• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.12 no.6
• /
• pp.47-58
• /
• 2002

The access control techniques, which can control unauthorized members to access to multicast service, have not been studied very often while there are a lot of on-going study on secure multicast architecture, multicast key distribution and sender authentication scheme have been studied. Multi level access control scheme in multicast can be used in a remote secure conference or to provide graduated multimedia services to each customers. In fact, multicast network has its own virtual networks according to different security levels. However, Early schemes are not effective when it protects unauthorized access in multi-access network environment. Furthermore this scheme does not provide us with hierarchical access control mechanism. This paper, therefore, proposes hierarchical access control scheme to provide the effectiveness in network layer by security level comparison. And we also suggests hierarchical key distribution scheme for multi level access control in application layer and effective hierarchical key renewal scheme in dynamic multicast environment which is easy to join and leaving the multicast group.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.13 no.6
• /
• pp.1091-1098
• /
• 2009

In this paper, we designed the authentication system for home network service and applied it to actual sensor nodes. The pair-wise pre-distribution key skim is applied for prevention of authentication key from sniffing on the wireless sensor networks. The authentication key and data are encrypted by using the CBC mode RC5 algorithm based on the SPINS. The experimental environment consists of a base station (BS)and sensor nodes and each sensor node sends both sensing data and the encrypted authentication key to the BS. For simulations we set up some what-if scenarios of security menaces in home network service.Slightly modified the TOS_Msg data arrays of TinyOS is suggested to store 8-byte authentication key which can enable data encryption and authentication at the each sensor node. As a result, malfunction caused by communication between BS and nodes of other groups of added nodes having malicious purpose can be protected. Also, we confirmed that a critical data of home networking service like vital signal can be transmitted securely through this system by encryption technique.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• v.9 no.2
• /
• pp.807-810
• /
• 2005

Constructed network test environment of wireless base for confidentiality guarantee of data and safe transmission that is transmited at Mobile node of Wireless Network environment in this paper. And, progressed research about IKEv2's Multiple-Key Exchange mechanism for efficient security transmission that use IPSec that is built-in to basis to IPv6 of Mobile environment. Have several key to single terminal to solve that is seam at hand off packet transmission process of Mobile Node in Wireless Network and Re-setting for Key and Re-exchange problem that happen frequently and studied technology that move. Key exchange protocol that is used for an experiment loads basically in MIPv6 and used IKEv2 protocol that is used for management and distribution of reliable encryption key between both end. Using network simulator of SSFNet(Scalable Simulation Framework Network Models) in this paper Key exchange delay value of IKEv2's security transmission analyzing comparison Performance measure and studied about problem and improvement way accordingly.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2006.06a
• /
• pp.202-206
• /
• 2006

오늘날 패스워드 인증과 키 분배는 컴퓨터 환경에서 중요하다. 패스워드 기반의 시스템은 패스워드를 사용자가 기억하기 쉽다는 장점 때문에 널리 사용 되고 있다. 하지만, 패스워드는 작은 공간에서 선택되어지기 때문에 패스워드 추측 공격을 포함한 다양한 공격에 취약점을 나타낸다. 본 논문에서는 최근에 제안된 새로운 패스워드 인증 기법을 분석하고, 서버 위장 공격, 서버 속임 공격과 패스워드 추측 공격에 취약하다는 것을 보인다. 또한, 패스워드 기반의 기법을 설계할 때는 주의해야 한다는 점에 대해 논하고, IEEE 1363.2와 같은 표준을 사용해 CK 프로토콜을 강하게 하는 법에 대해 간단히 보인다.

