• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.32 no.8B
• /
• pp.521-528
• /
• 2007

This paper proposes a message authentication scheme to resist potential spam threats in SIP-based VoIP services. Our scheme applies the extended HTTP digest authentication mechanism between the inbound proxy and the UAS to verify that a service request is coming through the valid inbound proxy. The proposed scheme is simple and requires minimal modification the current SIP standards, and effective to filter invalid peer-to-peer spam calls. In this paper, an experimental spam attack using modified open source was tested on a commercial VoIP networks to exploit the possibility of spam attacks in real environment.

• Journal of Digital Convergence
• /
• v.11 no.2
• /
• pp.309-316
• /
• 2013

Machine-to-machine (M2M) communication occurs when devices exchange information independent of human intervention. Prominent among the technical challenges to M2M communication are security issues, such as eavesdropping, spoofing, modification, and privacy violation. Hence, it is very important to establish secure communication. In this paper, we propose a remote authentication scheme, based on dynamic ID, which provides secure communication while avoiding exposure of data through authentication between the M2M domain and the network domain in the M2M architecture. We then prove the correctness and security of the proposed scheme using a logic-based formal method.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2006.05a
• /
• pp.1023-1026
• /
• 2006

에드 혹 네트워크는 불규칙한 이동성을 지닌 다수의 노드들에 의해 자율적으로 구성되는 네트워크이다. 그러나 에드 혹 네트워크는 저 전력, 낮은 프로세싱 능력, 무선채널이라는 에드 혹 네트워크만의 특징으로 인해 패킷 드롭, 재전송 공격, 서비스 거부 공격, 비잔틴 공격, 신원사칭과 같은 보안상 여러 가지 공격에 취약하다는 문제점을 안고 있다. 때문에 이러한 취약점을 개선하려는 방안으로 노드 간에 인증, 기밀성, 무결성을 비롯한 여러 가지 요소를 충족시키기 위한 보안기법이 연구되어 왔다, 그러나 Ad Hoc 네트워크는 기존의 회선을 사용하는 정적인 형태의 네트워크가 아닌 시간에 동적으로 네트워크 구조가 변화하며, 네트워크에서 불규칙한 이동성을 지닌 노드들은 적은양의 자원을 소유하는 원인으로 인해 기존의 보안기법은 효과적이지 못하다. 본 논문에서는 신뢰성이 확보된 이웃 노드 간에 그룹을 형성하고, 그룹멤버의 안전성을 입증하는 그룹 인증서를 생성하여 그룹에 접근하는 단일노드 혹은 또 다른 그룹간의 인증을 수행하는 기법을 제안한다. 또한 그룹 멤버 간에 그룹 키를 생성하여 데이터 유출에 대한 위험성 문제를 해결하고, 인증과 기밀성 유지로 인한 자원소비를 감소시킬 수 있도록 하였다.

• Journal of Internet Computing and Services
• /
• v.7 no.5
• /
• pp.33-41
• /
• 2006

Wireless LAN is intrinsically weak in security of transmissions. WPKI (Wireless Public Key Infrastructure) is a well known Method to deal with the security issues in wireless LAN. The authentication required by the method becomes a source of unrellability of the hand-off performance. This paper suggests a solution to overcome the instability while using the WPKI technique, Prior to getting into the next region, a station is provided with the keys of the surrounding regions so that the possible delay problem can be avoided during the actual hand-off time. Thereby the hand-off instability can be solved in the WPKI framework.

• Journal of Digital Convergence
• /
• v.12 no.12
• /
• pp.323-328
• /
• 2014

D-MAC protocol is used convergence network, which is designed to connect wireless link between things. This protocol is supported to local data exchange and aggregation among neighbor nodes, and distributed control packet from sink to sensor node. In this paper, we analysis about efficiency of power consumption according to whether or not security authentication of D-MAC in convergence network. If authentication scheme is applied to MAC communication, it is related to power consumption of preamble whether or not with and without authentication process. It is reduced to energy consumption against denial attack of service, when it is applied to authentication. Future work will take the effort to deal with security authentication scheme.

