• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.9 no.1
• /
• pp.103-114
• /
• 1999

Recently, various prototypes for electronic commerce are realized and its related researches are active under the present condition which it is increasing for the reality of its extended applications. First of all, actual demands are increasing for more secure and efficient electronic payment systems. Electronic cash, one of the Electronic payment systems, must have several properties like real money. Blind signature scheme by D. Chaum stands for the methods of obtaining privacy. In this paper, we propose a method for obtaining the blind signature based on the Elliptic Curve Cryptosystems, where the crytosystems are known as solving some problems of conventional crytosystems in views of computation time and key space. Also, we present a method for the divisibility of the electronic cash using our proposal by re-signing spare cash. Thus applying the proposed method, we can develop an efficient electronic payment systems.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.3
• /
• pp.505-514
• /
• 2012

Because people usually establish their online social network based on their offline relationship, the social networks (i.e., the graph of friendship relationships) are often used to share contents. Mobile devices let it easier in these days, but it also increases the privacy risk such as access control of shared data and relationship exposure to untrusted server. To control the access on encrypted data and protect relationship from the server, M. Atallah et al. proposed a hop-based scheme in 2009. Their scheme assumed a distributed environment such as p2p, and each user in it shares encrypted data on their social network. On the other hand, it is very inefficient to keep their relationship private, so we propose an improved scheme. In this paper, among encrypted contents and relationships, some authenticated users can only access the data in distributed way. For this, we adopt 'circular-secure symmetric encryption' first. Proposed scheme guarantees the improved security and efficiency compared to the previous work.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.5
• /
• pp.737-750
• /
• 2022

The demands of Unmanned Aerial Vehicles (UAVs) are growing very rapidly with the era of the 4th industrial revolution. As the technology of the UAV improved with the development of artificial intelligence and semiconductor technology, it began to be used in various civilian fields such as hobbies, bridge inspections, etc from being used for special purposes such as military use. MAVLink (Macro Air Vehicle Link), which started as an open source project, is the most widely used communication protocol between UAV and ground control station. However, MAVLink does not include any security features such as encryption/decryption mechanism, so it is vulnerable to various security threats. Therefore, in this study, the block cipher is implemented in UAV to ensure confidentiality, and the results of the encryption and decryption performance evaluation in the UAV according to various implementation methods are analyzed. In addition, we proposed the security requirements in accordance with Common Criteria, which is an international recognized ISO standard.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.16 no.7
• /
• pp.4884-4890
• /
• 2015

These days most of people possesses an average of one to two mobile devices in the world and a wireless network market is gradually expanding. Wi-Fi preference are increasing in accordance with the use growth of mobile devices. A number of areas such as public agencies, health care, education, learning, and content, manufacturing, retail create new values based on Wi-Fi, and the global network is built and provides complex services. However, There exist some attacks and vulnerabilities like wireless radio device identifier vulnerability, illegal use of network resources through the MAC forgery, wireless authentication key cracking, unauthorized AP / devices attack in the next generation radio network environment. In addition, advanced security technology research, such as authentication Advancement and high-speed secure connection is not nearly progress. Therefore, this paper designed a secure communication system for message protection in next-generation wireless network environments by device identification and, designing content classification and storage protocols. The proposed protocol analyzed safeties with respect to the occurring vulnerability and the securities by comparing and analyzing the existing password techniques in the existing wireless network environment. It is slower 0.72 times than existing cypher system, WPA2-PSK, but enforces the stability in security side.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.38B no.5
• /
• pp.394-400
• /
• 2013

