• Journal of the Korea Society of Computer and Information
• /
• v.13 no.5
• /
• pp.229-236
• /
• 2008

In this paper, re proposed scheme that it safely exchange encrypted keys without Trust Third Party(TTP) and Pre-distributing keys in ubiquitous environments. Existing paper assume that exist a TTP or already pre-distributed encrypted keys between nodes. However, there methods are not sufficient for wireless environments without infrastructure. Some existing paper try to use the Diffie-Hellman algorithm for the problem, but it is vulnerable to Replay and Man-in-the middle attack from the malicious nodes. Therefore, Authentication problem between nodes is solved by modified the Diffie-Hellman algorithm using ${\mu}TESLA$. We propose safe, lightweight, and robust pair-wise agreement algorithm adding. One Time Password(OTP) using timestamp to modified the Diffie-Hellman in ubiquitous environments, and verify a safety about proposed algorithm.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2011.04a
• /
• pp.871-874
• /
• 2011

The fast emerging of network technology and the high demand of computing resources have prompted many organizations to outsource their storage and computing needs. Cloud based storage services such as Microsoft's Azure and Amazon's S3 allow customers to store and retrieve any amount of data, at anytime from anywhere via internet. The scalable and dynamic of the cloud storage services help their customer to reduce IT administration and maintenance costs. No doubt, cloud based storage services brought a lot of benefits to its customer by significantly reducing cost through optimization increased operating and economic efficiencies. However without appropriate security and privacy solution in place, it could become major issues to the organization. As data get produced, transferred and stored at off premise and multi tenant cloud based storage, it becomes vulnerable to unauthorized disclosure and unauthorized modification. An attacker able to change or modify data while data inflight or when data is stored on disk, so it is very important to secure data during its entire life-cycle. The traditional cryptography primitives for the purpose of data security protection cannot be directly adopted due to user's lose control of data under off premises cloud server. Secondly cloud based storage is not just a third party data warehouse, the data stored in cloud are frequently update by the users and lastly cloud computing is running in a simultaneous, cooperated and distributed manner. In our proposed mechanism we protect the integrity, authentication and confidentiality of cloud based data with the encrypt- then-upload concept. We modified and applied proxy re-encryption protocol in our proposed scheme. The whole process does not reveal the clear data to any third party including the cloud provider at any stage, this helps to make sure only the authorized user who own corresponding token able to access the data as well as preventing data from being shared without any permission from data owner. Besides, preventing the cloud storage providers from unauthorized access and making illegal authorization to access the data, our scheme also protect the data integrity by using hash function.

• Journal of the Korea Society of Computer and Information
• /
• v.16 no.3
• /
• pp.251-260
• /
• 2011

In this paper, we proposed a scheme that it safely exchanges encrypted keys without Trust Third Party (TTP) and Pre-distributing keys in multi-hop clustering sensor networks. Existing research assume that it exists a TTP or already it was pre-distributed a encrypted key between nodes. However, existing methods are not sufficient for USN environment without infrastructure. Some existing studies using a random number Diffie-Hellman algorithm to solve the problem. but the method was vulnerable to Replay and Man-in-the-middle attack from the malicious nodes. Therefore, authentication problem between nodes is solved by adding a ��TESLA. In this paper, we propose a modified Diffie-Hellman algorithm that it is safe, lightweight, and robust pair-wise agreement algorithm by adding One Time Password (OTP) with timestamp. Lastly, authentication, confidentiality, integrity, non-impersonation, backward secrecy, and forward secrecy to verify that it is safe.

• Journal of Korea Multimedia Society
• /
• v.9 no.5
• /
• pp.615-623
• /
• 2006

It has been estimated that 'RFID' technology would be playing an important role in the incoming ubiquitous environment. For this reason, many studies on 'RFID' have been conducted and its application has been on the increase in various fields such as finance, medicine, transportation and culture as well as in logistics distribution. However, the communication between Tag and Reader in RFID system has been conducted by wireless communication of radio frequency so that the information on identification could be eavesdropped by the third party maliciously. Such eavesdropped information could be also used as basic information in attacking others; in this regard, it could impair the privacy of its users and the users have avoided using 'RFID.' To solve theses problems, many studies are being performed to different output of tags by renewing ID. However, protocols have been devised without considering an ID Synchronization in the ID renewal process between database and tag in the existing studies. In this regard, this study has suggested a RFID Authentication Protocol while considering the ID Synchronization.

