• Proceedings of the Korean Information Science Society Conference
• /
• 2007.10d
• /
• pp.1-6
• /
• 2007

프락시 암호 기법은 안전한 그룹 통신에서 중간 노드 신뢰 문제를 해결하기 위한 좋은 방법을 제공한다. 기존의 연구에서 프락시 암호 기법을 이용한 방법들이 제안되었으나 이들은 멀티캐스트 데이터전송 측면에서 매우 비효율적이거나 1-affect-n 문제로 인해 확장성이 저하되는 단점을 가지고 있다. 이에 따라 이 논문에서는 그룹 가입/탈퇴 분석 모델에 기반하여 동적으로 그룹을 분할/병합함으로써 키 분배에서의 확장성과 데이터 전송에서 효율성을 같이 제공하는 새로운 프락시 암호 기반의 안전한 그룹 통신 기법을 제안한다. 제안한 방법은 인터넷이나 무선 네트워크와 같이 공개된 환경에서 가입/탈퇴가 빈번히 일어나는 대규모 가입자를 대상으로 하는 실시간 멀티미디어 방송 서비스에 적합하다.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.6 no.9
• /
• pp.2442-2454
• /
• 2012

To ensure the security of wireless sensor networks, it is important to have a robust key management scheme. In this paper, we propose a Quorum-based key management scheme. A specific sensor, called as key distribution server (KDS), generates a key matrix and establishes a quorum system from the key matrix. The quorum system is a set system of subsets that the intersection of any two subsets is non-empty. In our scheme, each sensor is assigned a subset of the quorum system as its pre-distributed keys. Whenever any two sensors need a shared key, they exchange their IDs, and then each sensor by itself finds a common key from its assigned subset. A shared key is then generated by the two sensors individually based on the common key. By our scheme, no key is needed to be refreshed as a sensor leaves the network. Upon a sensor joining the network, the KDS broadcasts a message containing the joining sensor ID. After receiving the broadcast message, each sensor updates the key which is in common with the new joining one. Only XOR and hash operations are required to be executed during key update process, and each sensor needs to update one key only. Furthermore, if multiple sensors would like to have a secure group communication, the KDS broadcasts a message containing the partial information of a group key, and then each sensor in the group by itself is able to restore the group key by using the secret sharing technique without cooperating with other sensors in the group.

• Proceedings of the KIEE Conference
• /
• 2006.07a
• /
• pp.450-451
• /
• 2006

The method of conductor wiring is that a messenger wire is installed, the end of the wire is connected to the conductor and a engine puller pulls the conductor. The length of one section of wiring is $3{\sim}5km$ and one group messenger wire pulls simultaneously $2{\sim}4$ group conductor, while a tensioner maintains wiring tension to prevent the deflection of the conductor. However, there are many obstacles such as roads, power lines, communication lines, buildings, farms and crops. Therefore to prevent damage from conductor deflection a staging is used. The currently used staging is scaffolding lumber which is difficult to secure and it's construction efficiency is very low because it requires a lot of time and manpower. So this study developed a insulating defense tube and pipe connecting device, and a truss structure fabrication module using steel pipe which reduces construction time and cost through a compressive and dielectric strength test.

• The KIPS Transactions:PartC
• /
• v.11C no.6 s.95
• /
• pp.765-772
• /
• 2004

Multicast communication is simultaneous transmission of data to multiple receivers and saves considerably sender resources and network bandwidth. It has high risk to attack using group address and inherent complexity of routing packets to a large group of receivers. It is therefore critical to provide source authentication, allowing a receiver to ensure that received data is authentic. In this paper, we propose the multiple chain authentication scheme for secure and efficient multicast stream. To evaluate the performance of our scheme, we compare our technique with two other previously proposed schemes using simulation results. Our scheme provides non-repudiation of origin, low overhead by amortizing the signature operation over multiple packets, and high packet loss resistance.

