• Journal of KIISE:Computer Systems and Theory
• /
• v.29 no.5
• /
• pp.291-298
• /
• 2002

Mutual authentication is essential for key exchange protocols and password-based authentication scheme is used widely, which is convenient to users and executed on the cheap. Password-based protocol should be not only secure against attach but also efficient to reduce user's load. In this paper, we propose a new key exchange protocol, called OTP-EKE(One Time Password based Encrypted Key Exchange), to provide authentication and to share a session key between a server and a user. We choose a password-based scheme as a user authentication. Especially, we use a one-time-password verifier and server's public password to protect against attacks on server's directory. As for efficiency, we improve the performance by reducing the number of modular exponentiations and the number of rounds.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.10 no.10
• /
• pp.1786-1795
• /
• 2006

Portable Internet extended from wireless LAN has a large cell size, similar to a wireless mobile communication. and can provide the seamless service which offers middle-low speed mobility. IEEE 802.16e, the international standard of Portable Internet, uses PKMv2 protocol for authorization and key exchange between a MSS and a BS. This paper proposes a new protocol based on PKMv2, which can provide that MSS is able to do fast authorization with a new BS when soft handover is occurred in a MSS. Our protocol can carry out fast authorization because of reducing the number of messages and parameter exchange, public key encryption and signature in wireless network more than the previous works. It also prevents eavesdropping from an external attacker and keeps the security against impersonation attacks for both a MSS and a BS.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2006.05a
• /
• pp.861-864
• /
• 2006

인터넷과 무선통신 기술의 발달로 Mobile IP 에 대한 관심이 높아지고 있는 가운데 이동 중에도 멀티캐스트 서비스를 이용하기 위해 여러 가지 기술이 연구되고 있다. 인터넷과 멀티캐스트는 열린 모델이라 보안위협에 취약하다. 특히 멀티캐스트에서는 멀티캐스트 분배트리에 대한 접근제어가 중요하다. 본 논문에서는 이동 멀티캐스트에서 멀티캐스트 분배트리에 대한 송신자의 접근제어를 제공하여 서비스의 신뢰성을 높일 수 있는 MSAC (Multicast Source Access Control) 메커니즘을 제안한다. MSAC 과정은 이동하는 멀티캐스트 송신자의 정보들을 MSAC 서버를 통해 인증을 받아 허가되지 않은 노드의 멀티캐스트 분배 트리에 대한 접근을 방지하는 기법이다. MSAC 는 인터넷의 계층적인 특성을 이용하여 인증 회수를 줄이고, 토큰 인증방식을 사용하여 인증 시 메시지를 교환하는 횟수를 줄인다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2001.10b
• /
• pp.1041-1044
• /
• 2001

신뢰할 수 없는 네트워크를 통한 패스워드 기반의 원거리 사용자 인증은 패스워드의 선택범위와 길이가 사용자의 기억력에 제한되는 낮은 안전성 때문에 오프라인 사전공격에 취약하다. 본 논문은 이산 대수 문제 해결의 어려움에 기반한 Diffie-Hellman 키 교환과 블록암호화 알고리듬 및 MAC을 이용하여 패스워드 기반 인증 및 키 협상 프로토콜을 제안한다. 제안된 프로토콜은 오프라인 사전공격을 예방할 수 있으며, 세션키와 패스워드 검증정보가 독립적이므로 공격자에게 패스워드가 노출되더라도 이전 세션의 복호화에 영향을 미치지 않는 전향적 보안성을 제공한다. 또한 세션키의 노출이 패스워드에 대한 정보를 노출시키지 않으며, 암호화 횟수와 메시지 크기를 최소화 하여 효율성을 극대화 하였다. 따라서 웹을 통한 홈뱅킹이나, 모바일 환경이 요구되는 셀룰러 폰에서의 사용자 인증처럼 제3의 신뢰 기관을 이용하지 않는 단순 직접 인증에 적합하다.

• Journal of the Korean Society of Marine Environment & Safety
• /
• v.25 no.2
• /
• pp.178-188
• /
• 2019

When using a distributed system, it is very important to know the intention of a target ship in order to prevent collisions. The action taken by a certain ship for collision avoidance and the action of the target ship it intends to avoid influence each other. However, it is difficult to establish a collision avoidance plan in consideration of multiple-ship situations for this reason. To solve this problem, a Distributed Stochastic Search Algorithm (DSSA) has been proposed. A DSSA searches for a course that can most reduce cost through repeated information exchange with target ships, and then indicates whether the current course should be maintained or a new course should be chosen according to probability and constraints. However, it has not been proven how the parameters used in DSSA affect collision avoidance actions. Therefore, in this paper, I have investigated the effect of the parameters and weight factors of DSSA. Experiments were conducted by combining parameters (time window, safe domain, detection range) and weight factors for encounters of two ships in head-on, crossing, and overtaking situations. A total of 24,000 experiments were conducted: 8,000 iterations for each situation. As a result, no collision occurred in any experiment conducted using DSSA. Costs have been shown to increase if a ship gives a large weight to its destination, i.e., takes selfish behavior. The more lasting the expected position of the target ship, the smaller the sailing distance and the number of message exchanges. The larger the detection range, the safer the interaction.

