• Journal of Venture Innovation
• /
• v.2 no.1
• /
• pp.13-21
• /
• 2019

In LTE environment, which is 4th generation mobile communication systems, there is concern about private information exposure by transmitting initial identifier in plain text. This paper suggest mutual authentication protocol, which uses one-time password utilizing challenge-response and AES-based Milenage key generation algorithm, as solution for safe initial identification communication, preventing unique identification information leaking. Milenage key generation algorithm has been used in LTE Security protocol for generating Cipher key, Integrity key, Message Authentication Code. Performance analysis evaluates the suitability of LTE Security protocol and LTE network by comparing LTE Security protocol with proposed protocol about algorithm operation count and Latency.Thus, this paper figures out initial identification communication's weak points of currently used LTE security protocol and complements in accordance with traditional protocol. So, it can be applied for traditional LTE communication on account of providing additional confidentiality to initial identifier.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.6
• /
• pp.1387-1399
• /
• 2016

In a hyper-connected society realized through IoT-enabled technology, a large amount of data is collected by various devices and is processed to provide new services to users. While communicating through a network, it is essential for devices to execute mutual authentication since users' privacy can be infringed by malicious attackers. ID-based signature enables authentication and key exchange with a unique ID of a device. However, most of the previous ID-based signature schemes based on RSA require an additional step to share parameters for key exchange so that they are not suitable for resource-constrained devices in terms of efficiency. In this paper, we design an efficient ID-based signature and thereby propose an efficient ID-based authentication and key exchange protocol in which sessions for both an authentication and a key exchange are executed simultaneously. In addition, we prove the security of our scheme under the RSA onewayness problem and analyze the efficiency by comparing with the previous schemes.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2016.05a
• /
• pp.241-243
• /
• 2016

In the Past, Trend of car security was Physical Something like doorlock system, and The Generation did not have skills connecting External devices. Through Car Development is up, that trend of car security Changed Physical Security to Intelligence Security. This Changes give a chance to hackers to attack this system. This System use CAN(Controller Area Network) Protocol which have three vulnerabilities. First, ID Spoofing, Twice, D - Dos Attack, Third, Android Application Injected Modern cars have many ECU(Electronic Control Unit) to control devices like Engine ON/OFF, Door Lock Handling, and Controlling Handle. Because CAN Protocol spread signal using broadcast, Hackers can get the signal very easily, and Those often use Mobile devices like Android or IOS to attack this system. if bluetooth signal is spread wide, hackers get the signal, and analysis the bluetooth data, so then They makes certain data to attack ECU, they send the data to ECU, and control ECU installed car. so I suggest that I will prevent this attack to make Auth system and prevent this attack in end of Android.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.16 no.2
• /
• pp.1370-1374
• /
• 2015

Lighting improvements are needed for adequate operation of security installations according to the turn of scientific policing instead of human policing. The basic principles of security lighting is to provide sufficient lighting over a specific area so that anyone moving in or around can be seen easily. Also, in security lighting, illuminance and uniformity are to be considered for clearing of CCTV screen through the lighting improvement. To achieve such goals, each pole is to be considered of the height and the space of luminaries as well as the wattage and the type of lamps. In this paper, the lighting designs show the adequate operations of fence security systems through the actual measurement of illuminance by mock-up and the illuminance analyses for obtaining proper illuminance and uniformity value to keep brightness of CCTV screen able to confirm objects considering characteristics of CCTV monitor by simulations.

• Korean Security Journal
• /
• no.57
• /
• pp.277-301
• /
• 2018

Korean society is a mixed risk society in terms of risk and distrust. This is because the risks and disasters of the farming and industrial societies, the modern and the information society, exist simultaneously in the present time. Ulrich Beck's point that the endless development of science and technology to acquire economic wealth is simultaneously entering a risk society is providing us with many implications. In this paper, we reviewed the Ulrich Beck's "reflexive modernization" theory in the late 20th century, pointing to the rise of a risk society as a result of the evolution of new modernization. This is because the "reflexive modernization" can be a direction in which we can reflect our wrong past from a human-centered perspective and design a desirable future. In this sense, it is important to present ways to overcome the dangerous society through the reinterpretation of Ulrich Beck, who advocated the modernization of reflectively. In order to overcome the future risks that the fourth industrial revolution will bring, we must provide direction for the government's security policies and public security consciousness.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.6
• /
• pp.1271-1278
• /
• 2020

