• The Journal of the Korea Contents Association
• /
• v.3 no.3
• /
• pp.40-46
• /
• 2003

In the paper, designed digital contents security module to check unlawfulness reproduction and distribution of digital contents. This paper applied Diffie-Hellman algorithm that use discrete logarithm and random number as primary for public key application to create encryption key that agree each other through communication channel between DCPS and HOST, and applied Triple DES repeat DES 3 times through 2 different encryption key that is selecting ANSI X9.17 that is key management standard, ISO 8732 and PEM(Privacy-Enhanced Mail) etc. by secondary protection for safe transmission of digital contents in transmission line. Designed security module consist of key exchange module, key derivation module and copy protection processing module. Digital contents security module that design in this thesis checks reproduction and distribution of digital contents by unauthenticated user through user certification function and digital contents encryption function, and protect digital contents transmission line.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.35 no.2B
• /
• pp.215-224
• /
• 2010

A container security device (CSD) monitors intrusions through the cargo door; it is a reduced function device that uses IEEE 802.15.4 with a beacon mode. However, in the beacon mode, the CSD consumes too much battery power in periodical idle listening and sensing trials. Moreover, the CSD cannot send the message to the CSD reader actively, and it makes big latency problem. Therefore, we propose a low-power CSD to reduce the unnecessary power consumption. The proposed CSD follows the requirements of the U.S. Department of Homeland Security, and reduces battery consumption through a power-efficient hardware design, a night-watch mechanism for low-power operation and low-power sensing to reduce unnecessary monitoring. And the CSD sends alert message to the CSD reader. Simulation results show that our CSD reduces battery consumption by over 70% through the night-watch mechanism and by approximately 80% through the low-power sensing. And the CSD can send the alert message to the remote CSD reader by over 94%.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.6 no.6
• /
• pp.839-847
• /
• 2011

Instrumentation & Control(I&C) System in NPP(Nuclear Power Plant) plays a important role as the brain of human being, it performs protecting, controling and monitoring safety operation of NPP. Recently, the I&C system is digitalized as digital technology such as PLC, DSP, FPGA. The different aspect of digital system which use digital communication to analog system is that it has potential vulnerability to cyber threat in nature. Possibility that digital I&C system is defected by cyber attack is increasing day by day. The result of cyber attack can be adverse effect to safety function in NPP. Therefore, I&C system required cyber security counter-measures that protect themselves from cyber threat efficiently and also cyber security design should be taken into consideration at concept stage in I&C system development process. In this study, we proposed the digital asset analysis method for cyber security assessment of I&C system design in NPP and we performed digital asset analysis of I&C system by using the proposed method.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.1
• /
• pp.57-67
• /
• 2013

Lately, intrusive incidents (including system hacking, viruses, worms, homepage alterations, and data leaks) have not involved the distribution of an virus or worm, but have been designed to acquire private information or trade secrets. Because an attacker uses advanced intelligence and attack techniques that conceal and alter data in a computer, the collector cannot trace the digital evidence of the attack. In an initial incident response first responser deals with the suspect or crime scene data that needs investigative leads quickly, in accordance with forensic process methodology that provides the identification of digital evidence in a systematic approach. In order to an effective initial response to first responders, this paper analyzes the collection data such as user usage profiles, chronology timeline, and internet data according to CFFPM(computer forensics field triage process model), proceeds to design, and implements a collection application to deploy the client/server architecture on the Windows based computer.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.12 no.6
• /
• pp.83-89
• /
• 2012

This paper proposes the design of a security-enhanced RFID authentication protocol which meets the privacy protection for tag bearers. The protocol which uses AES(Advanced Encryption Standard) cipher algorithm is based on a three-way challenge response authentication scheme. In addition, three different types of protocol packet formats are also presented by extending the ISO/IEC 18000-3 standard for realizing the security-enhanced authentication mechanism in RFID system environment. Through the comparison of security, it was shown that the proposed scheme has better performance in user data confidentiality, Man-in-the-middle replay attack, and replay attack, and forgery resistance, compared with conventional some protocols. In order to validate the proposed protocol, a digital Codec of RFID tag is also designed based on the protocol. This Codec has been described in Verilog HDL and also synthesized using Xilinx Virtex XCV400E device.

