• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.3
• /
• pp.27-35
• /
• 2011

Design of Sensor nodes in Wireless Sensor Network(WSN) should be considered some properties as electricity consumption, transmission speed, range, etc., and also be needed the protection against various attacks (e.g., eavesdropping, hacking, leakage of customer's secret data, and denial of services). The stream cipher Rabbit, selected for the final eSTREAM portfolio organized by EU ECRYPT and selected as algorithm in part of ISO/IEC 18033-4 Stream Ciphers on ISO Security Standardization recently, is a high speed stream cipher suitable for WSN. Since the stream cipher Rabbit was evaluated the complexity of side-channel analysis attack as 'Medium' in a theoretical approach, thus the method of power analysis attack to the stream cipher Rabbit and the verification of our method by practical experiments were described in this paper. We implemented the stream cipher Rabbit without countermeasures of power analysis attack on IEEE 802.15.4/ZigBee board with 8-bit RISC AVR microprocessor ATmega128L chip, and performed the experiments of power analysis based on difference of means and template using a Hamming weight model.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.3
• /
• pp.517-526
• /
• 2021

Recently, the acceleration of the development of quantum computers has raised the issue of the safety of factorization and discrete logarithm based digital signature schemes used in existing Internet environments. To solve the issue, several digital signature schemes are presented that are safe in post-quantum computing environments, including standardization work by the National Institute of Standards and Technology(NIST). In this paper, we design and present a multi-signature scheme based on the TACHYON announced by Behnia et al. in 2018 CCS conference, and prove the security. Multi-signature schemes are key techniques that can distribute the dependence of cryptocurrency-wallet on private keys in the cryptocurrency field, which has recently received much attention as an digital signature application, and many researchers and developers have recently been interested. The multi-signature scheme presented in this paper enables public key aggregation in a plain public key model, which does not require additional zero-knowledge proof, and can construct an effective scheme with only an aggregated public key.

• Journal of Internet of Things and Convergence
• /
• v.6 no.4
• /
• pp.65-72
• /
• 2020

In this paper, we developed a web-based DApp system based on a private blockchain by applying machine learning techniques to automatically identify Android malicious apps that are continuously increasing rapidly. The optimal machine learning model that provides 96.2587% accuracy for Android malicious app identification was selected to the authorized experimental data, and automatic identification results for Android malicious apps were recorded/managed in the Hyperledger Fabric blockchain system. In addition, a web-based DApp system was developed so that users who have been granted the proper authority can use the blockchain system. Therefore, it is possible to further improve the security in the Android mobile app usage environment through the development of the machine learning-based Android malicious app identification block chain DApp system presented. In the future, it is expected to be able to develop enhanced security services that combine machine learning and blockchain for general-purpose data.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.5
• /
• pp.779-790
• /
• 2022

Fuzzy extractor is a biometric encryption that generates keys from biometric data where input values are not always the same due to the noisy data, and performs authentication securely without exposing biometric information. However, if a user registers biometric data on multiple servers, various attacks on helper data which is a public information used to extract keys during the authentication process of the fuzzy extractor can expose the keys. Therefore many studies have been conducted on reusable fuzzy extractors that are secure to register biometric data of the same person on multiple servers. But as the key length increases, the studies presented so far have gradually increased the number of key recovery processes, making it inefficient and difficult to utilize in security systems. In this paper, we design an efficient and reusable fuzzy extractor based on LWE with the same or similar number of times of the authentication process even if the key length is increased, and show that the proposed algorithm is reusably-secure defined by Apon et al.[5].

• Journal of Digital Convergence
• /
• v.19 no.4
• /
• pp.133-139
• /
• 2021

Due to the rapid progress in network technology, many research on content security technologies is also being conducted in the mobile digital content sector. In the meantime, content protection has been immersed in preventing illegal copying, certifying, and issuance/management certificates, but still have many vulnerabilities in managing or authenticating confidential information. This study aims to strengthen confidential information about content based on dual management of content download rights through mobile phone numbers or device numbers. It also protect replay-attack by building a secure mobile DRM system where digital content is safely distributed based on a three-stage user authentication process. In addition, blockchain-based content security enhancements were studied during the primary/secondary process for user authentication for the prevention of piracy and copyright protection. In addition, the client authentication process was further improved through three final stages of authorization in the use of illegal content, considering that legitimate users redistributed their content to third-party.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.6
• /
• pp.1165-1170
• /
• 2022

