• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2009.05a
• /
• pp.561-564
• /
• 2009

In this paper, we present an environment configuration of UML CASE tool for internet based collaboration work. We define a method of model sharing in distributed location and construct shared repository. Also we design for model history among work processes and to give responsibility using user authentication. Its result will contribute development of CASE tool supporting collaboration work.

• Journal of Korea Multimedia Society
• /
• v.8 no.4
• /
• pp.525-535
• /
• 2005

A password-based authenticated tripartite key exchange protocol based on A. Joux's protocol was proposed. By using encryption scheme with shared password, we can resolve man-in-the-middle attack and lack of authentication problems. We also suggested a scheme to avoid the offline dictionary attack to which symmetric encryption schemes are vulnerable. The proposed protocol does not require a trusted party which is required in certificate or identity based authentication schemes. Therefore in a ad hoc network which is difficult to install network infrastructure, the proposed protocol would be very useful. The proposed protocol is more efficient in computation aspect than any existing password-based authenticated tripartite key exchange protocols. When it is used as a base line protocol of tree based group key exchange protocol, the computational weak points of the proposed protocol are compensated.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.20 no.10
• /
• pp.1912-1918
• /
• 2016

MPTCP(Multipath Transmission Control Protocol) is able to compose many TCP paths when two hosts connect and the data is able to be transported through these paths simultaneously. When a new path is added, the authentication between both hosts is necessary to check the validity of host. So, MPTCP exchanges a key when initiating an connection and makes a token by using this key for authentication. However the original MPTCP is vulnerable to MITM(Man In The Middle) attacks because the key is transported in clear text. Therefore, we applied a ECDH(Elliptic Curve Diffie-Hellman) key exchange algorithm to original MPTCP and replaced the original key to the ECDH public key. And, by generating the secret key after the public key exchanges, only two hosts is able to make the token using the secret key to add new subflow. Also, we designed and implemented a method supporting encryption and decryption of data using a shared secret key to apply confidentiality to original MPTCP.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.6
• /
• pp.1251-1259
• /
• 2017

One-time password has been proposed for the purpose of addressing the security problems of the simple password system: fixed passwords and pre-shared passwords. Since it employs the consecutive hash values after a root hash value is registered at the server, the security weakness of the fixed passwords has been addressed. However, it has a shortcoming of re-registering a new root hash value when the previous hash chain's hash values are exhausted. Even though several one-time password systems not requiring re-registration have been proposed, they all have several problems in terms of constraint conditions and efficiency. In this paper, we propose the one - time password scheme based on a hash chain that generates one - time passwords using only two cryptographic hash functions at each authentication and satisfies the existing constraints without re-registration, Security requirements and efficiency.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.13 no.2
• /
• pp.285-292
• /
• 2009

In 2005, Lee and Chen suggested an enhanced one-time password authentication scheme which can prevent the stolen verifier attack that the Yeh-Shen-Whang's scheme has. The Lee-Chen's scheme addresses the stolen verifier attack by deriving each user's pre-shared secret SEED from the server secret. However, we investigated the weakness of the Lee-Chen's scheme and found out that it was suffering from the off-line dictionary attack on the server secret. We demonstrated that the off-line dictionary attack on the server secret can be easily tackled with only the help of the Hardware Security Modules (HSM). Moreover, we improved the scheme not to be weak to the denial of service attack and allow compromise of the past session keys even though the current password is stolen. Through the comparison between the Lee-Chen's scheme and the proposed one, we showed that the proposed one is stronger than other.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.34 no.4B
• /
• pp.377-386
• /
• 2009

IPTV technology for providing multimedia content with high-speed is the network which combines existing network, multimedia and internet technology etc. But internet, broadcasting and web technologies which is now being used is not optimized to IPTV because the security problem between user who gets content service through mobile units and content server is not guaranteed. This paper proposes user certification mechanism between mobile device and content server to receive the service which the user for the content chooses by mobile device safely. The proposed mechanism uses the random number which user creates and certification token for preventing illegal user who uses other's service that already paid. Also the proposed protocol encrypts the delicate data like user's information or profile using shared-key between java card attached on user's mobile device and grant sewer and then prevents reply attack which happens often in wireless section and man-in-the-middle attack by MAC.

• Journal of Platform Technology
• /
• v.9 no.1
• /
• pp.46-57
• /
• 2021

Recently, research has been actively conducted to utilize blockchain technology in various fields. In particular, blockchain-based smart contracts are applied to various automation systems that require reliability as they have the characteristics of recording data in a distributed ledger environment to verify the integrity and validity of data. However, blockchain does not provide data access control and information security because data is shared among network participants. In this paper, we propose a user dynamic access control mechanism utilizing smart contracts in blockchain environments. The proposed mechanism identifies the user's contextual information when accessing data, allocating the user's role and dynamically controlling the data access range. This can increase the security of the system and the efficiency of data management by granting data access dynamically at the time of user authentication, rather than providing the same services in roles assigned to each user group of the network system. The proposed mechanism is expected to provide flexible authentication capabilities through dynamic data access control by users to enhance the security of data stored within blockchain networks.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.34 no.1
• /
• pp.41-52
• /
• 2024

Security audits of IPsec VPNs are crucial for identifying vulnerabilities caused by implementation flaws or misconfigurations, as well as investigating incidents. Nevertheless, auditing IPsec VPN presents noteworthy challenge due to the encryptiong of network contents which ensere confidentiality, integrity, authentications and more. Some researchers have suggested using man-in-the-middle(MITM) techniques to overcome this challenge. MITM techniques require direct participation in the network and prior knowledge of the pre-shared key for authentication. This causes temporary network disconnection for security audits, and it is impossible to analyse data collected before the audit. In this paper, we present an analysis technique aimed at ensuring network continuity without relying on a specific IPsec VPN topologies or authentication method. Therefore, it is anticipated that this approach will be effective, practical and adaptable for conducting IPsec VPN security

• Smart Media Journal
• /
• v.9 no.1
• /
• pp.9-15
• /
• 2020

Recently there have been increasing attempts to apply blockchains to businesses and public institutions. Blockchain is a distributed shared ledger with excellent transparency and security of data and through consensus algorithm, the same data can be shared to all nodes in order. In this paper, Modified PBFT which does not modify the PBFT consensus algorithm is proposed. MPBFT is able to tolerate Byzantine faults on a private blockchain on an asynchronous network. Even with the increase of participating nodes, the network communication cost can be effectively maintained. Modified PBFT takes into account the characteristics of an asynchronous network environment where node-to-node trust is guaranteed. In response to the client's request, PBFT performed the entire participation broadcast several times, but Modified PBFT enabled consensus and authentication through the 2 / N leader. By applying the Modified PBFT consensus algorithm, the broadcast process can be simplified to maintain the minimum number of nodes for consensus and to efficiently manage network communication costs.

• The Journal of the Korea Contents Association
• /
• v.19 no.12
• /
• pp.313-320
• /
• 2019

One of the causes of many damage cases that occur today by hacking attack is social engineering attack. The attacker is usually a malicious traitor or an ignorant insider. As a solution, we are strengthening security training for all employees in the organization. Nevertheless, there are frequent situations in which computers are shared. In this case, the person in charge of the computer has difficulty in tracking and responding when a specific representative accessed and what a specific representative did. In this paper, we propose the method that the person in charge of the computer tracks in real time through the smartphone when a representative access the computer, when a representative access offline using hacked or shared authentication. Also, we propose a method to prevent the leakage of important information by encrypting and backing up important files of the PC through the smartphone in case of abnormal access.