• Journal of KIISE
• /
• v.41 no.11
• /
• pp.982-991
• /
• 2014

The integrity assurance of recorded video by car black boxes are necessary as the car black box is becoming more popular. In this paper, we propose a video data integrity assurance scheme reflecting the features of car black box. The proposed method can detect any kind of deletion, insertion, modification of frames by cyclic chaining using inter block relation. And, it provides the integrity assurance function consistently even in cases of file overwriting because of no more free space in storage, partial file data lost. And non-repudiation is supported. Experimental results with a car black box embedded system with A8 application processor show that our method has a feasible computational overhead to process full HD resolution video at 30 frames per second in a real time.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2010.10a
• /
• pp.618-620
• /
• 2010

We are using a certificate, OTP(One Time Password), Security Card etc. for safety on E-commerce. However, These are not perfectly protect Confidentiality, integrity, user authentication, and nonrepudiation. In this paper, we are proposed authentication scheme by certificate and OTP.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.13 no.3
• /
• pp.43-51
• /
• 2017

MANET consists of only wireless nodes having limited processing capability. It processes routing and data transmission through cooperation among each other. And it is exposed to many attack threats due to the dynamic topology by movement of nodes and multi-hop communication. Therefore, the reliability of transmitted data between nodes must be improved and security of integrity must be high. In this paper, we propose a method to increase the reliability of transmitted data by providing a secure cryptography protocol. The proposed method used a hierarchical structure to provide smooth cryptographic services. The cluster authentication node issues the cluster authentication key pair and unique key to the nodes. The nodes performs the encryption through two steps of encryption using cluster public key and block encryption using unique key. Because of this, the robustness against data forgery attacks was heightened. The superior performance of the proposed method can be confirmed through comparative experiment with the existing security routing method.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2001.10a
• /
• pp.499-502
• /
• 2001

FreeS/WAN[l] 은 LINUX 상에서 네트워크 보안 프로토콜표준인 IPSEC을 구현한 공개 S/W이다. 현재 LINUX Project로 수행되고 있으며 1.91 version 까지 나와 있다. 라우터와 라우터간에 IPSEC을 사용하여 통신함으로써 access control, connectionless integrity, data origin authentication, protection against replays, confidentiality의 서비스를 보장받을 수 있고, 또한 이러한 서비스들은 IP 계층에서 제공되기 때문에 IP 계층뿐만 아니라 그 이상의 계층에 대한 보호를 제공한다. [2] 본 논문에서는 LINUX router에 FreeS/WAN IPSEC을 설치하여 Security Gateway를 구성하고, 이 Security Gateway를 통해 전형적인 가상사설망을 구성할 수 있음을 보였다. 양단의 Security Gateway에 설치되어진 FreeS/WAN으로 VPN connection을 설정하고, 인증방법으로 RSA authentication key를 setup 하였다. IPSEC을 통하여 암호화되어진 데이터로 양단의 Gateway 구간에서 보안통신이 이루어짐을 알아본다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2011.11a
• /
• pp.790-793
• /
• 2011

오늘날 인터넷의 발달과 스마트 기기들의 발달로 인해 우리의 일상생활 깊숙이까지 정보화가 이루어 졌다. 최근 스마트폰을 사용하는 사람들의 수가 1,000만 명이 넘어서고 있으며 스마트폰을 통해 필요한 프로그램을 다운받는 수도 급격하게 증가하고 있다. 그런데 프로그램을 제작 후 인터넷을 통해 배포할 시 보안상 안전하지 않다는 문제가 있다. 악의적인 제 3자가 배포 중인 프로그램에 악성코드를 삽입하여 악성코드도 같이 배포되도록 할 수 있기 때문이다. 이를 대비하기 위해 프로그램의 무결성을 보장하는 PAC(Program Authentication Code)을 제안한다. PAC은 기존 악성코드 정보를 가진 데이터베이스가 없어도 프로그램에 악성코드가 삽입되는 것을 탐지할 수 있다. 또한 해시함수를 사용하여 고정된 길이의 인증코드를 생성함으로 네트워크로 전송하거나 한정된 메모리에서 보관하기에 용이하다.

