• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.35 no.3B
• /
• pp.462-473
• /
• 2010

The RFID system has the security problem of location tracking and user privacy. In order to solve this problem, the cryptographic access method using hash function is difficult to in real applications. Because there is a limit of computing and storage capacity of Tag, but the safety is proved. The lightweight authentication methods like HB and LMAP guarantee the high efficiency, but the safety is not enough to use. In this paper, we use the AES for RFID Authentication, and solve the problem of using fixed key with key change step by step. The symmetric keys of the tag and server are changed by the random number generated by tag, reader and server successively. This could prevent the key exposure. As a result, the output of the tag and reader always changes. These key changes could make it possible to prevent eavesdropping, replay attack, location tracking and spoofing.

• Journal of KIISE:Information Networking
• /
• v.30 no.4
• /
• pp.484-493
• /
• 2003

Proxy signature scheme is a cryptographic protocol that an original signer delegates her signing capability to a proxy signer, and then the proxy signer is able to create signatures on behalf of the original signer. In general, there is time-limit for which the signing capability of the proxy signer is valid. One of methods to limit the valid delegation time is to make public delegation information contain the expiration date of the delegation. however, in this method we cannot prevent the proxy signer from signing after the valid delegation is expired because no one knows the exact time when the proxy signer signed a message. The validity of the past legal signatures cannot be preserved in case that the proxy singer´s key is compromised during the delegation period. In this paper, we propose a new scheme, time-limited forward-secure proxy signature protocol, which prevents the proxy singer from signing after the valid delegation is expired and which preserves the validity of the past legal signatures even if the signing key is compromised. The proposed scheme does not require the exact time-information by making an original signer control time-related parameters and satisfies the forward-security property in each update-period of the proxy signing key. The time-period is determined according to the application characteristics or security policies.

• Journal of the Korea Society of Computer and Information
• /
• v.15 no.9
• /
• pp.109-117
• /
• 2010

Recently, study on RFID Tag Searching technique which is used to find a specific tag in particular tag group were developed continuously. RFID tag searching technique can be applicate in various fields such as product management, finding children, and electronic anklet. To implement a RFID tag search system, RFID tag searching protocol should be considered various security threats such as reader and tag tracking, privacy, etc. For implementing a safe RFID tag lookup system, it is important to consider the potential security threats such as the tag tracking problem, and the privacy of the owner of the tag reader problem. There exists an RFID tag lookup system that satisfies a few security requirements, but the privacy of the owner of the tag reader problem has still been left unsolved, and even if it were solved, it requires a considerable amount of cryptographic operations to be performed which results in a decrease in performance. This paper proposes a system that does not degrade the performance while solving the privacy of the owner of the tag reader problem.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2019.05a
• /
• pp.251-253
• /
• 2019

This paper describes an implementation of a security SoC (System-on-Chip) prototype that interfaces a microprocessor with a block cipher crypto-core. The Cortex-M0 was used as a microprocessor, and a crypto-core implemented by integrating ARIA and AES into a single hardware was used as an intellectual property (IP). The integrated ARIA-AES crypto-core supports five modes of operation including ECB, CBC, CFB, CTR and OFB, and two master key sizes of 128-bit and 256-bit. The integrated ARIA-AES crypto-core was interfaced to work with the AHB-light bus protocol of Cortex-M0, and the crypto-core IP was expected to operate at clock frequencies up to 50 MHz. The security SoC prototype was verified by BFM simulation, and then hardware-software co-verification was carried out with FPGA implementation.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.15 no.5
• /
• pp.59-71
• /
• 2005

A RFID (Radio Frequency Identification) system receives attention as the technology which can realize the ubiquitous computing environment. However, the feature of the RFID tags may bring about new threats to the security and privacy of individuals. Recently, Juels proposed the minimalist cryptography for very low-cost RFID tags, which is secure. but only under the impractical assumption such that an adversary is allowed to eavesdrop only the pre-defined number of sessions. In this paper, we propose a scheme to protect privacy for very low-cost RFID systems. The proposed protocol uses only bit-wise operations without my costly cryptographic function such as hashing, encryption which is secure which is secure against an adversary who is allowed to eavesdrop transmitted message in every session any impractical assumption. The proposed scheme also is more efficient since our scheme requires less datas as well as few number of computations than Juels's scheme.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.19 no.6
• /
• pp.71-82
• /
• 2009

