• Korean Security Journal
• /
• no.17
• /
• pp.157-172
• /
• 2008

The purpose of this research is to suggest a construction device that can transform a public safety, security service, security system on counter- terrorism device system, from government leading type to private management type. There are purpose on this thesis to research for the bringing up counter-terrorism experts certification system and about all sorts of developed device among our country's counter-terrorism situation and through comparing developed country's private security's developing device. This summary of thesis is like below. First we need to establish total counter-terrorism center, like developed country on national corresponding strategy. Second, we need to make an organization as a country security department unified as an America's President directly belonging organization. Third, it is to legislate about an counter-terrorism. Fourth, we need to make a coorperate system according to counter-terrorism duty come under private management, so that can recover a trust among people. Fifth, a terror warning system is necessary. Private security's mutual relationship and developing devices is First, it is necessary to bring up counter-terrorism expert. Second, it is necessary to bring in counter-terrorism experts certification system. Third, counter-terrorism research center that come under private management is necessary. It is considered that various research need to be continued after by bringing up counter-terrorism experts, transforming a consciousness, counter- terrorism education, building an equipment and education center, not for a special group, that can minimize human infringement.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.5
• /
• pp.71-82
• /
• 2011

The RFID system provides undeniable advantages so that it is used for various application. However recent RFID system is vulnerable to some attacks as eavesdropping, replay attack, message hijacking, and tag tampering, because the messages are transmitted through the wireless channel and the tags are cheap. Above attacks cause the tag and reader impersonation, denial of service by invalidating tag, and the location tracking concerning bearer of tags, A lot of RFID authentication protocol bas been proposed to solve the vulnerability. Since Weis, Sanna, Rivest, and Engel, proposed the bash-based RFID authentication protocol, many researchers have improved hash-based authentication protocol and recent bash-based authentication protocols provide security and desirable privacy. However, it remains open problem to reduce the tag identification time as long as privacy and security are still guaranteed. Here we propose a new protocol in which the tags generate the message depending on the state of previous communitions between tag and reader. In consequence, our protocol allows a server to identify a tag in a reasonable amount of time while ensuring security and privacy, To be specific, we reduced the time for the server to identify a tag when the last session finished abnormally by at least 50% compared with other bash-based schemes that ensure levels of security and privacy similar to ours.

• Journal of Korea Multimedia Society
• /
• v.11 no.5
• /
• pp.661-672
• /
• 2008

Mobile Ad-hoc NETwork is a kind of self-controlled network composed only of mobile hosts. Since its range of use is gradually expanding into various sections applicable to practical lives, active researches are being conducted on it. However, as it depends on cooperation of nodes composing the entire network, due to weakness of wireless link and lack of its central infrastructure, so it is exposed to more serious risk than general network in security. Therefore, this paper proposes Cluster-Based Dynamic Authentication that enables only reliable nodes to participate in communication, by solving lack of centralized infrastructure, using hierarchical Mobile Ad hoc NETwork structure based on cluster, and by complementing security weakness through mutual authentication between hierarchical nodes. Simulation shows that the proposed scheme can complement security weakness of Mobile Ad hoc NETwork and that it is more adequate in reliability and expandability than the existing schemes.

• Proceedings of the Korea Information Assurance Society Conference
• /
• 2004.05a
• /
• pp.297-302
• /
• 2004

Internet becomes absolutely necessary tools due to rapid progress of information technology. Educational correspondence abount an age of information demand is a education focused on a learner and remote education based on information technology. WBI(Web Based Instruction) is a formation that remotly educate a learner using web, possible mutual reaction between instructor and learner, submint various studying material, has a good point to overcome spatial restriction. Internal and external standardization working is accelerated and recently XML security studies are activated using XML which is next generation web standard document format. And XML electronic signature raise interworking between digital signature systems used by various field of using XML document. Using these merit and complementing defect are main contents that users have to pay about Certification service to get CA certificate from 2004 june. This paper propose multiplex Certification remote education agent system using XML digital signature to satisfy security requirement.

• Convergence Security Journal
• /
• v.19 no.4
• /
• pp.43-53
• /
• 2019

Recently, a number of military intranet infiltrations suspected of North Korea have been discovered. There was a problem that a vulnerability could occur due to the modification of user authentication data that can access existing military information systems. In this paper, we applied mutual verification technique and API (Application Programming Interface) forgery / forgery blocking and obfuscation to solve the authentication weakness in web browsers that comply with FIDO (Fast IDentity Online) standard. In addition, user convenience is improved by implementing No-Plugin that does not require separate program installation. Performance tests show that most browsers perform about 0.1ms based on the RSA key generation rate. In addition, it proved that it can be used for commercialization by showing performance of less than 0.1 second even in the digital signature verification speed of the server. The service is expected to be useful for improving military information system security as an alternative to browser authentication by building a web secure storage.

