• Review of KIISC
• /
• v.8 no.3
• /
• pp.83-104
• /
• 1998

인터넷의 급속한 확산과 전세계 통신서비스의 확장으로 인해 세계는 정보의 공유와 다양한 삶의 변화를 가져오고 있다. 교통수단의 발달로 전세계가 일일생활권에 접어들었다면 인터넷과 통신수단의 발전으로 인해 세계는 동일문화권을 형성하고 있다. 주체할 수 없이 수많은 정보와 서비스속에서 사고 있지만, 아직도 좀더 편리하고 안전한 정보의 공유와 윤택한 삶을 영유하기 위한 많은 문제점이 있으며, 이러한 발전 속에서 더 많은 문제점들이 나타나고 있는 것이 현실이다. 또한 이러한 문제점들을 해결하기 위한 다양한 해결책들이 쏟아져 나오고 있다. 본 고에서는다루게 될 내용은 전체적인 공개키 기반구조를 살펴보고 이를 디지털 위성방송 한정 수신 시스템에 적용한다. 공개키 기반구조에 대해서는 인터넷에서 사용자를 인증하기 위한 X.509 인증서에 대해 살펴보고, 인증서를 이용한 서비스에 대해 살펴본다. 또한 최근 각 나라별 공개키 기반구조 표준안의 진행 상황을 알아보고 IETF PKIX 표준안으로서 공개키 관리 프로토콜, CRL CRL 확장, 인증서, 그리고 인증서 확장에 대해 살펴본다. 곧 실현될 디지털 위성방송의 유료화 서비스는 가입자 인증과 서비스에 대한 접근 통제가 가능해야 한다. 따라서 가입자에 대한 관리부분에 공개키 기반구조를 적용함으로써 가입자에 대한 인증과 서비스 및 접근 통제를 가능하게 한다.

• The KIPS Transactions:PartC
• /
• v.10C no.6
• /
• pp.809-814
• /
• 2003

The multicast transmitting the real-time data to groups may easily have many attacks from abnormal attacks because it has many links as compared to the unicast. The existing group key management architectures for preventing these problems are designed for protocols suitable for a large scale. Thus these architectures applied to a small scale routing protocols may have many overheads with key distribution and a constant core tree. Therefore this paper proposes a groups key management protocol for a secure multicast in PIM-SM multicast group communication. The proposed method divide multicast groups with RO(Rendezvous-Point), and subgroup key managers are established in each RP and can be transmitted groups keys between senders and receivers, so the security cannel is set up for secure data transfer, And this does not have needs of the data translation for group keys and the new key distribution for path change. As a result of this, the data transmission time can be reduced.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.13 no.5
• /
• pp.3-15
• /
• 2003

The secure group communication enables the members, which belong to the same group, to communicate each other in a secure and secret manner. To do so, it is the most important that a group key is securely distributed among them and also group membership is efficiently managed. In detail, the generation, the distribution and the refreshment of a group key would be highly regarded in terms of low communication and computation complexity. In this paper, we show you a new protocol to generate a group key which will be safely shared within a group, utilizing the 2-party Diffie-Hellman key exchange protocol and the complete binary tree. Our protocol has less complexity of computation per group member by substituting many parts of exponentiation computations for multiplications. Consequently, each group member needs constant computations of exponentiation and multiplication regardless of the group size in the protocol and then it has less complexity of the computation than that of any other protocols.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2004.05b
• /
• pp.173-176
• /
• 2004

전 세계적으로 안전한 데이터의 송수신에 대한 많은 연구가 지속되어 왔다. IPsec은 IP 패킷에 대해 기밀성과 무결성 그리고 인증과 같은 보안 서비스를 제공하는 국제 표준 프로토콜이며 IPsec의 키 관리 메커니즘이 IKE이다. 기존 IKE는 시스템간의 상호 운용성이 떨어질 뿐만 아니라 시스템의 성능을 저하시키며 서비스 거부 공격(DoS)에 대해 매우 취약한 구조를 가지고 있다. 본 논문에서는 이러한 문제점을 해결하기 위해서 기존 IKE 프로토콜에서 사용되지 않는 모드를 삭제하고 인증 방법을 전자서명과 공유된 비밀키에 기반한 방식으로 단일화시켰다. 또한 DoS 공격을 예방할 수 있도록 단순화된 IKE 프로토콜을 구현하고 테스트하였다.

