• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2017.05a
• /
• pp.285-287
• /
• 2017

Currently, the world of data communication is not simply communication between server and user in a wired way, but using wireless environment, various devices communicate with each other in a wider and diverse environment to generate a large amount of data. In this environment, IoT is now located deep in our lives, and IoT technologies are used in many tasks, but the data used in IoT is exposed without sufficient protection from malicious behavior. Most of these devices do not have enough computing power to cope with malicious attacks. In this paper, we aim to make all devices that have sufficient computing power and safety from simple sensors to be able to have security according to the situation. The proposed technology is based on the importance of the device and computing power, and it is possible to select the encryption technology selectively and to improve security.

• Journal of Internet of Things and Convergence
• /
• v.8 no.1
• /
• pp.79-85
• /
• 2022

Internet of Things (IoT) connects devices with various platforms, computing power, and functions. Due to the diversity of networks and the ubiquity of IoT devices, demands for security and privacy are increasing. Therefore, cryptographic mechanisms must be strong enough to meet these increased requirements, while at the same time effective enough to be implemented in devices with long-range specifications. In this paper, we present the performance and memory limitations of modern cryptographic primitives and schemes for different types of devices that can be used in IoT. In addition, detailed performance evaluation of the performance of the most commonly used encryption algorithms in low-spec devices frequently used in IoT networks is performed. To provide data protection, the binary ring uses encryption asymmetric fully homomorphic encryption and symmetric encryption AES 128-bit. As a result of the experiment, it can be seen that the IoT device had sufficient performance to implement a symmetric encryption, but the performance deteriorated in the asymmetric encryption implementation.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.3
• /
• pp.661-666
• /
• 2016

The Internet of Things (IoT) is an infrastructure of physical objects that could be connected to the Internet. Most of these are low performance to ensure a reasonable cost for the smart physical objects. Thus, these devices usually use a lightweight messaging protocol: message queue telemetry transport with SSL/TLS. Cipher suites in device are fixed by default and selected based on preference in SSL/TLS. However, the selected cipher suite provides high security level more than expected. This limitation causes energy waste and overhead of devices. In order to counter this problem, we proposed fuzzy logic based cipher suite decision method to improve energy efficiency. Our proposed method saved 36.03% energy.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.19 no.10
• /
• pp.661-667
• /
• 2018

Recently, the smart home market is growing due to the development of wireless communication technology and sensor devices, and various devices are being utilized. Such an IoT environment collects various vast amount of device information for intelligent services, receives services based on user information, controls various devices, and provides communication between different types of devices. However, with this growth, various security threats are occurring in the smart home environment. In fact, Proofpoint and HP warned about the cases of damage in a smart home environment and the severity of security vulnerabilities, and cases of infringement in various environments were announced. Therefore, in this paper, we have studied secure mutual authentication method between smart nodes used in smart home to solve security problems that may occur in smart home environment. In the case of the proposed thesis, security evaluations are performed using random numbers and frequently updated session keys and secret keys for well-known vulnerabilities that can occur in IoT environments and sensor devices such as sniffing, spoofing, device mutual authentication, And safety. In addition, it is confirmed that it is superior in security and key management through comparison with existing smart home security protocol.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2021.10a
• /
• pp.199-201
• /
• 2021

The Internet of Things (IoT) is a technology that can organically connect people and things without time and space constraints by using communication network technology and sensors, and transmit and receive data in real time. The IoT used in all industrial fields has limitations in terms of storage allocation, such as device size, memory capacity, and data transmission performance, so it is important to manage power consumption to effectively utilize the limited battery capacity. In the prior research, there is a problem in that security is deteriorated instead of improving power efficiency by lightening the security algorithm of the encryption module. In this study, we proposes a low-power security architecture that can utilize high-performance security algorithms in the IoT environment. This can provide high security and power efficiency by using relatively complex security modules in low-power environments by executing security modules only when threat detection is required based on inspection results.

