• Journal of the Korea Society of Computer and Information
• /
• v.17 no.7
• /
• pp.107-115
• /
• 2012

Recently, Li and Hwang scheme proposed a biometrics-based remote user authentication scheme using smart card. It is asserted that this scheme has very excellent benefits by the operation cost efficiency based on the smart card, one-way function and biometrics using random numbers. But this scheme cannot provide the properly authentication, especially, it is analyzed as the vulnerable security scheme for Denial-of-Service(DoS) attacks by impersonate attacks. The attacker controls the insecure channel, they can easily fabricate messages to pass the user's or server's authentication, and the malicious attacker can impersonate the user to cheat the server and can impersonate the server to cheat the user without knowing any secret information. This paper proposes the strong improved scheme which can respond to multiple attacks by supplementing the function of integrity check from the server which applied variable authenticator and OSPA without exposing the user's password information. It is supplemented pregnable of disguise attack and mutual authentication of Li and Hwang scheme.

• Convergence Security Journal
• /
• v.14 no.4
• /
• pp.3-8
• /
• 2014

Wireless Ad hoc Network is threatened from many types of attacks because of its open structure, dynamic topology and the absence of infrastructure. Attacks by malicious nodes inside the network destroy communication path and discard packet. The damage is quite large and detecting attacks are difficult. In this paper, we proposed attack detection technique using secure authentication infrastructure for efficient detection and prevention of internal attack nodes. Cluster structure is used in the proposed method so that each nodes act as a certificate authority and the public key is issued in cluster head through trust evaluation of nodes. Symmetric Key is shared for integrity of data between the nodes and the structure which adds authentication message to the RREQ packet is used. ns-2 simulator is used to evaluate performance of proposed method and excellent performance can be performed through the experiment.

• Journal of Korea Multimedia Society
• /
• v.15 no.8
• /
• pp.1048-1058
• /
• 2012

This paper proposes the DDMPF(Distributed Data Management Protocol using FAT) which prevents data loss and keeps the security of self-organized storages by comprising a client, a storage server, and a verification server in clouding environment. The DDMPF builds a self-organized storage server, solves data loss by decentralizing the partitioned data in it in contrast to the centralized problem and the data loss caused by the storage server problems of existing clouding storages, and improves the efficiency of distributed data management with FAT(File Allocation Table). And, the DDMPF improves the reliability of data by a verification server's verifying the data integrity of a storage server, and strengthens the security in double encryption with a client's private key and the system's master key using EC-DH algorithm. Additionally, the DDMPF limits the number of verification servers and detects the flooding attack by setting the TS(Time Stamp) for a verification request message and the replay attack by using the nonce value generated newly, whenever the verification is requested.

• Journal of the Korean Society for Aeronautical & Space Sciences
• /
• v.42 no.6
• /
• pp.453-460
• /
• 2014

We analyze fault detection algorithm of ephemeris included in navigation message, which is one of the GNSS risk factors. This algorithm uses carrier-phase measurement and baseline vector of two reference stations and is alternative method for uncertainty condition of previous ephemeris. Even though same ephemeris fault is occurred, the geometry condition, between baseline vector of reference stations and satellites, effects on performance of algorithm. Also, we introduce the suitable geometry of reference stations, threshold and performance index (MDE : Minimum Detectable Error) in jeju international airport.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2013.05a
• /
• pp.650-652
• /
• 2013

As VANET(Vehicular Ad-hoc NETwork) improves road safety, efficiency, and comfort, and provides a value-added service such as commerce information or internet access. it is the most important technology in ITS(Intelligent Transportation System). But, In VANETs, better communication efficiency can be achieved by sacrificing security and vice versa. VANETs cannot get started without either of them. Therefore, to solve these problems simultaneously, this paper proposes MAC(Message Authentication Code) based SDAP(Secure Data Aggregation Protocol) which removes redundant data or abnormal data between vehicles and verifies the integrity of message. The MAC based SDAP not only improves the efficiency of data delivery but also enhances the security by detecting malicious attacks such as propagation jamming attack, forgery attack, and disguised attack.

