• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.13 no.6
• /
• pp.55-65
• /
• 2003

To perform the certificate validation processing on the user-side application induces the very considerable overhead because of the complex and time-consuming characteristic of the validation processing. Especially, the verification for digital signature over a certificate can be the major reason of the overhead, since the verification accompanies with the cryptographic calculation over each certificate on the certificate path. In this paper, we propose a new certificate validation scheme can reduce the overhead caused by user-side certificate validation processing and improve the utilization of CAs. As the result, our proposed scheme can not only reduces the overhead for the validation processing by decreasing the cryptographic calculation but also improves the utilization of CAs by employing them to the validation processing.

• International Journal of Computer Science & Network Security
• /
• v.21 no.5
• /
• pp.256-266
• /
• 2021

The Convolutional Neural Network (CNN) has recently made potential improvements in face verification applications. In fact, different models based on the CNN have attained commendable progress in the classification rate using a massive amount of data in an uncontrolled environment. However, the enormous computation costs and the considerable use of storage causes a noticeable problem during training. To address these challenges, we focus on relevant data trained within the CNN model by integrating a lifting method for a better tradeoff between the data size and the computational efficiency. Our approach is characterized by the advantage that it does not need any additional space to store the features. Indeed, it makes the model much faster during the training and classification steps. The experimental results on Labeled Faces in the Wild and YouTube Faces datasets confirm that the proposed CNN framework improves performance in terms of precision. Obviously, our model deliberately designs to achieve significant speedup and reduce computational complexity in deep CNNs without any accuracy loss. Compared to the existing architectures, the proposed model achieves competitive results in face recognition tasks

• International Journal of Internet, Broadcasting and Communication
• /
• v.13 no.2
• /
• pp.60-66
• /
• 2021

Blockchain is a technology that enables trust-based consensus and verification based on a decentralized network. Distributed ID (DID) is based on a decentralized structure, and users have the right to manage their own ID. Recently, interest in self-sovereign identity authentication is increasing. In this paper, as a method for transparent and safe sovereignty management of data, among data pseudonymization techniques for blockchain use, various methods for data encryption processing are examined. The public key technique (homomorphic encryption) has high flexibility and security because different algorithms are applied to the entire sentence for encryption and decryption. As a result, the computational efficiency decreases. The hash function method (MD5) can maintain flexibility and is higher than the security-related two-way encryption method, but there is a threat of collision. Zero-knowledge proof is based on public key encryption based on a mutual proof method, and complex formulas are applied to processes such as personal identification, key distribution, and digital signature. It requires consensus and verification process, so the operation efficiency is lowered to the level of O (log_eN) ~ O(N²). In this paper, data encryption processing for blockchain DID, based on zero-knowledge proof, was proposed and a one-way encryption method considering data use range and frequency of use was proposed. Based on the content presented in the thesis, it is possible to process corrected zero-knowledge proof and to process data efficiently.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.2
• /
• pp.353-362
• /
• 2023

Messenger phishing, communications frauds crime, exploits remote control of smartphones and non-face-to-face financial transactions, causing property damage due to money transfers, as well as account opening and loans in the name of victims. Such financial accidents may be careless of victims, but the current messenger phishing criminal method is intelligent and can be seen as digging into loopholes in the non-face-to-face user verification process. In this paper we analyze how messenger phishing uses loopholes in user identification procedures in non-face-to-face financial transactions. Through experiments, it is suggested to improve the non-face-to-face verification process for safer financial transactions.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.3
• /
• pp.545-559
• /
• 2013

There is a limitation on counteracting recent cyber-attacks with only technical security measures because they become more intelligent and large-scale to aim at employees instead of systems directly or to be conducted with unspecified multiple PCs. Thus, comprehensive measures revolved around related manpower are necessary to deal with them. However, domestic information security education system which is the base of professional manpower training lacks medium-and long-term plans for information security education, verification of education programs, and information sharing among educational institutions. This paper suggests information security education development plans for resolving problems on domestic education systems and improving cyber information security environment such as a national information security education master plan, certification system introduction of education programs, and professional manpower database management.

• Journal of Digital Convergence
• /
• v.14 no.11
• /
• pp.501-505
• /
• 2016

Recently, the frequency of dealing important information regarding financial services like paying through smart device or internet banking on smart device has been increasing. Also, with the development of smart device execution environment towards open software environment, it became easier for users to download and use random application software, and its security aspect appears to be weakening. This study inspects features of hardware-based smart device security technology. Furthermore, this study proposes a realization method in MTM hardware-based secure smart device execution environment for an application software that runs in smart devices. While existing MTM provides the root of trust function only for the mobile device, the MTM-based mobile security environment technology proposed in this paper can provide numerous security functions that application program needs in mobile device. The further researches on IoT devices that are compatible with security hardware, gateway security technology and methods that secure reliability and security applicable to varied IoT devices by advancing security hardware are the next plan to proceed.

• ETRI Journal
• /
• v.25 no.6
• /
• pp.510-516
• /
• 2003

In this paper, we describe the development of a platform-based SoC of a 32-bit smart card. The smart card uses a 32-bit microprocessor for high performance and two cryptographic processors for high security. It supports both contact and contactless interfaces, which comply with ISO/IEC 7816 and 14496 Type B. It has a Java Card OS to support multiple applications. We modeled smart card readers with a foreign language interface for efficient verification of the smart card SoC. The SoC was implemented using 0.25 ${\mu}m$ technology. To reduce the power consumption of the smart card SoC, we applied power optimization techniques, including clock gating. Experimental results show that the power consumption of the RSA and ECC cryptographic processors can be reduced by 32% and 62%, respectively, without increasing the area.

• Journal of Industrial Technology
• /
• v.21 no.B
• /
• pp.107-116
• /
• 2001

The speech includes various kinds of information : language information, speaker's information, affectivity, hygienic condition, utterance environment etc. when a person communicates with others. All technologies to utilize in real life processing this speech are called the speech technology. The speech technology contains speaker's information that among them and it includes a speech which is known as a speaker recognition. DTW(Dynamic Time Warping) is the speaker recognition technology that seeks the pattern of standard speech signal and the similarity degree in an inputted speech signal using dynamic programming. ln this study, using TMS320C32 DSP processor, we are to embody this DTW and to construct a security system.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.4
• /
• pp.831-841
• /
• 2017

This paper presents a secure and DoS-resistant fragment authentication technique for Content-Centric Networking (CCN). Our approach not only guarantees the authenticity of each fragment, but also provides a high resistance to DoS attacks through the immediate verification of fragment authenticity at interim nodes on the routing path. Our experimental results demonstrate that the proposed approach provides much stronger security than the existing approach, without imposing a significant overhead.

• Proceedings of the Korean Information Science Society Conference
• /
• 2012.06d
• /
• pp.337-339
• /
• 2012

스마트폰 사용자의 증가와 함께 이동통신망의 데이터 트래픽이 폭증하고 있다. 유입되는 트래픽 중 비정상적, 악의적인 트래픽이 발생하고 있지만, 이동통신 데이터망의 보안 시스템은 미비한 실정이다. 이 논문에서는 이동통신 데이터망으로 유입되는 악의적인 트래픽 및 비정상 트래픽에 대응하기 위하여 이동통신 데이터망의 구성과 발생 가능한 위협을 정리하였다. 그리고 대응 시스템을 마련하기 위해 필요한 테스트베드가 갖춰야 할 요구사항을 정리하였다. 이 요구사항을 준수하여 테스트베드를 구축하면 이동통신 데이터망의 위협에 대응하는 시스템의 설계 및 실험에 많은 도움을 줄 수 있을 것이다.