• Journal of IKEEE
• /
• v.23 no.1
• /
• pp.58-67
• /
• 2019

A design of an elliptic curve cryptography (ECC) processor that supports both pseudo-random curves and Koblitz curves over $GF(2^m)$ defined by the NIST standard is described in this paper. A finite field arithmetic circuit based on a word-based Montgomery multiplier was designed to support five key lengths using a datapath of fixed size, as well as to achieve a lightweight hardware implementation. In addition, Lopez-Dahab's coordinate system was adopted to remove the finite field division operation. The ECC processor was implemented in the FPGA verification platform and the hardware operation was verified by Elliptic Curve Diffie-Hellman (ECDH) key exchange protocol operation. The ECC processor that was synthesized with a 180-nm CMOS cell library occupied 10,674 gate equivalents (GEs) and a dual-port RAM of 9 kbits, and the maximum clock frequency was estimated at 154 MHz. The scalar multiplication operation over the 223-bit pseudo-random elliptic curve takes 1,112,221 clock cycles and has a throughput of 32.3 kbps.

• Journal of information and communication convergence engineering
• /
• v.14 no.4
• /
• pp.233-239
• /
• 2016

A remote control system (RCS) can monitor a user's confidential information by using the broadcast receivers in Android OS. However, the current RCS detection methods are based only on a virus vaccine. Therefore, if the user's smartphone is infected by a brand new RCS, these methods cannot detect this new RCS immediately. In this paper, we present a secure message transmission medium. This medium is completely isolated from networks and can communicate securely through a QR code channel by using symmetric key cryptography such as the AES block cipher and public key cryptography such as elliptic curve cryptography for providing security. Therefore, the RCS cannot detect any confidential information. This approach is completely immune to any RCS attacks. Furthermore, we present a secure QR code-based key exchange protocol by using the elliptic curve Diffie-Hellman method and message transmission protocols; the proposed protocol has high usability and is very secure.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.35 no.5B
• /
• pp.840-848
• /
• 2010

This paper proposes a proactive authentication scheme using credentials based on chameleon hashing in MIH environments. There is a proactive authentication structure defined by IEEE 802.21 Security Study Group for the link access in MIH environment. Both schemes based on EAP and on PKI can be applied to such structure, but the former has caused network traffic due to the complicated authentication procedure and the latter has complex structure for managing certificates. The proposed scheme performs the proactive authentication procedure only between a mobile node and a MIH Key Holder by using credentials based on chameleon hashing. Our scheme reduces the network traffic since authentication with the server is unnecessary in MIH environment and PKI structure is not required as well. In addition, the proposed scheme provides secure PFS and PBS features owing to the authenticated Diffie-Hellman key exchange of the chameleon-based credential.

• The KIPS Transactions:PartC
• /
• v.9C no.3
• /
• pp.343-350
• /
• 2002

This paper describes the implementation of H.235 protocol for authentication and media stream encryption of multimedia conference systems. H.235 protocol is recommended by ITU-T for H.323 multimedia conference security protocol to prevent from being eavesdropped and modified by an illegal attacker. The implementation in this paper has used password-based with symmetric encryption authentication. Media streams are encrypted using the Diffie-Hellman key exchange algorithm and symmetric encryption algorithms such as RC2, DES and Triple-DES. Also, 128-bit Advanced Encryption Standard and 128-bit Korean standard SEED algorithms are implemented for the future extension. The implemented authentication and media stream encryption has shown that it is possible to identify terminal users without exposing personal information on networks and to preserve security of multimedia conference. Also, encryption delay time and used memory are not increased even though supporting media stream encryption/decryption, thus the performance of multimedia conference system has not deteriorated.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.6 no.12
• /
• pp.3366-3383
• /
• 2012

Reliance on the Internet has introduced Voice over Internet Protocol (VoIP) to various security threats. A reliable security protocol and an authentication scheme are thus required to prevent the aforementioned threats. However, an authentication scheme often demands additional cost and effort. Accordingly, a security framework for known participants in VoIP communication is proposed in this paper. The framework is known as Randomness-Optimized Self-Securing (ROSS), which performs authentication automatically throughout the session by optimizing the uniqueness and randomness of the communication itself. Elliptic Curve Diffie-Hellman (ECDH) key exchange and Salsa20 stream cipher are utilized in the framework correspondingly to secure the key agreement and the communication with low computational cost. Human intelligence supports ROSS authentication process to ensure participant authenticity and communication regularity. The results show that with marginal overhead, the proposed framework is able to secure VoIP communication by performing reliable authentication.

