• Journal of the Microelectronics and Packaging Society
• /
• v.23 no.2
• /
• pp.29-35
• /
• 2016

With the pace of rapid innovation in technology of IoT (Internet of Things) and smart devices, biometric technology becomes one of the most progressive industries. Recent trends in biometrics show most are focused on embedding biometric sensors in mobile devices for user authentication. Multifactor biometrics such as fingerprint, retina, voice, etc. are considering as identification system to provide users with services more secured and convenient. Here we, therefore, demonstrate some major technologies and market trends of mobile biometric technology with its concerns and issues.

• Convergence Security Journal
• /
• v.8 no.1
• /
• pp.143-152
• /
• 2008

Sensor networks have a wide spectrum of military and civil applications, particularly with respect to security and secure keys for encryption and authentication. This thesis presents a new centralized approach which focuses on the group key distribution with revocation capability for Wireless Sensor Networks. We propose a new personal key share distribution. When utilized, this approach proves to be secure against k-number of illegitimate colluding nodes. In contrast to related approaches, our scheme can overcome the security shortcomings while keeping the small overhead requirements per node. It will be shown that our scheme is unconditionally secure and achieves both forward secrecy and backward secrecy. The analysis is demonstrated in terms of communication and storage overheads.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2015.10a
• /
• pp.689-692
• /
• 2015

네트워크 기술과 연산 능력을 가진 IC 칩 등의 발전으로 다양한 방식의 원격 사용자 인증 기법이 제안되었다. 기존의 패스워드 기반의 인증 방식은 서버가 사용자를 인증하기 위한 패스워드 테이블을 저장하고 있어야 되는 단점과 해당 테이블이 노출되었을 때 발생할 수 있는 보안 위협 문제점으로 인해 최근에는 스마트카드를 활용하는 인증 방식으로 대체되고 있다. 2013년에 Go와 Lee는 스마트카드를 활용하는 기존 인증 기법들의 취약점들을 분석하고 위장 공격과 패스워드 추측 공격에 대해 안전한 새로운 원격 사용자 인증 방식을 제안하였다. 본 논문에서는 Go와 Lee가 제안한 사용자 인증 기법을 살펴보고 해당 기법이 가진 취약점을 보인다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2018.05a
• /
• pp.157-158
• /
• 2018

IoT 환경에서는 다양한 센서 디바이스들이 각 디바이스들의 역할과 위치에 따라서 그룹 형태를 이루어 통신을 하게 된다. 그룹 형태의 센서 디바이스들이 통신하는 그룹 기반 통신에서는 수집된 정보를 게이트웨이와 같은 상위 디바이스에게 안전하게 전송해야 한다. 이 때 센서 디바이스들은 게이트웨이와의 인증 과정이 필요하며, 인증 후에 세션키를 분배하여 안전한 통신을 수행할 할 수 있다. 하지만, 일반적인 환경에서는 센서 디바이스의 수가 많아질수록 게이트웨이가 인증을 수행하고 키를 분배하기까지는 매우 큰 오버헤드가 발생하게 된다. 따라서 본 논문에서는 IoT 환경에서 그룹 기반 통신에 대한 보안 요구사항을 분석하고, 그룹 환경에서 사용될 수 있는 그룹 인증 기법에 대해 설계한다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.15 no.1
• /
• pp.67-76
• /
• 2005

Bresson et al. have recently proposed an efficient group key agreement scheme well suited for a wireless network environment. Although it is claimed that the proposed scheme is provably secure under certain intractability assumptions, we show in this paper that this claim is unfounded, breaking the allegedly secure scheme in various ways.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.2
• /
• pp.479-487
• /
• 2015

According to IT development, smart home services is providing remote service, monitoring service and other various services through smart home devices based on network. But, smart home environment exists security threats such as data falsification, illegal authentication and invasion of privacy through a malicious device. Smart home is studying to prevent these security threats, but the studies of smart home environment security are still in early stage of development and the studies of group key management method is lacking in smart home. In this paper, we propose the group key management method for secure device in smart home.

• The Journal of Korean Association of Computer Education
• /
• v.7 no.1
• /
• pp.45-53
• /
• 2004

Ad-Hoc network is wireless network architecture without infrastructure. We encounter new types of security problems in Ad-Hoc networks because such networks have little or no support from infrastructure. Thus, wireless communications need security mechanisms in order to guarantee the integrity and the privacy of the communication, as well as the authentication of the entities involved. Many practical systems have been proposed. The most familiar system is the Diffie-Hellman key distribution system. This algorithm allows the establishment of a cryptographic secret key between two entities. If more than two users want to compute a common key, then a group key agreement system is used. This paper discusses several group key agreement systems and presents two efficient fault tolerant methods to perform successful group key agreement.

• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.38 no.11
• /
• pp.9-18
• /
• 2001

Currently most of VPNs within internet has only capability to protect cooperate data. Recently, various types of VPNs are being studied based on the concept of SCG(Secure Communication Group). This paper analyses the problems of path-definition method and area-definition method of VPNs using SCG technology, and discusses the possible models among VPNs using SCG technology. This paper proposes the hierarchal VPN configuration method using SCG number and internet based area definition method, and analyze the characteristics of the proposed VPN model on the point of the authentication frequency and the number of managements keys.

• KIPS Transactions on Software and Data Engineering
• /
• v.6 no.9
• /
• pp.429-436
• /
• 2017

Unmanned Aerial Vehicles (UAV) that are piloted without human pilots can be commanded remotely via frequencies or perform pre-inputted missions. UAVs have been mainly used for military purposes, but due to the development of ICT technology, they are now widely used in the private sector. Teal Group's 2014 World UAV Forecast predicts that the UAV market will grow by 10% annually over the next decade, reaching $ 12.5 billion by 2023. However, because UAVs are primarily remotely controlled, if a malicious user accesses a remotely controlled UAV, it could seriously infringe privacy and cause financial loss or even loss of life. To solve this problem, a secure channel must be established through mutual authentication between the UAV and the control center. However, existing security techniques require a lot of computing resources and power, and because communication distances, infrastructure, and data flow are different from UAV networks, it is unsuitable for application in UAV environments. To resolve this problem, the study presents a lightweight UAV authentication method based on Physical Unclonable Functions (PUFs) that requires less computing resources in the ground Control and Non-Payload Communication (CNPC) environment, where recently, technology standardization is actively under progress.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.13 no.9
• /
• pp.4214-4223
• /
• 2012

The argument related to the use of real and anonymous names on the Internet bulletin board has recently become a main issue. When using real names, it is possible to violate free discussion and privacy. Also, when using anonymous names, it is possible to have the reverse function of the Internet in regard to the use of malicious replies or the distribution of false ideas. Therefore, this paper has made it possible to prevent the spread of the user's personal information and execute the single log-in process by using the XML-token method which is one of the SSO technologies. Also, by issuing virtual IDs and forming the path when establishing tokens, the anonymous bulletin board which provides anonymity with a conditional tracing process has been suggested. After analyzing the performance of visitor numbers at authentication time, the anonymous bulletin board based on the group signature method showed the average response rate of 0.72 seconds, 0.18 seconds, which was suggested scheme. In the authentication time 4-5 times faster response speed, respectively. Also, since the suggested system does not have to provide a single authentication process or make the user provide his or her signature, the level of user's convenience seems to be much higher. Such a result shows that the system suggested on the anonymous bulletin board has a more appropriate level of user's convenience.