• Journal of the Korea Society of Computer and Information
• /
• v.23 no.12
• /
• pp.73-80
• /
• 2018

Certification revocation list(CRL) is needed for excluding compromised, faulty, illegitimate vehicle nodes and preventing the use of compromised cryptographic materials in vehicular communications. It should be distributed to vehicles resource-efficiently and CRL computational load of vehicles should not impact on life-critical applications with delay sensitive nature such as the pre-crash sensing that affords under 50msec latency. However, in the existing scheme, when a vehicle receives CRL, the vehicle calculates linkage values from linkage seeds, which results in heavy computational load. This paper proposes, a new CRL distribution scheme is proposed, which minimizes the time for CRL processing of vehicles. In the proposed scheme, the linkage value calculation procedure is performed by road-side unit(RSU) instead of the vehicle, and then the extracted linkage values are relayed to the vehicle transparently. The simulation results show that the proposed scheme reduces the CRL computational load dramatically, which would minimize impact on life-critical applications' operations with low latency.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.31 no.10C
• /
• pp.1011-1022
• /
• 2006

WSN(Wireless Sensor Network) performs to detect and collect environmental information for one purpose. The WSN is composed of a sink node and several sensor nodes and has a constraint in an aspect of energy consumption caused by limited battery resource. So many required mechanisms in WSN should consider the remaining energy condition. To deploy WSN, tile collected information is required to protect from an adversary over the network in many cases. The security mechanism should be provided for collecting the information over the network. we propose asynchronized key management considering energy efficiency over WSN. The proposed key management is focused on independence and difference of the keys used to deliver the information over several routes over the network, so disclosure of any key does not results in exposure of total key information over the overall WSN. Also, we use hash function to update key information for energy efficiency Periodically. We define the insecurity for requested security Properties and Proof that the security properties are guaranteed. Also, we evaluate and analyze the energy efficiency for the proposed mechanism.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.30 no.11B
• /
• pp.689-697
• /
• 2005

The IETF has created the v6ops Working Group to assist IPv6 transition and propose technical solutions to achieve it. But it's quite problem which security consideration for a stage of IPv4/IPv6 transition and co-existence. There are new security problem threat that it caused by the characteristics of heterogeneity. In this paper, we describe IPv6 transition mechanisms and analyze security problem for IPv6 transition mechanism. also we propose security consideration and new security mechanism. We analyzed DoS and DRDoS in 6to4 environment and presented a address sanity check as a solution. We also showed an attack of address exhaustion in address allocation server. To solve this problem, we proposed challenge-response mechanism in DSTM.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.34 no.10B
• /
• pp.1013-1020
• /
• 2009

This paper proposes an authentication protocol using the key server in the ECPglobai RFID system. The proposed authentication protocol uses the key server and the time-out mechanism to resist various attacks including DoS(Denial of Service) attack. For easy implementation, the proposed protocol also uses the function existing in EPCglobal class 1 gen2 protocol without additive function such as hash function. The proposed protocol is evaluated through two analytical methods. The correctness of the proposed protocol is proved using the GNY analysis. By the security analysis, this paper showed that the proposed protocol is resistant to various attacks including DoS attack. The analytical results demonstrated that the proposed protocol offered a secure RFID system.

• The KIPS Transactions:PartC
• /
• v.9C no.6
• /
• pp.809-816
• /
• 2002

Cryptographic applications, such as data confidentiality and authentication, must be used for secure data communications. PRNG(Pseudo-Random Number Generator) is a basic cryptographic component which is supposed to be satisfied by criteria that we provable security and randomness properties. PRNG it used for generating an initial value or key value of cipher and security of whole cryptographic module depends on the security of PRNG. In this paper, we introduce an PRNG based on a block cipher and prove their security.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.37 no.2C
• /
• pp.119-131
• /
• 2012

Recently smart phones have been proliferating widely and quickly. Since the number of mobile apps that are being developed and deployed to domestic/international app stores is rising, more apps are being installed and deleted by users without any difficulty. The deployed apps are each attested through distinct verification framework of specific app stores. However, such verification frameworks are insufficient in checking security concerns. Unfortunately, the security verification framework is necessary since the incidents of leaking privacy and confidential information are being increased in lately. The aim of this paper is to provide the security verification framework that assures security and reliability of the e-government mobile apps. In order to verify proposed verification framework, a few apps were selected and inspected through proposed framework and these inspection results are included in this paper.

