• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.47 no.2
• /
• pp.113-120
• /
• 2010

RFID system is the contact-less recognition technology and use for distribution system, environment, transport, security and so on. However, it may create many security relevant problems such as privacy because constraints of RFID communication environment. So several methods of resolving these problems have been proposed. Recently, Shin and Park proposed an efficient RFID authentication protocol with protecting user's privacy using hash function and exclusive-OR.. But Ahn and Bu et al. poia problem that a attacker can to masquerade as malicious reader because their protocol can't providing mutual authentication.nted out weakness of Shin and Park's protocol and proposed more secure and efficient protocol. Unfortunately, Ahn and But's protocol has In this paper, We propose an improved RFID authentication protocol providing mutual authentication. The proposed protocol has advantages that providing mutual authentication between a tag and a reader, secure against replay attack and spoofing attack. Also, it guarantees anonymity of RFID tag and secure against location tracking attack by collusion of malicious readers.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2008.10a
• /
• pp.703-707
• /
• 2008

Nowadays, Internet becomes an essential element in our life. We can make use of numerous on-line services through Internet such as information search, on-line shopping, e-mail service, etc. But, while getting the benefits of Internet service, invasion of our privacy frequently occurs because on-line service providers tend to request excessive or unnecessary personal information. So, there have been some researches on anonymous authentication, which means that user can authenticate herself, not revealing her identity or personal information. But, most of the researches are not somewhat applicable to current authentication infrastructure. In this paper, we propose a pseudonym-based anonymous PKI with short group signature. Using our proposed scheme, we can provide anonymity with conditional traceability to current PKI.

• Journal of Internet Computing and Services
• /
• v.8 no.4
• /
• pp.93-103
• /
• 2007

Networking environments are exposed to outside attacks and privacy threats. Due to broadcast nature of radio transmissions, wireless devices experience more vulnerable situations than those of wired network devices. This paper assumes that a wireless device has two network interfaces, one for accessing internet using 3G services, and the other for constructing an ad hoc network. To deal with privacy threats, this paper introduces an approach in which wireless devices form a special ad hoc network in order to exchange data using anonymous communications. One or more intermediate peers should be involved in the construction of an anonymous path. The proposed anonymous communication mechanism discourages traffic analysis and improves user privacy. According to simulation results, the anonymous connection in an ad hoc network prefers the intermediate peer(s) which is located near the source and/or the destination peer, rather than randomly-selected peers.

• Journal of Internet Computing and Services
• /
• v.11 no.4
• /
• pp.23-32
• /
• 2010

In this paper, we first propose the security enhancing of authentication protocol for Hash based RFID tag, and then a digital Codec for RFID tag is designed based on the proposed authentication protocol. The protocol is based on a three-way challenge response authentication protocol between the tags and a back-end server. In order to realize a secure cryptographic authentication mechanism, we modify three types of the protocol packets which defined in the ISO/IEC 18000-3 standard. Thus active attacks such as the Man-in-the-middle and Replay attacks can be easily protected. In order to verify effectiveness of the proposed protocol, a digital Codec for RFID tag is designed using Verilog HDL, and also synthesized using Synopsys Design Compiler with Hynix $0.25\;{\mu}m$ standard-cell library. Through security analysis and comparison result, we will show that the proposed scheme has better performance in user data confidentiality, tag anonymity, Man-in-the-middle attack prevention, replay attack, forgery resistance and location tracking.

• The Journal of Society for e-Business Studies
• /
• v.16 no.4
• /
• pp.75-85
• /
• 2011

Although progress in information technology has made our life prosperous. But it accompanied a number of adverse effects in various aspects. Especially, internet according to the increasing requirements for privacy and security, IP concealment network technologies to ensure the anonymity are constantly being developed. IP concealment network technologies is aiding the user to bypass the blocked sites can be used to access for information gathering, and they could be used for a malicious hacker to hide his attacks. However, due to complex routing path, local communication bandwidth sangyiham, and internode encryption there are also disadvantages that communication speed is significantly less. In this paper, the research for improving the performance of anonymous networks is to proceed by the communication speed measurement that using GeoIP the particular country with high-bandwidth is Specified or path length is limited.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.21 no.2
• /
• pp.322-332
• /
• 2017

