• Proceedings of the Korea Information Processing Society Conference
• /
• 2009.11a
• /
• pp.569-570
• /
• 2009

IPv6기반 MANET(Mobile Ad hoc Network)에서 이웃 노드를 찾기 위한 목적으로 ND(Neighbor Discovery) 프로토콜을 사용한다. ND 프로토콜의 경우 메시지 위조, 변조와 같은 취약점이 존재하기 때문에 보안성을 강화한 SEND(SEcure Neighbor Discovery) 프로토콜이 디자인되었다. 본 논문은 MANET에서 두 개의 네트워크가 병합 될 때 발생 할 수 있는 DAD(Duplicated Address Detection) Storm과 경로 상에 악의적 노드가 있는 경우에 발생하는 문제점을 해결하기 위해 SEND를 사용하였으며, 개인키를 가지고 있는 사용자만 서명할 수 있는 제한 사항을 해결하기 위해 위임 서명을 사용하였다.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.17 no.1
• /
• pp.1-11
• /
• 2017

Recently that require digital signatures handwritten for personal use customer information and agree to the Terms of Service agreement or a general sign up. Signature system including an existing handwritten signature are a problem, which may be a platform-dependent, as well as the environment in which to perform the signature vary according to device Status of presence because it is being utilized is implemented on the service platform itself within each company. In this paper, we designed and implemented an integrated system handwritten signature as possible using a cross-browser way to store the handwritten two-dimensional coordinates based on the jQuery it is interspecific directly integrated browser environment. iOS, Android, was tested in an integrated web browser in heterogeneous environments, including PC, it was confirmed that all handwritten signature function is working properly.

• Proceedings of the Korean Information Science Society Conference
• /
• 2000.10c
• /
• pp.195-197
• /
• 2000

J2ME(Java 2 Micro Edition)는 소비자/임베디드 디바이스 시장을 목표로 한 자바2 플랫폼으로서 이는 컨피규레이션(Configuration)과 프로파일(Profile)로 구성된다. SLDC/ MIDP(Connected Limited Device Configuration/Mobile Information Device Profile)는 그 중에서도 휴대폰과 양방향 페이저 같은 제한된 메모리를 가진 장치 위에서 사용되는 플랫폼이다. 본 논문에서는 J2ME 기반 하에서 CLDC/MIDP를 이용하여 보안모듈을 작성하고 휴대폰에서도 안전한 전자서명 및 전자지불을 가능케 하여 Mobile Commerce의 기초를 이루었다. 여기서 서명은 XML 기반으로 구성되었고, 시스템은 MIDlet으로 구현하였다.

• KIPS Transactions on Computer and Communication Systems
• /
• v.4 no.8
• /
• pp.259-270
• /
• 2015

In this paper, we study and implement ways for users to easily apply and manage the DNSSEC in a domestic environment. DNSSEC is the DNS cache information proposed to address the vulnerability of modulation. However, DNSSEC is difficult to apply and manage due to insufficient domestic applications. In signing keys for efficient and reliable management of DNSSEC, we propose proactive monitoring SW and signing keys. This is an automatic management s/w signing key for DNSSEC efficient and reliable management and to provide a monitoring of the signing key. In addition to the proposed details of how DNSSEC signing key update and monitoring progress smoothly, we expect that the present study will help domestic users to apply and manage DNSSEC easily.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.4
• /
• pp.743-751
• /
• 2017

As smart phones are becoming popular, an operating system is being used at wearable devices, home appliances and smart TVs. A user is able to use various applications on devices with operating system, but there is an increased threat of hacker. Thus, the technology for detecting the forgery of applications is becoming more important on operating system. To detect the forgery of the application, a digital signature technology is used on the filed of application digital signature. According to W3C recommendation, the signing process of application digital signature must be performed at least twice, and the applications which are signed by the application digital signature have to be validated for all signature files when the application is installed in the operating system. Hence, the performance of the application digital signature validation system is closely related to the installer performance on the operating system. Existing validation system has performance degradation due to redundancy of integrity verification among application components. This research was conducted to improve the performance of the application digital signature validation system. The proposal of validation system which is applied proxy system shows a performance improvement compared to the existing verification system.

