• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.6
• /
• pp.1413-1424
• /
• 2019

Cryptocurrency has limitations to be used as an actual payment method due to the scalability problem of the blockchain consensus protocol, and various off-chain solutions to solve these limitations are being studied. In this paper, we design an efficient off-chain payment channel using one-way hash function and implement the designed payment channel using Ethereum smart contract. In addition, the experiment was conducted to measure and analyze execution time and cost for each method by deploying it in the same environment as the previously implemented plasma MVP. As a result, compared with plasma MVP, the proposed solution was able to reduce the total cumulative time by about 34% and reduce the overall execution cost by about 41%.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.20 no.2
• /
• pp.57-72
• /
• 2010

Hash based RFID protocols proposed by Ha and M.Burmester is a scheme that tag's ID is updated using hash function to provide forward secrecy after session end. But this protocols have a problem both privacy and efficiency. This paper analyze a problem for privacy to apply a privacy game model proposed by Vaudenay. we analyze the cause that these scheme is difficult with tag's cheap implementation and efficient resynchronization. To solve these problems, we proposed a new hash based mutual authentication protocol which apply only two protocol's advantages. this protocols is based of resynchronization algorithm for Ha et al.'s protocol and added a new simple counter to record the numner of continuous desynchronization between tag and reader secret informations. this counter is more simple than cyclic counter proposed by M. Burmester's protocol. Also, we prove that proposal protocol improve a privacy against a privacy attack which is executed for Ha and M. Burmester's protocols.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.4
• /
• pp.911-919
• /
• 2016

Compared to the past, the current disk storages have dramatically increased and extremely many data are transferred on the network everyday. In spite of the anticipation that such development will be continued, there have been lack of studies for improving the data-imaging time in terms of the digital forensics. In this paper, we firstly investigate the time due to hash functions during the data Imaging and secondly propose a method for improving the efficiency of the EWF-File imaging time from a cryptographic perspective.

• Journal of Korea Society of Industrial Information Systems
• /
• v.18 no.4
• /
• pp.43-51
• /
• 2013

This paper proposes the design of protocol management system for aggregationg messages based on certification between vehicles which not only prevents the messages between vehicles from being forged and altered by Sybil attack by authenticating the them, and but also provides the efficient communication by aggregating the redundant vehicle messages which frequently happens when communicating. For this, the proposed system proposes the SKLC(Session Key Local Certificate) design which is a local certificate based on a session key, and the MAP(Message Aggregation Protocol) design which aggregates the redundant vehicle messages. Therefore, when the proposed system checks the certificate of vehicle, it provides the reliable information securely by verifying the integrity of vehicle with a hash function operation, and improves communication efficiency by reducing the processing time.

• Journal of the Korea Society of Computer and Information
• /
• v.12 no.6
• /
• pp.201-206
• /
• 2007

Development of Information and Communication technology coming to activity of internet banking and electronic business, and smart card of medium is generalized prevailing for user authentication of electronic signature certificate management center with cyber cash, traffic card, exit and entrance card. In field that using public network, security of smart cart and privacy of card possessor's is very important. Point of smart card security is use safety for smart card by user authentication. Anonymous establishment for privacy protection and denial of service attack for availability is need to provision. In this paper, after analyze for Hwang-Li, Sun's, L-H-Y scheme, password identify element is a change of safety using one time password hash function. We proposed an efficient new smart card authentication protocol against anonymity and denial of service.

• Proceedings of the KAIS Fall Conference
• /
• 2009.05a
• /
• pp.154-157
• /
• 2009

정보통신기술의 발달로 온라인으로 많은 서비스가 이루어지면서 온라인을 통해서 송 수신 되는 정보들의 가치도 높아지고 있다. 현재 전자금융거래의 보안을 향상시키기 위해서 금융기관은 OTP 인증을 사용한다. OTP 인증은 패스워드 기반의 인증기술이며, OTP 토큰을 이용하여 OTP를 생성한다. 이러한 인증은 일방향 해시함수의 충돌성, OTP 토큰에 대한 물리적 공격, OTP 토큰의 전력소모에 따른 동기화 문제를 가지고 있다. 따라서 본 논문에서는 모바일 기기를 이용한 워터마킹 기반 3-Factor OTP 인증을 제안한다. 제안한 인증에서는 OTP를 생성하기 위해 사용자의 생체정보를 사용하며, 서비스 제공자는 사용자의 생체정보에 서버의 비밀정보를 워터마킹 기법을 이용하여 숨긴다. 워터마킹된 생체정보를 사용자의 모바일 기기의 저장하고, 이 정보를 통해 사용자는 생체정보를 인증하고, OTP를 생성한다. 제안한 인증기술은 OTP토큰을 휴대해야 하는 불편 대신에 대부분 성인이 휴대한 휴대폰과 같은 모바일 기기를 통해 OTP를 생성하고 인증을 할 수 있으며, 생체정보를 이용함으로써 다른 사용자가 OTP를 생성할 수 없도록 한다. 이러한 기법은 안전한 인증을 요구하는 모든 온라인 서비스에서 사용될 수 있다.

