• Proceedings of the Korea Information Processing Society Conference
• /
• 2001.04a
• /
• pp.441-444
• /
• 2001

본 논문은 이동 에이전트 시스템이 안고 있는 보안 문제를 해결하고자 하였다. 제안된 프로토콜은 이동 에이전트 및 에이전트 시스템 보안 위험에 대처하기 위하여 ID를 이용한 키 분배 기법과 fit-Shamir 디지털 서명 방식에 기초한 다중 서명 방법을 이용하여 에이전트와 에이전트 플랫폼의 양방향 인증, 실행 결과 데이터의 보호, 생명성 보장을 함께 처리하였으며 중간 검증이 가능하도록 제안되어 불필요한 오버헤드를 갖지 않도록 하였다. 제안된 이동 에이전트 보안 프로토콜을 적용하였을 때 얻을 수 있는 장점은 첫째, 이동에이전트의 생명성을 보장할 수 있으며 둘째, 에이전트의 실행 결과 데이터의 기밀성, 무결성을 보장할 수 있고, 세째, 에이전트 실행의 전 단계를 매 시스템마다 검증함으로써 변경, 삭제 등의 문제가 발생하는 즉시 발견할 수 있다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2004.05a
• /
• pp.1189-1192
• /
• 2004

Ad hoc network는 중앙 집중화된 관리나 표준화된 지원 서비스의 도움 없이 임시 망을 구성하는 무선 이동 호스트들의 집합으로서 제한된 무선 채널을 통해 이동 노드간의 통신을 수행하는 멀티 홉(multi-hop) 무선 네트워크이다. 따라서 중앙 집중화된 보안 기반구조가 아니기 때문에 보안 공격을 받기가 쉽게 된다. 기존의 보안 방법중의 하나인 threshold cryptography는 키의 유지와 분배를 위한 효율적인 구조를 제공하였으나 라우팅의 오버헤드가 증가하였고, 네트워크 전역의 트래픽이 증가되었다. 본 논문에서는 threshold cryptography에 의해 야기되는 오버헤드를 줄이고 인증된 패킷 전달을 돕기 위한 새로운 접근 방법을 제안한다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2010.04a
• /
• pp.162-165
• /
• 2010

USN 기술은 센서노드의 전류소모 감소를 위한 저전력 기술개발과 관련 기술력 확보를 위해 많은 연구가 지행되고 있다. 유비쿼터스 환경에서 보안의 취약성과 낮은 신뢰성 문제는 USN 기술의 상용화 성공을 위해 선행되어야할 요소이다. 본 연구에서는 보안 문제로 W-Key 알고리즘을 도입하여 키분배 관리, 인증관리, 환경관리로 구성하여 무선 Key기법과 다른 RFID/USN기반의 안전한 출입통제 시스템을 구현하였다.

• Journal of Internet Computing and Services
• /
• v.11 no.4
• /
• pp.143-158
• /
• 2010

The illegal leakage of enterprise digital confidential information will threaten the enterprise with bankruptcy. Today since most small-and-medium companies have no capability to fight against illegally compromising their critically confidential documents in spite of knowing the leakage of them, strongly safe distribution system of the digital confidential documents should be designed so in secure as to prevent any malicious intent of embezzlement from accessing the critical information. Current DRM-based protection system is not always perfect to protect the digital secrets, even seems to leave the secrets open. Therefore our study has analyzed the illegal leakage paths that hackers attack against and the vulnerability of the current protection systems. As result, we study the group communication based system architecture satisfying the security conditions to make even legitimate working employee keep out of the confidential documents, without performance degradation. The main idea of this architecture is to stay every secrets in encrypted form; to isolate the encrypted documents from the crypto-key; to associate every entity with one activity and to authenticate every entity with DSA-based public key system; multiple authentication method make hackers too busy to get a privilege to access the secrets with too many puzzle pieces. This paper deal with the basic architectural structure for the above issues.

