• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.33 no.10C
• /
• pp.764-777
• /
• 2008

In 4G environments, which is the next generation technology for mobile network, it is forecasted that the wireless Internet using a mobile devices such as a mobile phone, PDA will increase because of expansion of Internet and integration of heterogeneous networks. Therefore, we need a Digital ID management technology that can prevent illegal uses and manage private information efficiently in wired and wireless environments. In this paper, we analyze various Digital ID management technologies, and then define requirements of user-centric Digital ID management technology. In addition, we newly propose the authentication mechanism for mobile applications in LTE/SAE network. Finally, we propose the mobile Digital ID Wallet mechanism suitable for 4G environments.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.42 no.4
• /
• pp.838-847
• /
• 2017

CNG which was released as a substitute of the previous CAPI (Cryptography API) library from Microsoft is constructed with individual modules based on the plug-in architecture, this means CNG is exceedingly helpful in the cost of development as well as the facility of extension. On the opposite side of these advantages, considerations on security issues are quite insufficient. Therefore, a research on security assurance is strongly required in the environment of distributing and utilizing the CNG library, hence, we analyze possible security vulnerabilities on the CNG library. Based on analyzed vulnerabilities, proof-of-concept tools are implemented and vulnerabilities are verified using them. Verified results are that contents of mail, account information of mail server, and authentication information of web-sites such as Amazon, E-bay, Google, and Facebook are exposed in Outlook program and Internet Explorer program using CNG library. We consider that the analyzed result in this paper can improve the security for various applications using CNG library.

• Journal of Internet of Things and Convergence
• /
• v.6 no.2
• /
• pp.25-29
• /
• 2020

The elliptic curve crypto-algorithm is widely used in authentication for IoT environment, since it has small key size and low communication overhead compare to the RSA public key algorithm. If the scalar multiplication, a core operation of the elliptic curve crypto-algorithm, is not implemented securely, attackers can find the secret key to use simple power analysis or differential power analysis. In this paper, an elliptic curve scalar multiplication algorithm using a randomized scalar and an elliptic curve point blinding is suggested. It is resistant to power analysis but does not significantly reduce efficiency. Given a random r and an elliptic curve random point R, the elliptic scalar multiplication kP = u(P+R)-vR is calculated by using the regular variant Shamir's double ladder algorithm, where l+20-bit u≡rn+k(modn) and v≡rn-k(modn) using 2^lP=∓cP for the case of the order n=2^l±c.

• The Journal of Information Technology
• /
• v.1 no.1
• /
• pp.173-188
• /
• 1998

In this paper we discussed various types of electronic payment schemes that are emerging. Threats vary from malicious hackers attempting to crash a system, to threats to data or transaction integrity. An understanding of the various types of threats can assist a security manager in selecting appropriate cost-effective controls to protect valuable information resources. An overview of many of today's common threats presented in this paper will be useful to mangers studying their own threat environments with a view toward developing solutions specific to their organization. To ensure security on the Internet, several methods have been developed and deployed. They include authentication of users and servers, encryption, and data integrity. Transaction security is critical : without it, information transmitted over the Internet is susceptible to fraud and other misuse. So computer systems represents an Intermediary with the potential to access the flow of information between a user. Security is needed to ensure that intermediaries cannot eavesdrop on transactions, or copy/modify data. Online firms must take additional precautions to prevent security breaches. To protect consumer information, they must maintain physical security of their servers and control access to software passwords and private keys. Techniques such as secret and public-key encryption and digital signatures play a crucial role in developing consumer confidence in electronic commerce.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.5
• /
• pp.1211-1221
• /
• 2016

In IoT environment, making sure of trust of IoT devices is the most important one than others. The security threats of nowadays almost stay at exposure or tampering of information. However, if human life is strongly connected to the Internet by IoT devices, the security threats will probably target human directly. In case of devices, authentication is verified using the device-known private key. However, if attacker can modify the device physically, knowing the private key cannot be the evidence of trust any more. Thus, we need stronger verification method like code attestation. In this paper, we use software-based code attestation for efficiency. We also suggest secure code attestation method against copy of original code and implement it on embedded device and analyze its performance.

