• Proceedings of the Korea Information Processing Society Conference
• /
• 2012.04a
• /
• pp.710-713
• /
• 2012

최근 스마트 기기는 결제, 할인쿠폰 등 각종 기능을 제공하는 수단으로 진화되면서 통신과 금융이 융합된 모바일 NFC 서비스의 시장이 급성장할 것으로 전망되고 있다. 특히 모바일 NFC 결제 서비스 시장의 활성화가 예상됨에 따라 모바일 NFC 결제 서비스는 국내 외적으로 널리 주목받고 있다. 하지만 이를 주도할 수 있는 보안 관련 기술력이 부족한 상태이며 NFC 모바일 결제 환경에서 적용이 가능한 NFC 결제 관련 기술 연구도 미흡한 실정이다. 이에 따라 기존 방식과는 전혀 다른 결제 환경과 결제 방식에 의해 도출될 수 있는 다양한 응용서비스에 대한 새로운 법 제도의 정비와 새로운 결제환경에 맞는 보안기술이 필요할 것으로 예상된다. 본 논문에서는 기존의 물리적인 플라스틱 신용카드의 권한 위임 문제와 NFC 모바일 신용카드를 비교하여 NFC 모바일 기반 결제 서비스 상에서의 위협을 분석하고 NFC 결제환경에서 안전한 결제 권한 위임이 가능한 Hash Chain기반의 Time-Stamping Proxy 서명 기술을 제안하였다.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.39B no.4
• /
• pp.191-199
• /
• 2014

Currently, HTTP traffic has been developed rapidly due to appearance of various applications and services based web. Accordingly, HTTP Traffic classification is necessary to effective network management. Among the various signature-based method, Payload signature-based classification method is effective to analyze various aspects of HTTP traffic. However, the payload signature-based method has a significant drawback in high-speed network environment due to the slow processing speed than other classification methods such as header, statistic signature-based. Therefore, we proposed various classification method of HTTP Traffic based HTTP signatures of hierarchical structure and to improve pattern matching speed reflect the hierarchical structure features. The proposed method achieved more performance than aho-corasick to applying real campus network traffic.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.38A no.11
• /
• pp.967-969
• /
• 2013

In this paper, we propose an efficient mult-signature scheme based on a bilinear mapping for shared data in the cloud and prove the security of the proposed scheme using the difficulty of the computational Diffie-Hellman problem. For verification, the scheme is using the sum of the hash values of stored data rather than the entire data, which makes it feasible to reduce the size of the downloaded data.

• Proceedings of the IEEK Conference
• /
• 2002.07b
• /
• pp.948-950
• /
• 2002

IPSec authentication provides support for data integrity and authentication of IP packets. Authentication is based on the use of a message authentication code(MAC). Hash function algorithm is used to produce MAC , which is referred to HMAC. In this paper, we propose a cryptographic accelerator using FPGA implementations. The accelator consists of a hash function mechanism based on MD5 algorithm, and a public-key generator based on a Elliptiv Curve algorithm with small scale of circuits. The accelator provides a messsage authentification as well as a digital signature. Implementation results show the proposed cryptographic accelerator can be applied to IPSec authentications.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.4
• /
• pp.697-708
• /
• 2019

In this paper, we propose and implement a method to optimize Rainbow for 8 bit MCU(Microcontroller Unit). As quantum computers have been developed, the security of existing cryptography, especially the signature algorithms, has been threatened, so it is necessary to apply a signature scheme with a quantum-resistance to IoT devices. Currently, the proposed PQC(Post Quantum Cryptography) are lattice-based, hash-based, code-based, and MQ(Multivariate Quadratic)-based cryptographic algorithms and signature schemes. In particular, MQ-based signature schemes are faster than conventional signature schemes and are suitable for IoT devices Do. However, it is difficult to apply 8-bit MCU, which has a large key length and large number of computations, to the memory and performance of IoT devices. In this paper, we propose a method of storing Rainbow, which is a MQ-based signing scheme, in 8-bit MCU by dividing the key and optimizing the computation method. By reducing the memory consumption and improving the algorithm speedily, Compare performance.