There have been a lot of researches on providing privacy in MANET (Mobile Ad hoc NETwork) using trapdoor, onion, and anonymous authentication. Privacy protection in MANET can be divided into satisfying ID privacy, location privacy, route privacy, and unlinkability between sessions. Most of the previous works, however, were unsatisfactory with respect to location privacy or route privacy. Moreover, in previous schemes, cryptographic operation cost needed to meet the privacy requirements was relatively high. In this paper, we propose a new efficient anonymous routing protocol that satisfies all the privacy requirements and reduces operation costs. The proposed scheme does not use onion or anonymous authentication techniques in providing privacy. We also provide a more accurate analysis of our scheme's efficiency by considering all the nodes involved in the route establishment.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.20 no.4
• /
• pp.117-134
• /
• 2010

A passive RFID tag which received attention as a future technology for automatic and quick identification faces some difficulties about security problems such as tag authentication, reader authentication, data protection, and untraceability in addition to cost and reliable identification. A representative passive RFID technology is the ISO/IEC 18000-6 Type C which is an international standard for 900 MHz UHF-band. This standard has some difficulties in applying to the security services such as originality verification, tag's internal information protection, and untraceability, because it does not provide high-level security solution. In this paper, we summarize security requirements of ISO/IEC ITC 1/SC 31 international standardization group, propose security protocols suitable for the UHF-band passive RFID system using a crypto engine, and analyze its security strength. In addition, we verify that it is possible to implement a tag conforming with the proposed security protocols by presenting concrete command/response pairs and cryptographic method.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.34 no.1
• /
• pp.103-114
• /
• 2024

In a situation where drone-related crimes continue to rise, research in drone forensics becomes crucial for preventing and responding to incidents involving drones. Conducting forensic analysis on flight record files stored internally is essential for investigating illegal activities. However, analyzing flight record files generated through the exclusive DUML protocol requires a deep understanding of the protocol's structure and characteristics. Additionally, a forensic analysis tool capable of handling cryptographic payloads and analyzing various drone models is imperative. Therefore, this study presents the methods and characteristics of flight record files generated by drones. It also explains the structure of the flight record file and the features of the DUML packet. Ultimately, we conduct forensic analysis based on the presented structure of the DUML packet and propose an extension forensic analysis system that operates more universally than existing tools, performing expanded syntactic analysis.

• The Transactions of the Korea Information Processing Society
• /
• v.5 no.4
• /
• pp.984-994
• /
• 1998

In the information society, all the information is transferred through the network, so it becomes an issue to protect the data on network. One of the fundamental cryptographic tools to protect the data on network, is digital signatures, and in many countries, cryptographers have been trying to make their own digital signature standard. Also, at Crypto'89 meeting, D.Chaum suggested an undeniable signature scheme. Undeniable signatures are verified via a protocol between the signer and the verifier, so the cooperation of the signer is necessary, So far, there have been several variants of undeniable signatures to obtain a signature scheme, which can control the abuse of ordinary digital signatures.

• The KIPS Transactions:PartC
• /
• v.15C no.3
• /
• pp.167-172
• /
• 2008

Fingerprinting scheme supports the copyright protection to track redistributors of digital content using cryptographic techniques. Fingerprinting schemes should guarantee buyer's anonymity and asymmetry for their privacy. Most of known fingerprinting schemes adopt public-key cryptosystems to achieve asymmetry and discrete logarithm problem or graph isomorphism problem to achieve anonymity. However, these schemes are not suited in mobile environment because of the drawbacks of requiring high computational complexity. In this paper, we propose an efficient fingerprinting scheme for mobile environment to provide not only asymmetry of the protocol but also transaction anonymity of the buyer. By employing symmetric encryption to encrypt the digital content and adopting agent to perform the protocols, the efficiency of the proposed scheme is improved.