• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.10 no.11
• /
• pp.5639-5653
• /
• 2016

Security models for key exchange protocols have been researched for years, however, lots of them only focus on what secret can be compromised but they do not differentiate the timing of secrets compromise, such as the extended Canetti-Krawczyk (eCK) model. In this paper, we propose a new security model for key exchange protocols which can not only consider what keys can be compromised as well as when they are compromised. The proposed security model is important to the security proof of the key exchange protocols with forward secrecy (either weak forward secrecy (wFS) or strong forward secrecy (sFS)). In addition, a new kind of key compromise impersonation (KCI) attacks which is called strong key compromise impersonation (sKCI) attack is proposed. Finally, we provide a new one-round key exchange protocol called mOT+ based on mOT protocol. The security of the mOT+ is given in the new model. It can provide the properties of sKCI-resilience and sFS and it is secure even if the ephemeral key reveal query is considered.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.11 no.5
• /
• pp.97-104
• /
• 2001

In this paper, we propose Recoverable Password Based Key Exchange Protocol(RPKEP). RPKEP has user who has password, server which share the secret key information with user, and password recovery agency(PRA) which help to recover the user\`s password. Proposed protocol has some advantages that it is secure against off-line dictionary attack which is considered most important in password based key exchange protocol and suer\`s security is preserved even though user\`s secret information stored in the server is disclosed. By applying Chaum\`s blind signature scheme in the process of password recovery, even the PRA can\`t obtain any information about user\`s password.

• International conference on construction engineering and project management
• /
• 2022.06a
• /
• pp.886-892
• /
• 2022

In construction projects, it is common to exchange documents using email because of convenience. In this study, a method extracting and organizing block information automatically based on email was developed. This method is composed of document exchange and archiving processes, which are difficult to manage and vulnerable to loss. Therefore, this study aims to develop a solution that can automatically link email and block information. The block data components are designed to derive from email exchange and user-additional input information. Also, automatically generating blocks process including extraction and conversion of information was proposed. This solution can lead to promote the convenience of project document management in terms of identifying the document flow and preventing loss of information.

• Journal of Electrical Engineering and Technology
• /
• v.5 no.1
• /
• pp.1-7
• /
• 2010

Recently, smart grid has been considered a very important new energy delivery technology, and one that can help ensure a cleaner environment by making use of information and communication technology (ICT) in countries around the world. The many technological benefits smart grid offers is expected to bring about a huge change in the electric energy supply chain. In particular, smart grid with advanced ICT is likely to allow market agents to participate in the decision-making process in the restructured electricity industry, easily facilitating Homeostatic Utility Control. In this paper, we examine smart grid as a market externality, and then illustrate issues from the commercial market perspective as it relates to electricity market design. Finally, our paper identifies some of the impacts of smart grid on electricity market design, which may possibly be incorporated into the evolution of the electricity market, thus ensuring market efficiency.

• Journal of Korea Multimedia Society
• /
• v.20 no.2
• /
• pp.279-288
• /
• 2017

Nowadays, nations cyber security capabilities play an important role in a nation's defense. Security-critical infrastructures such as national defenses, public services, and financial services are now exposed to Advanced Persistent Threats (APT) and their resistance to such attacks effects the nations stability. Currently Cyber Threat Intelligence (CTI) is widely used by organizations to mitigate and deter APT for its ability to proactively protect their assets by using evidence-based knowledge. The evidence-based knowledge information can be exchanged among organizations and used by the receiving party to strengthen their cyber security management. This paper will discuss on the business process reengineering of the CTI information exchange management for a nationwide scaled control and governance by the government to better protect their national information security assets.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.16 no.4
• /
• pp.139-146
• /
• 2006

A Signcryption proposed by Yuliang Zheng in 1997 is a hybrid public key primitive that combines a digital signature and a encryption. It provides more efficient method than a straightforward composition of an signature scheme with a encryption scheme. In a mobile communication environment, the authenticated key agreement protocol should be designed to have lower computational complexity and memory requirements. The password-based authenticated key exchange protocol is to authenticate a client and a server using an easily memorable password. This paper proposes an secure Authenticated Key Exchange protocol using Signcryption scheme. In Addition we also show that it is secure and a more efficient that other exiting authenticated key exchange protocol.

• Journal of the Korea Society of Computer and Information
• /
• v.16 no.2
• /
• pp.173-181
• /
• 2011

User authentication and key exchange protocols are the most important cryptographic applications. For user authentication, most protocols are based on the users' secret passwords. However, protocols based on the users' secret passwords are vulnerable to the password guessing attack. In 1992, Bellovin and Merritt proposed an EKE(Encrypted Key Exchange) protocol for user authentication and key exchage that is secure against password guessing attack. After that, many enhanced and secure EKE protocols are proposed so far. In 2006, Lo pointed out that Yeh et al.'s password-based authenticated key exchange protocol has a security weakness and proposed an improved protocol. However, Cao and Lin showed that his protocol is also vulnerable to off-line password guessing attack. In this paper, we show his protocol is vulnerable to on-line password guessing attack using new attack method, and propose an improvement of password authenticated key exchange protocol for imbalanced wireless networks secure against password guessing attack.

• Korean Journal of Computational Design and Engineering
• /
• v.11 no.4
• /
• pp.256-264
• /
• 2006

Currently, it is necessary to share and exchange drawing information between 2D and 3D data in AEC(Architecture, Engineering & Construction) fields. The authors suggest an information model framework to express IFC(Industry Foundation Classes)-based drawing of 3D AEC products as 2D drawing. In this study, 1) an information framework has been developed to enable sharing and exchange of AEC product model by adding various information factors, 2) standardized APIs and an IFC2DBrowser are developed.

• Proceedings of the Korean Operations and Management Science Society Conference
• /
• 2000.10a
• /
• pp.219-222
• /
• 2000

Systematic management of data related to business process, and information exchange within existing information systems or between different companies have recently become an important issue. This paper tries to solve such problems by using form based workflow system using XML(extensible Markup Language), a standard for digital document exchange. In this system, a new model that formalizes documents into XML form documents and manages them is developed. By defining and operating form documents by XML, information exchange within existing information systems such as ERP and SCM or between different companies, and interoperability between different WFMS can be easily achieved. In addition, by matching form, a formalized document, with existing database schema, WFMS can be directly applied to existing information system, thus enabling continuity of data management and business activity.

• Journal of the Korean Data and Information Science Society
• /
• v.23 no.1
• /
• pp.151-159
• /
• 2012

This paper proposes to develop multi-currencies portfolio strategy using principal component analysis (PCA) and logistic regression (LR) in foreign exchange market. While there is a great deal of literature about the analysis of exchange market, there is relatively little work on developing trading strategies in foreign exchange markets. There are two objectives in this paper. The first objective is to suggest portfolio allocation method by applying PCA. The other objective is to determine market timing which is the strategy of making buy or sell decision using LR. The results of this study show that proposed model is useful trading strategy in foreign exchange market and can be desirable solution which gives lots of investors an important investment information.