• The KIPS Transactions:PartC
• /
• v.11C no.6 s.95
• /
• pp.765-772
• /
• 2004

Multicast communication is simultaneous transmission of data to multiple receivers and saves considerably sender resources and network bandwidth. It has high risk to attack using group address and inherent complexity of routing packets to a large group of receivers. It is therefore critical to provide source authentication, allowing a receiver to ensure that received data is authentic. In this paper, we propose the multiple chain authentication scheme for secure and efficient multicast stream. To evaluate the performance of our scheme, we compare our technique with two other previously proposed schemes using simulation results. Our scheme provides non-repudiation of origin, low overhead by amortizing the signature operation over multiple packets, and high packet loss resistance.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.16 no.1
• /
• pp.1-5
• /
• 2016

The all-in-one service, for example, mobile wallet enables users to have credit card, membership card, and coupon in one place. It has been one of important o2o services with offline payment. In order to take advantage of mobile commerce, it is necessary to authenticate clients automatically without entering their passwords. This paper proposes an automatic client authentication method in all-in-one service. At registration, clients receives and stores an authentication ticket from a company, which contains an user's identifier and password encrypted by company's symmetric key. Client can be authenticated by transferring authentication tickets to companies at service requests.

• Proceedings of the KIEE Conference
• /
• 2008.07a
• /
• pp.1425-1427
• /
• 2008

디지털 사회에서는 정보 기술의 발전에 따른 다양한 디지털 컨텐츠들이 필요하고 수많은 디지털 컨텐츠들이 다양한 용도로 사용되고 있다. 그러나 불법복제로 인해 저작권자의 지적재산권을 침해받는 문제가 부각되면서 디지털 컨텐츠의 저작권을 보호하기 위한 많은 기술들이 개발되고 있다. 그 중 DRM은 가장 최적의 기술로 평가되고 있으며 이미 다양한 분야에서 사용되고 있다. DRM을 구성하는 기술 중에 인증기술은 불법복제를 방지하고 저작권을 보호하기 위한 핵심기술이다. 본 논문에서는 DRM의 기존 인증기술들이 가지고 있는 문제점을 해결하기 위하여 RFID기술을 이용하였다. 제안한 인증 기법은 RFID 태그에 저장된 디지털 컨텐츠의 인증 정보와 디지털 컨텐츠에 저장되어진 인증 정보를 주기적으로 비교하여 인증 여부를 결정한다. RFID 태그는 쉽게 복제될 수 없기 때문에 디지털 컨텐츠의 저작권을 효과적으로 보호할 수 있다.

• Journal of the Institute of Electronics and Information Engineers
• /
• v.50 no.3
• /
• pp.23-32
• /
• 2013

As the mobile communication technology is developed, the services for communication between the mobile devices are provided, and the amount of usage is increasing tremendously. For the device-to-device communication, the device should be verified if it is a service member. The existing verification schemes include interactions with the third party, while this may cause the problems that the bandwidth is dissipated and the devices which are out of the communication range of the base station cannot communicate with other devices. To solve such problems, we propose a new scheme for verification between mobile devices without interaction of third party. For the proposed scheme, we develop and employ a new zero-knowledge proof protocol, which verifies the device's membership and its expiration time. Furthermore, the scheme guarantees privacy of the mobile device since it checks the encrypted verification message without decrypting, and protects replaying attack since it uses challenge-response method.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.20 no.1
• /
• pp.41-50
• /
• 2010

This paper proposes a mutual identification and session key exchange scheme in secure vehicular communication based on the group signature. In VANETs, security requirements such as authentication, conditional privacy, non-repudiation, and confidentiality are required to satisfy various vehicular applications. However, existing VANET security methods based on the group signature do not support a mutual identification and session key exchange for data confidentiality. The proposed scheme allows only one credential to authenticate ephemeral Diffie-Hellman parameters generated every key exchange session. Our scheme provides a robust key exchange and reduces storage and communication overhead. The proposed scheme also satisfies security requirements for various application services in VANETs.