• Proceedings of the Korea Information Processing Society Conference
• /
• 2009.11a
• /
• pp.609-610
• /
• 2009

Diffie-Hellman의 키 교환 방식은 공개된 통신망에서 사전 정보 공유 없이 공통된 세션 키를 생성할 수 있는 획기적인 방법이었지만, 중간자 공격이 가능하다는 문제점을 가지고 있다. 이러한 문제를 해결하기 위해 Seo와 Sweeny가 제안한 SAKA(Simple Authenticated Key Agrement) 프로토콜은 간단한 패스워드를 사용함으로써 두 사용자들 사이의 인증과 공통 세션 키를 생성할 수 있는 프로토콜이다. 그러나 SAKA 프로토콜은 키 검증단계에서 많은 취약점을 가지고 있다. 본 논문에서는 SAKA 프로토콜의 취약점을 해결하기 위하여 새로운 키 교환 프로토콜을 제안한다. 제안한 프로토콜은 기존의 SAKA 프로토콜이 갖는 장점을 유지하고 일 방향 해시함수를 이용하여 취약점을 효율적으로 해결할 수 있다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2008.11a
• /
• pp.1508-1509
• /
• 2008

본 논문에서는 기존에 제안된 RFID 인증 프로토콜이 임의의 RFID 태그로 위장한 공격자로부터 스푸핑 공격을 당할 수 있음을 증명하고, 이러한 보안 문제점을 해결한 안전하고 효율적인 RFID 상호 인증 프로토콜을 제안한다. 제안한 RFID 상호 인증 프로토콜은 기존의 RFID 인증 메커니즘들이 가지고 있는 보안 문제점들을 해결할 뿐만 아니라, 스푸핑 공격에 대한 취약점을 해결하고, 해쉬함수 연산 오버헤드를 줄여줌으로써 빠른 인증 시간을 보장하여 더욱 강력한 안전성과 효율성을 제공한다.

• Journal of KIISE:Computer Systems and Theory
• /
• v.30 no.7_8
• /
• pp.408-416
• /
• 2003

An electronic cash system has to provide the security, to prevent the double spending and to support the divisibility of electronic cash for the easy of use. Divisible electronic cash system allows an electronic cash to be divided into subdivisions. Each subdivision is worth any desired value, but all values must add up to the original cash value. Divisible scheme brings some advantages. It reduces to make the change and also there is no necessity that a customer must withdraw a cash of the desired value whenever transactions occur. In this paper, we present an electronic cash protocol which provides the divisibility based on the double hash chain technique. Electronic cash is constructed in the form of coins. Coins, generated by the double hush chain, have different denominations. The divisibility based on the double hash chain technique. Electronic cash is constructed in the form of coins. Coins, generated by the double hash chain, have different denominations. The divisibility of an electronic cash is satisfied by the payment certificate, which is a pair of bank´s proxy signature received from the bank. When a customer pays the coin of subdivision, the fairness of that coin is certified by a customer´s signing instead of a bank. Although the proposed method does not guarantee user´s anonymity, it generates coins which cannot be forged, and the customer can use an electronic cash conveniently and efficiently with its divisibility.

• Convergence Security Journal
• /
• v.18 no.1
• /
• pp.19-31
• /
• 2018

As the ICT technologies advance, the unprecedently large amount of digital data is created, transferred, stored, and utilized in every industry. With the data scale extension and the applying technologies advancement, the new services emerging from the use of large scale data make our living more convenient and useful. But the cybercrimes such as data forgery and/or change of data generation time are also increasing. For the data security against the cybercrimes, the technology for data integrity and the time verification are necessary. Today, public key based signature technology is the most commonly used. But a lot of costly system resources and the additional infra to manage the certificates and keys for using it make it impractical to use in the large-scale data environment. In this research, a new and far less system resources consuming signature technology for large scale data, based on the Hash Function and Merkle tree, is introduced. An improved method for processing the distributed hash trees is also suggested to mitigate the disruptions by server failures. The prototype system was implemented, and its performance was evaluated. The results show that the technology can be effectively used in a variety of areas like cloud computing, IoT, big data, fin-tech, etc., which produce a large-scale data.