WoT (Web of Things) was proposed to realize intelligent thing to thing communications using WEB standard technology. It is difficult to adapt security protocols suited for existing Internet communications into WoT directly because WoT includes LLN(Low-power, Lossy Network) and resource constrained sensor devices. Recently, IETF standard group propose to use DTLS protocol for supporting security services in WoT environments. However, DTLS protocol is not an efficient solution for supporting end to end security in WoT since it introduces complex handshaking procedures and high communication overheads. We, therefore, divide WoT environment into two areas- one is DTLS enabled area and the other is an area using lightweight security scheme in order to improve them. Then we propose a mutual authentication scheme and a session key distribution scheme for the second area. The proposed system utilizes a smart device as a mobile gateway and WoT proxy. In the proposed authentication scheme, we modify the ISO 9798 standard to reduce both communication overhead and computing time of cryptographic primitives. In addition, our scheme is able to defend against replay attacks, spoofing attacks, select plaintext/ciphertext attacks, and DoS attacks, etc.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.9 no.10
• /
• pp.1125-1130
• /
• 2014

The quantity and quality of contents containing information are sharply increasing with the rising network speed. In line with this rapid growth of information volume, a new communication protocol using the chaotic signal that can protect contents in communication is proposed as follows. The chaos system has the characteristic of unpredictability due to the sensitive initial values and the similarity of the signals with noise. We configured two chaos systems $F(X_n,Y_n)$ and $G(A_n,B_n)$ that have such characteristics and designed a data communication method using as encryption channel the same chaos signals generated by synchronizing the chaos system G with the F signals. The proposed method was verified with the encryption and decryption of images. The proposed method is different from the existing encrypted communication methods and is expected to lay the foundation for future studies in related areas.is an example of ABSTRACT format.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2003.05a
• /
• pp.560-563
• /
• 2003

In this paper describes for use Authentication with the WPKI and Kerberos protocol. this paper is the security structure that defined in a WAP forum and security and watches all kinds of password related technology related to the existing authentication system. It looks up weakness point on security with a problem on the design that uses wireless public key-based structure and transmission hierarchical security back of a WAP forum, and a server-client holds for user authentication of an application level all and all, and it provides one counterproposal. Therefore, We offer authentication way solution that connected X.509 with using WIM for complement an authentication protocol Kerberos and its disadvantages.

• Journal of KIISE:Computing Practices and Letters
• /
• v.14 no.4
• /
• pp.446-450
• /
• 2008

Private Matching is the problem of computing the intersection of private datasets of two parties without revealing their own datasets. Freedman et al.[1] introduced a solution for the problem, where only one party gets private matching. When both parties want to get private matching simultaneously, we can consider the use of Kissner and Song[2]'s method which is a privacy-preserving set intersection with group decryption in multi-party case. In this paper we propose new protocols for fair private matching. Instead of group decryption we introduce a Semi-Trusted Third Party for fairness. We also propose an update procedure without restarting the PM protocol.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.35 no.3B
• /
• pp.462-473
• /
• 2010

The RFID system has the security problem of location tracking and user privacy. In order to solve this problem, the cryptographic access method using hash function is difficult to in real applications. Because there is a limit of computing and storage capacity of Tag, but the safety is proved. The lightweight authentication methods like HB and LMAP guarantee the high efficiency, but the safety is not enough to use. In this paper, we use the AES for RFID Authentication, and solve the problem of using fixed key with key change step by step. The symmetric keys of the tag and server are changed by the random number generated by tag, reader and server successively. This could prevent the key exposure. As a result, the output of the tag and reader always changes. These key changes could make it possible to prevent eavesdropping, replay attack, location tracking and spoofing.

• Journal of the Korea Convergence Society
• /
• v.8 no.3
• /
• pp.115-121
• /
• 2017

Hospital medical services are making great efforts to provide prompt medical services to patients or improve the quality of medical services by convergence patient's healthcare information. However, recent research suggests problems about safety and efficiency when trying to transmit patient's healthcare information to hospital server via radio and wireless. In this paper, we propose a color model - based patient authentication key establishment protocol method to securely transmit patient healthcare information. The proposed method extracts randomly three color information used in the color model and vectorizes the extracted arbitrary information to obtain the key information required for user authentication as the sum of orthogonal vectors to improve the efficiency. In addition, the proposed method can securely generate key information used for user authentication without using an additional encryption algorithm. In performance evaluation result, proposed method shows that the server processing time of the sensed information is 8.1% higher than the existing method and 7.7% lower than the existing method.