• Proceedings of the IEEK Conference
• /
• 2008.06a
• /
• pp.63-64
• /
• 2008

The mobile RFID (Radio Frequency Identification) is a new application to use mobile phone as RFID reader with a wireless technology and provides new valuable services to user by integrating RFID and ubiquitous sensor network infrastructure with mobile communication and wireless internet. However, there are an increasing number of concerns, and even some resistances, related to consumer tracking and profiling using RFID technology. Therefore, in this paper, we describe the security analysis and implementation leveraging globally networked mobile RFID services which complies with the Korea's mobile RFID forum standard.

• ETRI Journal
• /
• v.31 no.4
• /
• pp.460-462
• /
• 2009

The emerging wireless networks require the design of new authentication protocols due to their dynamic nature and vulnerable-to-attack structure. Recently, Wu and others proposed a wireless authentication protocol which is claimed to be an improvement of the authentication protocol proposed by Lee and others which provides user anonymity. In this letter, we show that these protocols have a common flaw and that these protocols fail to provide user anonymity. We also propose a modification method to solve this problem.

• Proceedings of the Korean Society of Broadcast Engineers Conference
• /
• 2008.02a
• /
• pp.205-208
• /
• 2008

컴퓨터 포렌식 수사에서 파일 복구는 증거 획득에 중요한 요소이다. 하지만 증거 획득 단계에서 하드 디스크와 같은 저장 매체가 손상되거나 파일이 삭제 된 경우가 많이 존재한다. 이 경우 사용할 수 있는 방법 중에 한 가지가 파일 카빙이다. 파일카빙은 컨텐츠를 알려주는 메타데이터가 손상되거나 없을 때 컨텐츠 및 파일 시그너처를 토대로 파일을 재구성 하는 방법이다. 현재 여러 카빙 알고리즘이 제시되고, 도구들이 나와 있지만 파일이 여러 조각 나 있거나 파일 구조의 Header와 Footer 정보가 없다면 파일 카빙이 힘든 문제점이 있다. 그래서 본 논문에서는 현재의 카빙 알고리즘 및 도구보다 더 넓은 범위를 수용할 수 있는 카빙 알고리즘 설계 방안을 제시 한다.

• Proceedings of the IEEK Conference
• /
• 2000.11c
• /
• pp.55-58
• /
• 2000

EC, which is done the virtual space through Web, has weakly like security problem because anybody can easily access to the system due to open network attribute of Web. Therefore, we need the solutions that protect the Web security for safe and useful EC. One of these solutions is the implementation of a strong cipher system. NC(Nonpolynomial Complete) cipher system proposed in this paper is advantage for the Web security and it overcomes the limit of the 64 bits cipher system using 128 bits key length for input, output, encryption key and 16 rounds. Moreover, it is designed for the increase of time complexity by adapted more complex design for key scheduling regarded as one of the important element effected to encryption.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2003.07a
• /
• pp.37-42
• /
• 2003

Threshold signature and blind signature are playing important roles in cryptography as well as practical applications such as e-cash and e-voting systems. In this paper, we present a new threshold blind digital signature based on pairings without a trusted third party. Our scheme operates on Gap Diffie-Hellman group, where Computational Diffie-Hellman problems are hard but Decision Diffie-Hellman problems are easy. For example, we use pairings that could be built from Weil pairing or Tate pairing. To the best of our knowledge, we claim that our scheme is the first threshold blind signature using pairings with provable security in the random oracle model.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2001.11a
• /
• pp.415-424
• /
• 2001

최근 들어 일반인들을 대상으로 하는 인터넷 서비스가 보편화되면서 B2C 기반 전자상거래의 수요가 급속히 증가하고 있다. 뿐만 아니라 기업과 기업간(B2B) 혹은 기업과 정부간(B2G)의 전자상거래를 위한 포탈 사이트나 허브 사이트 등의 구축도 매우 활발히 이루어지고 있다. 이와 같은 인터넷 기반의 전자상거래 시스템은 사용자들에게 기존 상거래에서는 경험해 보지 못했던 다양하고 방대한 정보와 편리성 등을 제공하고 있다. 반면, 지불 정보나 구매 정보 혹은 개인 신상 정보 등의 유출과 같은 보안상의 문제점들을 해결해야 하는 어려움도 내재되어 있어 안전한 전자상거래를 보장하기 위한 일환으로 자바카드 기반의 사용자 인터페이스가 요구되고 있다. 여기서, 자바카드 상의 개방형 플랫폼 보안 서비스를 구현하는 것이 본 논문의 목적이다. 이러한 목적을 달성하기 위해 자바카드를 기반으로 하는 개방형 플랫폼상의 CEPS 보안 메커니즘을 분석하고, 개방형 플랫폼 구성요소인 보안 도메인(Security Domain)의 보안 요구사항에 근거한 자바카드 보안 서비스를 제공하는 기능을 설계 및 구현한다.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2012.10a
• /
• pp.954-955
• /
• 2012

Recently as increasing the use of mobile communication devices the use of mobile readers for recognition tag attached to objects is also increasing. Accordingly, meantime, that gives rise to the vulnerability of RFID systems between reader and tag security issues, as well as security issues between the reader and the back-end server will occur. In this paper between the reader and the back-end server to security vulnerabilities efficient authentication protocol using the hash function is proposed.

• 한국정보컨버전스학회:학술대회논문집
• /
• 2008.06a
• /
• pp.75-86
• /
• 2008

This paper presents the design, implementation, and evaluation of the RFID Guardian, the first-ever unified platform for RFID security and privacy administration. The RFID Guardian resembles an "RFID firewall", enabling individuals to monitor and control access to their RFID tags by combining a standard-issue RFID reader with unique RFID tag emulation capabilities. Our system provides a platform for coordinated usage of RFID security mechanisms, offering fine-grained control over RFID-based auditing, key management, access control, and authentication capabilities. We have prototyped the RFID Guardian using off-the-shelf components, and our experience has shown that active mobile devices are a valuable tool for managing the security of RFID tags in a variety of applications, including protecting low-cost tags that are unable to regulate their own usage.

• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.40 no.6
• /
• pp.237-246
• /
• 2003

To acquire certificate of security evaluation for information protection Products, it is necessary for a designer to grasp the threats listed in a protection profile and to reflect them in the product design. BDPP is a protection profile for the biometric devices. In this paper, we applied BDPP to a Match-on-Card, and ertracted some security requirements to protect biometric data against threats. We also studied some countermeasures satisfying the security requirements.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 1995.11a
• /
• pp.200-210
• /
• 1995

Almost all hash functions suggested up till now provide security by using complicated operations on fixed size blocks, but still the security isn't guaranteed mathematically. The difficulty of making a secure hash function lies in the collision freeness, and this can be obtained from permutation polynomials. If a permutation polynomial has the property of one-wayness, it is suitable for a hash function. We have chosen Dickson polynomial for our hash algorithm, which is a kind of permutation polynomials. When certain conditions are satisfied, a Dickson polynomial has the property of one-wayness, which makes the resulting hash code mathematically secure. In this paper, a message digest algorithm will be designed using Dickson polynomial.