• Convergence Security Journal
• /
• v.18 no.1
• /
• pp.19-31
• /
• 2018

As the ICT technologies advance, the unprecedently large amount of digital data is created, transferred, stored, and utilized in every industry. With the data scale extension and the applying technologies advancement, the new services emerging from the use of large scale data make our living more convenient and useful. But the cybercrimes such as data forgery and/or change of data generation time are also increasing. For the data security against the cybercrimes, the technology for data integrity and the time verification are necessary. Today, public key based signature technology is the most commonly used. But a lot of costly system resources and the additional infra to manage the certificates and keys for using it make it impractical to use in the large-scale data environment. In this research, a new and far less system resources consuming signature technology for large scale data, based on the Hash Function and Merkle tree, is introduced. An improved method for processing the distributed hash trees is also suggested to mitigate the disruptions by server failures. The prototype system was implemented, and its performance was evaluated. The results show that the technology can be effectively used in a variety of areas like cloud computing, IoT, big data, fin-tech, etc., which produce a large-scale data.

• Journal of Advanced Navigation Technology
• /
• v.13 no.3
• /
• pp.459-465
• /
• 2009

Digital watermarking is a technique to insert a visually imperceptible information into an image so that the information can be extracted for the purposes of ownership verification or authentication. And watermarking techniques can be classified as either fragile or robust. Robust watermarks are useful for copyright and ownership assertion purposes. They cannot be easily removed and should resist common image manipulation procedures such as rotation, scaling, cropping, etc. On the other hand, fragile watermarks are easily corrupted by any image processing procedure, it can detect any change to an image as well as localizing the areas that have been changed. In this paper, we propose a fragile watermarking algorithm using a special hierarchical structure for integrity verification of image and detection of manipulated location. In the proposed method, the image to be watermarked is divided into blocks in a multi-level hierarchy and calculating block digital signatures in this hierarchy. The proposed method thwarts the cut-and-paste attack and the experimental results to demonstrate the effectiveness of the proposed method.

• Journal of Korea Multimedia Society
• /
• v.8 no.11
• /
• pp.1462-1471
• /
• 2005

Recently, the medical image has been digitized by the development of computer science and digitization of the medical devices. There are needs for database service of the medical image and long term storage because of the construction of PACS(picture archiving and communication system) following DICOM(digital imaging communications in medicine) standards, telemedicine, and et al. However, it also caused some kinds of problems, such as illegal reproduction of medical image, proprietary rights and data authentication. In this paper, we propose the new digital watermarking technique for medical image based on public key encryption algorithm for integrity verification. It prevents illegal forgery that can be caused after transmitting medical image data remotely. The watermark is the value of bit-plane in wavelet transform of the original image for certification method of integrity verification. We proposed the embedding regions are randomly chosen considering ROI, and a digital signature is made using hash function of MD5 which input is a secret key. The experimental results show that the watermark embedded by the proposed algorithm can survive successfully in image processing operations and that the watermark's invisibility is good.

• Convergence Security Journal
• /
• v.19 no.4
• /
• pp.43-53
• /
• 2019

Recently, a number of military intranet infiltrations suspected of North Korea have been discovered. There was a problem that a vulnerability could occur due to the modification of user authentication data that can access existing military information systems. In this paper, we applied mutual verification technique and API (Application Programming Interface) forgery / forgery blocking and obfuscation to solve the authentication weakness in web browsers that comply with FIDO (Fast IDentity Online) standard. In addition, user convenience is improved by implementing No-Plugin that does not require separate program installation. Performance tests show that most browsers perform about 0.1ms based on the RSA key generation rate. In addition, it proved that it can be used for commercialization by showing performance of less than 0.1 second even in the digital signature verification speed of the server. The service is expected to be useful for improving military information system security as an alternative to browser authentication by building a web secure storage.

