• ETRI Journal
• /
• v.29 no.6
• /
• pp.755-768
• /
• 2007

A very promising application of active RFID systems is the electronic seal, an electronic device to guarantee the authenticity and integrity of freight containers. To provide freight containers with a high level of tamper resistance, the security of electronic seals must be ensured. In this paper, we present the design and implementation of an electronic seal protection system. First, we propose the eSeal Protection Protocol (ePP). Next, we implement and evaluate various cryptographic primitives as building blocks for our protocol. Our experimental results show that AES-CBC-MAC achieves the best performance among various schemes for message authentication and session key derivation. Finally, we implement a new electronic seal system equipped with ePP, and evaluate its performance using a real-world platform. Our evaluation shows that ePP guarantees a sufficient performance over an ARM9-based interrogator.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.11 no.1
• /
• pp.511-535
• /
• 2017

Internet banking is one of many services provided by financial institutions that have become very popular with an increasing trend. Due to the increased amount of usage of the service, Internet banking has become a target from adversaries. One of the points that are at risk of an attack is the login process. Therefore, it is necessary to have a security mechanism that can reduce this risk. This research designs and develops a multi-factor authentication protocol, starting from a registration system, which generates authentication factors, to an actual authentication mechanism. These factors can be categorised into two groups: short term and long term. For the authentication protocol, only three messages need to be exchanged between a client and a financial institution's server. Many cryptographic processes are incorporated into the protocol, such as symmetric and asymmetric cryptography, a symmetric key generation process, a method for generating and verifying digital signatures. All of the authentication messages have been proved and analysed by the logic of GNY and the criteria of OWASP-AT-009. Even though there are additional factors of authentication, users do not really feel any extra load on their part, as shown by the satisfactory survey.

• The KIPS Transactions:PartC
• /
• v.13C no.3 s.106
• /
• pp.267-274
• /
• 2006

The process of binding update for the routing optimization in MIPv6 can make the involved MN (Mobile Node) and CN(Correspondent Node) vulnerable to various attacks. Therefore, securing binding update process becomes an important research issue in the MIPv6, and several secure binding update protocols have been proposed. In this paper, we compare several existing binding update protocols, and analyze the vulnerability of MNs and CNs to the possible attacks and the management overhead of the SUCV(Statistic Uniqueness and Cryptographic Verifiability) which is considered to be superior to other protocols. Then, we propose an advanced protocol to resolve above drawbacks. Through the detailed analysis, we show that our protocol can reduce the computational overhead of MN, enable better management, and achieve a higher level of security against the redirect attacks, DoS(Denial of Service) attacks and brute force attacks, compared to SUCV.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2003.12a
• /
• pp.669-685
• /
• 2003

Nowadays mobile phones and PDAs are part and parcel of our lives. By carrying a portable mobile device with us all the time we are already living in partial Pervasive Computing Environment (PCE) that is waiting to be exploited very soon. One of the advantages of pervasive computing is that it strongly supports the deployment of Location-Based Service(s) (LBSs). In PCE, there would be many competitive service providers (SPs) trying to sell different or similar LBSs to users. In order to reserve a particular service, it becomes very difficult for a low-computing and resource-poor mobile device to handle many such SPs at a time, and to identify and securely communicate with only genuine ones. Our paper establishes a convincing trust model through which secure job delegation is accomplished. Secure Job delegation and cost effective cryptographic techniques largely help in reducing the burden on the mobile device to securely communicate with trusted SPs. Our protocol also provides users privacy protection, replay protection, entity authentication, and message authentication, integrity, and confidentiality. This paper explains our protocol by suggesting one of the LBSs namely“Secure Automated Taxi Calling Service”.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.14 no.3
• /
• pp.145-153
• /
• 2004

Digital fingerprinting schemes are cryptographic methods that a seller can identify a traitor who illegally redistributed digital contents by embedding it into buyer's information. Recently, Josep Domingo-Ferrer suggested an anonymous digital fingerprinting scheme based on committed oblivious transfer protocol. It is significant in the sense that it is completely specified from a computation point of view and is thus readily implementable. But this scheme has the serious problem that it cannot provide the security of buyers. In this paper, we first show how to break the existing committed oblivious transfer-based fingerprinting schemes and then suggest secure fingerprinting scheme by introducing oblivious transfer protocol with two-lock cryptosystem based on discrete logarithm. All computations are performed efficiently and the security degree is strengthened in our proposal.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.16 no.1
• /
• pp.23-33
• /
• 2006

Key Agreement protocols are among the most basic and widely used cryptographic protocols. In this paper we present an efficient O-based authenticated key agreement (AKA) protocol by using bilinear maps, especially well suited to unbalanced computing environments : an ID-based AKA protocol for Server and Client. Particularly, considering low-power clients' devices, we remove expensive operations such as bilinear maps from a client side. Our protocol uses signcryption and provide security in random oracle model.