In WSNs, a clustering algorithm groups sensor nodes on a unit called cluster and periodically selects a cluster head (CH) that acts as a communication relay on behalf of nodes in each cluster for the purpose of energy conservation and relay efficiency. Meanwhile, attack techniques also have emerged to intervene in the CH election process through compromised nodes (inside attackers) and have a fatal impact on network operation. However, existing countermeasures such as encryption key-based methods against outside attackers have a limitation to defend against such inside attackers. Therefore, we propose a statistical detection method that detects abnormal CH election behaviors occurs in a WSN cluster. We design two attack methods (Selfish and Greedy attacks) and our proposed defense method in WSNs with two clustering algorithms and conduct experiments to validate our proposed defense method works well against those attacks.

• Current Optics and Photonics
• /
• v.7 no.4
• /
• pp.362-377
• /
• 2023

Optical information processing technology is characterized by high speed and parallelism, and the light features short wavelength and large information capacity; At the same time, it has various attributes including amplitude, phase, wavelength and polarization, and is a carrier of multi-dimensional information. Therefore, optical encryption is of great significance in the field of information security transmission, and is widely used in the field of image encryption. For multi-image encryption, this paper proposes a multi-image encryption algorithm based on a modified Gerchberg-Saxton algorithm (MGSA) in the Fresnel-transform domain and computational ghost imaging. First, MGSA is used to realize "one code, one key"; Second, phase function superposition and normalization are used to reduce the amount of ciphertext transmission; Finally, computational ghost imaging is used to improve the security of the whole encryption system. This method can encrypt multiple images simultaneously with high efficiency, simple calculation, safety and reliability, and less data transmission. The encryption effect of the method is evaluated by using correlation coefficient and structural similarity, and the effectiveness and security of the method are verified by simulation experiments.

• KSCE Journal of Civil and Environmental Engineering Research
• /
• v.29 no.5D
• /
• pp.645-654
• /
• 2009

This study started with necessity of historical spatial planning skills in U-city planning. Though U-city technology and information are very important, U-city development should be considered on the base of various experience of spatial planning. This study explored spatial planning indexes change in the recent newtown plans. In particular, safety and security were intensively analyzed. In addition, many theories on safe urban space, ubiquitous technology, traditional defensible space, and CPTED (Crime Prevention through Environmental Design) are compared. The findings are as follows. First, each planning is not integrated and there is lack of network among each planning. Specifically, from the crime prevention perspective, there is only mechanical monitoring such as CCTV without architectural approach. Even though CCTV is social needs, it is necessary to adopt it with architectural environment in order to improve the synergy effect of spatial planning and non-spatial planning.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.24 no.2
• /
• pp.1-6
• /
• 2024

In this paper, we designed and implemented the security network NVR system that can flexibly use the internal network and VPN network. In general, the NVR systems that only use internal networks cannot be access from the outside, which has the disadvantage of unnecessary inspections and inability to access from the outside. External access has made possible using the VPN security network, and a NVR system software was designed and implemented so that the existing internal network could be used. We compared with the NVR system usage environment in the internal network through the client and the NVR system. It also has implemented usage environment with the VPN network through the mobile APP, and confirmed that the same NVR was operating normally with the same functions. We also studied on IP based NVR for flexible access with closed loop network based on VPN system.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.24 no.5
• /
• pp.1-7
• /
• 2024

This paper presents the design and implementation of a VPN (Virtual Private Network) module to address the need for external access and functional expansion of NVR (Network Video Recorder) systems. NVR systems play a critical role in enhancing security across various industries through real-time monitoring and recording. However, they are vulnerable to security threats, particularly when a secure connection to external networks is required. To resolve this issue, this study applied a VPN module to ensure that NVR systems can communicate securely with external networks. This approach enabled remote access and real-time event notifications. Performance tests confirmed 100% accuracy in event notifications. This research contributes to improving the security and operational efficiency of NVR systems, highlighting the necessity and utility of VPN modules for secure communication with external networks.