• Convergence Security Journal
• /
• v.19 no.1
• /
• pp.3-10
• /
• 2019

The 5G network is a next-generation converged network that combines various ICT technologies to realize the need for high speed, hyper connection and ultra low delay, and various efforts have been made to address the security vulnerabilities of the previous generation mobile networks. However, the standards released so far still have potential security vulnerabilities, such as USIM deception and replication attack, message re-transmission attack, and race-condition attack. In order to solve these security problems, this paper proposes a new 5G-AKA protocol with PUF technology, which is a physical unclonable function. The proposed PUF-based 5G-AKA improves the security vulnerabilities identified so far using the device-specific response for a specific challenge and hash function. This approach enables a strong white-list policy through the addition of inexpensive PUF circuits when utilizing 5G networks in areas where security is critical. In addition, since additional cryptographic algorithms are not applied to existing protocols, there is relatively little burden on increasing computational costs or increasing authentication parameter storage.

• Journal of Internet Computing and Services
• /
• v.20 no.5
• /
• pp.9-18
• /
• 2019

Android Application Package (APK) is vulnerable to repackaging attacks. Therefore, obfuscation technology was applied inside the Android APK file to cope with repackaging attack. However, as more advanced reverse engineering techniques continue to be developed, fake Android APK files to be released. A new approach is needed to solve this problem. A blockchain is a continuously growing list of records, called blocks, which are linked and secured using cryptography. Each block typically contains a cryptographic hash of theprevious block, a timestamp and transaction data. Once recorded, the data inany given block cannot be altered retroactively without the alteration of all subsequent blocks. Therefore, it is possible to check whether or not theAndroid Mobile APK is forged by applying the blockchain technology. In this paper, we construct a discrimination DApp (Decentralized Application) against forgery Android Mobile APK by recording and maintaining the legitimate APK in the consortium blockchain framework like Hyperledger Fabric by Composer. With proposed DApp, we can prevent the forgery and modification of the appfrom being installed on the user's Smartphone, and normal and legitimate apps will be widely used.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.11 no.2
• /
• pp.45-58
• /
• 2001

There are relatively many research results of the validation of the cryptography. But few researches on the validation of cryptography implementations were accomplished. However, developer\`s misunderstanding the crypto-algorithm or a mistake in implementation of the crypto-a1gorithm leads to lose reliability of security products. Therefore, as validation of the crypto-algorithm itself also validation of the implementation is important. The major objective of this paper is to propose Security Products Validation Tool. Our tool validates implementation of the public key algorithm (RSA. KCDSA) and hash algorithm (SHA-1, HAS-170). The validation process is composed of several items and our tool performs validation teats for conformance to related standard.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.5 no.1
• /
• pp.37-50
• /
• 1995

The smart card with the cryptography and VLSI technologies makes it possible to implement the electronic cash easily. A number of electronic each schemes have been proposed by many cryptographic researchers. In this paper, we propose a practical electronic cash system, using blind digital signature scheme. Schnorr's authentication scheme based on the discrete logarithm problem, and the hierarchical cash tree based on two one-way hash functions for dividable payment. Thisf electronic cash scheme has such properties as privacy of the payment, off-line payment, non-reuseability of cash, transferability of cash to another customer, and dividable payment of cash. This electronic cash protocol is well suited for implementing in smart card.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.12 no.6
• /
• pp.71-80
• /
• 2002

To provide the confidentiality of messages transmitted over the network, the use of cryptographic system is increasing gradually and the hybrid cryptosystem, which combines the advantages of the symmetric cryptosystem and the public key cryptosystem is widely used. In this paper, we proposes a new hybrid cryptosystem capable of providing implicit authentication for the sender of the ciphertext by means of the 1-pass key distribution protocol that offers implicit key authentication, hash function and symmetric cryptosystem. Also, we describe some examples such as the Diffie-Hellman based system and the Nyberg-Ruppel based system. The proposed hybrid cryptosystem is an efficient more than general public key cryptosystems in the aspect of computation work and provides implicit authentication for the sender without additional increase of the communication overhead.

• KIPS Transactions on Computer and Communication Systems
• /
• v.11 no.2
• /
• pp.51-58
• /
• 2022

Blockchain technology is a system in which data from users participating in blockchain networks is distributed and stored. Bitcoin and Ethereum are attracting global attention, and the utilization of blockchain is expected to be endless. However, the need for blockchain data privacy protection is emerging in various financial, medical, and real estate sectors that process personal information due to the transparency of disclosing all data in the blockchain to network participants. Although studies using smart contracts, homomorphic encryption, and cryptographic key methods have been mainly conducted to protect existing blockchain data privacy, this paper proposes data privacy using matrix character relocation techniques differentiated from existing papers. The approach proposed in this paper consists largely of two methods: how to relocate the original data to matrix characters, how to return the deployed data to the original. Through qualitative experiments, we evaluate the safety of the approach proposed in this paper, and demonstrate that matrix character relocation will be sufficiently applicable in private blockchain environments by measuring the time it takes to revert applied data to original data.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2022.10a
• /
• pp.107-109
• /
• 2022

This paper proposes a new security system to detect cyber-attacks based on message authentication in a in-vehicle network. In the in-vehicle network, when a sending node transmits messages in a broadcast manner, it only uses a message identifier, rather than a node's identifier. It leads to a problem not identifying the source. In the proposed system, the sending node generates a message authentication code (MAC) using a cryptographic hash function to the control data and transmits it with the control data. When generating the MAC for each message, a multidimensional chaotic map is applied to increase the randomness of the result. The receiving node compares its MAC generated from the control data in the received message with the MAC of the received message to detect whether the message transmitted from the sending node is forged or not. We evaluate the performance of the proposed system by using CANoe and CAPL (Communication Access Programming Language). Our system shows a 100% of detection rate against cyber-attacks injected.