• The KIPS Transactions:PartC
• /
• v.9C no.5
• /
• pp.687-698
• /
• 2002

Together with the activation of wireless Internet, the interest for various integrated methods of the existing wired and wireless e-commerces is on the rise. For the integrated wired and wireless e-commerce, firstly, the optimized security and authentication under the radio communication environment should be decided. And also the user-friendly usage is important. In this paper, we designed and implemented wired and wireless interworking Mobile Wallet on terminal that can be used through both wired and wireless methods by developing electronic wallet module for electronic payment using MIDP (Mobile Information Device Profile) based on J2ME (Java 2 Micro Edition). The characteristics of mobile wallet implemented in this paper provide the stability through encoding/decoding payment information and on-line usage on wired/wireless environments through downloading electronic wallet. In addition, we also present safe and convenient payment method for e-commerce based on wired/wireless Internet.

• Journal of Internet Computing and Services
• /
• v.5 no.6
• /
• pp.45-58
• /
• 2004

This paper consists of two parts, One is the ECC( GF(2/sup m/)) algorithm to improve the security strength and the processing time of SSL VPN and the other is the WLCAPT algorithm instead of LSNAT for the security strength of virtual server. In general when corporates use SSL protocol in order to build VPN, they use RSA algorithm with the problem of security and processing time about authentication and confidentiality, In this paper, a shared public key is generated with ECSPK which uses ECC( GF(2/sup m/)) algorithm to improve the security and processing time instead of RSA In addition, WLCAPT algorithm proposed in this paper is applied to virtual server which resides in the server side and then after NAT translation, the actual server of headquarter is securely communicated with it.

• KIPS Transactions on Computer and Communication Systems
• /
• v.6 no.8
• /
• pp.329-342
• /
• 2017

Recently, interest and investment in the Internet of Things (IoT) have increased significantly, and security issues are constantly being raised. As a solution, the IETF ACE Working Group is establishing the ACE framework standard, which is a new security framework for various constrained IoT environments based on the existing OAuth 2.0. However, additional work is required to apply the ACE framework, which proposes a new lightweight security system, to the existing Internet environment, and this additional cost is a factor that hinders the application of OAuth 2.0 to the IOT environment. Therefore, we propose an IoT authentication framework based on OAuth 2.0's existing development motivation, and implement a proposal framework based on CoAPthon and analyze its performance.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.19 no.5
• /
• pp.9-17
• /
• 2019

As the IoT environment becomes more popular, the safety of the M2M environment, which establishes the communication environment between objects and objects without human intervention, becomes important. Due to the nature of the wireless communication environment, there is a possibility of exposure to security threats in various aspects such as data exposure, falsification, tampering, deletion and privacy, and secure communication security technology is considered as an important requirement. In this paper, we propose a new method for group key generation and exchange using trap hash collision hash in existing 'M2M communication environment' using hash collision, And a mechanism for confirming the authentication of the device and the gateway after the group key is generated. The proposed method has attack resistance such as spoofing attack, meson attack, and retransmission attack in the group communication section by using the specificity of the collision message and collision hash, and is a technique for proving safety against vulnerability of hash collision.

• Journal of the Korea Society of Computer and Information
• /
• v.11 no.4 s.42
• /
• pp.155-164
• /
• 2006

VoIP technology is Eight New Services among Ubiquitous-IT839 strategies. This paper tested wiretapping or VoIP service in connected a soft phone and LAN and WAN sections, Internet telephones and a device. IP PBX, a banner operator network to have been connected to VoIP Internet network. As a result of having experimented on wiretapping of VoIP networks, Vulnerability was found. and a wiretapping by attacks of a hacker was succeeded in a terminal and proxy and attachment points of a VoIP network like a hub to follow a CVE list. Currently applied a security plan of an each wiretapping section in viewpoints of 6 security function of Access Control. Confidentiality, Authentication. Availability, Integrity. Non-repudiation in VoIP networks named to 070. Prevented wiretapping of contents by the results, the AES encryption that executed wiretapping experiment about a packet after application of a security plan. Prevented wiretapping, and kept security and audit log. and were able to accomplish VoIP information protection to network monitoring and audit log by an access interception and qualification and message hash functions and use of an incoming refusal.