• Journal of the Korean Society for Aeronautical & Space Sciences
• /
• v.42 no.7
• /
• pp.594-600
• /
• 2014

In modern warfare, securing communication channel by combatting opponents' electromagnetic attack is a crucial factor to win the war. Military satellite digital transponder is a communication payload of the next generation military satellite that maintains warfare networks operational in the presence of interfering signals by securely relaying signals between ground terminals. The transponder in this paper is classified as a partial processing transponder which performs cost effective secure relaying in satellite communication links. The control functions of transmission security achieve immunity to hostile interferences which may cause malicious effects on the link. In this paper, we present an efficient architecture for implementing the control mechanism. Two major ideas of pipelined processing in per-group control and software processing of blocked band information dramatically reduce the complexity of the hardware. A control code sequence showing its randomness with uniform distribution is exemplified and qualification test results are briefly presented.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.22 no.11
• /
• pp.1554-1561
• /
• 2018

This paper surveys the DDS, a real - time communication middleware, and proposes ways to improve the DDS secure communication performance. DDS is a communication middleware standard by the OMG. The OMG has released the DDS Security standard to resolve the security issues. The security performance of DDS can be considered into transmission speed and confidentiality. In terms of confidentiality, AES-GCM, currently the encryption algorithm specified by DDS Security, is a very strong encryption algorithm, but there are well known weaknesses associated with authentication. In terms of speed, The computational load for the security function is a restriction to use DDS in systems which requires real-time performance. Therefore, in order to improve the DDS security, algorithms that are faster than AES-GCM and strong in encryption strength are needed. In this paper, we propose a DDS message encryption method applying AES-OCB algorithm to meet these requirements and Compared with the existing DDS, the transmission performance is improved by up to 12%.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.19 no.3
• /
• pp.119-131
• /
• 2009

The world's widely used key exchange protocols are open cryptographic communication protocols, such as TLS/SSL, whereas in the financial field in Korea, key exchange protocols developed by industrial classification group have been used that are based on PKI(Public Key Infrastructure) which is suitable for the financial environments of Korea. However, the key exchange protocols are not only vulnerable to client impersonation attacks and known-key attacks, but also do not provide forward secrecy. Especially, an attacker with the private keys of the financial security server can easily get an old session-key that can decrypt the encrypted messages between the clients and the server. The exposure of the server's private keys by internal management problems, etc, results in a huge problem, such as exposure of a lot of private information and financial information of clients. In this paper, we analyze the weaknesses of the cryptographic communication protocols in use in Korea. We then propose two key exchange protocols which reduce the replacement cost of protocols and are also secure against client impersonation attacks and session-key and private key reveal attacks. The forward secrecy of the second protocol is reduced to the HDH(Hash Diffie-Hellman) problem.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.19 no.10
• /
• pp.2481-2490
• /
• 2015

The issue of PHR is maintained on the server will be in the hospital. PHR information stored on the server, such as a patient's illness and treatment is very sensitive information. Therefore, patients should be guaranteed the protection of privacy. In addition, the PHR should be allowed to group access of it's approach. Therefore, in this paper the proposed group signature using hierarchical identity-based encryption schemes into can guarantee the PHR data privacy. The session key generated by group signature, it is use a tiered approach. The generated session keys safe PHR data transmission is possible. The proposed method is average 80% than the PKI encryption and ID-based encryption rather than average 50% the algorithm processing is more efficient

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.4
• /
• pp.149-160
• /
• 2011

Smart Grid is the next-generation intelligent power grid that maximizes energy efficiency with the convergence of IT technologies and the existing power grid. It enables consumers to check power rates in real time for active power consumption. It also enables suppliers to measure their expected power generation load, which stabilizes the operation of the power system. However, there are high possibility that various kinds of security threats such as data exposure, data theft, and privacy invasion may occur in interactive communication with intelligent devices. Therefore, to establish a secure environment for responding to such security threat with the smart grid, the key management technique, which is the core of the development of a security mechanism, is required. Using a hash chain, this paper suggests a group key management mechanism that is efficiently applicable to the smart grid environment with its hierarchical structure, and analyzes the security and efficiency of the suggested group key management mechanism.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.16 no.2
• /
• pp.81-94
• /
• 2006

This study, in particular, aims to regulate the core techniques of ubiquitous computing, such as the use of an ad hoc network and the smart-tag technique, and to look more closely into RFID Tag's smart-tag-related security service. The study aims to do so because several important technical factors and structures must be taken into account for RFID Tag to be applied in the ubiquitous-computing-related infrastructure, and the security of the tag is considered one of the core technologies. To realize secure ubiquitous computing in the case of the Passive-tag-Performing RF communication, a less costly security service, the technical items needed to carry this out, a security service to be applied to passive tags, and network management techniques are required. Therefore, the passive-tag-based networks as the authentication level is established based on the secure authentication of each tag and the service that the tag delivers in the passive-tag-based networks and as the same service and authentication levels are applied, and the active-tag-based network system proposed herein is not merely a security service against illegal RFID tags by performing a current-location and service registration process after the secure authentication process of the active RFID tag, but is also a secure protocol for single and group services, is proposed in this study.