• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.10 no.3
• /
• pp.572-578
• /
• 2009

Bindu et al. pointed out that Chein et al. scheme is insecure insider attack and man-in-middle attack. And then they proposed new one. In the paper, However, Bindu et al's scheme also have some problems; It is strong masquerading server/user attack and restricted reply attack. Hence we proposed improved scheme. finally, we completely had evaluated the one's security on strong masquerading server/user attack, Insider attack, Restricted attack, Stolen-verifier attack and forward secrecy. In this paper, although proposed scheme includes more operation than Bindu et al. scheme, our scheme overcomes problems of Bindu et al. scheme by the operation that is light as not to influence on modern computing technology.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2013.05a
• /
• pp.231-233
• /
• 2013

A lot of information is exchanged using data communications in today's modern society. Nowadays many important communications are susceptible to interception and theft for malicious purposes, and is under threat from hackers. Crackers are able to hack into data flows even if the data is encrypted. To ensure strong encryption properties, these cryptographic algorithms are often a burden on devices used for authentication such as a PC or smart phone. This paper proposes an authentication system using the Arduino module. Implementation and application of the communication scheme is designed to minimize the burden of delivering data communication between devices especially where password and encryption is concerned.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.12 no.1
• /
• pp.3-10
• /
• 2002

This paper proposes an ID-based entity-aunthentication and authenticated key exchange protocol with ECC via two-pass communications between two parties who airs registered to the trusted third-party KC in advance. The proposed protocol developed by applying ECDSA and Diffie-Hellman key exchange scheme to the ID-based key distribution scheme over ECC proposed by H. Sakazaki, E. Okamoto and M. Mambo(SOM scheme). The security of this protocol is based on the Elliptic Curve Discrete Logarithm Problem(ECDLP) and the Elliptic Curve Diffie-Hellman Problem(ECDHP). It is strong against unknown key share attack and it provides the perfect forward secrecy, which makes up for the weakness in SOM scheme,

• The Journal of the Korea Contents Association
• /
• v.4 no.4
• /
• pp.71-78
• /
• 2004

Dedicated Short Range Communications(DSRC) as a prominent communications candidate for Intelligent Transportation Systems(ITS) have been developed to support ITS applications such as value-added information service, e-commerce, electronic toll payment, etc. These various applications associated with electronic payment through unsecure communication channel of DSRC suffer from security threats. To ensure secure payment, we have adopted appropriate cryptographic mechanisms including encipherment, authentication exchange and digital signature. The cryptographic mechanisms require to use cryptographic keys established between two communication entities. In this paper, we propose a secure electronic payment system which is designed to have some functions for strong authentication, encryption, key agreement, etc. Especially, we adopt domestic developed cryptographic algorithms such as EC-KCDSA and SEED for digital signature and block cipher, respectively. We can show those mechanisms are appropriate for the secure electronic payment system for ITS services under the DSRC wireless environment in aspects of constrained computational resource use and processing speed.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.14 no.6
• /
• pp.31-45
• /
• 2004

Public Key Infrastructure(PKI) provides a strong authentication. Privilege Management Infrastructure(PMI) as a new technology can provide user's attribute information. The main function of PMI is to give more specified authority and role to user. To authenticate net and role, we have used digital signature. Role Based Access Control(RBAC) is implemented by digital signature. RBAC provides some flexibility for security management. NEIS(National Education Information System) can not always provide satisfied quality of security management. The main idea of the proposed RNEIS(Roll Based NEIS) is that user's role is stored in AC, access control decisions are driven by authentication policy and role. Security manager enables user to refer to the role stored in user's AC, admits access control and suggests DB encryption by digital signature.

• KIPS Transactions on Computer and Communication Systems
• /
• v.10 no.1
• /
• pp.1-6
• /
• 2021

Recently, incidents such as proxy surgery (unlicensed medical practice) have been reported in the media that threaten the safety of patients. Alternatives such as the introduction of operating room surveillance camera devices to prevent proxy surgery are emerging, but there are practical difficulties in implementing them due to strong opposition from the medical community. However, the social credibility of doctors is falling as incidents such as proxy surgery occur frequently. In this paper, we propose a medical staff identification system combining Beacon and iris recognition. The system adds reliability by operating on the blockchain network. The system performs primary identification by performing user authentication through iris recognition and proves that the medical staff is in the operating room through beacons. It also ensures patient trust in the surgeon by receiving beacon signals in the background and performing iris authentication at random intervals to prevent medical staff from leaving the operating room after only performing initial certification.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.20 no.11
• /
• pp.469-478
• /
• 2019

