• Journal of Korea Multimedia Society
• /
• v.16 no.5
• /
• pp.577-590
• /
• 2013

Shamir's (k,n)-threshold secret sharing scheme is not secure against cheating by attacker because the signature of participants is omitted. To prevent cheating, many schemes have been proposed, and a proactive secret sharing is one of those. The proactive secret sharing is a method to update shares in the secret sharing scheme at irregular intervals. In this paper, a proactive image secret sharing scheme over $GF(2^8)$ is proposed for the first time. For the past 30 years, Galois field operation is widely used in order to perform the efficient and secure bit operation in cryptography, and the proposed scheme with update phase of shadow image over $GF(2^8)$) at irregular intervals provides the lossless and non-compromising of secret image. To evaluate security and efficiency of images (i.e. cover and shadow images) distortion between the proposed scheme and the previous schemes, embedding capacity and PSNR are compared in experiments. The experimental results show that the performances of the embedding capacity and image distortion ratio of the proposed scheme are superior to the previous schemes.

• The KIPS Transactions:PartC
• /
• v.10C no.6
• /
• pp.763-768
• /
• 2003

In this paper, we propose a S/KEY based authentication protocol using smart cards to address the vulnerebilities of both the S/KEY authentication protocol and the secure one-time password protpcol which YEH, SHEN and HWANG proposed [1]. Because out protpcel is based on public key, it can authenticate the server and distribute a session key without any pre-shared secret. Also, it can prevent off-line dictionary attacks by using the randomly generated user is stored in the users smart card. More importantly, it can truly achieve the strength of the S/KEY scheme that no secret information need be stored on the server.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 1995.11a
• /
• pp.294-304
• /
• 1995

컴퓨터 통신망을 이용하여 메세지를 교환하려는 주체의 신분을 확인하고, 메세지 전송시 예상되는 침입자의 도청을 예방하기위해 메세지의 암호화에 필요한 세션키를 분배하는 것이 인증 프로토콜의 목적이다. 본 논문에서는 Li Gong의 다항식 보간법을 이용한 인증 프로토콜중에서 비밀키의 사전 공유와 인증서버의 고신뢰도의 문제점을 해결할 수 있는 새로운 인증 프로토콜을 제안하였으며. 제안된 프로토콜의 정확성은 GNY로직을 이용하여 분석하였다.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2006.06a
• /
• pp.661-664
• /
• 2006

무선 이동 Ad hoc 네트워크는 고정된 인프라의 도움 없이 이동 노드들의 협력에 의해 자율적으로 구성되는 독립적이고 융통성 있는 네트워크이다. 최근 상업적인 분야에서도 Ad hoc 네트워크의 응용에 대한 관심이 급증하면서 Ad hoc 네트워크의 보안 문제도 해결되어야 할 기술적 요구사항으로 대두되고 있다. 특히, 이러한 요구사항을 만족시키기 위해 Ad hoc 네트워크상에서 공개키 기반구조(PKI)를 도입하는 것은 고정된 인프라를 사용하지 않는 애드혹 네트워크 특성상 매우 제한적인 기법이다. 또한 password를 기반으로 하는 인증된 키교환을 하기위해서는 모든 사용자가 사전에 password를 공유를 해야 하는 불편함이 있다. 본 논문에서는 인증을 위한 제 3의 신뢰기관이나, 사전 비밀 공유가 필요 없는 인증된 키교환 프로토콜을 제안한다.

• Journal of Korea Multimedia Society
• /
• v.13 no.8
• /
• pp.1202-1211
• /
• 2010

The connection between devices in Ad-hoc network a network based on trust. Because a temporary device frequently join or leave, the authentication and security technology should be prepared for malicious device of a third-party attacks. The authentication scheme with the existing certification and ID, and the security technology using symmetric key and the public key is used. Therefore, in this paper we proposed two devices not having shared information use to generate each other's authentication ID. The use of authentication ID can establish the mutual trust and, provide security and efficiency for communication uses to generate a symmetric key.

