• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.13 no.4
• /
• pp.71-84
• /
• 2003

Self-certified public keys need not be accompanied with a separate certificate to be authenticated by other users because the public keys are computed by both the authority and the user. At this point, verifiable self-certified public keys are proposed that can determine which is wrong signatures or public keys if public keys are used in signature scheme and then verification of signatures does not succeed. To verify these public keys, key generation center's public key trusted by users is required. If all users trust same key generation center, public keys can be verified simply. But among users in different domains, rusty relationship between two key generation centers must be accomplished. In this paper we propose inter-domain verifiable self-certified public keys that can be verified without certificate between users under key generation centers whose trusty relationship is accomplished. Also we present the execution of signature and key distribution between users under key generation centers use different public key parameters.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.12 no.2
• /
• pp.89-100
• /
• 2002

In this paper, we propose a group key management architecture for the secure group communications in mobile netwowrks and authenticated key agreement protocol for this system. Most of existing group key management schemes un certificates based on the public key for the purpose of user authentication and key agreement in secure fashion however, we use the ICPK(Implicitly Certified Public key) to reduce the bandwidth for a certificate exchanging and to improve a computational efficiency. In this architecture, we use two-tier approach to deal with key management where the whole group is divided into two parts; the first is a cell groups consisted of mobile hosts and another is a control group consisted of cell group managers. This approach can provide flexibility of key management such that the affection for a membership change is locally restricted to the cell group which is an autonomous area of the CGM(Cell Group Manager).

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.15 no.5
• /
• pp.73-92
• /
• 2005

Joux's tripartite key agreement protocol is one of the most prominent developments in the area of key agreement. Although certificate-based and ID-based authentication schemes have been proposed to provide authentication for Joux's protocol, no provably secure password-based one round tripartite key agreement protocol has been proposed yet. We propose a secure one round password-based tripartite key agreement protocol that builds on Joux's protocol and adapts PAK-EC scheme for password-based authentication, and present a proof of its security.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.20 no.4
• /
• pp.769-776
• /
• 2016

TELNET is vulnerable to network attack because it was designed without considering security. SSL/TLS and SSH are used to solve this problem. However it needs additional secure protocol and has no backward compatibility with existing TELNET in this way. In this paper, we have suggested STELNET(Secured Telnet) which supports security functionalities internally so that has a backward compatibility. STELNET supports a backward compatibility with existing TELNET through option negotiation. On STELNET, A client authenticates server by a certificate or digital signature generated by using ECDSA. After server is authenticated, two hosts generate a session key by ECDH algorithm. And then by using the key, they encrypt data with AES and generate HMAC by using SHA-256. After then they transmit encrypted data and generated HMAC. In conclusion, STELNET which has a backward compatibility with existing TELNET defends MITM(Man-In-The-Middle) attack and supports security functionalities ensuring confidentiality and integrity of transmitted data.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.22 no.2
• /
• pp.452-458
• /
• 2021

The value and importance of personal information are increasing due to the increasing number of fields where the Internet environment and computing environment are used, and user authentication technology is also changing. Until now, accredited certificates, which are mainly used in the financial sector, are being replaced with biometric authentication technology due to the problem of revocation. However, another problem is that biometric information cannot be modified once it is leaked. Recently, with the advent of blockchain technology, research on user authentication methods has actively progressed. In this paper, both public certificate and blockchain-based user authentication can be used without system change, and a new DID issuance and reissuance method that can replace the resident registration number is presented. The proposed system can be used without restrictions in a blockchain. However, the currently used DID requires installation of an application at the Interworking Support Center for verification. Since a DID can be authenticated without registering as a member, indiscriminate information collection can be prevented. Security, convenience, and determinism are compared with the existing system, and excellence is proven based on various attack methods, its portability, and proxy use.