• Journal of the Korea Society for Simulation
• /
• v.24 no.1
• /
• pp.17-24
• /
• 2015

Smart grid is a modernized electrical grid that uses information and communication technologies to gather and act on information, such as information about the behaviors of suppliers and consumers, in an automated fashion to improve the efficiency, reliability, economics, and sustainability of the production and distribution of electricity. However, with the advent of cyber crime, there are also concerns on the security of the infrastructure, primarily that involving communications technologies. In this work, we make an in-depth investigation on the issue of security services and network loads on Smart grid. Through simulation, we analyze the relations between security services and network loads. The experimental results of this study will contribute toward designing an advanced Smart grid system that offers better quality of services. Also, the approach proposed in this study can be utilized to derive new and valuable insights in security aspects.

• Journal of Communications and Networks
• /
• v.13 no.5
• /
• pp.428-441
• /
• 2011

A trace-and-revoke scheme is a type of broadcast encryption scheme for content protection on various platforms such as pay-per-view TV and DVD players. In 2006, Boneh and Waters (BW) presented a fully collusion-resistant trace-and-revoke scheme. However, a decisive drawback of their scheme is to require composite-order groups. In this paper, we present a new trace-and-revoke scheme that works in prime-order groups. Our scheme is fully collusion-resistant and achieves ciphertexts and private keys of size O($\sqrt{N}$) for N users. For the same level of security, our scheme is better than the BW scheme in all aspects of efficiency. Some superior features include 8.5 times faster encryption, 12 times faster decryption, and 3.4 times shorter ciphertexts. To achieve our goal, we introduce a novel technique where, by using asymmetric bilinear maps in prime-order groups, the cancellation effect same as in composite-order groups can be obtained.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.30 no.6C
• /
• pp.601-606
• /
• 2005

Recently with the high expectation of voice over WLAN service, to supped fast inter-AP security transition in WLAN AP is one of the most actively investigating issues. It is also very important to minimize inter-AP security transition latency, while maintaining constantly the secure association from old AP when a station transits to new AP. Hence, this paper first defines secure transition latency as a primary performance metric of AP system in WLAN supporting IEEE802.11i, 802.1x, and 802.11f, and then presents low latency inter-AP security transition mechanism and its security FSM whose objective is to minimize inter-AP transition latency. Experiment shows that the proposed scheme outperforms the legacy 802.1X AP up to $79\%$ with regard to the transition latency.

• Proceedings of the Korean Information Science Society Conference
• /
• 2010.06d
• /
• pp.21-25
• /
• 2010

항공기반시설(공항, 기상 서비스, 항로 항행시설)에 대한 보안사고 대응을 위한 보안체계는 수립단계에서부터 착수하여 분석이 진행됨에 따라 세부적인 평가가 수행되어야하며, 시설변경이 발생하는 경우 변경된 시설에 대하여 재평가를 하여야 한다. 또한 항공기 운용과정에서 발생 가능한 각종 사고에 대한 사전 예방 및 정비를 위해서도 체계적인 보안성 평가가 필수적이다. 보안성 평가에는 계획(Plan), 활동(Do), 그리고 평가(Check), 조치(Action)업무가 네트워크 구조로 통합되어 적용되며, 과거의 사용 또는 경험에 따라 세분화된 보안성 평가 요구조건을 구분하여 적용한다. 특히 항공기반시설에 대한 보안성 입증과 안전한 운항을 보장하기 위하여 실시간 지원체계와 국가 차원에서 이를 관리하여야 한다. 이는 공공의 안전을 확보하기 위한 것으로서, 민간항공업체는 해당 법규, 표준서 및 지침 등에 따라 최소한의 보안성을 입증하여야 한다. 따라서 본 논문에서는 항공기반시설에 대한 보안사고 대응을 위한 보안체계를 위해 설정된 보안의 목표를 충족하고 있는지를 확인 평가하고, 분석 등을 고려하여 종합적인 보안성 평가기법을 적용할 수 있도록 하는 보안체계 네트워크 모델에 대해 제시하고자 한다.