• Journal of KIISE:Information Networking
• /
• v.30 no.1
• /
• pp.75-81
• /
• 2003

User authentication, including confidentiality, integrity over untrusted networks, is an important part of security for systems that allow remote access. Using human-memorable Password for remote user authentication is not easy due to the low entropy of the password, which constrained by the memory of the user. This paper presents a new password authentication and key agreement protocol suitable for authenticating users and exchanging keys over an insecure channel. The new protocol resists the dictionary attack and offers perfect forward secrecy, which means that revealing the password to an attacher does not help him obtain the session keys of past sessions against future compromises. Additionally user passwords are stored in a form that is not plaintext-equivalent to the password itself, so an attacker who captures the password database cannot use it directly to compromise security and gain immediate access to the server. It does not have to resort to a PKI or trusted third party such as a key server or arbitrator So no keys and certificates stored on the users computer. Further desirable properties are to minimize setup time by keeping the number of flows and the computation time. This is very useful in application which secure password authentication is required such as home banking through web, SSL, SET, IPSEC, telnet, ftp, and user mobile situation.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.9 no.2
• /
• pp.370-378
• /
• 2008

The CEDA(Certified E-Document Authority) is a reliable third party that deposit electronic document having legal effects securely, and verify contents of document or transmission. This paper focuses on a function of secure transmission among several important functions, and implements public key encryption system for secure transmission when server and user communicate for image transmission. This paper follows a standard fundamental rule of X.509 in ITU-T, and it uses symmetric encryption algorithm to raise speed of a large data operation. A key of symmetric encryption algorithm is encrypted by private key in public key system, it protects to be modified using digital signature for data integrity. Also it uses certificates for mutual authentication.

• Journal of the Korea Society of Computer and Information
• /
• v.15 no.12
• /
• pp.85-92
• /
• 2010

There is an authentication method for participants with an encrypted ID and password as a symmetric-key in multilateral video conferencing. It is hard to manage when the security-keys makes many while the transportation processing for the encryption and decryption get complicated when the video conferencing involves a number of participants and the third party as an attackers to gain unauthorized symmetric-key to access video conference which makes a problem less secrecy. This study suggests three ways to enhance security in video conference: first, we present PKI-based X.509 certificate for authenticating the participants of multilateral conferencing and we suggest to encode and decode the video conference media data using a secrecy key created by each of the conference participants; second, a more secured multilateral video conferencing can be expected in a group communication by using the participants secrecy key in creating and distributing group keys, where the group key will be renewed whenever there is change in the group member; and finally, we suggest to encode the RTP payload of the media data before transmission.

• Convergence Security Journal
• /
• v.21 no.1
• /
• pp.33-44
• /
• 2021

Data outsourcing utilizing the Cloud faces a problem of the third-party exposure, modulation, and reliability for the provided computational delegation results. In order to solve those problematic security issues, homomorphic encryption(HE) which executes calculation and analysis on encrypted data becomes popular. By extension, a new type of HE with a authentication functionality, homomorphic authenticated encryption(HAE) is suggested. However, a research on the HAE is on the initial stage. Furthermore, based on a message authenticated scheme with HE, the method and analysis to design is still absent. This paper aims to analyze an HAE, with a generic combination of a message authenticated scheme and a HE, known as "Encrypt with Authentication". Following a series of analysis, we show that by adopting a unforgeable message authenticated scheme, the generically constructed HAE demonstrated an unforgeability as well. Though, a strong unforgeability is not the case. This paper concludes that although indistinguishable HE can be applied to design the HAE, a security issue on the possibility of indistinguishability is still not satisfied.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.19 no.4
• /
• pp.841-847
• /
• 2015

The WAVE(Wireless Access in Vehicular Environments) communication system supports wireless communication environments between vehicles. As the utilization of wireless communication has been increased, attack methods have been varied. There is a high risk on packet manipulations conducted by third party. In this paper, we have designed a secure communication protocol between CA and vehicles. Our designed protocol uses a ECIES(Elliptic Curve Integrated Encryption Scheme) for vehicle authentication and AES(Advanced Encryption Standard) algorithm for protecting packet integrity and confidentiality.

• Proceedings of the KAIS Fall Conference
• /
• 2010.11a
• /
• pp.267-271
• /
• 2010

Zigbee는 단말에 대한 경제성이 뛰어나고 저 전력통신을 이용하기 때문에 수명이 길다. Mesh, Tree, Star 등 다양한 방식의 토플리지 구조를 지원 하며 확장성이 뛰어나 군사적인 용도, 환경 모니터링 시스템 등 많은 분야에 사용되고 있다. 최근 스마트그리드환경을 구축함에 있어 Zigbee는 HAN(Home Area Network)에 표준으로 사용될 예정이며 현재는 Zigbee를 이용한 AMR(Automatic Meter Reading)을 시범 중에 있다. 일반적으로 ZIgbee Network은 ZC(Zigbee Coordinator), ZCH(Zigbee Cluster Head), ZE(Zigbee End Device) 3가지로 구성되며, Zigbee Network에서 발생할 수 있는 취약점은 허가되지 않은 디바이스의 접근, 라우터의 흐름을 조작하는 방법, ZC(Zigbee Coordinator)와 ZE(Zigbee End Device)사이의 키 전송 시 안전하지 않은 채널을 이용하여 전송되는 문제가 발생된다. 본 논문에서는, TCP(Third Party Center)를 이용함으로써, ZE와 ZC간의 키 생성 시 발생하는 취약점을 보완하였다. 또한 인증절차를 강화함으로써 ZE(Zigbee End Device)에서 발생 할 수 있는 취약점을 보완하고자 하였으며 RS(Register Server)를 이용하여 HAN에 존재하는 디바이스에 대하여 실시간 모니터링이 가능하게 하였다.