• Journal of KIISE:Computer Systems and Theory
• /
• v.30 no.7_8
• /
• pp.408-416
• /
• 2003

An electronic cash system has to provide the security, to prevent the double spending and to support the divisibility of electronic cash for the easy of use. Divisible electronic cash system allows an electronic cash to be divided into subdivisions. Each subdivision is worth any desired value, but all values must add up to the original cash value. Divisible scheme brings some advantages. It reduces to make the change and also there is no necessity that a customer must withdraw a cash of the desired value whenever transactions occur. In this paper, we present an electronic cash protocol which provides the divisibility based on the double hash chain technique. Electronic cash is constructed in the form of coins. Coins, generated by the double hush chain, have different denominations. The divisibility based on the double hash chain technique. Electronic cash is constructed in the form of coins. Coins, generated by the double hash chain, have different denominations. The divisibility of an electronic cash is satisfied by the payment certificate, which is a pair of bank´s proxy signature received from the bank. When a customer pays the coin of subdivision, the fairness of that coin is certified by a customer´s signing instead of a bank. Although the proposed method does not guarantee user´s anonymity, it generates coins which cannot be forged, and the customer can use an electronic cash conveniently and efficiently with its divisibility.

• Journal of the Institute of Electronics Engineers of Korea CI
• /
• v.41 no.4
• /
• pp.103-112
• /
• 2004

This paper suggests the way to realize smart card security system by using handwritten signature instead of a password which is traditionally used for user authentication. Because of the familiarity of signature we don't need to try to remember the password and signature is difficult to be used by guess or illegal forced situation. The feature data of handwritten signature is large, so we designed COS which is consist of special commands for processing user's handwritten signature data, user authentication, and basic commands based on ISO 7816-3. Also protocol among user, smart card terminal and DB server is designed. In registration process, the feature data of user signature is saved in both a DB server and a smart card. User authentication is processed by comparing the user signature and the saved feature data in a smart card and in a DB server. And the authentication result and hash value of signature data in DB server are transferred to smart card. During this process the authentication between DB server and user is finished. The proposed security system has more higher level of security in user authentication of smart card and it will Provide safer and more convenient security services.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.2
• /
• pp.343-351
• /
• 2017

With ICT technology develops, IoT environment is attracting attention. However, IoT devices have various CPU performance as much as various purpose of use. Some IoT devices use the cpu that doesn't support public key cryptogrphy or crypto acceleration. In this paper, we study Blockchain-based IoT Device Authentication Scheme that provides authentication, integirity and non-repudation through analysis of Lamport Hash-chain, Lamport Signature, Blockchain and existing Authentication protocols. The proposed scheme requires only simple hash operation in IoT devices and it can operate in low performance IoT device, thus ensuring secure authentication in IoT environment.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.26 no.7
• /
• pp.1071-1077
• /
• 2022

A security SoC that can be used to implement elliptic curve cryptography (ECC) based public-key infrastructures was designed. The security SoC has an architecture in which a hardware accelerator for the elliptic curve digital signature algorithm (ECDSA) is interfaced with the Cortex-A53 CPU using the AXI4-Lite bus. The ECDSA hardware accelerator, which consists of a high-performance ECC processor, a SHA3 hash core, a true random number generator (TRNG), a modular multiplier, BRAM, and control FSM, was designed to perform the high-performance computation of ECDSA signature generation and signature verification with minimal CPU control. The security SoC was implemented in the Zynq UltraScale+ MPSoC device to perform hardware-software co-verification, and it was evaluated that the ECDSA signature generation or signature verification can be achieved about 1,000 times per second at a clock frequency of 150 MHz. The ECDSA hardware accelerator was implemented using hardware resources of 74,630 LUTs, 23,356 flip-flops, 32kb BRAM, and 36 DSP blocks.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2007.10a
• /
• pp.701-704
• /
• 2007

Recently, More and more consumer enjoy the finance service such as settling, account transferring, stocks investment, and so via mobile device. In the mobile environment, data transferring between the devices is formatted as XML. However, the common XML file is exposed to the attack such as hacking and malignity code, to satisfy security of mobile environment is very difficult. The problem is more seriously at the open platform such as WIPI that is developed by our country. So there is enough reason to propose one system to protect the import data. In this paper, we development the system to digital signature and signature the XML document in order to protect data, and the system is observing the recommendation of the XML Signature Syntax and Processing by W3C. When designing and composition the system, we use the digital signature algorithm RSA, DSA, KCDSA, and HMAC, etc. we test the system at the open WIPI platform.