• Proceedings of the Korea Information Processing Society Conference
• /
• 2016.04a
• /
• pp.972-974
• /
• 2016

최근 전 세계적으로 IoT(Internet of Things) 기술이 활발히 연구되고 있다. IoT 환경은 임베디드나 센서 등의 시스템에 적용되는 경우가 많다. 그 특성으로 인해, 적용된 장치들은 경량화되기 때문에 통신을 위한 프로토콜로 UDP 기반 프로토콜을 많이 사용한다. UDP 기반 프로토콜은 TCP 기반 프로토콜보다 보안 기능이 미비하므로 UDP 상에서도 보안 기능을 제공해 줄 수 있는 DTLS(Datagram Transport Layer Security)가 권고된다. 하지만 DTLS는 저전력 IoT 환경을 고려하여 만들어진 프로토콜이 아니다. 그래서 저전력 IoT 환경에서 사용하기에는 힘들다. 하지만 HIGHT(HIGh security and light weigHT) 알고리즘을 사용하면 보안적인 측면을 고려하면서도 DTLS의 알고리즘인 AES(Advanced Encryption Standard)의 높은 에너지 소모량이 해결된다. 본 논문에서는 보안 측면을 고려하면서 에너지 효율까지 고려한 KISA(Korea Internet & Security Agency, 한국인터넷진흥원)의 HIGHT 암호화 알고리즘을 기반으로 DTLS를 경량화하여 저전력 기기에서 적용할 수 있는 방안을 제안한다.

• The Journal of Korea Institute of Information, Electronics, and Communication Technology
• /
• v.10 no.1
• /
• pp.66-76
• /
• 2017

As the IoT communication environment has been established, communications that utilize not only high-spec machines but also low-spec machines are increasing, but security threats are increasing, too. In recent times, a lot of papers have attempted to reduce the weight of IP layer security techniques such as IPsec and IKEv2 for low-spec machines. Typically, Smyslov proposed Lightweight IKEv2 protocol which is used in IoT environment. However, This proposed protocol had compatibility problem with IKEv2 protocol, So, It is hard to be expected to be used in IoT communication environment. Unlike the Smyslov's protocol, this paper proposed Lightweight IKEv2 protocol which can be compatible of IKEv2 protocol and applied lossless compression algorithm to payload. To suggest lightweight IKEv2 protocol, this paper analyzed IKEv2 protocol and existed lightweight IKEv2 protocol. Furthermore, This paper proved that proposed protocol is more efficient than existed lightweight IKEv2 protocol through performance evaluation as a method.

• Journal of the Korea Society of Computer and Information
• /
• v.11 no.6 s.44
• /
• pp.193-200
• /
• 2006

RFID technology has been gradually expanding its application areas however studies on personal space infringement along with security are insufficient. This paper proposes a new security protocol access time interval scheme and RSA algorithm to analyze existing RFID security protocol and attempts to solve the problem of lightweight protocol. Information protection for two-way channels can be enforced through the proposed protocol and other issues of sniffing and man-in-the-middle attacks can be solved by applying a mutual certification technique application among tag readers.

• Convergence Security Journal
• /
• v.6 no.1
• /
• pp.45-53
• /
• 2006

It has been proposed that several RFID authentication protocols based on hash chain. Status based authentication protocol and challenge-response based authentication protocol are secured against location tracking attacks, spoofing attacks, replay attacks, traffic analysis attacks but are vulnerable to Dos attacks. RFID authentication protocol with strong resistance against traceability and denial of service attack is secured against location tracking attack, spoofing attacks, replay attacks, DoS attacks but are vulnerable to traffic analysis attacks. The present study suggests a more secure and lightweight RFID authentication protocol which is combining the advantages of hash-chain authentication protocol and RFID authentication protocol with strong resistance against traceability and denial of service attack. The results of the secure analysts for a proposed protocol are illustrated that it is secured against location tracking attacks, spoofing attacks, replay attacks, traffic analysis attacks, Dos attacks and is a lightweight operation between server and tag.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.15 no.11
• /
• pp.2399-2403
• /
• 2011

Radio Frequency Identification(RFID) has been considered as an key infrastructure for the ubiquitous society. However, due to the inherent drawbacks, RFID causes var- ious security threats like privacy problems, tag cloning, etc. This paper analyses the security risk analysis process from the perspective of the RFID tag life cycle, identify the tag usage process, identify the associated vulnerability and threat to the confidentiality, integrity and availability of the information assets and its implications for privacy, and the mitigate the risks.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.40 no.10
• /
• pp.1969-1975
• /
• 2015

The Internet of Things (IoT), in which resource constrained devices communicate with each other, requires a lightweight security protocol. In this paper, we propose a new message authentication scheme using a hash tree for lightweight message authentication in the Datagram Transport Layer Security (DTLS) protocol. The proposed scheme provides lightweight secure operations compared with those of the DTLS protocol. Besides, it provides more suitable performance than the DTLS protocol for an IoT environment, thanks to the reduced use of message authentication code.

• Proceedings of the Korean Information Science Society Conference
• /
• 2007.10d
• /
• pp.136-139
• /
• 2007

무선 네트워크를 사용하는 RFID 시스템은 정보 유출에 취약하다. 하지만 하드웨어적인 제약으로 인해 물리적인 방법을 통한 보안 안전성 확보가 용이하지 않으므로, 경량화된 보안 프로토콜을 필요로 한다. 이에 본 논문에서는 리더간 네트워크 기술을 이용한 RFID 시스템을 위해 제안된 보안 프로토콜을 정형기법을 기반으로 하는 모델 체킹 방법을 통해 검증하였으며, 신뢰성 있는 보안 프로토콜을 적용한 RFID 시스템을 구축할 수 있도록 하였다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2008.05a
• /
• pp.1073-1076
• /
• 2008

최근 IT 기업들은 최첨단 인프라 기술을 활용한 모바일 단말 생산에 주력하며 시장을 확대하고 있다. 이에 따라 각 선진국의 보안업체들은 모바일 단말에 특화된 보안 기술 확보에 노력하고 있으나 국내의 모바일 단말 보안 기술은 선진국에 미치지 못하고 있다. 따라서 본 논문에서는 경량화 네트워크 단말에서 활용할 수 있는 ECC 암호 알고리즘의 공개키 생성시 시간 값을 활용한 보안 프로토콜을 설계하였다.

• Convergence Security Journal
• /
• v.7 no.1
• /
• pp.55-62
• /
• 2007

In ubiquitous environment the authentication protocol design for RFID security is studied to protect user privacy in RFID system. The XOR-based approach of RFID security is implemented inexpensively and simply. However because of using same security informations, ones of tag is disclosed easily. In this paper, we enhance the previous XOR-based authentication protocol using a circular shift operation.

• Journal of KIISE
• /
• v.45 no.3
• /
• pp.195-199
• /
• 2018

Recently, with increasing scale of internet of Things (IoT), a large amount of data are generated and various services using such data are emerging. Therefore, a protocol suitable for IoT environment that can efficiently process / transmit big data is needed. MQTT is a lightweight messaging protocol for IoT environment. Although MQTT protocol can use TLS to provide security, it has a problem in that handshake and packet overhead will increase when TLS is used. Therefore, this paper proposed as Secure_MQTT protocol. It can provide stronger security by using lightweight encryption algorithm for MQTT protocol.