• The KIPS Transactions:PartC
• /
• v.13C no.3 s.106
• /
• pp.339-344
• /
• 2006

Secure delivery of multicast data can be achieved with the use of a group key for data encryption in mobile ad hoc network (MANET) applications based on the group communication. However, for the support of dynamic group membership, the group key has to be updated for each member joining/leaving and, consequently, a mechanism distributing an updated group key to members is required. The two major categories of the group key distribution mechanisms proposed for wired networks are the naive and the tree-based approaches. The naive approach is based on unicast, so it is not appropriate for large group communication environment. On the other hand, the tree-based approach is scalable in terms of the group size, but requires the reliable multicast mechanism for the group key distribution. In the sense that the reliable multicast mechanism requires a large amount of computing resources from mobile nodes, the tree-based approach is not desirable for the small-sized MANET environment. Therefore, in this paper, we propose a new key distribution protocol, called the proxy-based key management protocol (PROMPT), which is based on the naive approach in the small-sized MANET environment. PROMPT reduces the message overhead of the naive through the first-hop grouping from a source node and the last-hop grouping from proxy nodes using the characteristics of a wireless channel.

• The KIPS Transactions:PartC
• /
• v.16C no.1
• /
• pp.51-56
• /
• 2009

Time synchronization algorithm in wireless sensor networks is essential to various applications such as object tracking, data encryption, duplicate detection, and precise TDMA scheduling. This paper describes CDRS that is a time synchronization algorithm using the Clock Drift rate and Reference Signals between two sensor nodes. CDRS is composed of two steps. At first step, the time correction is calculated using offset and the clock drift rate between the two nodes based on the LTS method. Two nodes become a synchronized state and the time variance can be compensated by the clock drift rate. At second step, the synchronization node transmits reference signals periodically. This reference signals are used to calculate the time difference between nodes. When this value exceeds the maximum error tolerance, the first step is performed again for resynchronization. The simulation results on the performance analysis show that the time accuracy of the proposed algorithm is improved, and the energy consumption is reduced 2.5 times compared to the time synchronization algorithm with only LTS, because CDRS reduces the number of message about 50% compared to LTS and reference signals do not use the data space for timestamp.

• Convergence Security Journal
• /
• v.11 no.5
• /
• pp.99-108
• /
• 2011

The purpose of this study is to profile actual conditions of personal information protection systems operated in overseas countries and examine major considerations of personal information that security service providers must know in the capacity of privacy information processor, so that it may contribute to preventing potential occurrence of any legal disputes in advance. Particularly, this study further seeks to describe fundamental idea and principle of said Personal Information Protection Act; enhancement of various safety measures (e.g. collection / use of privacy data, processing of sensitive information / personal ID information, and encryption of privacy information); restrictions on installation / operation of video data processing devices; and penal regulations as a means of countermeasure against leakage of personal information, while proposing possible solutions to cope with these matters. Using cases among foreign countries for this study. Possible solutions proposed by this study can be summed up as follows: By changing minds with sufficient legal reviews, it is required for security service providers to 1) clearly and further specify any purposes of collecting and using privacy information, if possible, 2) obtain any privacy information by legitimate means as it is necessary to collect such information, 3) stop providing any personal information for the 3rd parties or for any other purposes except fundamental purposes of using privacy information, and 4) have full knowledge about duty of safety measure in accordance with safe maintenance of privacy information and protect any personal information from unwanted or intentional leakage to others.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.5
• /
• pp.901-909
• /
• 2021

Since mobile devices have limited computational resources, it tends to use the cloud to compute or store data. As real-time becomes more important due to 5G, many studies have been conducted on edge clouds that computes at locations closer to users than central clouds. The farther the user's physical distance from the edge cloud connected to base station is, the slower the network transmits. So applications should be migrated and re-run to nearby edge cloud for smooth service use. We run applications in docker containers, which is independent of the host operating system and has a relatively light images size compared to the virtual machine. Existing migration studies have been experimented by using network simulators. It uses fixed values, so it is different from the results in the real-world environment. In addition, the method of migrating images through shared storage was used, which poses a risk of packet content exposure. In this paper, Containers are migrated with Secure CoPy(SCP) method, a data encryption transmission, by establishing an edge computing environment in a real-world environment. It compares migration time with Network File System, one of the shared storage methods, and analyzes network packets to verify safety.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.20 no.5
• /
• pp.550-558
• /
• 2019

As the scale of the Internet of Things (IoT) environment grows and develops day by day, the information collected and shared through IoT devices becomes increasingly diverse and more common. However, because IoT devices have limitations on computing power and a low power capacity due to their miniaturized size, it is difficult to apply security technologies like encryption and authentication that have been directly applied in the previous Internet environment, making the IoT vulnerable to security threats. Because of this weakness, important information that needs to be delivered safely and accurately is exposed to the threat of malicious exploitation, such as data forgery, data leakage, and infringement of personal information. In order to overcome this threat, various security studies are being actively conducted to compensate for the weaknesses in IoT environment devices. In particular, since various devices interact, and share and communicate information collected in the IoT environment, each device should be able to communicate with reliability. With regard to this, various studies have been carried out on techniques for device authentication. This study examines the limitations and problems of the authentication techniques that have been studied thus far, and proposes technologies that can certify IoT devices for safe communication between reliable devices in the Internet environment.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.1
• /
• pp.65-75
• /
• 2011