• The Journal of the Korea Contents Association
• /
• v.5 no.2
• /
• pp.95-105
• /
• 2005

As a research on PKI is being very popular, the study relating to certificate status validation is being grown with aim to reduce an overhead of the protocol and to provide an efficient operation. The OCSP of the standard protocol related to the study enables applications to determine the revocation state of an identified certificate. However, the OCSP server can not service millions of certificate status validation requests from clients in a second on E-commerce because of the computational time for signature and verification. So, we propose the Real-time Certificate Status Validation Protocol(RCSVP) that has smaller computational time than OCSP. RCSVP server reduce the computational time of certificate status validation using hash function and common secret value. Also RCSVP client does not need the computational time of certificate verification to acquire the public key from an identified certificate. Therefore, the proposed protocol enables server to response millions of certificate status validation requests from clients in a second on E-commerce.

• Journal of KIISE:Software and Applications
• /
• v.30 no.5_6
• /
• pp.497-502
• /
• 2003

Content-based video copy detection is a complementary approach to watermarking. As opposed to watermarking, which relies on inserting a distinct pattern into the video stream, video copy detection techniques match content-based signatures to detect copies of video. Existing typical content-based copy detection schemes have relied on image matching which is based on key frame detection. This paper proposes a motion directional histogram, which is quantized and accumulated the direction of motion, for video copy detection. The video clip is represented by a motion directional histogram as a 1-dimensional graph. This method is suitable for real time indexing and counting the TV CF verification that is high motion video clips.

• Journal of IKEEE
• /
• v.19 no.4
• /
• pp.610-616
• /
• 2015

In this paper, an electronic ID system satisfying security requirements of authentication certificate was designed using fingerprint recognition. The proposed electronic ID system generates a digital signature with forgery prevention, confidentiality, content integrity, and personal identification (=non-repudiation) using fingerprint information, and also encrypts, sends, and verify it. The proposed electronic ID system exploits fingerprint instead of user password, so it avoids leakage and hijacking. And it provides same legal force as conventional authentication certificate. The proposed electronic ID consists of 4 modules, i.e. HSM device, verification server, CA server, and RA client. Prototypes of all modules are designed and verified to have correct operation.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.8 no.2
• /
• pp.371-378
• /
• 2004

As an agent is applied into various fields, it is suggested as the paradigm of new application technology in the area of computer communication. However, the mobile agent brines the problem of security on an agent due to mobility. This study proposals the mobile agent protection protocol framework for more effective protection and safety. The designed Framework of protocol uses the public ky, the private key and the digital signature in PKI environment based on JAVA. This is the mechanism accomplishing safely the work of an agent by tracking the pattern of execution and the mobility plan through the VS(verification server). This also secures the suity and the flawlessness of an agent through the VS guaranteeing safety from malicious attacks.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.13 no.3
• /
• pp.45-55
• /
• 2003

Wireless LAM has the advantage of extension, flexibility and easiness of installation and maintenance. However, due to the characteristics of wireless media, it is vulnerable to security attacks. PKI(Public Key Infrastructure) is estimated to be a good solution offering security function to wireless LAM including global roaming. It offers high security functions as authentication confidentiality and digital signature while it generates big overheads such as CRL search and certificate verification. The overheads can not be avoided during the initial authentication. However, when we consider the case of handoff, it can be minimized through the fast handoff. In this paper, we design a fast handoff authentication mechanism based on PKI in the wireless LAM and analyze the performance of the scheme.

• Journal of the Korea Society of Computer and Information
• /
• v.14 no.9
• /
• pp.47-54
• /
• 2009

Malicious codes, which are spread through WWW are now evolved with various hacking technologies However, detecting technologies for them are seemingly not able to keep up with the improvement of hacking and newly generated malicious codes. In this paper, we define the requirements of detecting systems based on the analysis of malicious codes and their spreading characteristics, and propose an improved detection scheme which monitors HTTP Outbound traffic and detects spreading malicious codes in real time. Our proposed scheme sets up signatures in IDS with confirmed HTML tags and Java scripts which spread malicious codes. Through the verification analysis under the real-attacked environment, we show that our scheme is superior to the existing schemes in satisfying the defined requirements and has a higher detection rate for malicious codes.