• The KIPS Transactions:PartC
• /
• v.10C no.1
• /
• pp.17-26
• /
• 2003

Mobile agent system comes into the spotlight since it contributes largely to mobile computing on distributed network environment. However, this system has a number of significant security Problems. In this Paper, we analyze suity attacks to mobile agent system Presented by NIST[3]. In order to protect this system from them, we suggest a security protocol for mobile agent system by employing R based key distribution and digital multi-signature scheme. To solve these problems described in NIST, securities for mobile agent and agent platform shouid be accomplished. Comparing with other protocols, our protocol performs both of these securities, while other protocols mentioned only one of them. Proposed Protocol satisfies simplicity of key management, providing security service such as confidentiality, integrity, authentication and preventing reputation, liveness guarantee, protection of excution-result data and preventing replay attack. Furthermore, it is designed to detect message modification immediately by verifying each step of agent execution at a corresponding server.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.42 no.5
• /
• pp.999-1008
• /
• 2017

In this paper, we propose a pipeline network coding (PNC) scheme for efficient data transmission in wireless networks, a data authentication scheme for verifying the integrity of data, and a node authentication scheme for a virtual source. PNC is a technique that improves the overall network performance by relaying data such that the relay node performing network coding transmits to the sender instead. However, network coding is vulnerable to a pollution attack, which is an attack by a malicious attacker to inject modified data into the network. To prevent this, hash-based message authentication code (HMAC) is used. For this purpose, in order to generate a tag used for data authentication, a key must be distributed to the nodes performing authentication. We applied a hash chain to minimize the overhead of key distribution. A null vector is used as the authentication scheme for the virtual source. Finally, we analyze the safety and complexity of the proposed scheme and show he performance through simulation.

• The Transactions of the Korea Information Processing Society
• /
• v.6 no.1
• /
• pp.134-147
• /
• 1999

The DNS provides naming services which are the basis for the application of the Internet and the security of the DNS should be provided for the security of the Internet. Recently IETF proposed a method which guarantees the integrity of DNS database contents and DNS queries/replies and distributes host public keys. In this paper we describe the design and implementation of the secure DNS which is built based on the IETF proposal and extended to facilitate its sue and management. In the extended secure DNS, DNS servers are used ad the directory system in a public key infrastructure and stores/distributes user public key certificates. The Web-based management interface and security log functions are added and the extended secure DNS is being built so that new cryptographic algorithms can be easily added.

• Journal of Venture Innovation
• /
• v.2 no.1
• /
• pp.13-21
• /
• 2019

In LTE environment, which is 4th generation mobile communication systems, there is concern about private information exposure by transmitting initial identifier in plain text. This paper suggest mutual authentication protocol, which uses one-time password utilizing challenge-response and AES-based Milenage key generation algorithm, as solution for safe initial identification communication, preventing unique identification information leaking. Milenage key generation algorithm has been used in LTE Security protocol for generating Cipher key, Integrity key, Message Authentication Code. Performance analysis evaluates the suitability of LTE Security protocol and LTE network by comparing LTE Security protocol with proposed protocol about algorithm operation count and Latency.Thus, this paper figures out initial identification communication's weak points of currently used LTE security protocol and complements in accordance with traditional protocol. So, it can be applied for traditional LTE communication on account of providing additional confidentiality to initial identifier.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2002.11a
• /
• pp.368-372
• /
• 2002

Channel of distribution of contents of digitalised multimedia contents is changing in form passed directly to consumer from manufacturer through digital network of high speed. Together, diffusion of various digital equipment that do is changing Past multimedia consumption structure with the wonderful speed so that can consume easily digital contents. Specially, Multimedia Personal Computer and fast diffusion of a digital television are acting role such as catalyst that promote easy purchase and consumption of multimedia contents of good qualify. However, this system is no method that can sell digital contents and express right that original owner for the contents can insist nothing but consume. Because consumer can distribute to another person copying contents that buy because of and user can distribute producing ashes again according to necessary field by oneself as well as, can lose meaning for original contents. In this paper, Text editing system for XrML (extensible Rights Markup Language) that describe about integrity of message and entity authentication in addition to necessary rights, fees, condition etc. and this to do fetters XML (eXtensible Markup Language) for copyright protection for digital contents in treatise that see hereupon and use digital contents design and embody.