Power Line Communication (PLC) is a system for carrying data on a conductor used for electric power transmission. Recently, PLC has received much attention due to connection efficiency and possibility of extension. It can be used for not only alternative communication, in which communication line is not sufficient, but also for communication between home appliances. Korea Electronic Power Cooperation (KEPCO) is constructing the system, which automatically collects values of power consumption of every household. Due to the randomness and complicated physical characteristics of PLC protocol (KS X4600-1), it has been believed that the current PLC is secure in the sense that it is hard that an attacker guesses or modifies the value of power consumption. However, we show that the randomness of the protocol is closely related to state of the communication line and thus anyone can easily guess the randomness by checking the state of the communication line. In order to analyze the security of PLC, we study the protocol in detail and show some vulnerability. In addition, we suggest that PLC needs more secure protocol on higher layers. We expect that the study of PLC help in designing more secure protocol as well.

• KIPS Transactions on Computer and Communication Systems
• /
• v.11 no.1
• /
• pp.35-42
• /
• 2022

Visible light communication (VLC) is a method of transmitting data through LED blinking and is vulnerable to eavesdropping because the illumination affects the wide range of area. IEEE standard 802.15.7 defines On-Off Keying (OOK), Variable Pulse Position Modulation (VPPM), and Color Shift Keying (CSK) as modulation. In this paper, we propose an encryption method in VPPM for secure communication. The VPPM uses an encoding method called 4B6B where 16 different outputs are represented with 6-bit. This paper extends the number of outputs to 20, to add complexity while not violating the 4B6B generation conditions. Then each entry in the extended 4B6B table is scrambled using vigenère cipher. The probability of decrypting each 6-bit data is $\frac{1}{20}$. Eavesdropper should perform $\sum\limits_{k=1}^{n}20^k$ number of different trials to decrypt the message if the number of keys is n. The proposed method can be applied to OOK of PHY II and CSK of PHY III. We further discuss the secure encoding that can be used in OOK and CSK without performance degradation.

• Journal of Software Assessment and Valuation
• /
• v.15 no.2
• /
• pp.111-119
• /
• 2019

The existing smart grid device authentication system is concentrated on DCU, meter reading FEP and MDMS, and the authentication system for smart meters is not established. Although some cryptographic chips have been developed at present, it is difficult to complete the PKI authentication scheme because it is at the low level of simple encryption. Unlike existing power grids, smart grids are based on open two-way communication, increasing the risk of accidents as information security vulnerabilities increase. However, PKI is difficult to apply to smart meters, and there is a possibility of accidents such as system shutdown by sending manipulated packets and sending false information to the operating system. Issuing an existing PKI certificate to smart meters with high hardware constraints makes authentication and certificate renewal difficult, so an ultra-lightweight password authentication protocol that can operate even on the poor performance of smart meters (such as non-IP networks, processors, memory, and storage space) was designed and implemented. As a result of the experiment, lightweight cryptographic authentication protocol was able to be executed quickly in the Cortex-M3 environment, and it is expected that it will help to prepare a more secure authentication system in the smart grid industry.

• Radiation Oncology Journal
• /
• v.21 no.4
• /
• pp.291-298
• /
• 2003

Purpose: We report upon a web-based system for Patterns of Care Study (PCS) devised for Korean radiation oncology. This PCS was designed to establish standard tools for clinical quality assurance, to determine basic parameters for radiation oncology processes, to offer a solid system for cooperative clinical studies and a useful standard database for comparisons with other national databases. Materials and Methods: The system consisted of a main server with two back-ups in other locations. The program uses a Linux operating system and a MySQL database. Cancers with high frequencies in radiotherapy departments in Korea from 1998 to 1999 were chosen to have a developmental priority. Results: The web-based clinical PCS .system for radiotherapy in www.pcs.re.kr was developed in early 2003 for cancers of the breast, rectum, esophagus, larynx and lung, and for brain metastasis. The total number of PCS study items exceeded one thousand. Our PCS system features user-friendliness, double entry checking, data security, encryption, hard disc mirroring, double back-up, and statistical analysis. Alphanumeric data can be input as well as image data. In addition, programs were constructed for IRB submission, random sampling of data, and departmental structure. Conclusion: For the first time in the field of PCS, we have developed a web-based system and associated working programs. With this system, we can gather sample data in a short period and thus save, cost, effort and time. Data audits should be peformed to validate input data. We propose that this system should be considered as a standard method for PCS or similar types of data collection systems.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.20 no.6
• /
• pp.1163-1170
• /
• 2016

A hardware implementation of ultra-lightweight block cipher algorithm PRESENT which was specified as a standard for lightweight cryptography ISO/IEC 29192-2 is described. The PRESENT crypto-processor supports two key lengths of 80 and 128 bits, as well as four modes of operation including ECB, CBC, OFB, and CTR. The PRESENT crypto-processor has on-the-fly key scheduler with master key register, and it can process consecutive blocks of plaintext/ciphertext without reloading master key. In order to achieve a lightweight implementation, the key scheduler was optimized to share circuits for key lengths of 80 bits and 128 bits. The round block was designed with a data-path of 64 bits, so that one round transformation for encryption/decryption is processed in a clock cycle. The PRESENT crypto-processor was verified using Virtex5 FPGA device. The crypto-processor that was synthesized using a $0.18{\mu}m$ CMOS cell library has 8,100 gate equivalents(GE), and the estimated throughput is about 908 Mbps with a maximum operating clock frequency of 454 MHz.