to individual host in the network. However, existing DHCP is vulnerable for network attack such as DHCP spoofing, release attack because there is no mutual authentication systems between server and client. To solve this problem, we have designed a new DHCP protocol supporting the following features: First, ECDH(Elliptic Curve Diffie-Hellman) is used to create session key and ECDSA(Elliptic Curve Digital Signature Algorithm) is used for mutual authentication between server and client. Also this protocol ensures integrity of message by adding a HMAC(Hash-based Message Authentication Code) on the message. And replay attacks can be prevented by using a Nonce. As a result, The receiver can prevent the network attack by discarding the received message from unauthorized host.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.42 no.5
• /
• pp.999-1008
• /
• 2017

In this paper, we propose a pipeline network coding (PNC) scheme for efficient data transmission in wireless networks, a data authentication scheme for verifying the integrity of data, and a node authentication scheme for a virtual source. PNC is a technique that improves the overall network performance by relaying data such that the relay node performing network coding transmits to the sender instead. However, network coding is vulnerable to a pollution attack, which is an attack by a malicious attacker to inject modified data into the network. To prevent this, hash-based message authentication code (HMAC) is used. For this purpose, in order to generate a tag used for data authentication, a key must be distributed to the nodes performing authentication. We applied a hash chain to minimize the overhead of key distribution. A null vector is used as the authentication scheme for the virtual source. Finally, we analyze the safety and complexity of the proposed scheme and show he performance through simulation.

• Journal of the Institute of Electronics Engineers of Korea CI
• /
• v.47 no.1
• /
• pp.65-72
• /
• 2010

Nowadays, most hospitals have been used to create MRI or CT and managed them. Doctors depend on fast access to images such as magnetic resonance imaging (MRIs), computerized tomography (CT) scans, and X-rays for accurate diagnoses. Those image data are related privacy of a patient. Therefore, it should be protected from hackers and managed perfectly. In this paper, we propose a data hiding method into MRI or CT related a condition and intervention of a patient, and it is suggested that how to authenticate patient information from an image. In this way, we create hash code using HMAC with patient information, and hash code and patient information is hided into an image. After then, doctor will check authentication using HMAC. In addition, we use a reversible data hiding DE(Difference Expansion) algorithm to hide patient information. This technique is possible to reconstruct the original image with stego image. Therefore, doctor can easily be possible to check condition of a patient. As a consequence of an experiment with MRI image, data hiding, extraction and reconstruct is shown compact performance.