• The Transactions of the Korea Information Processing Society
• /
• v.7 no.8
• /
• pp.2421-2429
• /
• 2000

With the advance of wireless communications technology, mobile communications have become more convenient than ever. Nowadays, people can communicate with each other on any place at any time. However, because of the openness of wireless communications, the way to protect the privacy between communicating parties is becoming a very important issue. In this paper, we present a study on the authentication and message encryption algorithm to support roaming service to the GSM network. To propose an authentication and message encryption algorithm applicable to the GSM system, the security architecture of the GSM outlined in the GSM standard is briefly introduced. In the proposed cryptosystems we use a new hash function for user authentication and a stream cipher based on Linear Feedback Shift Register(LFSR) for message encryption and decryption. Moreover, each algorithm is programmed with C language and simulated on IBM-PC system and we analyze the randomness properties of the proposed algorithms by using statistical tests.

• The Journal of Korean Association of Computer Education
• /
• v.14 no.1
• /
• pp.175-185
• /
• 2011

Recently RFID systems have been introduced in place of barcode systems to industries such as logistics, distribution, and manufacturing. Due to security vulnerabilities in wireless communication between the reader and tags, however, the authentication protocols for the communication have also been researched extensively. In order to solve the vulnerability of previously proposed protocols, this paper thus proposes an authentication protocol that satisfies the security requirements in the RFID system and minimizes the quantity of computation such as random number generation, transmitting the micro-time of databases. In addition, it is expected that the proposed cross authentication protocol is safe against replay attack, spoofing attack, traffic analysis, and eavesdropping attack when it is applied to the RFID system. Also, it has advantages such as providing a high level of security at a lower manufacturing cost.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.17 no.3
• /
• pp.705-711
• /
• 2013

QRS detection of ECG is the most popular and easy way to detect cardiac-disease. But it is difficult to analyze the ECG signal because of various noise types. Also in the healthcare system that must continuously monitor people's situation, it is necessary to process ECG signal in realtime. In other words, the design of algorithm that exactly detects QRS wave using minimal computation and classifies PVC by analyzing the persons's physical condition and/or environment is needed. Thus, efficient QRS detection and PVC classification based on profiling method is presented in this paper. For this purpose, we detected QRS through the preprocessing method using morphological filter, adaptive threshold, and window. Also, we applied profiling method to classify each patient's normal cardiac behavior through hash function. The performance of R wave detection, normal beat and PVC classification is evaluated by using MIT-BIH arrhythmia database. The achieved scores indicate the average of 99.77% in R wave detection and the rate of 0.65% in normal beat classification error and 93.29% in PVC classification.

• Journal of Digital Convergence
• /
• v.13 no.9
• /
• pp.297-302
• /
• 2015

The increase in applying IT to vehicles has given birth to smart cars or connected cars. As smarts cars become connected with external network systems, threats to communication security are on the rise. With simulation test results supporting such threats to Convergence security in vehicular communication, concerns are raised over relevant vulnerabilities, while an increasing number of studies on secure vehicular communication are published. Hacking attacks against vehicles are more dangerous than other types of hacking attempts because such attacks may threaten drivers' lives and cause social instability. This paper designed a Convergence security protocol for inter-vehicle and intra-vehicle communication using a hash function, nonce, public keys, time stamps and passwords. The proposed protocol was tested with a formal verification tool, Casper/FDR, and found secure and safe against external attacks.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.6
• /
• pp.1413-1424
• /
• 2019

Cryptocurrency has limitations to be used as an actual payment method due to the scalability problem of the blockchain consensus protocol, and various off-chain solutions to solve these limitations are being studied. In this paper, we design an efficient off-chain payment channel using one-way hash function and implement the designed payment channel using Ethereum smart contract. In addition, the experiment was conducted to measure and analyze execution time and cost for each method by deploying it in the same environment as the previously implemented plasma MVP. As a result, compared with plasma MVP, the proposed solution was able to reduce the total cumulative time by about 34% and reduce the overall execution cost by about 41%.

• The KIPS Transactions:PartC
• /
• v.12C no.3 s.99
• /
• pp.309-316
• /
• 2005

Recently, RFID system is a main technology to realize ubiquitous computing environments, but the feature of the RFID system may bring about various privacy problem. So, many kinds of protocols To resolve this problem are researched. In this paper, we analyse the privacy problem of the previous methods and propose more secure and effective authentication protocol to protect user's privacy. Then we prove that the proposed protocol is secure and effective as we compare the proposed protocol with previous methods. The proposed protocol is based on Challenge-Response using one-way hash function and random number. The proposed protocol is secure against replay attack, spoofing attack and so on. In addition, the proposed protocol is proper for distributed database environment.