• Journal of Korea Society of Industrial Information Systems
• /
• v.17 no.6
• /
• pp.25-30
• /
• 2012

Passwords are a common method of identifying and authenticating a user who wishes to log on to a secure system. Password-based authentication techniques, however, do not provide strong security and recognized as being an poor form of protection. It is not all the responsibility of the user to control password and to protect its confidentiality. In this paper, confirm an appropriate response time and I propose a new and improved method of implementing two factor authentication using SMS via receiving apparatus(mobile and email).

• Journal of Information Technology Services
• /
• v.16 no.1
• /
• pp.73-82
• /
• 2017

Recently in-memory data stream processing has been actively applied to various subjects such as query processing, OLAP, data mining, i.e., frequent item sets, association rules, clustering. However, finding regular periodic patterns of events in an infinite data stream gets less attention. Most researches about finding periods use autocorrelation functions to find certain changes in periodic patterns, not period itself. And they usually find periodic patterns in time-series databases, not in data streams. Literally a period means the length or era of time that some phenomenon recur in a certain time interval. However in real applications a data set indeed evolves with tiny differences as time elapses. This kind of a period is called as a pseudo-period. This paper proposes a new scheme called FPMH (Finding Periods using Multiple Hash functions) algorithm to find such a set of pseudo-periods over a data stream based on multiple hash functions. According to the type of pseudo period, this paper categorizes FPMH into three, FPMH-E, FPMH-PC, FPMH-PP. To maximize the performance of the algorithm in the data stream environment and to keep most recent periodic patterns in memory, we applied decay mechanism to FPMH algorithms. FPMH algorithm minimizes the usage of memory as well as processing time with acceptable accuracy.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.12 no.12
• /
• pp.5895-5901
• /
• 2011

This paper shows that a scheme provided by An[7] is not enough to satisfy security requirements for a user certification using a password-based smart card. In order to compensate this weakness, this study provides an improved user scheme with a hash function and ElGamal signature. This new scheme has some advantages protecting password guessing attack, masquerade, and replay attack as well as providing forward secrecy. Compared to An's certification scheme, this scheme suggests that the effect of computational complexity is similar but the efficiency of safety is better.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2014.11a
• /
• pp.540-543
• /
• 2014

수많은 데이터를 사용하는 기업 및 기관들은 전용 데이터베이스를 구축하여 모든 정보들을 저장, 관리하고 있다. 개인정보를 포함하여 비인가된 중요 정보들이 저장되어있음에도 불구하고 대부분의 경우 데이터베이스에 대한 보안적용이 되어있지 않거나 아주 미비한 상태이다. 보안사고의 대부분이 데이터베이스에 저장된 중요 정보가 유출되는 점을 보았을 때 데이터베이스 자체에 대한 보안시스템을 구축하여 예방하는 것이 보안사고의 피해를 막을 수 있는 가장 핵심적인 방법이라 할 수 있다. 이에 본 연구에서는 네트워크 패킷을 모니터링하여 데이터베이스의 성능에 영향을 미치지 않고 보안기능을 수행할 수 있는 Sniffing 을 이용한 방안을 제안한다. 제안 보안시스템은 별도의 하드웨어에서 기능을 수행하며 운영 중인 데이터베이스에 서비스의 중단 없이 보안시스템을 구축할 수 있도록 하였다. Sniffing 방식에서 접근제어 기능을 수행 할 수 있도록 알고리즘 설계를 하였으며 감사 로그를 기록할 때 가장 많은 부분을 차지하는 SQL 에 대해 MD5 해시함수를 적용하여 해당 로그에 대한 데이터크기를 크게 줄일 수 있었다. 운영중인 데이터베이스 환경에 영향을 주지 않으면서 높은 수준의 감사성능을 제공하고 다양한 보안 정책을 간단하게 적용할 수 있도록 구현하였으므로 데이터베이스에 저장된 중요정보의 유출을 예방하고, 보안사고가 일어났을 때 추적 및 증거자료로 활용할 수 있을 것이다.