• Journal of the Korea Society of Computer and Information
• /
• v.21 no.9
• /
• pp.73-78
• /
• 2016

In 2014, Wuu et al. proposed a group key management scheme based on (2,2) secret sharing. They asserted that their scheme satisfies security requirements and mutual authentication. But this paper pointed out that their scheme does not satisfy mutual authentication and impersonating attack. In this paper, we describe the reasons and processes that a malicious group member can impersonate the Group Key Distributor. To fill the gaps, we discuss the problems, and propose an improved protocol.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2016.05a
• /
• pp.348-351
• /
• 2016

Recently on IoT environment, there is necessary of protected network, which is only specific user can access it. Applying OAuth protocol on IoT, it can be easier to construct network authentication system, but it is hard to construct protected network authentication system. And there is weakness of OAuth protocol, which is easily attacked by sniffing Token by attacker. So, it is necessary to secondary authentication for OAuth. In ultimate IoT, the fog computing is essential. Fog computing is extension of cloud that enables networking not only in core system but also in edge system and communication node to node. Strength of fog computing is location awareness, support for mobility, and so on. If authentication in fog computing uses this strength, it can be more specialized in Fog Computing. So, in secondary Authentication, using Cyber-Physical-Social System will increase convenience of user than using existing authentication system, such as authentication certificate, id/password and group key, which is inconvenient for user. This study is about authentication based Cyber-Physical-Social System.

• IEIE Transactions on Smart Processing and Computing
• /
• v.3 no.5
• /
• pp.298-305
• /
• 2014

In this study, a novel Randomly Shifted Certification Authority Authentication protocol was used in ad hoc networks to provide authentication by considering the MAC layer characteristics. The nodes achieve authentication through the use of public key certificates issued by a CA, which assures the certificate's ownership. As a part of providing key management, the active CA node transfers the image of the stored public keys to other idle CA nodes. Finally the current active CA randomly selects the ID of the available idle CA and shifts the CA ownership by transferring it. Revoking is done if any counterfeit or duplicate non CA node ID is found. Authentication and integrity is provided by preventing MAC control packets, and Enhanced Hash Message Authentication Code (EHMAC) can be used. Here EHMAC with various outputs is introduced in all control packets. When a node transmits a packet to a node with EHMAC, verification is conducted and the node replies with the transmitter address and EHMAC in the acknowledgement.

• Journal of Korea Multimedia Society
• /
• v.20 no.3
• /
• pp.465-473
• /
• 2017

Electrocardiogram(ECG) signal is one of the unique bio-signals of individuals and is used for personal authentication. The existing studies on personal authentication method using ECG signals show a high detection rate for a small group of candidates, but a low detection rate and increased execution time for a large group of candidates. In this paper, we propose a hierarchical algorithm that extracts fiducial points based on curvature of ECG signals as feature values for grouping candidates ​and identifies candidates using waveform-based comparisons. As a result of experiments on 74 ECG signal records of QT-DB provided by Physionet, the detection rate was about 97% at 3-heartbeat input and about 99% at 5-heartbeat input. The average execution time was 22.4 milliseconds. In conclusion, the proposed method improves the detection rate by the hierarchical personal authentication process, and also shows reduced amount of computation which is plausible in real-time personal authentication usage in the future.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.11 no.7
• /
• pp.3678-3698
• /
• 2017

With the rapid development of vehicular ad hoc Network (VANET), it has gained significant popularity and received increasing attentions from both academics and industry communities in aspects of security and efficiency. To address the security and efficiency issues, a self-authentication and deniable efficient group key agreement protocol is proposed in this paper. The scheme establishes a group between road side units (RSUs) and vehicles by using self-authentication without certification authority, and improves certification efficiency by using group key (GK) transmission method. At the same time, to avoid the attacker attacking the legal vehicle by RSUs, we adopt deniable group key agreement method to negotiation session key (sk) and use it to transmit GK between RSUs. In addition, vehicles not only broadcast messages to other vehicles, but also communicate with other members in the same group. Therefore, group communication is necessary in VANET. Finally, the performance analysis shows superiority of our scheme in security problems, meanwhile the verification delay, transmission overheard and message delay get significant improvement than other related schemes.

