• Journal of the Korea Society of Computer and Information
• /
• v.15 no.10
• /
• pp.121-128
• /
• 2010

In this paper, we proposed a new secure RFID(Radio Frequency IDentification) mutual authentication protocol on insecure communication channel which assumed that all communication channels between the database, the reader and the tag are insecure communication channels. The proposed protocol used a secure one-way hash function and the goal is to improve search time of a tag ID and overload of hash calculational load in DB. In addition, the proposed protocol supports not only basic security requirements to be provided by RFID mutual authentication protocol but also forward secrecy, and the tag does not generate a random number to reduce overload of processing capacity in it.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.34 no.10C
• /
• pp.946-954
• /
• 2009

General RFID system has assumed that the communication channel between reader and back-end database is secure channel. However, the reader can be communicated with the database through insecure channel like the communication channel between the reader and the tag according to application environment. In this paper, we propose a new secure RFID mutual authentication protocol based on open network channel which assumed that all communication channels between the database, the reader and the tag are insecure communication channels. The proposed protocol uses a secure one-way hash function to provide authentication and integrity against all communication messages which exchanged on the open channels. In addition, we designed that the proposed protocol can provide forward secrecy by performing the database and the tag update their old secret key with a new secret key after finished mutual authentication.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.16 no.3
• /
• pp.77-86
• /
• 2006

As a core technology in the ubiquitous environment, RFID (Radio Frequency Identification) technology takes an important role. RFID technology provides various information about objects or surrounding environment by attaching a small electronic tag on the object, thus, it means the remote control recognition technology. However, the problems which never happened before can be generated on the point of security and privacy due to the feature that RFID technology can recognize the object without any physical contact. In order to solve these problems, many studies for the RFID recognition technology are going on the progress. The currently running study is the secure communication channel between database and reader applying the recognition technology in the insecure communication channel between reader and tag. But, the purpose of this paper is to settle a privacy problem, which is insecurity of communication between database and reader channel by suggesting providing a user with authentication protocol in order to give information to an authorized entity.

• Journal of Communications and Networks
• /
• v.18 no.2
• /
• pp.246-260
• /
• 2016

A major challenge achieving scalable access control for a large number of subscribers in a public broadcast is to distribute key update messages reliably to all stateless receivers. However, in a public broadcast, the rekeying messages can be dropped or compromised during transmission over an insecure broadcast channel, or transmitted to receivers while they were off-line. In this study, we propose a novel group key management scheme. It features a mechanism to allow legitimate receivers to recover the current group key, even if they lose key update messages for long-term sessions. The scheme uses short hint messages and member computation. Performance analysis shows that the proposed scheme has the advantages of scalability and efficient rekeying compared to previous reliable group key distribution schemes. The proposed key management scheme targets a conditional access system in a media broadcast in which there is no feedback channel from receivers to the broadcasting station.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.5 no.3
• /
• pp.607-625
• /
• 2011

Two-party key exchange protocol is a mechanism in which two parties communicate with each other over an insecure channel and output the same session key. A key exchange protocol that is secure against an active adversary who can control and modify the exchanged messages is called authenticated key exchange (AKE) protocol. LaMacchia, Lauter and Mityagin presented a strong security definition for public key infrastructure (PKI) based two-pass protocol, which we call the extended Canetti-Krawczyk (eCK) security model, and some researchers have provided eCK-secure AKE protocols in recent years. However, almost all protocols are provably secure in the random oracle model or rely on a special implementation technique so-called the NAXOS trick. In this paper, we present a PKI-based two-pass AKE protocol that is secure in the eCK security model. The security of the proposed protocol is proven without random oracles (under three assumptions), and does not rely on implementation techniques such as the NAXOS trick.

• Convergence Security Journal
• /
• v.7 no.2
• /
• pp.57-63
• /
• 2007

The security of data in network is provided by encryption. Selective encryption is a recent approach to reduce the computational cost and complexity for large file size data such as image and video. This paper describes techniques to encrypt Huffman code and discusses the performance of proposed scheme. We propose a simple encryption technique applicable to the Huffman code and study effectiveness of encryption against insecure channel. Our scheme combine encryption process and compression process, and it can reduce processing time for encryption and compression by combining two processes.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2015.10a
• /
• pp.767-770
• /
• 2015

With the deployment of web-based educational game over the internet, the user's registration becomes a critical element. The user is authenticated by the system using username, password, and unique code. However, it cannot be handled properly because the data is transmitted through insecure channel on the network. Hence, security requirement is needed to avoid identity leakage from malicious user. In this paper, we propose a secure communication approach using SSL protocol for an online game. We also describe the security requirements for our approach. In future work, we intend to configure and implement the SSL protocol by enabling HTTPS in web-based online game.

• The Journal of Korea Institute of Information, Electronics, and Communication Technology
• /
• v.13 no.3
• /
• pp.177-183
• /
• 2020

Steganography uses digital images as a medium for sending secret messages over insecure networks. There is also a least significant bit(LSB) that is a popular method of embedding secret messages in digital images. The goal of steganography is to securely and flawlessly transmit secret messages using stego media over a communication channel. There is a need for a method to improve resistance to reduce the risk of exposure to third parties. To safely hide secret messages, I propose new algorithms that go through crossing, encryption, chaos and concealment steps. After separating Hangul syllables into choseong, jungseong and jongseong, the bitwised message information is encrypted. After applying the logistic map, bitwised information is reconstructed using the position of the chaotic sequence. The secret message is inserted into the randomly selected RGB channel. PSNR and SSIM were used to confirm the effectiveness of the applied results. It was confirmed as 44.392(dB) and 0.9884, respectively.

• Journal of Broadcast Engineering
• /
• v.13 no.1
• /
• pp.62-68
• /
• 2008

Remote user authentication scheme is a cryptographic tool which permits a server to identify a remote user. In 2007, Wang et al. pointed out that Ku's remote user authentication scheme is vulnerable to a dictionary attack by obtaining some secret information in a smart card using side channel attacks. They also proposed a remote user authentication scheme which is secure against dictionary attack. In this paper, we analyze the protocol proposed by Wang et al. In the paper, it is claimed that the protocol is secure even though some values, which is stored in a smart card, are revealed to an adversary, However, we show that their protocol is insecure if the values are disclosed to an adversary.

• Journal of KIISE:Information Networking
• /
• v.31 no.4
• /
• pp.347-352
• /
• 2004

In this paper, we propose a new key exchange protocol which authenticates each other and shares a session key between a user and a server over an insecure channel using only a small password. The security of the protocol is based on the difficulty of solving the discrete logarithm problem and the Diffie-Hellman problem and the cryptographic strength of hash function. The protocol is secure against the man-in-the-middle attack, the password guessing attack, the Denning-Sacco attack, and the stolen-verifier attack, and provide the perfect forward secrecy. Furthermore, it is more efficient than other well-known protocols in terms of protocol execution time because it could be executed in parallel and has a simple structure.