• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.8 no.2
• /
• pp.331-337
• /
• 2004

Multiparty conference service based on SIP supported by VoIP network is gradually increased in use and the continuous development and standardization works on SIP are in the process of advancing. But SIP used in currently does not support identity discovery and distribution of each participant for multipath conference. In this paper, a SIP extension method for guaranteeing security from the multiparty conference based on SIP is proposed. We design a new SIP header and method for discovering and distributing a participant's identity in closed multiparty conference when the call initiation is established. And it can ensure that each participant is notified before a new participant joins.

• Journal of Information Processing Systems
• /
• v.16 no.3
• /
• pp.699-717
• /
• 2020

Propagation time on permissionless blockchain plays a significant role in terms of stability and performance in the decentralized systems. A large number of activities are disseminated to the whole nodes in the decentralized peer-to-peer network, thus causing propagation delay. The stability of the system is our concern in the first place. The propagation delay opens up opportunities for attackers to apply their protocol. Either by accelerating or decelerating the propagation time directly without proper calculation, it brings numerous negative impacts to the entire blockchain system. In this paper, we thoroughly review and elaborate on several parameters related to the propagation time in such a system. We describe our findings in terms of data communication, transaction propagation, and the possibility of an interference attack that caused an extra propagation time. Furthermore, we present the influence of block size, consensus, and blockchain scalability, including the relation of parameters. In the last session, we remark several points associated with the propagation time and use cases to avoid dilemmas in the light of the experiments and literary works.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.6 no.12
• /
• pp.3352-3365
• /
• 2012

Group key agreement (GKA) is a cryptographic primitive allowing two or more users to negotiate a shared session key over public networks. Wu et al. recently introduced the concept of asymmetric GKA that allows a group of users to negotiate a common public key, while each user only needs to hold his/her respective private key. However, Wu et al.'s protocol can not resist active attacks, such as fabrication. To solve this problem, Zhang et al. proposed an authenticated asymmetric GKA protocol, where each user is authenticated during the negotiation process, so it can resist active attacks. Whereas, Zhang et al.'s protocol needs a partially trusted certificate authority to issue certificates, which brings a heavy certificate management burden. To eliminate such cost, Zhang et al. constructed another protocol in identity-based setting. Unfortunately, it suffers from the so-called key escrow problem. In this paper, we propose the certificateless authenticated asymmetric group key agreement protocol which does not have certificate management burden and key escrow problem. Besides, our protocol achieves known-key security, unknown key-share security, key-compromise impersonation security, and key control security. Our simulation based on the pairing-based cryptography (PBC) library shows that this protocol is efficient and practical.

• Convergence Security Journal
• /
• v.21 no.3
• /
• pp.3-11
• /
• 2021

Most of the internet security protocols rely on classical algorithms based on the mathematical complexity of the integer factorization problem, which becomes vulnerable to a quantum computer. Recent progresses of quantum computing technologies have highlighted the need for applying quantum key distribution (QKD) on existing network protocols. We report the development and integration of a plug & play QKD device with a commercial IPSec device by replacing the session keys used in IPSec protocol with the quantum ones. We expect that this work paves the way for enhancing security of the star-type networks by implementing QKD with the end-to-end IP communication.

• Proceedings of the Korean Information Science Society Conference
• /
• 2002.04a
• /
• pp.778-780
• /
• 2002

The TLS protocol suite, which provides transport-layer security far the Internet, has been standardized in the IETF. A TLS session is an association between a client and a server, created by the TLS handshake Protocol. Sessions define a set of cryptographic securi쇼 parameters, which can be shared among multiple connections. The TLS protocol, however, does not address the specific method fur how to manage the existing TLS sessions on the host. This paper proposes an efficient management scheme TLS, based on the principles of trust management.

• Proceedings of the Korean Information Science Society Conference
• /
• 2002.10c
• /
• pp.547-549
• /
• 2002

Seo와 Sweeny는 통신 당사자간의 직접적인 세션키(session key) 교환을 위해 SAKA(Simple Authenticated Key Agreement Algorithm)를 제안했다. SAKA는 패스워드(password)를 사용하여 사용자인증 기능을 제공하는 변형된 Diffie-Hellman 키 교환 프로토콜로써, 키 생성 및 사용자 인증 시 요구되는 계산량과 메시지 전송량을 고려할 때 효율적인 프로토콜이다. 그러나, 최근에 Lin은 SAKA의 안전성에 취약점이 있음을 지적하고 개선된 프로토콜을 제안하였다. 본 논문에서는 개선된 프로토콜이 여전히 재전송 공격(replay attack)에 안전하지 않기 때문에 사용자 인증을 제공 할 수 없음을 보인다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2010.04a
• /
• pp.693-695
• /
• 2010