• Proceedings of the Korean Information Science Society Conference
• /
• 2004.04a
• /
• pp.361-363
• /
• 2004

무선 센서 네트워크(WSN: Wireless Sensor Network) 환경에서 보안성을 확보하기 위하여, 센서 노드간에 전송된 메시지를 암호화하고 인증하는 것이 중요하다. 암호화와 인증을 위해 사용되는 키는 통신 노드 사이에 합의되어야 한다. 그러나 자원의 제약성 때문에, 일반적인 네트워크에서 많이 사용되는 Diffie-Hellman이나 공개키 기반 키 협의 방법은 WSN 환경에 적합하지 않다. 많은 노드에 비밀키를 사전에 정적으로 분배하는 것은 대용량의 메모리와 계산 능력을 요구하고, 네트워크 환경이 커짐에 따라 이들의 요구량이 급증하기 때문이다. 따라서 이러한 사전 키 분배 문제를 해결하기 위하여, 본 논문은 계층적인 사전 키 분배 방법을 제시한다. 제안된 방법은 기존 방법론과 비교하여 센서 노드간의 공유키가 존재 할 가능성을 증가시켜, 통신 채널을 쉽게 형성할 수 있도록 하였다. 또한 외부 공격자의 위협에 대비하여 q-composite 이론을 적용하여, 보안성을 강화시켰다.

• Journal of Korea Multimedia Society
• /
• v.13 no.11
• /
• pp.1687-1697
• /
• 2010

The USIM-based AKA authentication process is essential to a mobile payment system on smart phone environment. In this paper a payment protocol and an AKA module are designed for mobile payment system which is suitable for openness smart phone environment. The payment protocol designs the cross authentication among components of the mobile payment system to improve the reliability of the components. The AKA module of mobile payment system based on 3GPP-AKA protocol prevents the exposure of IMSI by creating the SSK(Shared Secure Key) through advance registration and solves the SQN(SeQuence Number) synchronization problem by using timestamp. Also, by using the SSK instead of authentication vector between SN and authentication center, the existing bandwidth $(688{\times}N){\times}R$ bit between them is reduced to $320{\times}R$ bit or $368{\times}R$ bit. It creates CK and IK which are message encryption key by using OT-SSK(One-Time SSK) between MS and SN. In addition, creating the new OT-SSK whenever MS is connected to SN, it prevents the data replay attack.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.13 no.2
• /
• pp.285-292
• /
• 2009

In 2005, Lee and Chen suggested an enhanced one-time password authentication scheme which can prevent the stolen verifier attack that the Yeh-Shen-Whang's scheme has. The Lee-Chen's scheme addresses the stolen verifier attack by deriving each user's pre-shared secret SEED from the server secret. However, we investigated the weakness of the Lee-Chen's scheme and found out that it was suffering from the off-line dictionary attack on the server secret. We demonstrated that the off-line dictionary attack on the server secret can be easily tackled with only the help of the Hardware Security Modules (HSM). Moreover, we improved the scheme not to be weak to the denial of service attack and allow compromise of the past session keys even though the current password is stolen. Through the comparison between the Lee-Chen's scheme and the proposed one, we showed that the proposed one is stronger than other.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.11 no.5
• /
• pp.97-104
• /
• 2001

In this paper, we propose Recoverable Password Based Key Exchange Protocol(RPKEP). RPKEP has user who has password, server which share the secret key information with user, and password recovery agency(PRA) which help to recover the user\`s password. Proposed protocol has some advantages that it is secure against off-line dictionary attack which is considered most important in password based key exchange protocol and suer\`s security is preserved even though user\`s secret information stored in the server is disclosed. By applying Chaum\`s blind signature scheme in the process of password recovery, even the PRA can\`t obtain any information about user\`s password.

• Journal of KIISE:Information Networking
• /
• v.34 no.4
• /
• pp.296-304
• /
• 2007

This paper deals with essentially secure group management and key transfer methods in a wireless sensor network environment. To provide an efficient security service to a widespread network with a large number of sensor nodes, the network has to be made up by several security groups, and Group Key distribution and group management are needed. In this paper we propose a mechanism for efficiently constructing and managing a security node by constructing a group using an algorithm to construct a logical group. Previous Group Key Transport method has special condition. When Base Station transports Group Key, all sensor nodes must share Secret Key with Base Station before it is intended to be deployed. Hence, we also propose a Key transport mechanism without sharing Secret Key between Base Station and sensor node.