Car-sharing services have been settled on as a new type of public transportation owing to their enhanced convenience, expanded awareness of practical consumption patterns, the inspiration for environmental conscientiousness, and the diffusion of smart phones following the economic crisis. With development of the market, many people have started using such services. However, security is still an issue. Damage is expected since IDs and passwords are required for log-in when renting and controlling the vehicles. The protocol suggested in this study uses bio-information, providing an optimized service, and convenient (but strong) authentication with various service-provider clouds registering car big data about users through brokers. If using the techniques suggested here, it is feasible to reduce the exposure of the bio-information, and to receive service from multiple service-provider clouds through one particular broker. In addition, the proposed protocol reduces public key operations and session key storage by 20% on mobile devices, compared to existing car-sharing platforms, and because it provides convenient, but strong, authentication (and therefore constitutes a secure channel), it is possible to proceed with secure communications. It is anticipated that the techniques suggested in this study will enhance secure communications and user convenience in the future car-sharing-service cloud environment.

• The Journal of Society for e-Business Studies
• /
• v.5 no.1
• /
• pp.55-73
• /
• 2000

Recently; EC(Electronic Commerce) is increasing with high speed based on the expansion of Internet. EC which is done on the cyber space through Internet has strong point like independence from time and space. On the contrary, it also has weak point like security problem because anybody can access easily to the system due to open network attribute of Internet. Therefore, we need the solutions that protect the security problem for safe and useful EC activity. One of these solutions is the implementation of strong cipher algorithm. NC(Nonpolynomial Complete) cipher algorithm proposed in this paper is good for the security and it overcome the limit of current 64bits cipher algorithm using 128bits key length for input, output and encryption key, Moreover, it is designed for the increase of calculation complexity and probability calculation by adapting more complex design for subkey generation regarded as one of important element effected to encryption. The result of simulation by the comparison with other cipher algorithm for capacity evaluation of proposed NC cipher algorithm is that the speed of encryption and decryption is 7.63 Mbps per block and the speed of subkey generation is 2,42 μ sec per block. So, prosed NC cipher algorithm is regarded as proper level for encryption. Furthermore, speed of subkey generation shows that NC cipher algorithm has the probability used to MAC(Message Authentication Code) and block implementation of Hash function.

• Convergence Security Journal
• /
• v.15 no.7
• /
• pp.111-118
• /
• 2015

The violent crime has increased dramatically in our society. This is because our society has to change quickly. Strong police force, but this is not enough to solve the crime. And there are a lot of police to investigate the situation difficult to go out to the crime scene. So inevitably increase in the risk of crime. Researchers have conducted a number of studies to solve this problem. However, the proposed study how realistic are many points still lacking. herefore, we to take advantage of smartphones and high-speed Internet access technology to provide security services using the push service for rapid identification and crime situation in this study. Therefore, we would like to provide rapid service to identify criminal security situation using smart-phone app and push services on the high speed internet environments. The proposed system is to record the voice information received from the smart phone near the user presses the hot key is set in advance in real-time, and stores the audio information stored in the LBS information to the server through the authentication procedure. And the server uses the stored voice data and LBS Push service information to inform their families. We have completed the design of the proposed system. And it has implemented a smart phone app, the user authentication server. And using the state in which the push service from the authentication server by transmitting a message to a user to inform a family. But more must examine whether the proposed research is relevant in future studies.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2006.05a
• /
• pp.897-900
• /
• 2006

RFID(Radio Frequency Identification) 기술의 발전은 편의성과 경제성으로 전 세계에 확산되어 사용되고 있다. 비록 세계적인 보안 표준안이 정해 지지 않았지만 RFID 보안 분야는 각 나라에 맞게 표준을 선정하여 적용되고 있다. 한편, RFID 기술의 발전으로 RFID의 칩이 소형화되고, 장거리 통신이 가능해짐에 따라 RFID 시스템에 내장된 정보를 다른 누군가가 활용하여 개인 또는 기업 등의 프라이버시를 불법으로 수집하는 피해가 발생할 수 있다. 본 논문은 RFID 시스템에서 정보의 누출을 막기 위해 해쉬 알고리즘과 초경량 스트림 암호알고리즘을 사용하여 전방위 안전성이 향상된 RFID시스템을 제안, 분석하였다.