• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.47 no.1
• /
• pp.25-34
• /
• 2010

The IEEE 802.16-2004 standard has a security sub-layer in the MAC layer called, Privacy Key Management (PKM). However, several researches have been published to address the security vulnerabilities of IEEE 802.16-2004. After the IEEE 802.16-2004 standard, a new advanced and revised standard was released as the IEEE 802.16e-2005 amendment which is foundation of Mobile WiMAX network supporting handoffs and roaming capabilities. PKMv2 in Mobile WiMAX includes EAP authentication, AES-based authenticated encryption, and CMAC or HMAC message protection. However, Mobile WiMAX still has a problem of security architecture such as a disclosure of security context in network entry, a lack of secure communication in network domain, and a necessity of efficient handover supporting mutual authentication because Mobile WiMAX security has mainly concentrated on between SS and BS communication. Based on the investigation results, we propose a novel mobile WiMAX security architecture, called RObust and Secure MobilE WiMAX (ROSMEX), to prevent the new security vulnerabilities.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.20 no.4
• /
• pp.769-776
• /
• 2016

TELNET is vulnerable to network attack because it was designed without considering security. SSL/TLS and SSH are used to solve this problem. However it needs additional secure protocol and has no backward compatibility with existing TELNET in this way. In this paper, we have suggested STELNET(Secured Telnet) which supports security functionalities internally so that has a backward compatibility. STELNET supports a backward compatibility with existing TELNET through option negotiation. On STELNET, A client authenticates server by a certificate or digital signature generated by using ECDSA. After server is authenticated, two hosts generate a session key by ECDH algorithm. And then by using the key, they encrypt data with AES and generate HMAC by using SHA-256. After then they transmit encrypted data and generated HMAC. In conclusion, STELNET which has a backward compatibility with existing TELNET defends MITM(Man-In-The-Middle) attack and supports security functionalities ensuring confidentiality and integrity of transmitted data.

• Journal of the Korea Convergence Society
• /
• v.9 no.9
• /
• pp.15-22
• /
• 2018

As smart devices become popular, users can use authentication services in various methods. Authentication services include authentication using an ID and a password, authentication using a sms, and authentication using an OTP(One Time Password). This paper proposed an authentication system that solves the security problem of knowledge-based authentication using optical character recognition and can easily and quickly authenticate users. The proposed authentication system extracts a character from an uploaded image by a user and authenticates the user using the extracted character information. The proposed authentication system has the advantage of not using a password or an OTP that are easily exposed or lost, and can not be authenticated without using accurate photographs. The proposed authentication system is platform independent and can be used for user authentication, file encryption and decryption.

• Journal of Industrial Convergence
• /
• v.18 no.5
• /
• pp.23-29
• /
• 2020

The Internet of things (IoT) is the extension of Internet connectivity into various devices and everyday objects. Embedded with electronics, Internet connectivity and other forms of hardware. The IoT poses significant risk to the entire digital ecosystem. This is because so many of these devices are designed without a built-in security system to keep them from being hijacked by hackers. This paper proposed a mutual authentication protocol for IoT Devices using symmetric-key algorithm. The proposed protocol use symmetric key cryptographic algorithm to securely encrypt data on radio channel. In addition, the secret key used for encryption is random number of devices that improves security by using variable secret keys. The proposed protocol blocked attacker and enabled legal deives to communicate because only authenticated devices transmit data by a mutual authentication protocol. Finally, our scheme is safe for attacks such as eavesdropping attack, location tracking, replay attack, spoofing attack and denial of service attack and we confirmed the safety by attack scenario.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.12 no.5
• /
• pp.863-869
• /
• 2008

In this paper, a system with sensor network security mechanism which can be applied to home network structure is designed and it is implemented on a virtual network of a home network middleware. The basic structure of home networking middleware supports one-to-one (unicast) or broadcast communication mode between the lookup server and service nodes on the network. Confidentiality and authentication are key security factors of the one-to-one communication and user authentication is crucial for broadcasting mode. One of the sensor network's security techniques SPINS consists of SNEP and ${\mu}TESLA$. The SNEP ensures confidentiality and authentication, and ${\mu}TESLA$ provides broadcast authentication. We propose a SPIN based home network middleware and it is implemented by using the CBC-MAC for MAC generation, the counter mode (CTR) for message freshness, the pseudo random function (PRF) and RC5 as encryption algorithm. The implementation result shows that an attacker cannot decrypt the message though he gets the secure key because of CTR mode. In addition, we confirmed that a received message of the server is authenticated using MAC.

