• Title/Summary/Keyword: End-to-End Encryption

Search Result 68, Processing Time 0.021 seconds

Cooperation-Aware VANET Clouds: Providing Secure Cloud Services to Vehicular Ad Hoc Networks

  • Hussain, Rasheed;Oh, Heekuck
    • Journal of Information Processing Systems
    • /
    • v.10 no.1
    • /
    • pp.103-118
    • /
    • 2014
  • Over the last couple of years, traditional VANET (Vehicular Ad Hoc NETwork) evolved into VANET-based clouds. From the VANET standpoint, applications became richer by virtue of the boom in automotive telematics and infotainment technologies. Nevertheless, the research community and industries are concerned about the under-utilization of rich computation, communication, and storage resources in middle and high-end vehicles. This phenomenon became the driving force for the birth of VANET-based clouds. In this paper, we envision a novel application layer of VANET-based clouds based on the cooperation of the moving cars on the road, called CaaS (Cooperation as a Service). CaaS is divided into TIaaS (Traffic Information as a Service), WaaS (Warning as a Service), and IfaaS (Infotainment as a Service). Note, however, that this work focuses only on TIaaS and WaaS. TIaaS provides vehicular nodes, more precisely subscribers, with the fine-grained traffic information constructed by CDM (Cloud Decision Module) as a result of the cooperation of the vehicles on the roads in the form of mobility vectors. On the other hand, WaaS provides subscribers with potential warning messages in case of hazard situations on the road. Communication between the cloud infrastructure and the vehicles is done through GTs (Gateway Terminals), whereas GTs are physically realized through RSUs (Road-Side Units) and vehicles with 4G Internet access. These GTs forward the coarse-grained cooperation from vehicles to cloud and fine-grained traffic information and warnings from cloud to vehicles (subscribers) in a secure, privacy-aware fashion. In our proposed scheme, privacy is conditionally preserved wherein the location and the identity of the cooperators are preserved by leveraging the modified location-based encryption and, in case of any dispute, the node is subject to revocation. To the best of our knowledge, our proposed scheme is the first effort to offshore the extended traffic view construction function and warning messages dissemination function to the cloud.

A Research on Effective Wi-Fi Easy Connect Protocol Improvement Method Applicable to Wired and Wireless Environments (유·무선 환경에 적용 가능한 효율적인 Wi-Fi Easy Connect 프로토콜 개선방안 연구)

  • Ho-jei Yu;Chan-hee Kim;Sung-sik Im;Seo-yeon Kim;Dong-woo Kim;Soo-hyun Oh
    • Convergence Security Journal
    • /
    • v.23 no.1
    • /
    • pp.45-54
    • /
    • 2023
  • Recently, with the development of the Internet of Things, research on protocols that can easily connect devices without a UI to the network has been steadily conducted. To this end, the Wi-Fi Alliance announced Wi-Fi Easy Connect, which can connect to a network using a QR code. However, since Wi-Fi Easy Connect requires a large amount of computation for safety, it is difficult to apply to low-power and miniaturized IoT devices. In addition, Wi-Fi Easy Connect considering scalability is designed to operate in a wired environment, but problems such as duplicate encryption occur because it does not consider a security environment like TLS. Therefore, in this paper, we analyze the Wi-Fi Easy Connect protocol and propose a protocol that can operate efficiently in the TLS environment. It was confirmed that the proposed protocol satisfies the existing security requirements and at the same time reduces about 67% of ECC scalar multiplication operations with a large amount of computation.

Secure Distributed Data Management Architecture for Consumer Protection of Smart Grid (스마트 그리드의 소비자 보호를 위한 안전한 분산 데이터 관리 구조)

  • Park, Nam-Je;Song, You-Jin;Park, Kwang-Yong
    • The Journal of the Korea Contents Association
    • /
    • v.10 no.9
    • /
    • pp.57-67
    • /
    • 2010
  • Smart grid technology can expand energy efficiency into the home by monitoring consumer energy usage in real time and communicating with household devices that respond to demands to shut off during periods of non-use, allowing individual consumers to control their electricity usage more effectively. But, the information collected on a smart grid will form a library of personal information, the mishandling of which could be highly invasive of consumer privacy. There will be major concerns if consumer-focused principles of transparency and control are not treated as essential design principles from beginning to end. In this paper, using. All-Or-Nothing Transform encryption mode for providing smart grid security, we propose efficient distributed data Management based on XOR operation. The contribution of this paper is to provide a secure algorithm that manages efficiently distributed data in the field of private data in smart grid environment.

Design on Protection and Authentication System of IPTV Contents using OTP (OTP를 이용한 IPTV 콘텐츠 보호 및 인증 시스템 설계)

  • Kim, Dae-Jin;Choi, Hong-Sub
    • The Journal of the Korea Contents Association
    • /
    • v.9 no.8
    • /
    • pp.129-137
    • /
    • 2009
  • While the broadband network and multimedia technologies have been developing, the commercial market of digital contents also has been widely spreading with recently starting IPTV. As the IPTV services are getting to be generalized and popularized, the contents protection and authentication system tends to draw more attentions. So we need a system that can protect contents and allow only authenticated person to use right service by controling user authority and using content encryption. Until now, the conventional protection and authentication system is taking advantages of merits both in CAS and DRM. But the weak point of this system are in high costs, complexity and using HW. For resolving these problems, in this paper, we proposed IPTV contents protection and authentication system using OTP. When we transmit the content encrypted by OTP key using contents delivery technology, we operate XOR with contents using another settop-box's OTP key which was transmitted from distribution server. And contents are reconstructed and transmitted to the settop-box, In the end, downloaded content are encrypted by OTP key and are superior in content protection when contents redistribution. Since OTP use double-authentication elements in encryption process, this method is excellent in content protection. And it is very effective in cost aspect because it could be implemented by SW program. Another benefit is that we can shorten the development time period. In this paper, we propose and find its possibility as a new content protection and authentication method suitable for IPTV services.

