• ETRI Journal
• /
• 제37권5호
• /
• pp.833-844
• /
• 2015

Recently, new network systems have begun to emerge (for instance, 5G, IoT, and ICN) that require capabilities beyond that provided by existing IP networking. To fulfill the requirements, some new networking technologies are being proposed. The promising approach of the new networking technology is to try to overcome the architectural limitations of IP networking by adopting an identifier (ID)-based networking concept in which communication objects are identified independently from a specific location and mechanism. However, we note that existing ID-based networking proposals only partially meet the requirements of emerging and future networks. This paper proposes a new ID-based networking architecture and mechanisms, named IDNet, to meet all of the requirements of emerging and future networks. IDNet is designed with four major functional blocks-routing, forwarding, mapping system, and application interface. For the proof of concept, we develop numeric models for IDNet and implement a prototype of IDNet.

• ETRI Journal
• /
• 제44권6호
• /
• pp.903-914
• /
• 2022

Mobile and telecommunication networking uses temporary and random identifiers (IDs) to protect user privacy. For greater intelligence and security o the communications between the core network and the mobile user, we design and build a dynamic randomization scheme for the temporary IDs for mobile networking, including 5G and 6G. Our work for ID randomization (ID-RZ) advances the existing state-of-the-art ID re-allocation approach in 5G in the following ways. First, ID-RZ for ID updates is based on computing, as opposed to incurring networking for the re-allocation-based updates, and is designed for lightweight and low-latency mobile systems. Second, ID-RZ changes IDs proactively (as opposed to updating based on explicit networking event triggers) and provides stronger security (by increasing the randomness and frequency of ID updates). We build on the standard cryptographic primitives for security (e.g., hash) and implement our dynamic randomization scheme in the 5G networking protocol to validate its design purposes, which include time efficiency (two to four orders of magnitude quicker than the re-allocation approach) and appropriateness for mobile applications.

• 한국자동차공학회논문집
• /
• 제19권6호
• /
• pp.37-45
• /
• 2011

As vehicles become more intelligent, in-vehicle networking (IVN) systems such as controller area network (CAN) or FlexRay are essential for convenience and safety of drivers. To expand the applicability of IVN systems, attention is currently being focused on the communication between heterogeneous networks such as body networking and chassis networking systems. A gateway based on message mapping method was developed to interconnect FlexRay and CAN networks. However, this type of gateways has the following shortcomings. First, when a message ID was changed, the gateway must be reloaded with a new mapping table reflecting the change. Second, if the number of messages to be transferred between two networks increase, software complexity of gateway increases very rapidly. In order to overcome these disadvantages, this paper presents FlexRay-CAN gateway based on node mapping method. More specifically, this paper presents a node mapping based FlexRay-CAN gateway operation algorithm along with the experimental evaluation for ID change.

• ETRI Journal
• /
• 제38권5호
• /
• pp.922-933
• /
• 2016

IP header compression schemes offer a valuable measure for bandwidth preservation. Such schemes have been practically implemented in infrastructure-based IP networks for point-to-point links. However, minimal research and practical implementation efforts have been conducted in the direction of an IP header compression strategy that can meet the peculiar requirements of multi-hop ad hoc wireless networks. In this paper, we present a practically implemented multi-hop IP header compression scheme using the Robust Header Compression (ROHC) protocol suite. The scheme runs on a novel identifier (ID) based networking architecture, known as an ID-based ad hoc network (IDHOCNET). IDHOCNET additionally solves a number of bottlenecks of pure IP-based ad hoc networks that have emerged owing to IP address auto-configuration service, distributed naming and name resolution, and the role of an IP address as an identifier at the application layer. The proposed scheme was tested on a multi-hop test bed. The results show that the implemented scheme has better gain and requires only O (1) ROHC contexts.

• 한국정보통신학회논문지
• /
• 제19권10호
• /
• pp.2429-2440
• /
• 2015

본 논문에서는 국내 연구ㆍ교육기관들의 협업 생태계 구축 및 협업 활성화를 위한 통합협업 인프라를 소개한다. 통합협업 인프라는 국내 연구ㆍ교육기관, 관련 상용 서비스 업체들이 참여하고 이들의 협력 증진을 위한 다양한 협업 지원 시스템과 서비스를 포함한다. 특히 제안한 통합협업 인프라는 ID 페더레이션 기술을 기반으로, 협업 참여 기관들의 연구자원 공유를 위한 사용자 인증 프레임워크를 제시함으로써 협업의 효율성을 제고한다. 본 논문은 국가과학기술연구망에 구축한 통합협업 인프라에 대해 기술하고 제안된 프레임워크의 동작 방식을 검증한다.

• 한국정보과학회논문지:정보통신
• /
• 제30권6호
• /
• pp.720-728
• /
• 2003

은닉서명(blind signature scheme)은 서명문의 내용을 숨기는 서명 방식으로 서명의뢰자의 신원과 서명문을 연결시킬 수 없는 익명성을 가지며 전자화폐나 전자투표 등 주로 행위자의 행동이 노출되어서는 안되는 보안서비스에 중요하게 활용된다. 본 논문에서는 GDH군에서의 ID 기반 은닉서명 방식을 제안한다. 제안한 방식의 안전성은 CDHP의 어려움에 기반을 두며, 효율성은 두 사용자간의 2회 통신만으로 서명을 생성함으로써 기존의 은닉서명 방식을 훨씬 개선하였다. 통신횟수와 계산량이 적으므로 제안한 은닉서명 방식은 무선 PKI 환경에서도 적용할 수 있다.