• Journal of Communications and Networks
• /
• v.11 no.6
• /
• pp.599-606
• /
• 2009

For many mission-critical related wireless sensor network applications such as military and homeland security, user's access restriction is necessary to be enforced by access control mechanisms for different access rights. Public key-based access control schemes are more attractive than symmetric-key based approaches due to high scalability, low memory requirement, easy key-addition/revocation for a new node, and no key predistribution requirement. Although Wang et al. recently introduced a promising access control scheme based on elliptic curve cryptography (ECC), it is still burdensome for sensors and has several security limitations (it does not provide mutual authentication and is strictly vulnerable to denial-of-service (DoS) attacks). This paper presents an energy-efficient access control scheme based on ECC to overcome these problems and more importantly to provide dominant energy-efficiency. Through analysis and simulation based evaluations, we show that the proposed scheme overcomes the security problems and has far better energy-efficiency compared to current scheme proposed byWang et al.

• Convergence Security Journal
• /
• v.12 no.6
• /
• pp.25-30
• /
• 2012

As the network composed of numerous sensor nodes, sensor network conducts the function of sensing the surrounding information by sensor and of the sensed information. Our military has also developed ICT(Information and Communication Technology) along with the methods for effective war by sharing smooth information of battlefield resources through network with each object. In this paper, a sensor network is clustered in advance and a cluster header (CH) is elected for clusters. Before deployment, a certificate is provided between the BS and the sensor nodes, and after clustering, authentication is done between the BS and the sensor nodes. Moreover, inter-CH authentication technique is used to allow active response to destruction or replacement of sensor nodes. Also, because authentication is done twice, higher level of security can be provided.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.41 no.5
• /
• pp.581-591
• /
• 2016

RFID(Radio Frequency IDentification) is a key technology in ubiquitous computing and is expected to be employed in more fields in the near future. Nevertheless, the RFID system is vulnerable to attacks by eavesdropping or altering of the messages transmitted in wireless channels. In 2013, Oh et al. proposed a mutual authentication protocol between a tag and a reader in RFID systems. Their protocol is designed to resist location tracking for privacy protection. However, all tags and readers use only one network-wide key in their protocol and tags are usually vulnerable to physical attacks. We found that their protocol is still vulnerable to tag/reader impersonation attacks and location tracking if an attacker obtains the network-wide key from a tag. In this paper, we propose a security improved authentication protocol for privacy protection in RFID systems. In addition, we demonstrate that the proposed scheme is efficient in terms of computation and communication costs.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.29 no.3C
• /
• pp.426-435
• /
• 2004

The DIAMETER protocol provides Authentication, Authorization, and Accounting (AAA) transactions across the Internet. SIP(Session Initiation Protocol) will be used for new types of signaling, such as instant messaging and application level mobility across networks. And SIP will be a major signaling protocol for next generation wireless networks. But the Digest authentication scheme is not using a secure method of user authentication in SIP, and it is vulnerable to man-in-the-middle attacks or dictionary attacks. This study focused on designing a SIP proxy for interworking with AAA server with respect to user authentication and security analysis. We compared and analyzed the security aspects of the scenarios and propose two proposals that a response which include the user address and password-based mutual authentication and key agreement protocol. It is claimed to be more secure against common attacks than current scenarios.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.6
• /
• pp.1443-1454
• /
• 2016

Balanced encoding method that implement Dual-rail logic style based on hardware technique to software is efficient countermeasure against side-channel analysis without additional memory. Since balanced encoding keep Hamming weight and/or Hamming distance of intermediate values constantly, using this method can be effective as countermeasure against side channel analysis due to elimination of intermediate values having HW and/or HD relating to secret key. However, former studies were presented for Constant XOR operation, which can only be applied to crypto algorithm that can be constructed XOR operation, such as PRINCE. Therefore, our first proposal of new Constant ADD, Shift operations can be applied to various symmetric crypto algorithms based on ARX. Moreover, we did not used look-up table to obtain efficiency in memory usage. Also, we confirmed security of proposed Constant operations with Mutual Information Analysis.