The Journal of the Institute of Internet, Broadcasting and Communication (한국인터넷방송통신학회논문지)

The Institute of Internet, Broadcasting and Communication (한국인터넷방송통신학회)
권호 표지
DOI QR코드

DOI QR Code

Design of One-Time-Pad based on PKI Coordinates Technique for a Safe Key Transmission in E-Commerce Applications

전자상거래 응용에서 안전한 키 전송을 위한 PKI 좌표기법 One-Time-Pad의 설계

  • Received : 2015.08.26
  • Accepted : 2015.10.09
  • Published : 2015.10.31
Download PDF
⟨ Previous Next ⟩

Abstract

As electronic commerce service became more popular, information equivalent to currency prevails in network. Accordingly, hacking into network often occurs and thus OTP (One-Time-Password) has emerged as an alternative secondary security system. However, weakness has been found in even existing One-Time Password that used to be considered 'perfect'. Therefore, it becomes very urgent to have an additional security countermeasure. As security recommendation is not considered as solution anymore, more specific plan becomes necessary. The present study proposes PKI coordinates technique-based OTP (One-Time-Pad) for a safe key transmission in E-commerce.

전자상거래 서비스의 사용이 활발해지면서 화폐나 마찬가지인 기능을 하는 정보가 네트워크에 만연하게 되었다. 그에 따른 해킹이 증가함에 따라 이차적 보안장치가 대안으로 부상하며 OTP(One-Time Password)가 사용되기 시작했다. 하지만 완벽하다 믿었던 기존의 One-Time Password에서 취약점이 발견되면서 추가적인 보안대책이 시급하게 되었고 더 이상 보안적인 권고만이 해결책이 아니라는 판단에 이를 해결하기 위한 구체적인 방안을 필요로 하게 되었다. 본 논문은 전자상거래 응용에서 공개키를 이용하여 안전한 키 전송을 이루기 위해 PKI 좌표기법이 적용된 OTP(One-Time-Pad)를 제안한다.

Keywords

References

  1. Dirk Rijmenants, "IS One-time Pad History?", Cipher Machines & Cryptology, Mar, 2015.
  2. Jeong-In Kim, Nam-Hi Kang, "Secure Configuration Scheme of Pre-shared Key for Lightweight Devices in internet of Things", International Journal of Internet, Broadcasting and Communication (IJIBC), vol. 15, no. 3, pp.1-6, June, 2015.
  3. Dirk Rijmenants, "THE COMPLETE GUIDE TO SECURE COMMUNICATIONS WITH THE ONE TIME PAD CIPHER", Cipher Machines & Cryptology, Dec, 2014.
  4. Sang-Ho Lee, Sung-Bea Kang, Dae-Hun Nyang, Kung-Hee Lee, "Effective Palm Print Authentication Guideline Image with Smart Phone", Journal of the Korea Institute of Communication Sciences (J-KICS), vol. 39C, issue. 11, pp.994-999, Nov, 2014. https://doi.org/10.7840/kics.2014.39C.11.994
  5. Young-chul Choung, Kwang-Cheol Rim, "Research of Secret Communication Using Quantum key Distribution and AES", Journal of the Korea Institute of Information and Communication Engineering (JKIICE), vol. 18, no. 1, pp. 84-90, Jan, 2014. https://doi.org/10.6109/jkiice.2014.18.1.84
  6. Young-Do Joo, "Analysis on Security Vulnerabilities of a Biometric-based User Authentication Scheme for Wireless Sensor Networks", International Journal of Internet, Broadcasting and Communication (IJIBC), vol. 14, no. 1, pp.147-153, Feb, 2014.
  7. Won-Keun Choi, "Resource Manager of QoS Supporting of Q-MOTP for Multimedia Object Data Transfer in MPLS Network Using Q-CBQ", Journal of the Korea Institute of Communication Sciences(J-KICS), vol. 38B, issue. 12, pp.962-966, Dec, 2013. https://doi.org/10.7840/kics.2013.38B.12.962
  8. Nithin Nagaraj, "One-Time Pad as a nonlinear dynamical system", Commun ications in Nonlinear Science and Numerical Simulation(CNSNS) vol. 17, issue. 11, pp. 4029-4036, Nov. 2012. https://doi.org/10.1016/j.cnsns.2012.03.020
  9. Telecommunications Technology Association, "Algorithm Profile for One-Time Password", TTAK.KO-12.0193, Dec, 2012.
  10. Rosslin John Robles, Tai-Hoon Kim, "Securing Internet-based SCADA Wireless Component Communication", International Journal of Internet, Broadcasting and Communication (IJIBC), vol. 4, no. 1, pp. 3-7, Feb, 2012.
  11. Jung-Woo An, "A study on interactive authentication method using mobile one time password interlocked transaction for secure electronic financial transactions", Kookmin Univ, Master's thesis, Feb, 2010.
  12. Hae-soon Ahn, Eun-jun Yoon, Ki-dong Bu, In-gil Nam, "Secure and Efficient DB Security and Authentication Scheme for RFID System", The Journal of Korea Information and Communications Society (J-KICS), vol. 36, issue. 4C, pp. 197-206, Apr, 2011.
  13. Telecommunications Technology Association, "Guideline for Implementing Secure Mobile Systems Based on PKI", TTAE.IT-X1122, Dec, 2009.
  14. Young-Tae KIM, Su-Mi Lee, Bong-Nam Noh, "The Considerable Security Issues on the Security Enforcement of Cryptographic Technology in Finance Fields", Journal of the Korea Institute of Information Security and Cryptology (KIISC), vol. 19, no. 4, pp.137-142, Aug, 2009.
  15. Jong-In Lim, Dong-Hoon Lee, "Study on using secure passwords in the financial sector", Financial Informatization Promotion Committee Secretariat Bank of Korea pay stations, Research Service report, 2008.