• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.20 no.1
• /
• pp.35-44
• /
• 2020

The growing use of public blockchain-based virtual cryptocurrency calls for secure management of blockchain account information managed through cryptocurrency wallet programs. The previously proposed wallet program has high security in terms of managing an account's private key, but low security in managing an account's recovery phrase. Therefore, in this paper, we propose a safe management system of blockchain account recovery string based on the new user authentication method using the user's mobile device information and OTP technique to overcome the problem of the existing account recovery string management method. It also conducts an analysis of the proposed blockchain account recovery string management system based on the expected behavior scenario.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.15 no.8
• /
• pp.2865-2878
• /
• 2021

As a current popular technology, the blockchain has a serious issue: the private key cannot be retrieved due to force majeure. Since the outcome of the blockchain-based Bitcoin, there have been many occurrences of the users who lost or forgot their private keys and could not retrieve their token wallets, and it may cause the permanent loss of their corresponding blockchain accounts, resulting in irreparable losses for the users. We propose a recoverable private key scheme for consortium blockchain based on the verifiable secret sharing which can enable the user's private key in the consortium blockchain to be securely recovered through a verifiable secret sharing method. In our secret sharing scheme, users use the biometric keys to encrypt shares, and the preset committer peers in the consortium blockchain act as the participants to store the users' private key shares. Due to the particularity of the biometric key, only the user can complete the correct secret recovery. Our comparisons with the existing mnemonic systems or the multi-signature schemes have shown that our scheme can allow users to recover their private keys without storing the passwords accurately. Hence, our scheme can improve the account security and recoverability of the data-sharing systems across physical and virtual platforms that use blockchain technology.

• Journal of the Korea Society of Computer and Information
• /
• v.24 no.8
• /
• pp.59-66
• /
• 2019

As the monetary value of cryptocurrency increases, the security measures for cryptocurrency becomes more important. A limitation of the existing cryptocurrency exchanges is their vulnerability to threats of hacking due to their centralized manner of management. In order to overcome such limitation, blockchain technology is increasingly adopted. The blockchain technology enables decentralization and Peer-to-Peer(P2P) transactions, in which blocks of information are linked in chain topology, and each node participating in the blockchain shares a distributed ledger. In this paper, we propose and implement a mobile electronic wallet that can safely store, send and receive cryptocurrencies. The proposed mobile cryptocurrency wallet connects to the network only when the wallet actively is used. Wallet owner manages his or her private key offline, which is advantageous in terms of security. JavaScript based wallet apps were implemented to respectively run on Android and iOS mobile phones. I demonstrate the process of transferring Ethereum cryptocurrency from an account to another account through Ropsten, a test net for Ethereum. Hardware wallets, such as Ledger Nano S, provide a slightly higher level of security, yet have the disadvantages of added burden of carrying additional physical devices and high costs (about 80$).

• International Journal of Computer Science & Network Security
• /
• v.22 no.7
• /
• pp.347-351
• /
• 2022

Farmers E-Market is a website that allows agricultural workers to direct market their products to buyers without the use of a middleman. That theory is blockchain system will be used by authors to accomplish this. The system, which is built on a public blockchain system, supports sustainability, shippers, and consumers. Farmers can keep track of their farming activities. Customers can review the product's history and track its journey through carriers to delivery after making a purchase. Farmers are encouraged to get information about their interests promptly in a blockchain-enabled system like this. This functionality is being used by small-scale farmers to form groups based on their location to attract large-scale customers, renegotiate farming techniques or volumes, and enter into contracts with buyers. The analysis shows the use of blockchain technology with a farmer's portal that keeps the video of trading data of crops, taking into account the qualities of blockchain such as values and create or transaction data. The proposal merges python as a programming language with a blockchain system to benefit farmers, vendors, and individuals by preserving transactions.

• Journal of Internet of Things and Convergence
• /
• v.8 no.5
• /
• pp.55-61
• /
• 2022

Today's payment systems are becoming unmanned and changing to a way of paying with kiosks. This has the advantage of convenient payment because consumers can select a menu and specify the number of products to be purchased with just a touch of the screen. However, from the point of view of system security, the actual kiosk system has various vulnerabilities. This can hijack the administrator account, gain system privileges, and perform malicious actions. In addition, it is exposed to a number of security threats, such as the possibility of wasting unnecessary resources by abnormally increasing the number of payments, and causing the device to fail to operate normally. Therefore, in this paper, if any node of a participant in the solana blockchain approves an incorrect fork, the stake of the voting nodes is deleted. Also, since all participants can see the transaction history due to the nature of the block chain, I intend to write a thesis on a system that improves the vulnerability of kiosk payments by separating the access rights through the private blockchain.

