• Title/Summary/Keyword: 전송 보안

Search Result 1,398, Processing Time 0.024 seconds

Music Source Signature Indexing Method for Quick Search (빠른 검색을 위한 음원 시그니처 인덱싱 방법)

  • Kim, Sang-Kyun;Lee, Kyoung-Sik
    • Journal of Broadcast Engineering
    • /
    • v.26 no.3
    • /
    • pp.321-326
    • /
    • 2021
  • Blockchain is increasing in value as a platform for safe transmission of capital transactions or secure data. In addition, blockchain has the potential as a new platform that can safely store large amounts of data such as videos, music, and photos, and safely manage transaction details and service usage specifications. Since it is not possible to store large-capacity media data in a block, research on the performance of storing sound source information in a block and retrieving the stored sound source data by using the distributed storage system (IPFS) and the hash information of the sound source signature data was conducted. In this paper, we propose a sound source signature indexing method using a bloom filter that can improve the search speed suggested by previous studies. As a result of the experiment, it was confirmed that improved search performance (O(1)) than the existing search performance (O(n)) can be achieved.

An User Authorization Mechanism using an Attribute Certificate in the IPSec-VPN System (IPSec-VPN 시스템에서의 속성 인증서를 이용한 사용자 접근 제어 방안)

  • 강명희;유황빈
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.14 no.5
    • /
    • pp.11-21
    • /
    • 2004
  • To authorize IPSec-VPN Client in Client-to-Gateway type of the IPSec-VPN system, it can be normally used with ID/Password verification method or the implicit authorization method that regards implicitly IPSec-VPN gateway as authorized one in case that the IPSec-VPN client is authenticated. However, it is necessary for the Client-to-Gateway type of the IPSec-VPN system to have a more effective user authorization mechanism because the ID/Password verification method is not easy to transfer the ID/Password information and the implicit authorization method has the vulnerability of security. This paper proposes an effective user authorization mechanism using an attribute certificate and designs a user authorization engine. In addition, it is implemented in this study. The user authorization mechanism for the IPSec-VPN system proposed in this study is easy to implement the existing IPSec-VPN system. Moreover, it has merit to guarantee the interoperability with other IPSec-VPN systems. Furthermore, the user authorization engine designed and implemented in this paper will provide not only DAC(Discretional Access Control) and RBAC(Role-Based Access Control) using an attribute certificate, but also the function of SSO(Single-Sign-On).

Attribute-base Authenticated Key Agreement Protocol over Home Network (홈네트워크 상에서 속성기반의 인증된 키교환 프로토콜)

  • Lee, Won-Jin;Jeon, Il-Soo
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.18 no.5
    • /
    • pp.49-57
    • /
    • 2008
  • User authentication and key agreement are very important components to provide secure home network service. Although the TTA adopted the EEAP-PW protocol as a user authentication and key transmission standard, it has some problems including not to provide forward secrecy. This paper first provides an analysis of the problems in EEAP-PW and then proposes a new attribute-based authenticated key agreement protocol, denoted by EEAP-AK. to solve the problems. The proposed protocol supports the different level of security by diversifying network accessibility for the user attribute after the user attribute-based authentication and key agreement protocol steps. It efficiently solves the security problems in the EEAP-PW and we could support more secure home network service than the EEAP-AK.

An Enhanced Ultralightweight RFID Authentication Protocol Providing Strong Authentication and Privacy (강한 인증과 프라이버시를 보장하는 개선된 초경량 RFID 인증 프로토콜)

  • Jeon, Dong-Ho;Kim, Young-Jae;Kwon, Hye-Jin;Jeong, Seon-Yeong;Kim, Soon-Ja
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.19 no.5
    • /
    • pp.81-91
    • /
    • 2009
  • Recently, Chein et al proposed the ultralightweight strong authentication and strong integrity (SASI)protocol, where the tag requrires only simple bitwise operations. Since the tag does not support random number generator to generate a challenge nonce, an attacker can replay old messages and impersonate reader. However, all of the previous ultralightweight authentication schemes are vlunerable to various attacks: de-synk, eavesdropping, impersonating, tracking, DoS, disclosure etc. we analyze the problems of previous proposed ultrlightweight protocols, to overcome these security problems by using PRNG on the tag. Therefore, in this paper we propose a new lightweight RFID mutual authentication protocol that provides random number generator and bitwise operations, a security and an efficiency of the proposed schme analyze.

A Study on the Security analysis and Applications of Standard Key agreement protocols based on Elliptic curve cryptosystem (타원 곡선에 기반한 표준 키 분배 프로토콜의 안전성 분석 및 응용 분야에 관한 연구)

  • 오수현;이승우;심경아;양형규;원동호
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.12 no.3
    • /
    • pp.103-118
    • /
    • 2002
  • To provide the privacy of transmitted message over network the use of cryptographic system is increasing gradually. Because the security and reliability of the cryptographic system is totally rely on the key, the key management is the most important part of the cryptographic system. Although there are a lot of security products providing encryption, the security of the key exchange protocols used in the product are not mostly proved yet. Therefore, we have to study properties and operation of key agreement protocols based on elliptic curve in ANSI X9.63. furthermore, we analyze the security of their protocols under passive and active attacker models and propose the most suitable application field taking the feature of the protocols into account.

