• Journal of Internet Computing and Services
• /
• v.11 no.6
• /
• pp.87-110
• /
• 2010

Recently competitive Korean companies are suffered from financial loss due to illegal exposure of their own proprietary know-how secrets, since it is difficult to watch hidden illegal channels to leak them due to their digitalization. Today the DRM-based system designed to protect such secrets is insufficient to prevent it, since DRM-based protection system cannot defend the intelligent robbery of secrets, in special, employee's robbery. The MSEC is much appropriate to secure secrets against employee's robbery. Our paper notes that IGMP, MSEC and SNMP can work easily together to realize secure system that satisfy strong security condition for prevention from leaking secrets. Since the previous research was on the architectural design for prevention of illegal exposure, this paper proposes the efficient protocol based on MSEC protocol. Our protocol satisfies the strong security conditions that the principles that the secret should be stored/distributed only in an encrypted shape, and should be separated physically from its encryption key, and should be carried in registered mobile storage separate from its processing device, and should be verified in terms of both user and device. Thus this paper proposes both the protocol for secret document distribution and its group key management.

• The KIPS Transactions:PartC
• /
• v.16C no.2
• /
• pp.199-208
• /
• 2009

Recently,IP-based broadcasting systems,such as Mobile-TV and IP-TV, have been widely deployed. These systems require a security system to allow only authorized subscribers access to broadcasting services. We analyzed the Conditional Access System, which is a security system used in the IP-based Pay-TV systems. A weakness of the system is that it does not scale well when the system experiences frequent membership changes. In this paper, we propose a group key distribution protocol which overcomes the scalability problem by reducing communication and computation overheads without loss of security strength. Our experimental results show that computation delay of the proposed protocol is smaller than one of the Conditional Access System. This is attributed to the fact that the proposed protocol replaces expensive encryption and decryption with relatively inexpensive arithmetic operations. In addition, the proposed protocol can help to set up a secure channel between a server and a client with the minimum additional overhead.

• Journal of information and communication convergence engineering
• /
• v.13 no.4
• /
• pp.280-285
• /
• 2015

Double random phase encryption (DRPE) is one of the well-known optical encryption techniques, and many techniques with DRPE have been developed for information security. However, most of these techniques may not solve the fundamental security problem caused by using fixed phase masks for DRPE. Therefore, in this paper, we propose a key phase mask updating scheme for DRPE to improve its security, where a spatial light modulator (SLM) is used to implement key phase mask updating. In the proposed scheme, updated key data are obtained by using previous image data and the first phase mask used in encryption. The SLM with the updated key is used as the second phase mask for encryption. We provide a detailed description of the method of encryption and decryption for a DRPE system using the proposed key updating scheme, and simulation results are also shown to verify that the proposed key updating scheme can enhance the security of the original DRPE.

• Journal of the Institute of Electronics Engineers of Korea CI
• /
• v.48 no.3
• /
• pp.18-26
• /
• 2011

Social network services whose users increase rapidly is the online services that reflect social network. They are used for various purposes such as strategy of election, commercial advertisement and marketing, educational information sharing and exchange of medical knowledge and opinions. These services make users form social networks with other users who have common interests and expand their relationships by releasing their personal information and utilizing other users' social networks. However, the social network services based on open and sharing of information raise various security threats such as violation of privacy and phishing. In this paper, we propose a group key management scheme and protocols using key rings to protect communication of small groups in social network services.

• Convergence Security Journal
• /
• v.7 no.2
• /
• pp.107-118
• /
• 2007

Distributed wireless sensor network in various environment have characteristic that is surveillance of environment-element and offering usefully military information but there is shortcoming that have some secure risks. Therefore secure service must be required for this sensor network safety. More safe and effective techniques of node administration are required for safe communication between each node. This paper proposes effective cluster-header and clustering techniques in suitable administration techniques of group-key on sensor network. In this paper, first each node transmit residual electric power and authentication message to BS (Base-Station). BS reflects "Validity Authentication Rate" and residual electric power. And it selects node that is more than these regularity values by cluster header. After BS broadcasts information about cluster header in safety and it transmits making a list of information about cluster member node to cluster header. Also, Every rounds it reflects and accumulates "Validity Authentication Rate" of former round. Finally, BS can select more secure cluster header.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.37 no.4B
• /
• pp.288-299
• /
• 2012

