• Journal of Broadcast Engineering
• /
• v.20 no.4
• /
• pp.580-597
• /
• 2015

Broadcast encryption system is a cryptographic primitive that enables a sender to broadcast a message to a set of receivers in a secure channel. Out of previous proposed broadcast encryption systems, the most effective is the one that uses the Subset Difference(SD) method in a binary tree structure. The SD method has been realized by two underlying approaches: Pseudo-Random Generator(PRG) and Secret Sharing(SS). 2-SD method is the generalized version of the SD method by which two subsets of revoked receivers can be dealt with by one subset (in an SD-based broadcast encryption system). The primary advantage of the 2-SD method is to further reduce the size of transmission overhead, compared to the SD method. Until now, however, there is no known broadcast encryption system that is based on such a 2-SD technique using either PRG or SS basis. In this paper, we suggest a new 2-SD broadcast encryption system using the SS-based technique that was suggested by Jae Hwan Lee et al. in 2014[9]. The new system can reduce the size of ciphertext by 25% of the one in the previous SS-based broadcast encryption system. Also, on a theoretical note, ours is the first 2-SD broadcast encryption system that is provably secure.

• The KIPS Transactions:PartC
• /
• v.13C no.3 s.106
• /
• pp.339-344
• /
• 2006

Secure delivery of multicast data can be achieved with the use of a group key for data encryption in mobile ad hoc network (MANET) applications based on the group communication. However, for the support of dynamic group membership, the group key has to be updated for each member joining/leaving and, consequently, a mechanism distributing an updated group key to members is required. The two major categories of the group key distribution mechanisms proposed for wired networks are the naive and the tree-based approaches. The naive approach is based on unicast, so it is not appropriate for large group communication environment. On the other hand, the tree-based approach is scalable in terms of the group size, but requires the reliable multicast mechanism for the group key distribution. In the sense that the reliable multicast mechanism requires a large amount of computing resources from mobile nodes, the tree-based approach is not desirable for the small-sized MANET environment. Therefore, in this paper, we propose a new key distribution protocol, called the proxy-based key management protocol (PROMPT), which is based on the naive approach in the small-sized MANET environment. PROMPT reduces the message overhead of the naive through the first-hop grouping from a source node and the last-hop grouping from proxy nodes using the characteristics of a wireless channel.

• The Journal of Fisheries Business Administration
• /
• v.34 no.2
• /
• pp.91-107
• /
• 2003

Distribution of fish products from Tongyoung Marine ranching can be classified by three routes such as street-stall, live fish transportation vehicles, and wholesale markets neighboring unloading ports. These methods of distribution, however, have been restricted by limited distribution right, difficulties to differentiate fish prices from other surfaces, simple marketing channels. The ratio of cultured live fish circulated in market is increasing while naturally caught live fish is decreasing and the fresh fish shows a little of increasing rate. Consumers purchasing routes mainly depend on the live fish transportation merchants. For fresh fish traditional market plays an important role in trade. Convenience for consumers and quality of products are main factors in making decision of purchases. Bargaining power, however, belongs to the live fish transportation merchants. The demand of special markets for live fish was very strong, and the convenience and quality are relatively important required factors. Catch from Tongyoung Marine ranching has very good reputation as the possibility of being a good brand. Expecting possibility of quality differentiation was higher than price differentiation specially. The possible conclusion of a contract of a supply was suspicious however. Preliminary quality evaluation revealed that the catch is better than the cultured but worse than naturally grown fish. A merchandising is to be in a better position in the formation of prices by giving $\ulcorner$brand image$\lrcorner$ to potential consumers. The target markets are retail stores such as restaurants for raw fish and final consumers. The staple markets are retail stores. Possible items of products are live fish, fresh fish for cook, and fresh fish for raw fish. It is necessary for the catch to be informed as new functional products that have been improved in safety and quality, since the product positioning is similar but not well known to consumers. To secure a brand it is required to register a trademark, eco-label product design or packing, use real name in tranction, introduce recall system, and put label. Price higher than naturally grown live fish should be targeted. Establishing broad distribution channel, wholesale market, franchise are required. To secure enough catch and control shipment of products facilities of containing live fish are necessary. Instead of dealing with live fish only, it would be better to. sell fresh fish and live fish simultaneous. Strategically promotion focuses on advertisement of Marin ranching at first and then focuses on the catch from the marine ranching.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.40 no.3
• /
• pp.497-505
• /
• 2015

Existing Wi-Fi networks require users to follow network settings of the AP (Access Point), resulting in inconveniences for users, and the password of the AP is shared by all users connected to the AP, causing security information leaks as time goes by. We propose, in this work, a personalized secure Wi-Fi network, in which each user is assigned her own virtual Wi-Fi network. One virtual Wi-Fi per user makes the user-centric network configuration possible. A user sets a pair of her own SSID and password on her device a priori, and the AP publishes its public key in a suitable way. The AP also maintains an open Wi-Fi channel, to which users can connect anytime. On user's request, the user device sends a connection request message containing a pair of SSID and password encrypted with the AP's public key. Receiving the connection request message, the AP instantiates a new virtual AP secured with the pair of SSID and password, which is dedicated to that single user device. This virtual network is securer because the password is not shared among users. It is more convenient because the network adapts itself to the user device. Experiments show that these advantages are obtained with negligible degradation in the throughput performance.