• Smart Media Journal
• /
• v.9 no.1
• /
• pp.9-15
• /
• 2020

Recently there have been increasing attempts to apply blockchains to businesses and public institutions. Blockchain is a distributed shared ledger with excellent transparency and security of data and through consensus algorithm, the same data can be shared to all nodes in order. In this paper, Modified PBFT which does not modify the PBFT consensus algorithm is proposed. MPBFT is able to tolerate Byzantine faults on a private blockchain on an asynchronous network. Even with the increase of participating nodes, the network communication cost can be effectively maintained. Modified PBFT takes into account the characteristics of an asynchronous network environment where node-to-node trust is guaranteed. In response to the client's request, PBFT performed the entire participation broadcast several times, but Modified PBFT enabled consensus and authentication through the 2 / N leader. By applying the Modified PBFT consensus algorithm, the broadcast process can be simplified to maintain the minimum number of nodes for consensus and to efficiently manage network communication costs.

• Journal of Internet Computing and Services
• /
• v.21 no.3
• /
• pp.1-9
• /
• 2020

Along with the growth of Blockchain, DApp (Distributed Application) is getting attention. As interest in DApp grows, market size continues to grow and many developers participate in development. Many developers are using API(Application Programming Interface) services to mediate Blockchain nodes, such as Infura, for DApp development. However, when using such a service, there is a serious risk that the API service operator can violate the user's privacy by 1 to 1 matching the account address of the Transaction executed by the DApp user with the IP address of the DApp user. It can have an adverse effect on the reliability of public Blockchains that need to provide users with a secure DApp service environment. The proposed Blockchain platform is expected to provide user privacy protection from API services and provide a reliable DApp use environment that existing Blockchain platforms did not provide. It is also expected to help to activate DApp and increase the number of DApp users, which has not been activated due to the risk of an existing privacy breach.

• KIPS Transactions on Computer and Communication Systems
• /
• v.12 no.5
• /
• pp.165-170
• /
• 2023

With the recent rise of blockchain technology, cryptocurrency platforms using it are increasing, and currency transactions are being actively conducted. However, crimes that abuse the characteristics of cryptocurrency are also increasing, which is a problem. In particular, phishing scams account for more than a majority of Ethereum cybercrime and are considered a major security threat. Therefore, effective phishing scams detection methods are urgently needed. However, it is difficult to provide sufficient data for supervised learning due to the problem of data imbalance caused by the lack of phishing addresses labeled in the Ethereum participating account address. To address this, this paper proposes a phishing scams detection method that uses both Trans2vec, an effective graph embedding techique considering Ethereum transaction networks, and semi-supervised learning model Tri-training to make the most of not only labeled data but also unlabeled data.

• Information Systems Review
• /
• v.22 no.4
• /
• pp.135-161
• /
• 2020

With the growth of blockchain and cryptocurrency-related markets, cryptocurrency exchanges are growing as a new industry. However, as the legal and regulatory definitions of cryptocurrencies are still in progress, unlike existing industrial groups, they are not under the supervision of regulatory agencies. As a result, users (i.e., cryptocurrency investors) have suffered two types of damage that could occur from hacking and other accidents on the exchanges. One type of the damage is the loss of assets caused by the extortion of personal information or account and the other is the damage from users who might be involved in external frauds. Both are analyzed in comparison with existing operators whose functions are like the exchanges. The results of this study show that membership (KYC: Know Your Client), log-in, and additional authentication in transactions are on the similar level to those of the operators while the fraud detection system (FDS) and anti-money laundering (AML) of fiat currencies and cryptocurrencies need rapid improvement.

• International Journal of Internet, Broadcasting and Communication
• /
• v.13 no.2
• /
• pp.67-75
• /
• 2021

As pass the three revised bills, the Personal Information Protection Act was revised to have a larger application for personal information. For an industrial development through an efficient and secure usage of personal information, there is a need to revise the existing anonymity processing method. This paper modifies the Zero Knowledge Proofs algorithm among the anonymity processing methods to modify the anonymity process calculations by taking into account the reliability of the used service company. More detail, the formula of ZKP (Zero Knowledge Proof) used by ZK-SNAKE is used to modify the personal information for pseudonymization processing. The core function of the proposed algorithm is the addition of user variables and adjustment of the difficulty level according to the reliability of the data user organization and the scope of use. Through Setup_p, the additional variable γ can be selectively applied according to the reliability of the user institution, and the degree of agreement of Witness is adjusted according to the reliability of the institution entered through Prove_p. The difficulty of the verification process is adjusted by considering the reliability of the institution entered through Verify_p. SimProve, a simulator, also refers to the scope of use and the reliability of the input authority. With this suggestion, it is possible to increase reliability and security of anonymity processing and distribution of personal information.