• Electronics and Telecommunications Trends
• /
• v.30 no.4
• /
• pp.129-139
• /
• 2015

현재의 인터넷은 40여 년 전에 신뢰할 수 있는 호스트 간의 통신을 기반으로 설계되어 식별성(Identity)과 기밀성(Privacy)등의 보안성에 대한 특별한 요구사항이 없었다. 추후 인터넷이 전 세계적으로 확장함에 따라 신뢰할 수 없는 호스트가 통신에 참여하게 되었고 이에 대한 보안 요구사항이 새롭게 등장하였다. 이러한 요구사항을 만족시키기 위한 인터넷의 보안 기술은 키(Key)에 매우 의존적으로 발전하여 현재 모든 인증 관련 기술과 보안 기술들은 공개키 기반 구조(Public Key Infrastructure: PKI)와 같이 키를 기반으로 하고 있다. 이러한 연구 동향은 미래인터넷의 보안 연구에서도 여전히 반영되어 미국에서 진행 중인 eXpressive Internet Architecture(XIA)나 다른 미래 인터넷 프로젝트에서도 키 기반의 보안기술 연구를 진행하고 있다. 하지만 모든 통신을 의심하고 이를 감시하기 위한 기존의 인터넷 보안 기술과 달리 미래인터넷 보안 연구는 상호 신뢰를 기반으로 네트워크에 대한 공격 자체를 원천적으로 차단할 수 있는 신뢰통신(Trustworthy communication)을 목적으로 하고 있으며 이에 대한 새로운 연구 결과가 등장하고 있다. 본고에서는 차세대 보안연구 분야인 신뢰통신의 연구동향과 성과를 소개하고 장단점을 분석한다. 특히 미래인터넷의 신뢰통신 연구 중 대중적으로 인정받고 있는 공개키를 이용한 자가인증(Self-certifying)과 이를 뒷받침하기 위한 공개키 검증 시스템 연구 및 신뢰경로 구축 연구를 중심으로 미래인터넷의 신뢰통신 연구가 진행된 과정을 중점적으로 소개한다.

• Journal of Information Processing Systems
• /
• v.16 no.3
• /
• pp.599-611
• /
• 2020

With the application and promotion of biometric technology, biometrics has become more and more important to identity authentication. In order to ensure the privacy of the user, the biometrics cannot be stored or manipulated in plaintext. Aiming at this problem, this paper analyzes and summarizes the scheme and performance of the existing biometric authentication system, and proposes an iris-based ciphertext authentication system based on fully homomorphic encryption using the FV scheme. The implementation of the system is partly powered by Microsoft's SEAL (Simple Encrypted Arithmetic Library). The entire system can complete iris authentication without decrypting the iris feature template, and the database stores the homomorphic ciphertext of the iris feature template. Thus, there is no need to worry about the leakage of the iris feature template. At the same time, the system does not require a trusted center for authentication, and the authentication is completed on the server side directly using the one-time MAC authentication method. Tests have shown that when the system adopts an iris algorithm with a low depth of calculation circuit such as the Hamming distance comparison algorithm, it has good performance, which basically meets the requirements of real application scenarios.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.13 no.2
• /
• pp.978-1002
• /
• 2019

With the rapid development of the Internet of Things, the problem of privacy protection has been paid great attention. Recently, Nikooghadam et al. pointed out that Kumari et al.'s protocol can neither resist off-line guessing attack nor preserve user anonymity. Moreover, the authors also proposed an authentication supportive session initial protocol, claiming to resist various vulnerability attacks. Unfortunately, this paper proves that the authentication protocols of Kumari et al. and Nikooghadam et al. have neither the ability to preserve perfect forward secrecy nor the ability to resist key-compromise impersonation attack. In order to remedy such flaws in their protocols, we design a lightweight authentication protocol using elliptic curve cryptography. By way of informal security analysis, it is shown that the proposed protocol can both resist a variety of attacks and provide more security. Afterward, it is also proved that the protocol is resistant against active and passive attacks under Dolev-Yao model by means of Burrows-Abadi-Needham logic (BAN-Logic), and fulfills mutual authentication using Automated Validation of Internet Security Protocols and Applications (AVISPA) software. Subsequently, we compare the protocol with the related scheme in terms of computational complexity and security. The comparative analytics witness that the proposed protocol is more suitable for practical application scenarios.