• Proceedings of the Korean Information Science Society Conference
• /
• 2007.10d
• /
• pp.1-6
• /
• 2007

프락시 암호 기법은 안전한 그룹 통신에서 중간 노드 신뢰 문제를 해결하기 위한 좋은 방법을 제공한다. 기존의 연구에서 프락시 암호 기법을 이용한 방법들이 제안되었으나 이들은 멀티캐스트 데이터전송 측면에서 매우 비효율적이거나 1-affect-n 문제로 인해 확장성이 저하되는 단점을 가지고 있다. 이에 따라 이 논문에서는 그룹 가입/탈퇴 분석 모델에 기반하여 동적으로 그룹을 분할/병합함으로써 키 분배에서의 확장성과 데이터 전송에서 효율성을 같이 제공하는 새로운 프락시 암호 기반의 안전한 그룹 통신 기법을 제안한다. 제안한 방법은 인터넷이나 무선 네트워크와 같이 공개된 환경에서 가입/탈퇴가 빈번히 일어나는 대규모 가입자를 대상으로 하는 실시간 멀티미디어 방송 서비스에 적합하다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.15 no.5
• /
• pp.115-124
• /
• 2005

We propose a new binding update(BU) protocol between mobile node(CN) and correspondent node(CN) for the purpose of preventing redirect attacks and DoS attacks observed from the existing BU protocols and enhancing the efficiency of the BU protocol. Home agent plays a role of both authentication server validating BU message and session key distribution center for MN and CN. Also propose the stateless Diffie-Hellman key agreement based on cryptographically generated address (CGA). Suity of our proposed Protocol is analyzed and compared with other protocols. The proposed protocol is more efficient than previous schemes in terms of the number of message flows and computation overhead and is secure against both redirect and DoS attacks.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.16 no.2
• /
• pp.1388-1397
• /
• 2015

Recently, an application business model was proposed to implement an M-coupon system using the NFC-based mobile devices. In this paper, the security requirements were surveyed for a secure M-coupon system and to analyze the threats on the existing NFC-based M-coupon protocols. After considering the implementation efficiency and security, this paper presents a novel M-coupon protocol based on the Diffie-Hellman key agreement scheme. This protocol can be an alternative to solve the security problems related to the PKI (Public Key Infrastructure) and secret key distribution. Furthermore, this M-coupon protocol is designed to provide user authentication and counteract the relay attack.

• The KIPS Transactions:PartC
• /
• v.10C no.1
• /
• pp.17-26
• /
• 2003

Mobile agent system comes into the spotlight since it contributes largely to mobile computing on distributed network environment. However, this system has a number of significant security Problems. In this Paper, we analyze suity attacks to mobile agent system Presented by NIST[3]. In order to protect this system from them, we suggest a security protocol for mobile agent system by employing R based key distribution and digital multi-signature scheme. To solve these problems described in NIST, securities for mobile agent and agent platform shouid be accomplished. Comparing with other protocols, our protocol performs both of these securities, while other protocols mentioned only one of them. Proposed Protocol satisfies simplicity of key management, providing security service such as confidentiality, integrity, authentication and preventing reputation, liveness guarantee, protection of excution-result data and preventing replay attack. Furthermore, it is designed to detect message modification immediately by verifying each step of agent execution at a corresponding server.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2008.05a
• /
• pp.616-619
• /
• 2008

In this paper, we design and implement the authentication system for home network service and applied it to actual sensor nodes. We achieved authentication key, encryption and decryption applied RC5 encryption algorithm of SNEP. In addition, we used pair-wise key pre-distribution for prevention of authentication sniffing in wireless sensor network. The experiment environment consists of a base station receiving data and sensor nodes sending data. Each sensor nodes sends both the data and encrypted authentication key to the base station. As a simulation environment, we assumed some what-if scenarios of security menaces in home network service. And we slightly altered the TOS_Msg construction of TinyOS. The experiences had shown that the malfunction doesn't happen in communication among other groups. And we confirmed in tests that the system is secure when a sensor having malicious propose is added.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.2
• /
• pp.27-35
• /
• 2011

Due to the advancement of IPTV technologies, Mobile IPTV service is needed to be supported for service and content protection. CAS is generally used in the IPTV service to protect service and content. However, the CAS is not efficient in the Mobile IPTV. The CAS needs too much bandwidth for Service Key update to the each subscriber. Moreover, the CAS is increasing computation burden for the service key refreshment in the key management server when the subscriber frequently changes of the IPTV service group. To solve the problems, we used hierarchical key structure based on pre-shared key that is securely stored into smart card or USIM and do not use the EMM for Service Key update. As a result, the proposed scheme decreases computation burden at the key management server and wireless bandwidth burden in the Mobile IPTV service.