• The Journal of The Korea Institute of Intelligent Transport Systems
• /
• v.7 no.5
• /
• pp.147-158
• /
• 2008

Recently, Intelligent Transportation System (ITS) has been actively developed and built since the Transportation System Efficiency Promotion Act was enacted. However, since mutual connection among transportation information systems was not considered, the integration of transportation information services did not occur. Accordingly, the Ministry of Land Transport and Maritime Affairs established and announced the technical standard on ITS. In this study, the conformance testing of the transportation information and communication system interface standard on data exchange between the Transportation Information Center and terminals was researched The test items were categorized as data request tests and data providing tests by analyzing the communication procedures specified in the standard. A detail testing scenario was created for each item. The test assessment was established based on the conformance of data exchange procedures and the accuracy of data packet messages. Under the established technical standard, the number of times that tests should be performed was thought set to 30 and the success rate was set to 95%. The purpose of this study is to help the ITS of Korea perform the integrated management of transportation information by researching methods for conformance testing on the technical standard on ITS.

• Journal of KIISE:Information Networking
• /
• v.32 no.6
• /
• pp.696-704
• /
• 2005

Flooding is usually utilized to find a multi hop route toward the destination which is not within transmission range in Ad Hoc networks. However, existing flooding schemes deteriorate the network performance because of periodic message exchanges, frequent occurrence of collisions, and redundant packet transmission. To resolve this, a flooding scheme using on demand cluster formation is proposed in this paper. The scheme employs ongoing Packets for constructing a cluster architecture as the existing on demand clustering scheme. Unlike to the existing on demand clustering scheme, the scheme makes use of unicast packet transmission to reduce the number of collisions and to find the flooding candidates easily. As a result, the proposed scheme yields fewer flooding nodes than other schemes. Simulation results proved that the proposed scheme reduces the number of transmissions and collisions than those of two other schemes.

• The Journal of The Korea Institute of Intelligent Transport Systems
• /
• v.9 no.6
• /
• pp.129-135
• /
• 2010

This paper suggests a multipath establishing scheme for ad hoc networks. Data paths are established by on-demand manner. Multipath are made as a sequence of route control message exchange at route setup process. Multipath can be used as a backup path or load balancing for data exchange. Proposed scheme uses a one-hop pre-search scheme for establishing multipath between source and destination. When a node selects a next node for route reply, the node finds optimal route by exchanging route information with neighbor nodes. Simulation results show that the proposed multipath scheme has better split characteristics among multipath and higher route survivability at the environment where nodes are moving.

• Journal of the Institute of Electronics and Information Engineers
• /
• v.50 no.3
• /
• pp.23-32
• /
• 2013

As the mobile communication technology is developed, the services for communication between the mobile devices are provided, and the amount of usage is increasing tremendously. For the device-to-device communication, the device should be verified if it is a service member. The existing verification schemes include interactions with the third party, while this may cause the problems that the bandwidth is dissipated and the devices which are out of the communication range of the base station cannot communicate with other devices. To solve such problems, we propose a new scheme for verification between mobile devices without interaction of third party. For the proposed scheme, we develop and employ a new zero-knowledge proof protocol, which verifies the device's membership and its expiration time. Furthermore, the scheme guarantees privacy of the mobile device since it checks the encrypted verification message without decrypting, and protects replaying attack since it uses challenge-response method.

• Journal of Digital Contents Society
• /
• v.15 no.2
• /
• pp.251-261
• /
• 2014

In the typical P2P VOD system, it is very important to develop the fast and efficient peer searching scheme since the peers frequently join and leave to/from P2P system. This paper proposes a new peer searching scheme for P2P VOD system based on DHT network environment. The proposed scheme constructs DHT network by managing the peers having close playback starting times and close network locations into a peer all together. The peer information is mapped onto DHT nodes by hashing the key values each of which consists of the starting time and network location of the peer. From the simulation results, the number of messages required to search the partner peers are decreased, and the number of buffer maps exchanging among the peers are also decreased. The proposed scheme can reduce the average network distances among the partner peers. As a result, the proposed scheme makes routing more efficient and it saves the network resources by decreasing communication traffic overhead.