• Journal of Korean Society of Water and Wastewater
• /
• v.32 no.4
• /
• pp.309-315
• /
• 2018

Currently, the commercialization of the $5^{th}$ Generation (5G) service is becoming more prevalent in domestic communication network technology. This has reduced communication delay time and enabled large-capacity data transmission and video streaming services in real-time. In order to keep pace with these developments, K-water has introduced a smart process control system in water purification plants to monitor the status of the water purification process. However, since wireless networks are based on the public Long Term Evolution (LTE) network, communication delay time remains high, and high-resolution video services are limited. This is because communication networks still have a closed structure due to expense and security issues. Therefore, with 5G in its current form, it is very difficult to accommodate future services without improving the infrastructure of its communication networks. In recognition of these problems, this study implemented the authentication and management function of wireless networks on a wired network management system in the K-water Bansong water purification plant. The results confirmed that wired Local Area Network (LAN) services give a higher security performance than an expensive commercial wireless LAN system. This was achieved by using an Internet Protocol (IP) address management system of wired networks and the packet filtering function of the Layer2 (L2) switch. This study also confirmed that it is possible to create a wireless LAN service that is 3.7 times faster than the existing LTE communication network.

• Journal of KIISE:Information Networking
• /
• v.29 no.3
• /
• pp.324-332
• /
• 2002

We design authentication protocols for wireless internet not using certificates but using passwords. The target protocols include WTLS and the certificate request protocol in the wireless PKI(Public Key Infrastructure). When a password based protocol is designed and implemented for authentication and key exchange, care mutt be taken of the short length and of the not-so-randomness of passwords. To frustrate the offline guessing attack that makes use of those weaknesses, our two protocols are dependent on the password based authentication protocol that has security proof. In this paper, how to design systematically the security protocols for authentication and key exchange using passwords is presented, and the methodology hopes to be useful in some other area that needs authentication using passwords.

• The Transactions of the Korea Information Processing Society
• /
• v.6 no.1
• /
• pp.134-147
• /
• 1999

The DNS provides naming services which are the basis for the application of the Internet and the security of the DNS should be provided for the security of the Internet. Recently IETF proposed a method which guarantees the integrity of DNS database contents and DNS queries/replies and distributes host public keys. In this paper we describe the design and implementation of the secure DNS which is built based on the IETF proposal and extended to facilitate its sue and management. In the extended secure DNS, DNS servers are used ad the directory system in a public key infrastructure and stores/distributes user public key certificates. The Web-based management interface and security log functions are added and the extended secure DNS is being built so that new cryptographic algorithms can be easily added.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.22 no.1
• /
• pp.109-116
• /
• 2018

This paper describes an area-efficient design of SHA-256 hash function that is widely used in various security protocols including digital signature, authentication code, key generation. The SHA-256 hash processor includes a padder block for padding and parsing input message, so that it can operate without software for preprocessing. Round function was designed with a 16-bit data-path that processed 64 round computations in 128 clock cycles, resulting in an optimized area per throughput (APT) performance as well as small area implementation. The SHA-256 hash processor was verified by FPGA implementation using Virtex5 device, and it was estimated that the throughput was 337 Mbps at maximum clock frequency of 116 MHz. The synthesis for ASIC implementation using a $0.18-{\mu}m$ CMOS cell library shows that it has 13,251 gate equivalents (GEs) and it can operate up to 200 MHz clock frequency.

• The KIPS Transactions:PartC
• /
• v.13C no.1 s.104
• /
• pp.55-62
• /
• 2006

It is growing to use the E-Commerce, recently However, if a cracking tool that detects e keyboard input is set up, users' input values and personal information could be taken away. This paper shows the design and implementation of security system that prevent the keyboard input information leaking. The ideas of thus paper are encrypting the keyboard input values with using the keyboard interrupt hooking, the browser embedding program's decrypting the values in case of need and decrypting all values in the web server. The own input control was developed for direct attacks to the browser, and that the values of password fields which are showed as *(asterisk character) won't be decrypted in the client PC is different from other commercial keyboard input security systems. Consequently, this paper shows the chance of realizing a lot safer customer information protective system than before.