• Journal of Convergence for Information Technology
• /
• v.10 no.11
• /
• pp.55-63
• /
• 2020

The IoT technology is a field that applies and converges the technologies in the existing industrial environment, instead of new technologies. The IoT technology is releasing various application services converged with other industries such as smart home, healthcare, construction, and automobile, and it is also possible to secure the work efficiency and convenience of users of IoT-based technologies. However, the security threats occurring in the IoT-based technology environment are succeeding to the vulnerability of the existing wireless network environment. And the occurrence of new and variant attacks in the combination with the ICT convergence environment, is causing damages. Thus, in the IoT technology-based environment, it would be necessary to have researches on the safe transmission of messages in the communication environment between user and device, and device and device. This thesis aims to design a safe communication protocol in the IoT-based technology environment. Regarding the suggested communication protocol, this thesis performed the safety analysis on the attack techniques occurring in the IoT technology-based environment. And through the performance evaluation of the existing PKI-based certificate issuance system and the suggested communication protocol, this thesis verified the high efficiency(about 23%) of communication procedure. Also, this thesis verified the reduced figure(about 65%) of the issued quantity of certificate compared to the existing issuance system and the certificate management technique.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.22 no.1
• /
• pp.109-116
• /
• 2018

This paper describes an area-efficient design of SHA-256 hash function that is widely used in various security protocols including digital signature, authentication code, key generation. The SHA-256 hash processor includes a padder block for padding and parsing input message, so that it can operate without software for preprocessing. Round function was designed with a 16-bit data-path that processed 64 round computations in 128 clock cycles, resulting in an optimized area per throughput (APT) performance as well as small area implementation. The SHA-256 hash processor was verified by FPGA implementation using Virtex5 device, and it was estimated that the throughput was 337 Mbps at maximum clock frequency of 116 MHz. The synthesis for ASIC implementation using a $0.18-{\mu}m$ CMOS cell library shows that it has 13,251 gate equivalents (GEs) and it can operate up to 200 MHz clock frequency.

• International Journal of Computer Science & Network Security
• /
• v.21 no.8
• /
• pp.229-237
• /
• 2021

Cloud of things (CoTs) is a newer idea which combines cloud computing (CC) with the Internet of Things (IoT). IoT capable of comprehensively producing data, and cloud computing can be presented pathways that allow for the progression towards specific destinations. Integrating these technologies leads to the formation of a separate element referred to as the Cloud of Things (CoTs). It helps implement ideas that make businesses more efficient. This technology is useful for monitoring a device or a machine and managing or connecting them. Since there are a substantial amount of machines that can run the IoT, there is now more data available from the IoT that would have to be stored on a local basis for a provisional period, and this is impossible. CoTs is used to help manage and analyze data to additionally create usable information by permitting and applying the development of advanced technology. However, combining these elements has a few drawbacks in terms of how secure the process is. This investigation aims to recent study literature from the past 3 years that talk about how secure the technology is in terms of protecting by authentication, reliability, availability, confidentiality, and access control. Additionally, this investigation includes a discussion regarding some kinds of potential attacks when using Cloud of Things. It will also cover what the various authors recommend and conclude with as well as how the situation can be approached to prevent an attack.

• Convergence Security Journal
• /
• v.22 no.1
• /
• pp.81-92
• /
• 2022

The rapidly growing IoT market is expanding not only in general households but also in smart homes and smart cities. Among the major protocols used in IoT, ZigBee accounts for more than 90% of the smart home's door lock market and is mainly used in miniaturized sensor devices, so the safety of the protocol is very important. However, the device using Zig Bee is not satisfied with the omnidirectional safety because it uses a fixed key during the authentication process that connects to the network, and it has not been resolved in the recently developed ZigBee 3.0. This paper proposes a design method that provides omnidirectional safety to the ZigBee authentication protocol and can be quickly applied to existing protocols. The proposed improved ZigBee authentication protocol analyzed and applied the recently developed OWE protocol to apply ECDH, which has low computational volume and provides omnidirectional safety in IoT. Based on this, it provides the safety of the ZigBee authentication protocol, and it is expected that it will be able to provide user convenience as it does not require a separate certificate or password input.

• Journal of Digital Convergence
• /
• v.18 no.10
• /
• pp.233-238
• /
• 2020

In the cloud environment, IoT devices using sensors and wearable devices are being applied in various environments, and technologies that accurately determine the information generated by IoT devices are being actively studied. However, due to limitations in the IoT environment such as power and security, information generated by IoT devices is very weak, so financial damage and human casualties are increasing. To accurately collect and analyze IoT information, this paper proposes a topographic information-based key management technique that considers IoT information errors. The proposed technique allows IoT layout errors and groups topographic information into groups of dogs in order to secure connectivity of IoT devices in the event of arbitrary deployment of IoT devices in the cloud environment. In particular, each grouped terrain information is assigned random selected keys from the entire key pool, and the key of the terrain information contained in the IoT information and the probability-high key values are secured with the connectivity of the IoT device. In particular, the proposed technique can reduce information errors about IoT devices because the key of IoT terrain information is extracted by seed using probabilistic deep learning.