To ensure data confidentiality and fine-grained access control in business environment, system model using KP-ABE(Key Policy-Attribute Based Encryption) and PRE(Proxy Re-Encryption) has been proposed recently. However, in previous study, data confidentiality has been effected by decryption right concentrated on cloud server. Also, Yu's work does not consider a access privilege management, so existing work become dangerous to collusion attack between malicious user and cloud server. To resolve this problem, we propose secure system model against collusion attack through dividing data file into header which is sent to privilege manager group and body which is sent to cloud server and prevent modification attack for proxy re-encryption key using d Secret Sharing, We construct protocol model in medical environment.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.17 no.9
• /
• pp.2063-2072
• /
• 2013

Smart Grid is the next-generation intelligent power grid that maximizes energy efficiency with the convergence of IT technologies and the existing power grid. It enables consumers to check power rates in real time for active power consumption. It also enables suppliers to measure their expected power generation load, which stabilizes the operation of the power system. However, there are high possibility that various kinds of security threats such as data exposure, data theft, and privacy invasion may occur in interactive communication with intelligent devices. Therefore, to establish a secure environment for responding to such security threat with the smart grid, the key management technique, which is the core of the development of a security mechanism, is required. Using a hash chain, this paper suggests a group key management mechanism that is efficiently applicable to the smart grid environment with its hierarchical structure, and analyzes the security and efficiency of the suggested group key management framework.

• Convergence Security Journal
• /
• v.9 no.2
• /
• pp.71-78
• /
• 2009

It is very difficult to apply previous security protocols to WSNs(Wireless Sensor Networks) directly because WNSs have resource constrained characteristics such as a low computing ability, power, and a low communication band width. In order to overcome the problem, we proposes a secure group communication scheme applicable to WSNs. The proposed scheme is a combined form of the TEEN(Threshold sensitive Energy Efficient sensor Network protocol) clustering based hierarchical routing protocol and security mechanism, and we assume that WSNs are composed of sensor nodes, cluster headers, and base stations. We use both private key and public key cryptographic algorithms to achieve an enhanced security and an efficient key management. In addition, communications among sensor nodes, cluster headers, and base stations are accomplished by a hierarchical tree architecture to reduce power consumption. Therefore, the proposed scheme in this paper is well suited for WSNs since our design can provide not only a more enhanced security but also a lower power consumption in communications.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.19 no.3
• /
• pp.119-131
• /
• 2009

The world's widely used key exchange protocols are open cryptographic communication protocols, such as TLS/SSL, whereas in the financial field in Korea, key exchange protocols developed by industrial classification group have been used that are based on PKI(Public Key Infrastructure) which is suitable for the financial environments of Korea. However, the key exchange protocols are not only vulnerable to client impersonation attacks and known-key attacks, but also do not provide forward secrecy. Especially, an attacker with the private keys of the financial security server can easily get an old session-key that can decrypt the encrypted messages between the clients and the server. The exposure of the server's private keys by internal management problems, etc, results in a huge problem, such as exposure of a lot of private information and financial information of clients. In this paper, we analyze the weaknesses of the cryptographic communication protocols in use in Korea. We then propose two key exchange protocols which reduce the replacement cost of protocols and are also secure against client impersonation attacks and session-key and private key reveal attacks. The forward secrecy of the second protocol is reduced to the HDH(Hash Diffie-Hellman) problem.

• The Transactions of the Korea Information Processing Society
• /
• v.7 no.4
• /
• pp.1184-1192
• /
• 2000

Multicast has communication mechanism that is able to transfer voice, video for only the specific user group. As compared to unicast, multicast is more susceptive to attack such as masquerading, malicious replay, denial of service, repudiation and traffic observation, because of the multicast has much more communication links than unicast communication. Multicast-specific security threats can affect not only a group's receivers, but a potentially large proportion of the internet. In this paper, we proposed the multicast security model that is able to secure multi-group communication in CBT(Core Based Tree), which is multicast routing. And designed the multicast key distribution protocol that can offer authentication, user privacy using core (be does as Authentication Server) in the proposed model.