• 한국정보과학회논문지:정보통신
• /
• 제31권4호
• /
• pp.405-413
• /
• 2004

M-commerce가 활성화되기 위한 주요 요건 중의 하나는 안전성과 효율성을 갖춘 전자 지불 시스템을 개발하는 것이다. 본 논문에서는 ID 기반 공개키 암호 시스템을 이용하여 다중 거래에 적용할 수 있는 효율적인 소액 지불 프로토콜 (Micro-Payment Protocol)을 제안한다. 기존의 PayWord 시스템은 다수의 판매자와 거래를 하기 위해 매번 판매자의 인증서를 생성하였다. 본 논문에서는 인증서 대신 유한체 $F_q$에서 타원곡선(Elliptic Curve Cryptosystem)을 이용한 Weil pairing에 의해 생성된 세션키를 거래에 사용하기 때문에 알려진 키 공격(Known key attacks)과 위장 공격(Man-in-the-middle attacks)에 안전하다.

• 한국정보과학회논문지:정보통신
• /
• 제31권6호
• /
• pp.545-555
• /
• 2004

대리서명은 대리서명자로 하여금 원서명자를 대신해서 서명하도록 하는 암호방식이고, 부분은닉서명은 서명자가 은닉서명을 발행할 때 그가 삽입하기를 원하는 어떠한 정보를 서명에 삽입할 수 있도록 하는 암호방식으로, 부분은닉성과 익명성(또는 불추적성)을 제공하기 때문에 전자상거래에서 전자화폐나 전자투표 등과 같은 사용자의 프라이버시 보호나 보안을 요구하는 응용분야에 중요하게 적용되는 기술이다. 본 논문에서는 bilinear-pairing을 이용한 대리서명 방식과 ID 기반 부분은닉서명 방식을 제안한다. 그리고 투 방식을 결합한 대리부분은닉서명 방식을 제안한다. 제안하는 방식들은 GDH군에서 성립하며 CDHP의 어려움에 기반을 두고 있다. 제안하는 ID 기반 부분은닉서명 방식과 대리부분은닉서명 방식에서 공통정보를 제거하면 두 서명 방식은 각각 토 기반 은닉서명 방식과 대리은닉서명 방식이 된다.

• International Journal of Computer Science & Network Security
• /
• 제21권7호
• /
• pp.341-349
• /
• 2021

Many emerging mobile ad-hoc network application communications are group-oriented. Multicast supports group-oriented applications efficiently, particularly in a mobile environment that has a limited bandwidth and limited power. Energy effectiveness along with safety are 2 key problem in MANET design. Within this paper, MANET is presented with a stable, energy-efficient clustering technique. In this proposed work advanced clustering in the networks with ticket ID cluster manager (TID-CMGR) has formed in MANET. The proposed routing scheme makes secure networking the shortest route possible. In this article, we propose a Cluster manager approach based on TICKET-ID to address energy consumption issues and reduce CH workload. TID-CMGR includes two mechanism including ticket ID controller, ticketing pool, route planning and other components. The CA (cluster agent) shall control and supervise the functions of nodes and inform to TID-CMGR. The CH conducts and transfers packets to the network nodes. As the CH energy level is depleted, CA elects the corresponding node with elevated energy values, and all new and old operations are simultaneously stored by CA at this time. A simulation trial for 20 to 100 nodes was performed to show the proposed scheme performance. The suggested approach is used to do experimental work using the NS- simulator. TIDCMGR is compared with TID BRM and PSO to calculate the utility of the work proposed. The assessment shows that the proposed TICKET-ID scheme achieves 90 percent more than other current systems.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제10권3호
• /
• pp.1273-1288
• /
• 2016

With the swift growth of wireless technologies, an increasing number of users rely on the mobile services which can exchange information in mobile networks. Security is of key issue when a user tries to access those services in this network environment. Many authentication schemes have been presented with the purpose of authenticating entities and wishing to communicate securely. Recently, Chou et al. and Farash-Attari presented two ID authentication schemes. They both claimed that their scheme could withstand various attacks. However, we find that the two authentication schemes are vulnerable to trace attack while having a problem of clock synchronization. Additionally, we show that Farash-Attari's scheme is still susceptible to key-compromise impersonation attack. Therefore, we present an enhanced scheme to remedy the security weaknesses which are troubled in these schemes. We also demonstrate the completeness of the enhanced scheme through the Burrow-Abadi-Needham (BAN) logic. Security analysis shows that our scheme prevents the drawbacks found in the two authentication schemes while supporting better secure attributes. In addition, our scheme owns low computation overheads compared with other related schemes. As a result, our enhanced scheme seems to be more practical and suitable for resource-constrained mobile devices in mobile networks.