• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.13 no.12
• /
• pp.2563-2568
• /
• 2009

Although a symmetric cryptographic system has many advantages in speed of encryption decryption, the security problems with the distribution method of secret keys have been still raised. Especially, the distribution method of secret keys for unspecified individuals who want secret communication is becoming a core issue. As a simple solution to this issue, Diffie-Hellman key exchange methods were proposed, but proved to be insufficient in depending MITM(Main In The Middle) attacks. To find effective solution to problems mentioned above, this paper proposes the strengthened Diffie-Hellman key exchange methods applied for the mobile-phone channel which are widely used. This paper emphasizes the way to distribute the synthesized session keys to the sender and the receiver, which are created with authentication numbers exchanged between the mobile-phones and Diffie-Hellman key. Using proposed ways, MITMattacks can be effectively defended.

• TTA Journal
• /
• s.88
• /
• pp.149-153
• /
• 2003

TTA(한국정보통신기술협회)는 2003년 7월 9일 A사(보안요청에 따라 업체명은 명기하지 않음)의 CDMA 2000 휴대폰에 대하여 여러 환경 조건에서 전기적인 특성 시험을 수행하여 국내에서 최초로 휴대폰 시험분야에서 TTA Certified 인증서(번호 : TTA-C-M-03-001)를 발급하였다. TTA는 A사의 CDMA 2000 휴대폰에 대한 전기적인 특성 시험을 위해 3GPP2에서 제정한 C.S0011A 표준을 준수한 TTA Certified 인증기준에 따라 32개의 시험항목을 측정하였다. 본 고에서는 IS-98 및 IS-898 장비와 연동하여 그 기능이 TTA Certified 인증기준에 따라 모두 정상적으로 동작하는지 확인하고, CDMA 이동전화 단말기의 최소성능에 관한 상온$\cdot$상습 환경, 온도 및 전압변화 환경, 고습 환경, 진동 환경, 충격 환경을 측정하여 이에 대한 시험결과를 소개한다.

• Journal of KIISE:Computing Practices and Letters
• /
• v.12 no.6
• /
• pp.367-378
• /
• 2006

A mobile phone has became as a payment tool in e-commerce and on-line banking areas. This trend of a payment system using various types of mobile devices is rapidly growing, especially in the Internet transaction and small-money payment. Hence, there will be a need to define its standard for secure and safe payment technology. In this thesis, we consider the service types of the current mobile payments and the authentication method, investigate the disadvantages, problems and their solutions for smart and secure payment. Also, we propose a novel authentication method which is easily adopted without modification and addition of the existed mobile hardware platform. Also, we present a simple implementation as a demonstration version. Based on virtual machine (VM) approach, the proposed model is to use a pseudo-random number which is confirmed by the VM in a user's mobile phone and then is sent to the authentication site. This is more secure and safe rather than use of a random number received by the previous SMS. For this payment operation, a user should register the serial number at the first step after downloading the VM software, by which can prevent the illegal payment use by a mobile copy-phone. Compared with the previous SMS approach, the proposed method can reduce the amount of packet size to 30% as well as the time. Therefore, the VM-based method is superior to the previous approaches in the viewpoint of security, packet size and transaction time.