• Journal of Broadcast Engineering
• /
• v.13 no.1
• /
• pp.53-61
• /
• 2008

Public Key Broadcast Encryption (PKBE) allows a sender to distribute a message to a changing set of users over an insecure channel. PKBE schemes should be able to dynamically exclude (i.e., revoke) a certain subset of users from decrypting a ciphertext, so that only remaining users can decrypt the ciphertext. Another important requirement is for the scheme to be forward-secrecy. A forward-secure PKBE (fs-PKBE) enables each user to update his private key periodically. This updated private key prevents an adversary from obtain the private key for certain past period, which property is particularly needed for pay-TV systems. In this paper, we present a fs-PKBE scheme where both ciphertexts and private keys are of $O(\sqrt{n})$ size. Our PKBE construction is based on Boneh-Boyen-Goh's hierarchical identity-based encryption scheme. To provide the forward-secrecy with our PKBE scheme, we again use the delegation mechanism for lower level identities, introduced in the BBG scheme. We prove chosen ciphertext security of the proposed scheme under the Bilinear Diffie-Hellman Exponent assumption without random oracles.

• KIPS Transactions on Computer and Communication Systems
• /
• v.7 no.2
• /
• pp.49-58
• /
• 2018

A certificate is a means to certify users by conducting the identification of the users, the prevention of forgery and alteration, and non-repudiation. Most people use an accredited certificate when they perform a task using online banking, and it is often used for the purpose of proving one's identity in issuing various certificates and making electronic payments in addition to online banking. At this time, the issued certificate exists in a file form on the disk, and it is possible to use the certificate issued in an existing device in a new device only if one copies it from the existing device. However, most certificate duplication methods are a method of duplication, entering an 8-16 digit verification code. This is inconvenient because one should enter the verification code and has a weakness that it is vulnerable to security issues. To solve this weakness, this study proposes a method for enhancing security certificate duplication in a multi-channel using TCP and BLE. The proposed method: 1) shares data can be mutually authenticated, using BLE Advertising data; and 2) encrypts the certificate with a symmetric key algorithm and delivers it after the certification of the device through an ECC-based electronic signature algorithm. As a result of the implementation of the proposed method in a mobile environment, it could defend against sniffing attacks, the area of security vulnerabilities in the existing methods and it was proven that it could increase security strength about $10^{41}$ times in an attempt of decoding through the method of substitution of brute force attack existing method.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.2
• /
• pp.261-270
• /
• 2015

In information security devices, such as Smart Cards, vulnerabilities of the RSA algorithm which is used to protect the data were found in the Side Channel Analysis. The RSA is especially vulnerable to Power Analysis which uses power consumption when the algorithm is working. Typically Power Analysis is divided into SPA(Simple Power Analysis) and DPA(Differential Power Analysis). On top of this, there is a CA(Collision Analysis) which is a very powerful attack. CA makes it possible to attack using a single waveform, even if the algorithm is designed to secure against SPA and DPA. So Message blinding, which applies the window method, was considered as a countermeasure. But, this method does not provide sufficient safety when the window size is small. Therefore, in this paper, we propose a new countermeasure that provides higher safety against CA. Our countermeasure is a combination of message and exponent blinding which is applied to the window method. In addition, through experiments, we have shown that our countermeasure provides approximately 124% higher attack complexity when the window size is small. Thus it can provide higher safety against CA.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.2
• /
• pp.179-187
• /
• 2020

The FBC(Fixed-Base Comb) is a method to efficiently operate scalar multiplication, a core operation for signature generations of the ECDSA(Elliptic Curve Digital Signature Algorithm), utilizing precomputed lookup tables. Since the FBC refers to the table depending on the secret information and the values of the table are publicly known, an adversary can perform HCA(Horizontal Correlation Analysis), one of the single trace side channel attacks, to reveal the secret. However, HCA is a statistical analysis that requires a sufficient number of unit operation traces extracted from one scalar multiplication trace for a successful attack. In the case of the scalar multiplication for signature generations of ECDSA, the number of unit operation traces available for HCA is significantly fewer than the case of the RSA exponentiation, possibly resulting in an unsuccessful attack. In this paper, we propose an improved HCA on lookup table based scalar multiplication algorithms such as FBC. The proposed attack improves HCA by increasing the number of unit operation traces by determining such traces for the same intermediate value through collision analysis. The performance of the proposed attack increases as more secure elliptic curve parameters are used.