• Information Systems Review
• /
• v.14 no.3
• /
• pp.75-97
• /
• 2012

Fostering trusting belief in financial transactions is a challenging task in Internet banking services. Authenticated Certificate had been regarded as an effective method to guarantee the trusting belief for online transactions. However, previous research claimed that this method has some loopholes for such abusers as hackers, who intend to attack the financial accounts of innocent transactors in Internet. Two types of methods have been suggested as alternatives for securing user identification and activity in online financial services. Control transparency uses information over the transaction process to verify and to control the transactions. Outcome feedback, which refers to the specific information about exchange outcomes, provides information over final transaction results. By using these two methods, financial service providers can send signals to involved parties about the robustness of their security mechanisms. These two methods-control transparency and outcome feedback-have been widely used in the IS field to enhance the quality of IS services. In this research, we intend to verify that these two methods can also be used to reduce risks and to increase the security protections in online banking services. The purpose of this paper is to empirically test the effects of the control transparency and the outcome feedback on the risk perceptions in Internet banking services. Our assumption is that these two methods-control transparency and outcome feedback-can reduce perceived risks involved with online financial transactions, while increasing perceived trust over financial service providers. These changes in user attitudes can increase the level of user satisfactions, which may lead to the increased user loyalty as well as users' willingness to pay for the financial transactions. Previous research in IS suggested that the increased level of transparency on the process and the result of transactions can enhance the information quality and decision quality of IS users. Transparency helps IS users to acquire the information needed to control the transaction counterpart and thus to complete transaction successfully. It is also argued that transparency can reduce the perceived transaction risks in IS usage. Many IS researchers also argued that the trust can be generated by the institutional mechanisms. Trusting belief refers to the truster's belief for the trustee to have attributes for being beneficial to the truster. Institution-based trust plays an important role to enhance the probability of achieving a successful outcome. When a transactor regards the conditions crucial for the transaction success, he or she considers the condition providers as trustful, and thus eventually trust the others involved with such condition providers. In this process, transparency helps the transactor complete the transaction successfully. Through the investigation of these studies, we expect that the control transparency and outcome feedback can reduce the risk perception on transaction and enhance the trust with the service provider. Based on a theoretical framework of transparency and institution-based trust, we propose and test a research model by evaluating research hypotheses. We have conducted a laboratory experiment in order to validate our research model. Since the transparency artifact(control transparency and outcome feedback) is not yet adopted in online banking services, the general survey method could not be employed to verify our research model. We collected data from 138 experiment subjects who had experiences with online banking services. PLS is used to analyze the experiment data. The measurement model confirms that our data set has appropriate convergent and discriminant validity. The results of testing the structural model indicate that control transparency significantly enhances the trust and significantly reduces the risk perception of online banking users. The result also suggested that the outcome feedback significantly enhances the trust of users. We have found that the reduced risk and the increased trust level significantly improve the level of service satisfaction. The increased satisfaction finally leads to the increased loyalty and willingness to pay for the financial services.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.20 no.2
• /
• pp.43-55
• /
• 2010

${\mu}TESLA$ broadcast authentication protocol have been developed by many researchers for providing authenticated broadcasting message between receiver and sender in sensor networks. Those cause authentication delay Tree-based ${\mu}TESLA$[3] solves the problem of authentication delay. But, it has new problems from Merkel hash tree certificate structure. Such as an increase in quantity of data transmission and computation according to the number of sender or parameter of ${\mu}TESLA$ chain. ${\mu}TPCT$-based ${\mu}TESLA$[4] has an advantages, such as a fixed computation cost by altered Low-level Merkel has tree to hash chain. However, it only use the sequential values of Hash chain to authenticate ${\mu}TESLA$ parameters. So, It can't ensure the success of authentication in lossy sensor network. This paper is to propose the improved method for Tree-based ${\mu}TESLA$ by using XOR-based chain. The proposed scheme provide advantages such as a fixed computation cost with ${\mu}$TPCT-based ${\mu}TESLA$ and a message loss-tolerant with Tree-based ${\mu}TESLA$.