• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2002.05a
• /
• pp.498-501
• /
• 2002

In the process of Log-In to the system, clear User authentication is the beginning of the information protection service. In the open communication system of today, it is true that a password as security instrument and the inner mechanism of the system and cryptography algorithm for the support of this are also poor. For this reason, this dissertation had a final aim to design the user authentication system, which offer the accuracy and safety. It used RSA and CBC mode of DES as cryptography algorithm and used the Challenge-Response scheme at a authentication protocol and designed the User authentication system to which user access using one time password, output of token to guarantee the safety of the authentication protocol. Alto by using the Public key cryptography algorithm, it could embody the more safe User authentication system.

• Proceedings of the Korean Information Science Society Conference
• /
• 2007.10a
• /
• pp.102-103
• /
• 2007

네트워크 초기 설정을 하는 경우와 동일한 프리픽스론 사용하는 인접 노드와 정보를 주고받기 위해 사용되는 인접 노드 탐색 프로토콜에 보안 기능을 지원하는 SEND 프로토콜은 메시지의 무결성과 부인 방지 기능은 제공하지만 메시지의 기밀성은 제공 할 수 없다. 본 논문에서는 SEND 프로토콜의 보안 기능을 분석하고, 대칭 키 암호화 방식을 적용하여 메시지의 무결성을 제공하는 기법을 제안한다.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2017.10a
• /
• pp.565-568
• /
• 2017

The security protocols such as SSH and SSL/TLS operate over TCP and encrypt all data from the application layer. However, this method has unnecessary performance degradation because it encrypts even data which does not require confidentiality. In this paper, we propose TCP OENC(TCP Optional Encryption) which optionally encrypts only confidential data by the application user. The proposed TCP OENC is in accordance with TCP standard operation, and it operates if application user demand on encrypting data. Before the TCP OENC sends first encrypted data, performs the key agreement, and then encrypts and sends data which application user is desired by using shared key obtained from the key agreement.

• Journal of Korea Society of Industrial Information Systems
• /
• v.8 no.1
• /
• pp.43-54
• /
• 2003

E-Commerce, characterized by the exchange of message, occurs between individuals, organizations, or both. A critical promotion factor of e-Commerce is message authentication, the procedure that allows communicating parties to verify the received messages are authentic. It consists of message unforgery, message non-repudiation, message unalteration, and origin authentication. It is possible to perform message authentication by the use of public key encryption. PGP(Pretty Good Privacy) based on X.400 MHS(Message Handling System) and PKC(Public Key Cryptosystem) makes extensive use of message exchange. In this paper we propose, design and implement NMAP(New Message Authentication Protocol), an applied public information based encryption system to solve the message authentication problem inherent in public key encryption such as X.400 protocol and PGP protocol and were to cope with the verification of NMAP using fuzzy integral. This system is expected to be use in the promotion of the e-Commerce and can perform a non-interactive authentication service.

• Proceedings of the CALSEC Conference
• /
• 1998.10a
• /
• pp.301-312
• /
• 1998

◆ 전자상거래 프로토콜 ㆍ IKP (Internet Keyed Payment) IBM ㆍ SEPP (Secured Electronic Payment Protocol) : 개방형 표준을 제공하는 최초의 다자간 프로토콜 ㆍ SET (Secure Electronic Transaction) - 인터넷과 같은 네트워크 상에서 안전한 신용카드 거래를 위한 기술사양 - RSA 데이터 보안회사의 암호화 기술에 기초 - 상호운영성(interoperability) 보장(중략)

• Proceedings of the Korea Information Processing Society Conference
• /
• 2007.05a
• /
• pp.1142-1144
• /
• 2007

암호화를 통하여 데이터의 기밀성을 유지하고, 데이터 인증과 무결성을 보장하기 위하여 MAC을 사용하는 LEAP 프로토콜의 장점과 에너지 효율성을 고려하는 LEACH 프로토콜의 방식을 접목하여 효율적인 클러스터링 기법을 제시한다.

• Proceedings of the Korean Information Science Society Conference
• /
• 2002.10c
• /
• pp.673-675
• /
• 2002

기존의 SET은 전자서명(digital signature), 데이터 암호화(data encryption), 전자 봉투(digital envelope)로 구성되어 있으며, RSA, SHA, DES를 사용하여 프로토콜을 구현하는데, 본 논문은 ECC의 공개키와 개인키를 이용하여 암호 강도가 강화된 대칭키 알고리즘을 제안하고 SET의 전자 봉투를 생략한 SSET를 제안하고 있다.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.40 no.11
• /
• pp.2160-2168
• /
• 2015

The SSL/TLS, one of the most popular encryption protocol, was developed as a solution of various network security problem while the network traffic has become complex and diverse. But the SSL/TLS traffic has been identified as its protocol name, not its used services, which is required for the effective network traffic management. This paper proposes a new method to generate service signatures automatically from SSL/TLS payload data and to classify network traffic in accordance with their application services. We utilize the certificate publication information field in the certificate exchanging record of SSL/TLS traffic for the service signatures, which occurs when SSL/TLS performs Handshaking before encrypt transmission. We proved the performance and feasibility of the proposed method by experimental result that classify about 95% SSL/TLS traffic with 95% accuracy for every SSL/TLS services.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2006.06a
• /
• pp.677-680
• /
• 2006

신뢰할 수 없는 저장매체에 데이터를 안전하게 보관하기 위해서 대부분의 시스템은 데이터를 암호화하는 방식을 사용한다. 암호화된 데이터를 통해서는 원래의 평문에 어떠한 내용이 포함되어 있는지 알 수가 없으며, 해당 데이터의 내용을 열람하기 위해서는 암호화된 데이터 전체를 복호화해야만 한다. 본 논문에서는 암호화된 데이터에 대해 키워드 검색이 가능한 프로토콜을 제안하여, 데이터 전체를 복호화하지 않고 특정 키워드의 포함 여부를 판단할 수 있도록 하였다.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.20 no.4
• /
• pp.769-776
• /
• 2016

TELNET is vulnerable to network attack because it was designed without considering security. SSL/TLS and SSH are used to solve this problem. However it needs additional secure protocol and has no backward compatibility with existing TELNET in this way. In this paper, we have suggested STELNET(Secured Telnet) which supports security functionalities internally so that has a backward compatibility. STELNET supports a backward compatibility with existing TELNET through option negotiation. On STELNET, A client authenticates server by a certificate or digital signature generated by using ECDSA. After server is authenticated, two hosts generate a session key by ECDH algorithm. And then by using the key, they encrypt data with AES and generate HMAC by using SHA-256. After then they transmit encrypted data and generated HMAC. In conclusion, STELNET which has a backward compatibility with existing TELNET defends MITM(Man-In-The-Middle) attack and supports security functionalities ensuring confidentiality and integrity of transmitted data.