Deep learning-based profiling side-channel analysis is a powerful analysis method that utilizes the neural network to profile the relationship between the side-channel information and the intermediate value. Since the neural network interprets each point of the signal in a different dimension, jitter makes it much hard that the neural network with dimension-wise weights learns the relationship. This paper shows that replacing the fully-connected layer of the traditional CNN (Convolutional Neural Network) with global average pooling (GAP) allows us to design the inherently robust neural network inherently for jitter. We experimented with the ChipWhisperer-Lite board to demonstrate the proposed method: as a result, the validation accuracy of the CNN with a fully-connected layer was only up to 1.4%; contrastively, the validation accuracy of the CNN with GAP was very high at up to 41.7%.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.14 no.6
• /
• pp.91-103
• /
• 2004

The survey of network firewall system has been focused on the deny policy that protects information from the unlicensed and the intrusion detection system. Government has solved several firewall problems as building the intranet separated from the intranet. However, the new firewall system would been satisfied both the denialpolicy and information share with the public, according as government recently emphasizes electronic service. Namely, it has to provide the functions such as the information exchange among divisions, partial share of information with the public, network connection and the interception of illegal access. Also, it considers the solution that protects system from hacking by inner user and damage of virus such as Worm. This Paper suggests the protects information system using the intrusion prevention system and role-based security policy to support the partial opennessand the security that satisfied information share among governments and public service.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.15 no.1
• /
• pp.29-40
• /
• 2005

In this paper we consider the security of recently proposed software-orienred stram cipher HELIX, SCREAM, MUGI, and PANAMA against algebraic attacks. Algebraic attack is a key recovery attack by solving an over-defined system of multi-variate equations with input-output pairs of an algorithm. The attack was firstly applied to block ciphers with some algebraic properties and then it has been mon usefully applied to stream ciphers. However it is difficult to obtain over-defined algebraic equations for a given cryptosystem in general. Here we analyze recently proposed software-oriented stream ciphers by constructing a system of equations for each cipher. furthermore we propose three design considerations of software-oriented stream ciphers.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.5
• /
• pp.115-124
• /
• 2008

In vehicular networks, vehicles should be able to authenticate each other to securely communicate with network-based infrastructure, and their locations and identifiers should not be exposed from the communication messages. however, when an accident occurs, the investigating authorities have to trace down its origin. As vehicles communicate not only with RSUs(Road Side Units) but also with other vehicles, it is important to minimize the number of communication flows among the vehicles while the communication satisfies the several security properties such as anonymity, authenticity, and traceability. In our paper, when the mutual authentication protocol is working between vehicles and RSUs, the protocol offers the traceability with privacy protection using pseudonym and MAC (Message Authentication Code) chain. And also by using MAC-chain as one-time pseudonyms, our protocol does not need a separate way to manage pseudonyms.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.12 no.3
• /
• pp.23-37
• /
• 2002

As the world-wide use of the Internet increases rapidly due to development of computer network the Electronic Commerce for business by treating it is growing as compared to the traditional one for the information exchange in the academic and research areas. The Electronic Payment System used for EC includes the Payment Broker System and the Electronic Purse System. And usually Electronic Purse System operates with IC cards. Saving the money in IC card has a high portability and security. Therefore, the Electronic purse System based on IC card is recently issued in the EC. In this paper, we design and implement of a IC card security system for Common Electronic Purse Specifications in Internet. CEPS is a Electronic Purse System proposed VISA, and conform EMV(Europay Mastercard VISA) security structure. With our system, users easily use Electronic Purse System with only Web browser and IC card. Original EMV paid no regard to using in the Internet. But our system, conforming to CEPS and EMV, is easily used in the Internet.