• Journal of Korea Multimedia Society
• /
• v.13 no.2
• /
• pp.287-297
• /
• 2010

Authentication is needed to use safe devices in the home network environment. In this authentication, there are an ID base form and Certification base form. In case of an ID base form, it is difficult to apply to the multi domain environment and in case of an Certification base form, because the way that contains and stores the certificate demand on devices, additional setting of the user is needed for transfer of ownership and purchase of new devices, and more. Because both ways attend an individual authentication for devices, the ways exist overhead as the frequent authentication for a lot of devices in service aspects of user needs. To arrange these problems, in this paper, the authentication information of devices can be securely stored and managed in the java card and a processing time of the authentication could be improved better then the existing technique by authenticating a group of service.

• Journal of Communications and Networks
• /
• v.11 no.6
• /
• pp.607-614
• /
• 2009

Recently, Lu et al. proposed an efficient conditional privacy preservation protocol, named ECPP, based on group signature scheme for generating anonymous certificates from roadside units (RSUs). However, ECPP does not provide unlinkability and traceability when multiple RSUs are compromised. In this paper, we make up for the limitations and propose a robust and efficient anonymous authentication protocol without loss of efficiency as compared with ECPP. Furthermore, in the proposed protocol, RSUs can issue multiple anonymous certificates to an OBU to alleviate system overheads for mutual authentication between OBUs and RSUs. In order to achieve these goals, we consider a universal re-encryption scheme and identity-based key establishment scheme as our building blocks. Several simulations are conducted to verify the efficiency and effectiveness of the proposed protocol by comparing with those of the existing ECPP.

• Journal of Korea Multimedia Society
• /
• v.13 no.6
• /
• pp.865-874
• /
• 2010

Recently, Hao et al. proposed a privacy preservation protocol based on group signature scheme for secure vehicular communications to overcome a well-recognized problems of secure VANETs based on PKI. However, although efficient group signature schemes have been proposed in cryptographic literatures, group signature itself is still a rather much time consuming operation. In this paper, we propose a more efficient privacy preservation protocol than that of Hao et al. In order to design a more efficient anonymous authentication protocol, we consider a key-insulated signature scheme as our cryptographic building block. We demonstrate experimental results to confirm that the proposed protocol is more efficient than the previous scheme.

• Journal of Convergence Society for SMB
• /
• v.4 no.4
• /
• pp.25-29
• /
• 2014

Security is a primary concern in group communication, and secure authentication is essential to establishing a secure group communication. Most conventional authentications consist of knowledge-based and token-based methods. One of the token-based methods is a X.509 certificate, which is used under a Public Key Infrastructure (PKI); it is the most well-known authentication system in a distributed network environment. However, it has a well-known weakness, which only proves the belonging of a certificate. PKI cannot assure identity of a person. The conventional knowledge-based and token-based methods do not really provide positive personal identification because they rely on surrogate representations of the person's identity. Therefore, I propose a secure X.509 certificate with biometric information to assure the identity of the person who uses the X.509 certificate in a distributed computing environment.

• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.42 no.11
• /
• pp.27-34
• /
• 2005

Mobile Ad Hoc Networks (MANETs) are self-organized networks that do not rely in their operation on wired infrastructure. As in any networking technology, security is an essential element in MANET as well, for proliferation of this type of networks. But supporting secure communication in MANETs proved to be a significant challenge, mainly due to the fact that the set of nodes in the network can change frequently and rapidly and due to the lack of access to the wired infrastructure. In particular, the trust model and the authentication protocols, which were developed for wired and infrastructure-based networks, cannot be used in MANETs. In this paper, we address the problem of efficient authentication of distributed mobile users in geographically large networks. In particular, we propose a new authentication scheme for this case of MANETs. The proposed scheme exploits Randomized Groups to efficiently share authentication information among nodes that together implement the function of a distributive Certification Authority (CA). We then evaluate the performance of authentication using Randomized Groups.