• Journal of Broadcast Engineering
• /
• v.20 no.1
• /
• pp.92-109
• /
• 2015

Broadcast encryption is a cryptographic primitive that allows a sender to securely broadcast a message to a set of receivers. The most influential broadcast encryption system was proposed in 2001 by Naor, Naor, Lotspiech, based on a pseudo-random generator and the Subset Difference (SD) method. In this paper, we suggest a new broadcast encryption system that is based on secret sharing and SD methods. On an efficiency aspect, our system achieves O(r) transmission cost, O($log^2n$) storage cost, and O(1) computational cost for the number n of users and the number r of revoked users. Compared to O(log n) computational cost in the previous SD method, our system has the advantage that it needs only constant-sized computational cost for decryption, regardless of the number n or r. On a security aspect, our system can achieve tighter security reduction than the previous SD method and the gap of security loss is about O(n log n). Moreover, our result shows that it is possible to give the effect of the SD method while using an information-theoretically secure key distribution technique as in the Complete Subtree method.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.35 no.6B
• /
• pp.970-976
• /
• 2010

Platform convergence originated from the convergence of broadcast and telecommunication is making rapid progress including IT and not-IT fields in order to provide a variety of converged services, S/W eco-system construction, and so on. With the advent of convergence environment, IEEE 802.15.4-based RF4CE technology is rising because of creating momentum for the market using converged connectivity between home and office devices as well as all around located devices. In this paper, we present enhanced RF4CE key seed distribution approach in order to provide efficient connection and control between devices. The proposed approach consists of device mutual authentication, initial vector assignment, and two-phase key seed distribution. Moreover, we make a development real RF4CE test board and its key agreement simulator to verify the proposed approach.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.11 no.2
• /
• pp.189-196
• /
• 2011

As internet is getting advanced day by day, digital contents have been developed in various areas as killer content in the IT industry. It needs to develop lots of complicated digital content protect systems due to the enhancement and variety of user's multimedia devices. Although there are lots of protect systems based on DRM(Digital Rights Management) technology, it is difficult to provide secure protection because of the problems resulting from analog hole problem, inefficiency of key sharing and various independent protect technologies. Thus, in this paper, we propose a novel authentication and protect system based on RFID(Radio Frequency Identification) technology to solve the problems and show possibility of free content duplication and efficient contents management in smart home environments.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.15 no.1
• /
• pp.115-125
• /
• 2011

Cryptographic hash functions are also called one-way functions and they ensure the integrity of communication data and command by detecting or blocking forgery. Also hash functions can be used with other security protocols for signature, authentication, and key distribution. The SHA-1 was widely used until it was found to be cryptographically broken by Wang, et. al, 2005. For this reason, NIST launched the SHA-3 competition in November 2007 to develop new secure hash function by 2012. Many SHA-3 hash functions were proposed and currently in review process. To choose new SHA-3 hash function among the proposed hash functions, there have been many efforts to analyze the cryptographic secureness, hardware/software characteristics on each proposed one. However there are few research efforts on the SHA-3 from the point of power consumption, which is a crucial metric on hardware module. In this paper, we analyze the power consumption characteristics of the SHA-3 hash functions when they are made in the form of ASIC hardware module. Also we propose power efficient hardware architecture on Luffa, which is strong candidate as a new SHA-3 hash function. Our proposed low power architecture for Luffa achieves 10% less power consumption than previous Luffa hardware architecture.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.3
• /
• pp.131-141
• /
• 2011

OMA(Open Mobile Alliance) is one of the most active group about DRM technology in mobile device field. OMA announced an OMA-DRM v 2.1 standardization in 2007. After then OMA announced OMA-SRM(Secure Removable Media) and SCE(Secure Contents Exchanges) that are the extension of OMA-DRM v2.1. In SCE, a user can form user domain to share contents and rights. So the user can share contents and rights with not only the the OMA-DRM v2.1 but also home devices like mobile phones, personal computers and audios. In this paper, we analyze a sharing technology of OMA-DRM and SCE, and then propose key distribution method using proxy re-encryption and smart card to use shared contents and rights.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.20 no.5
• /
• pp.89-98
• /
• 2010

Wireless LAN (WLAN) is type of wireless service that has higher data transmission than current cellular networks. The usage is continually increasing. There are a lot of vulnerabilities in wireless network, due to the properties of the wireless environment, regardless of its popularity. IEEE announced the 802.11i security standard to solve these problems. The vulnerable point of messages used in the process of key distribution for 802.11i makes the target node attacked lose memory through continuous messages and blocks the legitimate WLAN service. In this paper, we proposed new schemes to solve this problem and compared our proposals with the current process. The proposed protocol eliminates the memory exhaustion problem on the client side by using methods for reduction of memory usage.