A Secure RFID Search Protocol Protecting Mobile Reader's Privacy Without On-line Server (온라인 서버가 없는 환경에서 이동형 리더의 프라이버시를 보호하는 안전한 RFID 검색 프로토콜)

  • Lim, Ji-Wwan;Oh, Hee-Kuck;Kim, Sang-Jin
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.20 no.2
    • /
    • pp.73-90
    • /
    • 2010
  • Recently, Tan et al. introduced a serverless search protocol in which a mobile reader maintains a tag authentication list and authenticates a tag using the list without connecting authentication server. A serverless RFID system is different from general RFID systems which use on-line server models. In the serverless RFID system, since the mobility of a personalized reader must be considered, we have to protect not only the privacy of a tag but also the privacy of a mobile reader. In this paper, we define new security requirements for serverless RFID search system and propose a secure serverless RFID search system. In our system, since tag authentication information maintained by a reader is updated in every session, we can provide the backward untraceability of a mobile reader. Also we use an encrypted timestamp to block a replay attack which is major weakness of search protocols. In addition, we define a new adversary model to analyze a serverless RFID search system and prove the security of our proposed system using the model.

DoS attack prevention using methods for reduction of memory usage in 802.11i 4-Way Handshake (메모리 사용 감소를 통한 802.11i 4-Way Handshake에서의 DoS 공격 차단 기법)

  • Kim, Jung-Yoon;Kim, In-Hwan;Choi, Hyoung-Kee
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.20 no.5
    • /
    • pp.89-98
    • /
    • 2010
  • Wireless LAN (WLAN) is type of wireless service that has higher data transmission than current cellular networks. The usage is continually increasing. There are a lot of vulnerabilities in wireless network, due to the properties of the wireless environment, regardless of its popularity. IEEE announced the 802.11i security standard to solve these problems. The vulnerable point of messages used in the process of key distribution for 802.11i makes the target node attacked lose memory through continuous messages and blocks the legitimate WLAN service. In this paper, we proposed new schemes to solve this problem and compared our proposals with the current process. The proposed protocol eliminates the memory exhaustion problem on the client side by using methods for reduction of memory usage.

Analysis of Malicious Behavior Towards Android Storage Vulnerability and Defense Technique Based on Trusted Execution Environment (안드로이드 저장소 취약점을 이용한 악성 행위 분석 및 신뢰실행환경 기반의 방어 기법)

  • Kim, Minkyu;Park, Jungsoo;Shim, Hyunseok;Jung, Souhwan
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.31 no.1
    • /
    • pp.73-81
    • /
    • 2021
  • When downloading files using an app or web-based application on the user's mobile phone, the path is set to be saved in the pre-defined default directory. Many applications requiring access to storage, including file managers, require a write or read permission of storage to provide numerous functions and services. This means that the application will have direct access to the download folder where the numerous files downloaded. In this paper, to prove our feasibility of attack using the security vulnerabilities mentioned above, we developed a file hacking function disguised as an encryption function in the file management application. The file that encrypted will be sent to hackers via E-mail simultaneously on the background. The developed application was evaluated from VirusTotal, a malicious analysis engine, was not detected as a malicious application in all 74 engines. Finally, in this paper, we propose a defense technique and an algorithm based on the Trusted Execution Environment (TEE) to supplement these storage vulnerabilities.

Analysis of Forwarding Schemes for Push-based Information Service in Connected Vehicles over NDN (커넥티드 차량 엔디엔 네트워크 안에 푸쉬 기반 정보 서비스를 위한 전달 기법 분석)

  • Lim, Huhnkuk
    • Journal of the Korea Institute of Information and Communication Engineering
    • /
    • v.25 no.2
    • /
    • pp.280-285
    • /
    • 2021
  • When VNDN technology is used as a communication technology for infotainment application services of connected vehicles, it is possible to realize data-centric networking technology in which data is the subject of communication.Vehicle security attacks and hacks, performance degradation during long-distance data transmission, and frequent data loss It is possible to innovate the limitations of the current host-oriented Internet-based infotainment application service technology of connected vehicles. The data packet forwarding issue to deliver critical information data that is very sensitive to delay in the VNDN on a push-based basis to RSU (Road Side Unit), etc. is one of the issues to be solved for realizing VNDN-based application services. We comprehensively analyze existing forwarding techniques to support push-based data traffic under the environment, and compare and analyze each technique in terms of performance.

An improved LEACH-C routing protocol considering the distance between the cluster head and the base station (클러스터 헤드와 기지국간의 거리를 고려한 향상된 LEACH-C 라우팅 프로토콜)

  • Kim, TaeHyeon;Park, Sea Young;Kwon, Oh Seok;Lee, Jong-Yong;Jung, Kye-Dong
    • The Journal of the Convergence on Culture Technology
    • /
    • v.8 no.2
    • /
    • pp.373-377
    • /
    • 2022
  • Wireless sensor networks are being used in various fields. Wireless sensor networks are applied in many areas, such as security, military detection, environmental management, industrial control, and home automation. There is a problem about the limit of energy that the sensor network basically has. In this paper, we propose the LEACH-CCBD (Low Energy Adaptive Clustering hierarchy - Centrailized with Cluster and Basestation Distance) algorithm that uses energy efficiently by improving network transmission based on LEACH-C among the representative routing protocols. The LEACH-CCBD algorithm is a method of assigning a cluster head to a cluster head by comparing the sum of the distance from the member node to the cluster distance and the distance from the cluster node to the base station with respect to the membership of the member nodes in the cluster when configuring the cluster. The proposed LEACH-CCBD used Matlab simulation to confirm the performance results for each protocol. As a result of the experiment, as the lifetime of the network increased, it was shown to be superior to the LEACH and LEACH-C algorithms.