• The Journal of the Convergence on Culture Technology
• /
• v.7 no.1
• /
• pp.551-557
• /
• 2021

With increase of electric vehicle in the road, the number of charging/discharging infrastructure for electric vehicle in public space is also increased rapidly. To charge or discharge the electric vehicle the user of electric vehicle and service provider should verify the each other's identity to minimize security vulnerability. This paper proposes mutual authentication scheme between electric vehicle and charging/discharging service provider with help of hash function and Message Authentication Code(MAC). Also efficient operating scheme for charging/discharging service system is proposed. The analysis shows that the system has robustness against security vulnerability. Also this system can keep the sensitive personal information of service user safely.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.3
• /
• pp.51-59
• /
• 2008

The biometrics has been researched as a means for authenticating user's identity. Among the biometrics schemes for face recognition, the eigenvector-based schemes, which use eigenvector made from training data for transforming test data to abstracted data, are widely adopted. From those schemes, however, it is hard to expect cancelable feature, which is a general concept for security in the biometrics. In this paper, we point out the security problem that is the recovery of valuable face information from the abstracted face data and consider a possible attack scenario by showing our experiment results.

• International Journal of Computer Science & Network Security
• /
• v.23 no.5
• /
• pp.13-20
• /
• 2023

In connected vehicles, drivers are exposed to attacks when they communicate with unauthenticated peers. This occurs when a vehicle relies on outdated information resulting in interactions with vehicles that have expired or revoked certificates claiming to be legitimate nodes. Vehicles must frequently receive or query an updated revoked certificate list to avoid communicating with suspicious vehicles to protect themselves. In this paper, we propose a scheme that works on a highway divided into clusters and managed by roadside units (RSUs) to ensure authenticity and preserve hidden identities of vehicles. The proposed scheme includes four main components each of which plays a major role. In the top hierarchy, we have the authority that is responsible for issuing long-term certificates and managing and controlling all descending intermediate authorities, which cover specific regions (e.g., RSUs) and provide vehicles with short-term pseudonyms certificates to hide their identity and avoid traceability. Every certificate-related operation is recorded in a blockchain storage to ensure integrity and transparency. To regulate communication among nodes, security managers were introduced to enable authorization and access right during communications. Together, these components provide vehicles with an immediately revoked certificate list through RSUs, which are provided with publish/subscribe brokers that enable a controlled messaging infrastructure. We validate our work in a simulated smart highway environment comprising interconnected RSUs to demonstrate our technique's effectiveness.

• Advances in environmental research
• /
• v.12 no.2
• /
• pp.113-122
• /
• 2023

Biometric authentication has become an essential part of modern-day security systems, especially in financial institutions like banks. A face recognition-based ATM is a biometric authentication system, that uses facial recognition technology to verify the identity of bank account holders during ATM transactions. This technology offers a secure and convenient alternative to traditional ATM transactions that rely on PIN numbers for verification. The proposed system captures users' pictures and compares it with the stored image in the bank's database to authenticate the transaction. The technology also offers additional benefits such as reducing the risk of fraud and theft, as well as speeding up the transaction process. However, privacy and data security concerns remain, and it is important for the banking sector to instrument solid security actions to protect customers' personal information. The proposed system consists of two stages: the first stage captures the user's facial image using a camera and performs pre-processing, including face detection and alignment. In the second stage, machine learning algorithms compare the pre-processed image with the stored image in the database. The results demonstrate the feasibility and effectiveness of using face recognition for ATM authentication, which can enhance the security of ATMs and reduce the risk of fraud.