Wireless Body Area Networks is an environment that provides an appropriate service remotely by collecting user's biometric information. With the growing importance of sensor, WBAN also attracts extensive attention. Since WBAN is representatively used in the medical field, it can be directly related to the patient's life. Hence security is very important in WBAN. Mutual authentication between the client and the application provider is essential. And efficiency is also important because a used device is limited to computation cost. In this reason, ID-based anonymous authentication scheme in WBAN has been intensively studied. We show that the recent research result of Wu et al. which is about the ID-based anonymous authentication scheme is vulnerable to impersonation attack. And we propose a new ID-based anonymous authentication scheme that is secure against the attacks discovered in the existing schemes. Compared to the existing schemes, the computation cost of our scheme is improved by 30.6% and 7.3%.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.15 no.8
• /
• pp.2827-2848
• /
• 2021

Mobile Crowdsourcing (MCS) has become an emerging paradigm evolved from crowdsourcing by employing advanced features of mobile devices such as smartphones to perform more complicated, especially spatial tasks. One of the key procedures in MCS is to collect answers from mobile users (workers), which may face several security issues. First, authentication is required to ensure that answers are from authorized workers. In addition, MCS tasks are usually location-dependent, so the collected answers could disclose workers' location privacy, which may discourage workers to participate in the tasks. Finally, the overhead occurred by authentication and privacy protection should be minimized since mobile devices are resource-constrained. Considering all the above concerns, in this paper, we propose a lightweight and privacy-preserving answer collection scheme for MCS. In the proposed scheme, we achieve anonymous authentication based on traceable ring signature, which provides authentication, anonymity, as well as traceability by enabling malicious workers tracing. In order to balance user location privacy and data availability, we propose a new concept named current location privacy, which means the location of the worker cannot be disclosed to anyone until a specified time. Since the leakage of current location will seriously threaten workers' personal safety, causing such as absence or presence disclosure attacks, it is necessary to pay attention to the current location privacy of workers in MCS. We encrypt the collected answers based on timed-release encryption, ensuring the secure transmission and high availability of data, as well as preserving the current location privacy of workers. Finally, we analyze the security and performance of the proposed scheme. The experimental results show that the computation costs of a worker depend on the number of ring signature members, which indicates the flexibility for a worker to choose an appropriate size of the group under considerations of privacy and efficiency.

• KNOM Review
• /
• v.21 no.2
• /
• pp.18-25
• /
• 2018

Since the development of block-chain technology by Satoshi Nakamoto and Bitcoin pioneered a new cryptocurrency market, a number of scale of cryptocurrency have emerged. There are crimes taking place using the anonymity and vulnerabilities of block-chain technology, and many studies are underway to improve vulnerability and prevent crime. However, they are not enough to detect users who commit crimes. Therefore, it is very important to detect abnormal behavior such as money laundering and stealing cryptocurrency from the network. In this paper, the characteristics of the transactions and user graphs in the Bitcoin network are collected and statistical information is extracted from them and presented as plots on the log scale. Finally, we analyze visualized plots according to the Densification Power Law and Power Law Degree, as a result, present features appropriate for detection of anomalies involving abnormal transactions and abnormal users in the Bitcoin network.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.11 no.1
• /
• pp.73-85
• /
• 2001

Electronic check schemes are more efficient than electronic coin scheme with respect to computational costs and the amount of information exchanged. In spite of these, difficulties in making a refund reusable and in representing the face value of a check have discouraged its development. In this paper, a new online electronic check system is presented, which solves the above problems. This system uses the partially blind signature to provide user anonymity and to represent the face value of a check. The partially blind signature enables us to make the format of refunds and initially withdrawn checks identical. Thus, it allows refunds to be reused to buy goods without any limitatiosn. Both initially withdrawn checks and refunds in our system guarantee untraceability as well as unlinkability. We also use a one-time secret key as the serial number of a check to increase the efficiency of payments. The presented check system also provides multiple offline shopping sessions to minimize the number of online messages handled by a bank. During the multiple offline shopping session, we use a one-way accumulator to provide non-repudiation service. We also analyze our new systems our new system\`s security, efficiency, and atomicity.

• KIPS Transactions on Software and Data Engineering
• /
• v.11 no.9
• /
• pp.381-390
• /
• 2022

Influenced by a culture that prefers non-face-to-face activity during the COVID-19 pandemic, chatbot usage is accelerating. Chatbots have been used for various purposes, not only for customer service in businesses and social conversations for fun but also for mental health. Chatbots are a platform where users can easily talk about their depressed moods because anonymity is guaranteed. However, most relevant research has been on social media data, especially Twitter data, and few studies have analyzed the commercially used chatbots data. In this study, we identified the characteristics of depressive discourse in user-chatbot interaction data by analyzing the chats, including the word 'depress,' using the topic modeling algorithm and the text-mining technique. Moreover, we compared its characteristics with those of the depressive moods in the Twitter data. Finally, we draw several design guidelines and suggest avenues for future research based on the study findings.