• Journal of KIISE:Information Networking
• /
• v.27 no.3
• /
• pp.288-300
• /
• 2000

본 논문에서는 효율성, 안전성 및 이중사용방지 요구 조건을 만족하면서 동시에 시스템 사용과정에서 생길 수 있는 여러 분쟁 유형에 대해서 효과적으로 대처할 수 있는 초소액 지불시스템을 제안한다. 이를 위하여 기존의 시스템들이 효율성 향상을 위해 많이 사용해 온 S/KEY 방식의 해쉬 체인을 변형한 이중 해쉬체인 구조를 제안한다. 제안 시스템인 mPay-1, mPay-2는 이 구조를 기반으로 하였으며 안전성 및 분쟁해결성 측면에서 좋은 결과를 보인다. mPay-1은 기존의 시스템과 동일한 효율성을 갖으나 보다 안전하다. mPay-1의 확장형인 mPay-2는 추가적으로 여러 분쟁 유형들에 대해 효과적으로 대처할 수 있다.

• The KIPS Transactions:PartC
• /
• v.12C no.5 s.101
• /
• pp.623-632
• /
• 2005

In ad-hoc network, there is no fixed infrastructure such as base stations or mobile switching centers. The security of ad-hoc network is more vulnerable than traditional networks because of the basic characteristics of ad-hoc network, and current muting protocols for ad-hoc networks allow many different types of attacks by malicious nodes. Malicious nodes can disrupt the correct functioning of a routing protocol by modifying routing information, by fabricating false routing information and by impersonating other nodes. We propose a routing suity mechanism based on one-time digital signature. In our proposal, we use one-time digital signatures based on one-way hash functions in order to limit or prevent attacks of malicious nodes. For the purpose of generating and keeping a large number of public key sets, we derive multiple sets of the keys from hash chains by repeated hashing of the public key elements in the first set. After that, each node publishes its own public keys, broadcasts routing message including one-time digital signature during route discovery and route setup. This mechanism provides authentication and message integrity and prevents attacks from malicious nodes. Simulation results indicate that our mechanism increases the routing overhead in a highly mobile environment, but provides great security in the route discovery process and increases the network efficiency.

• The KIPS Transactions:PartC
• /
• v.13C no.7 s.110
• /
• pp.843-850
• /
• 2006

This is devoted to first, to propose a hash chain algorithm that generates more secure key than conventional encryption method. Secondly, we proposes encryption method that is more secure than conventional system using a encryption method that encrypts each block with each key generated by a hash chain algorithm. Thirdly, After identifying the user via wired and wireless network using a user authentication method. We propose a divided session key method so that Although a client key is disclosed, Attackers cannot catch a complete key and method to safely transfer the key using a divided key method. We make an experiment using various size of digital contents files for performance analysis after performing the design and implementation of system. Proposed system can distribute key securely than conventional system and encrypt data to prevent attacker from decrypting complete data although key may be disclosed. The encryption and decryption time that client system takes to replay video data fie is analogous to the conventional method.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.15 no.4
• /
• pp.83-92
• /
• 2005

D-OCSP-KIS proposed by Koga and Sakurai not only reduces the number or OCSP Responder's certificate but also criers the certificate status validation about OCSP Responder to the client. Therefore, D-OCSP-KIS is an effective method that can reduce the communication cost, computational time and storage consumption in client, but it has some problems. In case an attacker accidentally acquires an OCSP Responder's session private key in a time period (e.g., one day), she can disguise as the OCSP Responder in the time period unless the OCSP Responder recognizes. She can offer the wrong response to the client using the hash value intercepted. And the server and user on I-commerce can have a serious confusion and damage. And the computation and releasing of hash chain can be a load to CA. Thus, we propose a method detecting immediately the exposure of an OCSP Responder's session private key and the abuse of hash value in D-OCSP-KIS.

• Journal of the Korea Society of Computer and Information
• /
• v.18 no.10
• /
• pp.81-88
• /
• 2013

Since nowadays mobile phone messages are flourishing, the application of electronic coupon (e-coupon) will become a trend for mobile users. E-coupon for mobile commerce can provide mobility for users and distribution flexibility for issuers. In this paper, we propose a mobile e-coupon system that just applies some simple cryptographic techniques, such as one-way hash function and XOR operation. In our system, the customer can control the number of issued e-coupons and the issuer can prevent them from double-redeeming. The customer does not need to perform any exponential computation in redeeming and transferring the coupons. Our scheme uses one-way hash chains for preventing from double-spending.