• Journal of the Korea Society of Computer and Information
• /
• v.16 no.8
• /
• pp.109-118
• /
• 2011

Recently, electronic documents are deployed in many areas. However, trust concerns arise owing to the fact that detecting whether an electronic document is modified or not is not an easy process. To facilitate this process, many word processors provide digital signature capabilities on themselves. However, there were not much research on the security of digital signature function of various programs including Microsoft Word and Hancom Hangul. Therefore, in this paper, we analyze the security of Microsoft Word and Hancom Hangul, and propose improvements for their digital signature schemes.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.14 no.2
• /
• pp.15-22
• /
• 2004

For an ElGamal-type signature scheme using a generate g of order q, it has been well-known that the message nonce should be chosen randomly in the interval (0, q-1) for each message to be signed. In (2), H. Kuwakado and H. Tanaka proposed a polynomial time algorithm that gives the private key of the signer if two signatures with message nonces 0＜$k_1$, $k_2$$\leq$Ο(equation omitted) are available. Recently, R. Gallant, R. Lambert, and S. Vanstone suggested a method to improve the efficiency of elliptic curve crytosystem using integer decomposition. In this paper, by applying the integer decomposition method to the algorithm proposed by Kuwakado and Tanaka, we extend the algorithm to work in the case when ｜$k_1$ ｜,｜$k_2$, ｜$\leq$Ο(equation mitted) and improve the efficiency and completeness of the algorithm.

• The Journal of Korean Association of Computer Education
• /
• v.10 no.3
• /
• pp.57-66
• /
• 2007

E-mail system is considered as a most important communication media, which can be used to transmit personal information by internet. But e-mail attack also has been increased by spoofing e-mail sender address. Therefore, this work proposes sender verification faculty for spam mail protection at sender's MTA by using security card for protection forged sender and also for authenticating legal sender. Sender's mail MT A requests security card's code number to sender. Then sender input code number and generate session key after sender verification. Session key is used to encrypt sender's signature and secure message transmission. This work can provide efficient and secure e-mail sender authentication with sender verification and message encryption.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.29 no.1C
• /
• pp.25-34
• /
• 2004

In mobile agent environments, cascaded delegations among places occur frequently due to the mobility of agents. Cascaded delegation in mobile agent environments can be defined as the process whereby the delegated place delegates the rights of the delegating place further. The representative study for delegation in mobile agent environments is Berkovits et al.'s study. Their study only defines the messages that is sent between the place executing the agent and the place where the agent migrates. Because their study considers only the delegation between two places which participate in migration of an agent, it is inadequate in the situation that the cascaded delegation is necessary. In other words, the relationships among the messages sent from and to places is necessary. However, their study does not exist the relationships. In this paper, we propose a delegation scheme that provides agents with secure cascaded delegation. The proposed scheme achieves the goal by nesting each delegation token within the signed part of the next immediate delegation token. We prove that the proposed scheme is secure against the attack of replaying a message and of substituting a delegation token.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2006.05a
• /
• pp.939-942
• /
• 2006

웹 서비스는 오늘날의 인터넷 환경에서 분산되어있고, 이질적인 시스템들 간에 상호운용을 제공하는 새로운 소프트웨어 시스템의 형태이다. 이러한 환경에 있어서 보안은 가장 중요한 이슈 중 하나이다. 공격자는 아무런 인증 없이 사용자의 비밀정보를 노출시킬 수도 있다. 더구나 유비쿼터스 환경에서 사용자들은 웹 서비스를 이용하기 위해 반드시 그들 대신 서비스를 처리할 에이전트들에게 그들의 권한 모두를 혹은 그 중 일부분을 일시적으로 위임해야만 한다. 이것은 사용자의 비밀정보가 에이전트들을 통해 외부에 노출되는 결과를 초례한다. 본 논문에서는 유비쿼터스 환경에서의 안전한 웹 서비스를 위한 위임모델을 제시한다. 우리는 에이전트를 통한 비밀정보의 노출을 막고 서비스의 기밀성과 단언정보의 무결성을 제공하기 위해 XML암호화와 XML전자서명 방식을 이용한다. 그리고 XACML 기반의 웹 서비스 관리 서버를 통해 웹 서비스 제공자들과의 서비스정책의 상호운용을 수행한다. 우리는 역시 멀티 에이전트들 간의 위임을 통해 웹 서비스 제공자들에게 전달될 위임 단언을 정의하기 위해 SAML을 확장 시킨다.