• The Journal of Korean Association of Computer Education
• /
• v.7 no.1
• /
• pp.45-53
• /
• 2004

Ad-Hoc network is wireless network architecture without infrastructure. We encounter new types of security problems in Ad-Hoc networks because such networks have little or no support from infrastructure. Thus, wireless communications need security mechanisms in order to guarantee the integrity and the privacy of the communication, as well as the authentication of the entities involved. Many practical systems have been proposed. The most familiar system is the Diffie-Hellman key distribution system. This algorithm allows the establishment of a cryptographic secret key between two entities. If more than two users want to compute a common key, then a group key agreement system is used. This paper discusses several group key agreement systems and presents two efficient fault tolerant methods to perform successful group key agreement.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.33 no.3C
• /
• pp.281-292
• /
• 2008

A main application of sensor networks are to monitor and to send information about a possibly hostile environment to a powerful base station connected to a wired network. To conserve power from each sensor, intermediate network nodes should aggregate results from individual sensors. However, it can make it that a single compromised sensor can render the network useless, or worse, mislead the operator into trusting a false reading. In this paper, we propose a protocol to give us a key aggregation mechanism that intermediate network nodes could aggregate data more safely. The proposed protocol is more helpful at multi-tier network architecture in secure sessions established between sensor nodes and gateways. From simulation study, we compare the amount of the energy consumption overhead, the time of key transmission and the ratio of of key process between the proposed method and LHA-SP. The simulation result of proposed protocol is low 3.5% a lord of energy consumption than LHA-SP, the time of key transmission and the ration of key process is get improved result of each 0.3% and 0.6% than LHA-SP.

• Proceedings of the IEEK Conference
• /
• 2006.06a
• /
• pp.197-198
• /
• 2006

본 논문에서는 센서 네트워크에 SPINS 보안 프로토콜을 적용하여 그 성능을 판별하려 하였다. 센서 네트워크의 보안을 유지하기 위해 SPINS에서는 SNEP과 ${\mu}TESLA$로 세분화 되어 데이터 인증, 보안과 키 관리를 각각 담당하게 된다. 본 논문에서는 그 중 SNEP을 nesC를 이용하여 TinyOS기반 센서에 적용하였다.

• Journal of Korea Multimedia Society
• /
• v.10 no.3
• /
• pp.373-380
• /
• 2007

In this paper we propose a new efficient authentication protocol that reduces overheads of computation for digital signature generation/verification on mobile devices in the Personal Area Network (PAN). In particular, we focus on eliminating the traditional public key operations on mobile devices without any assistance of a signature server. Moreover, the proposed protocol provides a simplified procedure for certificate status management to alleviate communication and computational costs on mobile devices in the PAN.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.33 no.1C
• /
• pp.117-123
• /
• 2008

We propose an improved Diffie-Hellman(DH) key agreement protocol over a radio link in peer-to-peer networks. The proposed protocol ensures a secure establishment of the shared key between two parties through distance bounding(DB). Proposed protocol is much improved in the sense that we now reduce the number of messages exchanged by two, the number of parameters maintained by four, and 2(7682(k/64)-64) of XOR operations, where k is the length of the random sequence used in the protocol. Also, it ensures a secure reusability of DH public parameters. Start after striking space key 2 times.

• Journal of KIISE:Information Networking
• /
• v.27 no.2
• /
• pp.175-186
• /
• 2000

Over the years, the extensive use of networks and distributed systems has increased the need for authentication and digital signatures. Inperforming authentication on a massive scale, authentication servers that use multiple workstations or PCs are more economical than servers that use one inicomputer or mainframe. However, the establishment of authentication servers with multiple platforms can cause some security problems and increases the cost of key management because all platforms within the server must have the private key of the authentication server. We propose a scheme which can solve these problems. The proposed scheme can establish a strong authentication server with no additional key management and improve the performance of the authentication server up to 13 times.