본 논문에서는 사회 안전 환경을 위한 IP-USN 기반의 멀티미디어 응용 개발 프레임워크에서 네스티드 세션 관리를 위한 RARV 구조에 대하여 기술한다. 네스티드 세션이란 하나의 부모 세션 아래에 여러 개의 자식 세션이 존재하는 것을 말한다. 제안한 시스템에서는 새로 생성된 자식 세션은 기본적으로 부모 세션의 설정을 계승하고, 모든 자원에 대하여 동일한 접근 권한을 갖게 하고, 한 참여자는 하나의 네스티드 세션에만 참여하는 것이 허용되는 특징을 갖는다.

• THE INTERNATIONAL COMMERCE & LAW REVIEW
• /
• v.13
• /
• pp.69-81
• /
• 2000

Under the co-sponsorship of UNIDROIT and I.C.A.O., a preliminary draft Convention on International Interests in Mobile Equipment and a preliminary draft Protocol on Matters Specific to Aircraft Equipment has been prepared. The purpose of the Convention is to provide for the creation and effect of a new international interest in mobile equipment. The Convention's approach is quite novel in that it purports to create an international interest based upon the convention itself. The Convention is intended to be supplemented by Protocols, each of is intended to provide equipment-specific rules necessary to adapt the rules of the Convention to fit the special pattern of financing for different categories of equipment. To date, two sessions of governmental experts were held in Rome and Montreal. Korean delegations attended the two sessions. One of the members of the Korean delegation published a report on the first session. He expressed his objection to the so called self-help remedy contemplated by the current preliminary draft of the Convention which enables the holder of a security interest to repossess and dispose of the subject of the security interest by private sale rather than public auction on the occurrence of an event of default of the debtor. His view is based upon his understanding that under Korean law, the only remedy available to the holder of a security interest in mobile equipment, such as an airplane, is to apply to the competent court for a public auction. In my view, his understanding is not quite correct and is inconsistent with the current practice in Korea. Under Korean law, the parties' agreement for private sale is in principle valid unless there is an interested party who has acquired a security interest after the creation of the prior security interest or a creditor who has caused the subject of the security interest to be attached by a competent court. In this article, I discuss the current Korean law and practice relating to the enforcement of security interests by private sale in more detail.

• Convergence Security Journal
• /
• v.8 no.4
• /
• pp.41-49
• /
• 2008

VoIP is a service that changes the analogue audio signal into a digital signal and then transfers the audio information to the users after configuring it as a packet; and it has an advantage of lower price than the existing voice call service and better extensibility. However, VoIP service has a system structure that, compared to the existing PSTN (Public Switched Telephone Network), has poor call quality and is vulnerable in the security aspect. To make up these problems, TLS service was introduced to enhance the security. In practical system, however, since QoS problem occurs, it is necessary to develop the VoIP security system that can satisfy QoS at the same time in the security aspect. In this paper, a user authentication VoIP system that can provide a service according to the security and the user through providing a differential service according to the approach of the users by adding AA server at the step of configuring the existing VoIP session is suggested. It was found that the proposed system of this study provides a quicker QoS than the TLS-added system at a similar level of security. Also, it is able to provide a variety of additional services by the different users.

• Journal of the Korea Society of Computer and Information
• /
• v.15 no.9
• /
• pp.99-107
• /
• 2010

This paper showed that the integrated system to fortify security was much more efficient than the respective system through the analysis of problems from Firewall and IPS system in the existing security systems. The results of problem analysis revealed that there were the delay of processing time and lack of efficiency in the existing security systems. Accordingly, their performance was evaluated by using the separated Firewall, IPS system, and the integrated system. The result of evaluation shows that the integrated security system this paper suggested is five times faster than the existing one in terms of processing speed of response. This paper demonstrated the excellence of the proposed security system is also more than fivefold in session handling per second and six times process speeding in the CPU processing performance. In addition, several security policies are applied, and it provided a fact that it gave an excellent performance when it comes to protecting from harmful traffic attacks. In conclusion, this paper emphasized that fortifying the integrated security system was more efficient than fortifying the existing one considering in various respects such as cost, management, time, space and so on.