• Journal of the Korean Institute of Navigation
• /
• v.10 no.2
• /
• pp.31-55
• /
• 1986

Generally, the development of shipping is characterized by the amount of traffic flow (traffic volume) and seaborne cargo in the sea. Movement of ships is an essential element of constructing the traffic flow which is represented the dynamic movement of ships in the sea, but on the other band the numbers of arriving and departing the port is the basic factor consisting of the static movement of ships. The amount of cargoes by coastal vessels and ocean trade vessels have increased tremendously with the great growth of the Korean economy these days. This increase of the seaborne cargoes has made the Korean coastal traffic flow so congested that this can be a cause of large pollution as well as great marine casualities such as a loss of human lives and properties . And also the future coastal traffic is expected to increase considerably according to our economic development and high dependence upon foreign trade. Under the circumstance, to devise the safety of coastal traffic flow and to take a proper step of a efficient navigation, there is a necessity for analyzing and surveying the coastal traffic trend and the characteristics of cargo movement. In order to grasp the dynamic movement of ships in the Korean coast, O/D analysis is executed. This paper aims to secure the basic data necessary for a comprehensive plan and estimation of vessel traffic management system for the enhancement of safety, order and efficiency of vessel traffic in the Korean coast. The analyzed results of the traffic flow and seaborne cargoes of the Korean coast are summarized as follows : 1) The congestion by the vessels occurred around the ports such as-in proportion of ship's number (proportion of tonnage) -Incheon 18.5%(14.8%), Pohang 5.9% (9.9%), Samil 5.2%(8.3%), Mokpo 8.6%(0.8%), Pusan 13.5%(36.4%), Ulsan 9.1%(16.2%). 2) It is found that the area adjacent to Incheon, Pusan, Ulsan, Channel of Hanryu and South-western area are heavily congested. 3) It is confirmed thatthe area adjacent to Incheon, Pusan, Ulsan, Channel of Hanryu and South-western area are heavily congested. 3) It is confirmed that the coastal vessels are main elements constituting the coastal traffic and that there are much traffic flow among five ports as following through the precise O/D analysis of ship's coastal movement. Incheon-Samil, Ulsan, Pusan, Jeju Pusan -Samil, Ulsan, Incheon, Jeju Pohang -Samil, Inchoen, Jeju Pohang -Samil, Incheon, Jeju Ulsan -Samil, Incheon, Jeju Samil -Ulsan, Pusan, Incheon 4) The amount of cargoes to abroad are in proportion about 81% of total and the amount of coastal cargoes are about 19%. Of those, cargoes in and out to Japan are about 26% and to South-east Asia are about 27%. 5) The chief items of foreign cargoes are oil(38.33%), iron ore(13.98%), bituminoous coal(12.74%), grain(8.02%), lumber(6.45%) in the import cargoes and steel material(21.96%), cement(17.16%), oil(6.81%), fertilizer(3.80%) in the export cargoes. 6) The 80.5% of total export cargoes and 92.4% of total import cargoes are flowed in five main ports. 7) The chief items of coastal cargoes are oil (42.45%), cement(16.86%), steel material (6.49%), anthracite(6.31%), mineral product(4.3%), grain, and fertilizer. Almost 92.24% of total import and export oil cargoes in Korea is loaded and unloaded at the port of Samil & Ulsan.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.14 no.3
• /
• pp.13-25
• /
• 2004

The key exchange protocols are very crucial tools to provide the secure communication in the broadband satellite access network. They should be required to satisfy various requirements such as security, key confirmation, and key freshness. In this paper, we present the guideline of security functions in BSAN(Broadband Satellite Access Network), and analyze the specification of the security primitives and the hey exchange Protocols for the authenticated key agreement between RCST(Return Channel Satellite Terminal) and NCC(fretwork Control Centre). In addition, we propose the security specification for a domestic broad satellite network based on the analysis on the analysis profile of ETSI(European Telecommunications Standards Institute) standards. The key exchange protocols proposed in ETSI standard are vulnerable to man-in-the-middle attack and they don't provide key confirmation. To overcome this shortcoming, we propose the 4 types of the key exchange protocols which have the resistant to man-in-the-middle-attack, key freshness, and key confirmation, These proposed protocols can be used as a key exchange protocol between RCST and NCC in domestic BSAN. These proposed protocols are based on DH key exchange protocol, MTI(Matsumoto, Takashima, Imai) key exchange protocol, and ECDH(Elliptic Curve Diffie-Hellman).