• Proceedings of the Korean Society of Computer Information Conference
• /
• 2024.01a
• /
• pp.425-426
• /
• 2024

본 논문은 표준 TCP/IP 네트워크의 특징 및 암호 프로토콜의 특징을 결합하여 TCP Handshake 단계에서 암호 키 교환을 수행하고, 디바이스의 고유한 시그니처 정보를 사용하여, 암호 키 생성 데이터로 사용하여, 보안성을 강화하는 것을 특징 으로 하는 네트워크 계층에 강화된 보안 기능을 활용한 키 교환 암호 프로토콜 기반 데이터 시스템 및 암호화 방법에 관한 것으로 개발된 프로토콜을 키 교환 프로토콜로 대체할 경우보다 안전한 보안 프로토콜을 제공할 수 있다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.15 no.5
• /
• pp.73-92
• /
• 2005

Joux's tripartite key agreement protocol is one of the most prominent developments in the area of key agreement. Although certificate-based and ID-based authentication schemes have been proposed to provide authentication for Joux's protocol, no provably secure password-based one round tripartite key agreement protocol has been proposed yet. We propose a secure one round password-based tripartite key agreement protocol that builds on Joux's protocol and adapts PAK-EC scheme for password-based authentication, and present a proof of its security.

• Proceedings of the Korean Society of Broadcast Engineers Conference
• /
• 2007.02a
• /
• pp.105-107
• /
• 2007

최근에 제안되고 있는 원격 서버에 로그인하기 위한 방법은E와 패스워드뿐만 아니라 스마트카드를 함께 사용한다. 기존의 ID 와 패스워드를 사용한 인증은 공격자에 의해 추측이 가능하므로 사용자 가장 공격이 가능하다는 약점을 가지고 있다. 하지만 스마트카드와 ID, 패스워드를 사용하면 ID와 패스워드가 추측가능할지라도 스마트카드를 소지하고 있지 않다면 사용자 가장 공격 (impersonate attack)을 할 수 없다. 이 논문에서는 스마트카드와 ID, 패스워드를 함께 사용하여 원격 서버에 인증과 더불어 안전한 키 교환을 하며, 기존에 다른 논문들에서 언급한 조건들을 모두 만족하면서 안전한 키 교환까지 제안하였다. 기존의 스킴은 해쉬 기반으로 제안 되었으나 이 논문에서 제안한 스킴은 페어링 (pairing) 연산을 기반으로 제안 되었다. 또한, Computational Diffie-Hellman문제를 기반으로 스킴을 제안하여 안전성에 대한 증명이 가능하다 최근에 스마트카드를 사용한 인증에서 요구 되는 성질의 모든 조건을 만족한다는 장점을 가지고 있다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2014.11a
• /
• pp.416-418
• /
• 2014

WAVE (Wireless Access in Vehicular Environments) 시스템 환경은 차량 간 무선통신을 가능하게 해주는 환경이다. 무선통신의 활용이 증가하면서 그에 따른 공격 방법도 증가하여, 통신 시 제3자에 의해 패킷이 변조될 수 있다. 제3자로부터 패킷을 보호하기 위해 통신 전 차량은 CA (Certificate Authority)로부터 자신이 적합한 호스트라는 것을 인증 받아야 한다. 본 논문에서는 차량과 CA의 통신 과정에서 Diffie-Hellman Key Exchange 알고리즘과 AES (Advanced Encryption Standard) 알고리즘 등을 이용하여 패킷의 기밀성과 무결성을 보장하는 프로토콜을 설계하였다.

• Proceedings of the Korean Society of Computer Information Conference
• /
• 2024.01a
• /
• pp.423-424
• /
• 2024

본 논문은 TCP/IP 네트워크 및 암호 프로토콜을 결합하여 CCTV 카메라 영상 데이터를 안전하게 전송하는 시스템에 관한 것이다. 특히, TCP Handshake에서 암호 키를 교환하고, 디바이스의 시그니처 정보를 활용하여 키를 생성하는 키 교환 암호 프로토콜을 도입한다. 이를 통해 CCTV 카메라의 영상 데이터를 암호화하여 전송하고, 수신 시 복호화하여 저장한다. 또한, 적어도 하나 이상의 CCTV 카메라에 대한 보안 인증과 네트워크 연결 상태를 제어하며, 중간자 공격을 방지하기 위한 안전한 키 교환을 수행한다. 이로써 안전성이 강화된 CCTV 카메라 시스템을 제공할 수 있다.