• Journal of Internet Computing and Services
• /
• v.13 no.2
• /
• pp.59-71
• /
• 2012

PKI-based public key scheme is outstanding in terms of authenticity and privacy. Nevertheless its application brings big burden due to the certificate/key management. It is difficult to apply it to limited computing devices in WSN because of its high encryption complexity. The Bilinear Pairing emerged from the original IBE to eliminate the certificate, is a future significant cryptosystem as based on the DDH(Decisional DH) algorithm which is significant in terms of computation and secure enough for authentication, as well as secure and faster. The practical EC Weil Pairing presents that its encryption algorithm is simple and it satisfies IND/NM security constraints against CCA. The Random Oracle Model based IBE PKG is appropriate to the structure of our target system with one secret file server in the operational perspective. Our work proposes modification of the Weil Pairing as proper to the closed network for secret file distribution[2]. First we proposed the improved one computing both encryption and message/user authentication as fast as O(DES) level, in which our scheme satisfies privacy, authenticity and integrity. Secondly as using the public key ID as effective as PKI, our improved IBE variant reduces the key exposure risk.

• Journal of the Institute of Electronics Engineers of Korea SP
• /
• v.47 no.5
• /
• pp.183-191
• /
• 2010

Unique and invariant biometric characteristics have been used for secure user authentication. Storing original biometric data is not acceptable due to privacy and security concerns of biometric technology. In order to enhance the security of the biometric data, the cancelable biometrics was introduced. Using revocable and non-invertible transformation, the cancelable biometrics can provide a way of more secure biometric authentication. In this paper, we present a new cancelable bits extraction method for the facial data. For the feature extraction, the Subpattern-based Principle Component Analysis (PCA) is adopted. The Subpattern-based PCA divides a whole image into a set of partitioned subpatterns and extracts principle components from each subpattern area. The feature extracted by using Subpattern-based PCA is discretized with a helper data based method. The elements of the obtained bits are evaluated and ordered according to a measure based on the fisher criterion. Finally, the most discriminative bits are chosen as the biometric bits string and used for authentication of each identity. Even if the generated bits string is compromised, new bits string can be generated simply by changing the helper data. Because, the helper data utilizes partial information of the feature, the proposed method does not reveal privacy sensitive biometric information of the user. For a security evaluation of the proposed method, a scenario in which the helper is compromised by an adversary is also considered.

• Clinical and Experimental Reproductive Medicine
• /
• v.40 no.4
• /
• pp.169-173
• /
• 2013

Objective: To measure Irish opinion on a range of assisted human reproduction (AHR) treatments. Methods: A nationally representative sample of Irish adults (n=1,003) were anonymously sampled by telephone survey. Results: Most participants (77%) agreed that any fertility services offered internationally should also be available in Ireland, although only a small minority of the general Irish population had personal familiarity with AHR or infertility. This sample finds substantial agreement (63%) that the Government of Ireland should introduce legislation covering AHR. The range of support for gamete donation in Ireland ranged from 53% to 83%, depending on how donor privacy and disclosure policies are presented. For example, donation where the donor agrees to be contacted by the child born following donation, and anonymous donation where donor privacy is completely protected by law were supported by 68% and 66%, respectively. The least popular (53%) donor gamete treatment type appeared to be donation where the donor consents to be involved in the future life of any child born as a result of donor fertility treatment. Respondents in social class ABC1 (58%), age 18 to 24 (62%), age 25 to 34 (60%), or without children (61%) were more likely to favour this donor treatment policy in our sample. Conclusion: This is the first nationwide assessment of Irish public opinion on the advanced reproductive technologies since 2005. Access to a wide range of AHR treatment was supported by all subgroups studied. Public opinion concerning specific types of AHR treatment varied, yet general support for the need for national AHR legislation was reported by 63% of this national sample. Contemporary views on AHR remain largely consistent with the Commission for Assisted Human Reproduction recommendations from 2005, although further research is needed to clarify exactly how popular opinion on these issues has changed. It appears that legislation allowing for the full range of donation options (and not mandating disclosure of donor identity at a stipulated age) would better align with current Irish public opinion.