Verification of a Function-based Security Authentication Protocol for Implantable Medical Devices (함수 기반의 체내 삽입장치용 보안 인증프로토콜 검증)

  • Bae, WooSik;Han, KunHee
    • Journal of Digital Convergence
    • /
    • v.12 no.5
    • /
    • pp.249-254
    • /
    • 2014
  • Recent advancement of USN technology has lent itself to the evolving communication technology for implantable devices in the field of medical service. The wireless transmission section for communication between implantable medical devices and patients is a cause of concern over invasion of privacy, resulting from external attackers' hacking and thus leakage of private medical information. In addition, any attempt to manipulate patients' medical information could end up in serious medical issues. The present study proposes an authentication protocol safe against intruders' attacks when RFID/USN technology is applied to implantable medical devices. Being safe against spoofing, information exposure and eavesdropping attacks, the proposed protocol is based on hash-function operation and adopts session keys and random numbers to prevent re-encryption. This paper verifies the security of the proposed protocol using the formal verification tool, Casper/FDR.

Wireless Security Transmission Using Algorithm of Multiple-Key Exchange (다중 키 교환 알고리즘을 이용한 무선 보안 전송 기법)

  • Ryu, Dong-Ju;Kim, Gwang-Hyun;Noh, Bong-Nam
    • Proceedings of the Korean Institute of Information and Commucation Sciences Conference
    • /
    • v.9 no.2
    • /
    • pp.807-810
    • /
    • 2005
  • Constructed network test environment of wireless base for confidentiality guarantee of data and safe transmission that is transmited at Mobile node of Wireless Network environment in this paper. And, progressed research about IKEv2's Multiple-Key Exchange mechanism for efficient security transmission that use IPSec that is built-in to basis to IPv6 of Mobile environment. Have several key to single terminal to solve that is seam at hand off packet transmission process of Mobile Node in Wireless Network and Re-setting for Key and Re-exchange problem that happen frequently and studied technology that move. Key exchange protocol that is used for an experiment loads basically in MIPv6 and used IKEv2 protocol that is used for management and distribution of reliable encryption key between both end. Using network simulator of SSFNet(Scalable Simulation Framework Network Models) in this paper Key exchange delay value of IKEv2's security transmission analyzing comparison Performance measure and studied about problem and improvement way accordingly.

  • PDF

A Study on Countermeasures using Moire Recognition and Vulnerability of Cryptographic Transaction Protocol (암호화폐 거래 프로토콜의 취약점과 무아레 인식을 이용한 대응방안에 관한 연구)

  • Kim, Jin-Woo;Lee, Keun-Ho;Yun, Sunghyun
    • Journal of Convergence for Information Technology
    • /
    • v.9 no.1
    • /
    • pp.86-91
    • /
    • 2019
  • Block chains began by recognizing the danger of centralized control of financial systems after the 2008 financial crisis. From the beginning of 2008, blockchain has been developing a lot of attention and technology, starting with a tremendous innovation called cryptographic destruction based on technology, a block chain called Bitcoin. However, the vulnerability has also been discovered over time and the damage has been repeated. But in the fourth industry of the 21st century, many advances and technologies based on them are expected to emerge. Therefore, this paper proposes new analytical transaction protocols for vulnerabilities in cryptographic currency transactions. The proposed transaction protocol is a way to authenticate once again at the end of the transaction and the transaction is concluded with this authentication. It presents countermeasures by adding security elements between users to the transaction process rather than internal security to transaction vulnerabilities.

Efficient and Privacy-Preserving Near-Duplicate Detection in Cloud Computing (클라우드 환경에서 검색 효율성 개선과 프라이버시를 보장하는 유사 중복 검출 기법)

  • Hahn, Changhee;Shin, Hyung June;Hur, Junbeom
    • Journal of KIISE
    • /
    • v.44 no.10
    • /
    • pp.1112-1123
    • /
    • 2017
  • As content providers further offload content-centric services to the cloud, data retrieval over the cloud typically results in many redundant items because there is a prevalent near-duplication of content on the Internet. Simply fetching all data from the cloud severely degrades efficiency in terms of resource utilization and bandwidth, and data can be encrypted by multiple content providers under different keys to preserve privacy. Thus, locating near-duplicate data in a privacy-preserving way is highly dependent on the ability to deduplicate redundant search results and returns best matches without decrypting data. To this end, we propose an efficient near-duplicate detection scheme for encrypted data in the cloud. Our scheme has the following benefits. First, a single query is enough to locate near-duplicate data even if they are encrypted under different keys of multiple content providers. Second, storage, computation and communication costs are alleviated compared to existing schemes, while achieving the same level of search accuracy. Third, scalability is significantly improved as a result of a novel and efficient two-round detection to locate near-duplicate candidates over large quantities of data in the cloud. An experimental analysis with real-world data demonstrates the applicability of the proposed scheme to a practical cloud system. Last, the proposed scheme is an average of 70.6% faster than an existing scheme.