• Journal of Korea Multimedia Society
• /
• v.20 no.12
• /
• pp.1928-1939
• /
• 2017

Fog computing is another paradigm of the cloud computing, which extends the ubiquitous services to applications on many connected devices in the IoT (Internet of Things). In general, if we access a lot of IoT devices with existing cloud, we waste a huge amount of bandwidth and work efficiency becomes low. So we apply the paradigm called fog between IoT devices and cloud. The network architecture based on cloud and fog computing discloses the security and privacy issues according to mixed paradigm. There are so many security issues in many aspects. Moreover many IoT devices are connected at fog and they generate much data, therefore light and efficient security mechanism is needed. For example, with inappropriate encryption or authentication algorithm, it causes a huge bandwidth loss. In this paper, we consider issues related with data encryption and authentication mechanism in the network architecture for cloud and fog-based M2M (Machine to Machine) IoT services. This includes trusted encryption and authentication algorithm, and key generation method. The contribution of this paper is to provide efficient security mechanisms for the proposed service architecture. We implemented the envisaged conceptual security check mechanisms and verified their performance.

• Journal of the Korea Institute of Military Science and Technology
• /
• v.2 no.1
• /
• pp.159-169
• /
• 1999

Recently a firewall is being employed to protect hacking by controlling the traffics. The security services in the firewall include authentication, access control, confidentiality, integrity, and audit trail. A token is adapted for authentication to the firewall. A token has a small battery within which has restricted power capacity, This paper proposes a novel cost-effective firewall token for hacking protecting on transmission control protocol/internet protocol (TCP/IP) based network. This paper proposes a fast exponentiation method with a sparse prime that take a major operation for a public-key crypto-system and a major power consumption in the token. The proposed method uses much less amount of modular operations in exponentiation that is reduced of battery's capacity or CPU's price in the token.

• Journal of information and communication convergence engineering
• /
• v.12 no.1
• /
• pp.19-25
• /
• 2014

The wireless sensor networking standard DASH7 operates in low-power communication with a better transmission quality in active RFID networks. The DASH7 security standard supports public key cryptography. At present, the DASH7 standard uses the message authentication code in the network layer for authentication and integrity. However, its security standard is still in an incubation stage with respect to the implementation of a crypto exchange over a DASH7 network. Effective key management is an important factor for privacy and security. If organizations are not careful about where and how keys are stored, they leave the encrypted data vulnerable to theft. In this regard, we present a key management system designed for efficient key management through public key infrastructure authentication as well as a non-repudiation feature for the DASH7 standard. We analyze the performance of the proposed system on a basis of various performance criteria such as latency and throughput.

• Journal of Arbitration Studies
• /
• v.9 no.1
• /
• pp.367-390
• /
• 1999

The basic requirements for conducting electronic commerce include confidentiality, integrity, authentication and authorization. Cryptographic algorithms, make possible use of powerful authentication and encryption methods. Cryptographic techniques offer essential types of services for electronic commerce : authentication, non-repudiation. The oldest form of key-based cryptography is called secret-key or symmetric encryption. Public-key systems offer some advantages. The public key pair can be rapidly distributed. We don't have to send a copy of your public key to all the respondents. Fast cryptographic algorithms for generating message digests are known as one-way hash function. In order to use public-key cryptography, we need to generate a public key and a private key. We could use e-mail to send public key to all the correspondents. A better, trusted way of distributing public keys is to use a certification authority. A certification authority will accept our public key, along with some proof of identity, and serve as a repository of digital certificates. The digital certificate acts like an electronic driver's license. The Korea government is trying to set up the Public Key Infrastructure for certificate authorities. Both governments and the international business community must involve archiving keys with trusted third parties within a key management infrastructure. The archived keys would be managed, secured by governments under due process of law and strict accountability. It is important that all the nations continue efforts to develop an escrowed key in frastructure based on voluntary use and international standards and agreements.

• Convergence Security Journal
• /
• v.14 no.7
• /
• pp.17-22
• /
• 2014

Wireless Ad hoc Network is threatened from many types of attacks because of its open structure, dynamic topology and the absence of infrastructure. Attacks by malicious nodes inside the network destroy communication path and discard packet. The damage is quite large and detecting attacks are difficult. In this paper, we proposed attack detection technique using secure authentication infrastructure for efficient detection and prevention of internal attack nodes. Cluster structure is used in the proposed method so that each nodes act as a certificate authority and the public key is issued in cluster head through trust evaluation of nodes. Symmetric Key is shared for integrity of data between the nodes and the structure which adds authentication message to the RREQ packet is used. ns-2 simulator is used to evaluate performance of proposed method and excellent performance can be performed through the experiment.