• 한국공간정보시스템학회:학술대회논문집
• /
• 2003.11a
• /
• pp.129-134
• /
• 2003

이동체란 시간 변화에 따라 연속적으로 위치가 변화하는 객체를 말한다. 이러한 이동체는 기존의 공간 데이터와는 달리 이동체의 위치변경 보고에 따라 지속적인 갱신연산을 발생시키는 특징을 가지고 있다. 이동체의 현재 색인에 있어 트리 기반의 색인 구조는 빈번한 갱신에 대한 색인의 변경 비용이 크므로 부적합하다. 확장 해쉬 기반의 그리드 파일 색인은 갱신연산의 비용이 적고, 그리드를 동적으로 구성하므로 공간 활용도가 높으며 영역 질의에 우수한 장점을 가지고 있다. 그러나 빈번한 갱신연산으로 인하여 해당 색인의 반복적인 분할/합병 비용을 발생시키는 문제점을 가지고 있다. 이 논문에서는 메인 메모리 기반의 그리드 파일을 구성하고, 빈번한 갱신연산에 따른 색인의 반복적인 분할/합병 비용을 제거하기 위한 합병정책을 제안한다. 특히 시간에 따라 해당 이동체의 수가 지역에 따라 변화하므로 이동체의 이동을 고려한 합병정책을 제안한다.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.33 no.8C
• /
• pp.633-641
• /
• 2008

Since WSNs encounter attacks, such as jamming or eavesdropping without physical access occurs, security is one of the important requirements for WSNs. The key pre-distribution scheme that was recently researched for advance of security in WSNs distributes the keys and probability with the use of q-composite random key pre-distribution method, but there is a high probability that no key shared between sensor nodes, and it takes a lot of time and energy to find out the shared key. Therefore, it is not suitable for WSNs. In order to enhance stability of a node that plays a role of gateway without depending on probabilistic key, this paper proposesa key pre-distribution scheme combined with random key pre-distribution scheme and double hash chain. Since the proposed scheme can maintain a small storage place and strong security strengths, it is more efficient than the existing schemes with the same security strengths. In addition, since it uses a small size of key generation key set, it can reduce a great deal of storage overhead.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.34 no.12B
• /
• pp.1407-1417
• /
• 2009

We propose a e-document management system that can provide segmented page information on a document according to different levels of authority from access control environment. The proposed system creates hierarchy identifier using a one-way hash chain and therefore does not need to own key information for all users as in existing system. Also by creating group keys by compounding hash chain hierarchy identifier with randomly formed group identifier, the system can flexibly respond to dynamic changes from group member movements while at the same time resolving the problems of key formation and management in document encoding technique using symmetric key for each page. Lastly as a result of comparative analysis through an experiment with existing e-document management systems, the proposed system showed superiority in the efficiency of encoding and decoding document and the speed of encoding and decoding by the pages.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.5
• /
• pp.831-847
• /
• 2013

The various types of data are being created in large quantities resulting from the spread of social media and the mobile popularization. Many companies want to obtain valuable business information through the analysis of these large data. As a result, it is a trend to integrate the big data technologies into the company work. Especially, Hadoop is regarded as the most representative big data technology due to its terabytes of storage capacity, inexpensive construction cost, and fast data processing speed. However, the authentication token system of Hadoop Distributed File System(HDFS) for the user authentication is currently vulnerable to the replay attack and the datanode hacking attack. This can cause that the company secrets or the personal information of customers on HDFS are exposed. In this paper, we analyze the possible security threats to HDFS when tokens or datanodes are exposed to the attackers. Finally, we propose the secure authentication protocol in HDFS based on hash chain.

• KIPS Transactions on Computer and Communication Systems
• /
• v.2 no.11
• /
• pp.495-502
• /
• 2013

In this paper, we present an anonymous authentication and location assurance protocol for secure location-aware services over vehicular ad hoc networks (VANETs). In other to achieve our goal, we propose the notion of a location-aware signing key so as to strongly bind geographic location information to cryptographic function while providing conditional privacy preservation which is a desirable property for secure vehicular communications. Furthermore, the proposed protocol provides an efficient procedure based on hash chain technique for revocation checking to effectively alleviate communication and computational costs on vehicles in VANETs. Finally, we demonstrate comprehensive analysis to confirm the fulfillment of the security objectives, and the efficiency and effectiveness of the proposed protocol.