• IEIE Transactions on Smart Processing and Computing
• /
• v.1 no.2
• /
• pp.95-105
• /
• 2012

The widespread implementation of RFID in ubiquitous computing is constrained considerably by privacy and security unreliability of the wireless communication channel. This failure to satisfy the basic, security needs of the technology has a direct impact of the limited computational capability of the tags, which are essential for the implementation of RFID. Because the universal application of RFID means the use of low cost tags, their security is limited to lightweight cryptographic primitives. Therefore, EPCGen2, which is a class of low cost tags, has the enabling properties to support their communication protocols. This means that satisfying the security needs of EPCGen2 could ensure low cost security because EPCGen2 is a class of low cost, passive tags. In that way, a solution to the hindrance of low cost tags lies in the security of EPCGen2. To this effect, many lightweight authentication protocols have been proposed to improve the privacy and security of communication protocols suitable for low cost tags. Although many EPCgen2 compliant protocols have been proposed to ensure the security of low cost tags, the optimum security has not been guaranteed because many protocols are prone to well-known attacks or fall short of acceptable computational load. This paper proposes a remedy protocol to the flyweight RFID authentication protocol proposed by Burmester and Munilla against a desynchronization attack. Based on shared pseudorandom number generator, this protocol provides mutual authentication, anonymity, session unlinkability and forward security in addition to security against a desynchronization attack. The desirable features of this protocol are efficiency and security.

• Journal of Industrial Convergence
• /
• v.18 no.5
• /
• pp.23-29
• /
• 2020

The Internet of things (IoT) is the extension of Internet connectivity into various devices and everyday objects. Embedded with electronics, Internet connectivity and other forms of hardware. The IoT poses significant risk to the entire digital ecosystem. This is because so many of these devices are designed without a built-in security system to keep them from being hijacked by hackers. This paper proposed a mutual authentication protocol for IoT Devices using symmetric-key algorithm. The proposed protocol use symmetric key cryptographic algorithm to securely encrypt data on radio channel. In addition, the secret key used for encryption is random number of devices that improves security by using variable secret keys. The proposed protocol blocked attacker and enabled legal deives to communicate because only authenticated devices transmit data by a mutual authentication protocol. Finally, our scheme is safe for attacks such as eavesdropping attack, location tracking, replay attack, spoofing attack and denial of service attack and we confirmed the safety by attack scenario.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.18 no.7
• /
• pp.1634-1642
• /
• 2014

Mobile RFID system, that consists of the existing RFID reader mounted on the mobile devices such as smartphones, is able to provide the users a variety of services and convenience. But security of mobile RFID system is too weak like the existing RFID system. In this paper, the mobile RFID mutual authentication protocol with high level of security is proposed to overcome the troubles such as cryptographic protocols in the existing RFID system responding with the same value in every authentication procedure and the exposure in the exchange of messages. The proposed protocol exchanges messages unexposed by using the random numbers generated in the mutual authentication between the tag and the reader and making numbers coded with the symmetric key. Besides, the protocol uses the mutual authentication utilizing OTP by considering the characteristics of the reader embedded in mobile devices in the mutual authentication process between the reader and the server. Because changed message in every authentication, which produces safe from spoofing attacks and replay attacks, etc.

• Journal of Digital Convergence
• /
• v.12 no.7
• /
• pp.279-284
• /
• 2014

Recently, m-health care is be a problem that the patient's information is easily exposed to third parties in case of emergency situation. This paper propose an attribute-based access control protocol to minimize the exposure to patient privacy using patient information in the emergency environment. Proposed protocol, the patient's sensitive information to a third party do not expose sensitive information to the patient's personal health information, including hospital staff and patients on a random number to generate cryptographic keys to sign hash. In addition, patient information from a third party that is in order to prevent the illegal exploitation of the patient and the hospital staff to maintain synchronization between to prevent the leakage of personal health information.