• Nuclear Engineering and Technology
• /
• v.53 no.10
• /
• pp.3327-3334
• /
• 2021

Present electric grids are advanced to integrate smart grids, distributed resources, high-speed sensing and control, and other advanced metering technologies. Cybersecurity is one of the challenges of the smart grid and nuclear plant digital system. It affects the advanced metering infrastructure (AMI), for grid data communication and controls the information in real-time. The research article is emphasized solving the nuclear and smart grid hardware security issues with the integration of field programmable gate array (FPGA), and implementing the latest Time Authenticated Cryptographic Identity Transmission (TACIT) cryptographic algorithm in the chip. The cryptographic-based encryption and decryption approach can be used for a smart grid distribution system embedding with FPGA hardware. The chip design is carried in Xilinx ISE 14.7 and synthesized on Virtex-5 FPGA hardware. The state of the art of work is that the algorithm is implemented on FPGA hardware that provides the scalable design with different key sizes, and its integration enhances the grid hardware security and switching. It has been reported by similar state-of-the-art approaches, that the algorithm was limited in software, not implemented in a hardware chip. The main finding of the research work is that the design predicts the utilization of hardware parameters such as slices, LUTs, flip-flops, memory, input/output blocks, and timing information for Virtex-5 FPGA synthesis before the chip fabrication. The information is extracted for 8-bit to 128-bit key and grid data with initial parameters. TACIT security chip supports 400 MHz frequency for 128-bit key. The research work is an effort to provide the solution for the industries working towards embedded hardware security for the smart grid, power plants, and nuclear applications.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.3
• /
• pp.505-514
• /
• 2012

Because people usually establish their online social network based on their offline relationship, the social networks (i.e., the graph of friendship relationships) are often used to share contents. Mobile devices let it easier in these days, but it also increases the privacy risk such as access control of shared data and relationship exposure to untrusted server. To control the access on encrypted data and protect relationship from the server, M. Atallah et al. proposed a hop-based scheme in 2009. Their scheme assumed a distributed environment such as p2p, and each user in it shares encrypted data on their social network. On the other hand, it is very inefficient to keep their relationship private, so we propose an improved scheme. In this paper, among encrypted contents and relationships, some authenticated users can only access the data in distributed way. For this, we adopt 'circular-secure symmetric encryption' first. Proposed scheme guarantees the improved security and efficiency compared to the previous work.

• Journal of Internet of Things and Convergence
• /
• v.9 no.2
• /
• pp.77-82
• /
• 2023

As the method of collecting and utilizing structured and unstructured data develops due to the influence of the Fourth Industrial Revolution, unwanted personal information data is also being collected and utilized, and hackers are attempting various attacks to steal information. As a result, the importance of information protection has increased, and various protection techniques have emerged, among which many studies have been conducted using decentralized techniques of blockchain and various algorithms to strengthen the security of biometric authentication techniques. This paper proposed a public blockchain biometric authentication system that allows users to protect their data in a safer biometric authentication method in the public blockchain and use it in the blockchain through signature with authenticated information.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.6
• /
• pp.869-879
• /
• 2023

Sparkle is one of the finalists in the Lightweight Cryptography Standardization Process conducted by NIST. It is a nonlinear permutation and serves as a core component for the authenticated encryption algorithm Schwaemm and the hash function Esch. In this paper, we provide specific forms of input and output differences for 6 rounds of Sparkle384 and 7 rounds of Sparkle512, and make formulas for the complexity of finding input pairs that satisfy these differentials. Due to the significantly lower complexity compared to similar tasks for random permutations with the same input and output sizes, they can be valid distinguishing attacks. The numbers(6 and 7) of attacked rounds are very close to the minimum numbers(7 and 8) of really used rounds.