• Journal of information and communication convergence engineering
• /
• v.2 no.3
• /
• pp.182-186
• /
• 2004

When most of existing instant messengers log on server, they transmit to sever in encoding password to RC5. but RC5 don't be secured because it has been known many of password cracking tools. Also, messengers don't have any protection on the transmitted information with communicating two hosts since loging on, endangering the privacy of the user. As a counter measure, messengers need to provide security service including message encryption. In this paper, we designed a key exchange method of password representing fast, effective and high security degree, using ECC(Elliptic Curve Cryptography) that being known the very stronger than another public key cryptography with same key size. To effectively improve data transmission and its security using IPSec protocol between users, tunnel mode is introduced. Tunnel mode transmits Host-to-Host data through virtual pipelines on the Internet.

• Proceedings of the IEEK Conference
• /
• 2002.06c
• /
• pp.51-54
• /
• 2002

P2P implies direct exchange between peers. If you have something I want, 1 go directly to you and obtain il. There is one of the most advantages of formation of community in P2P. For a specified purpose through P2P, the Peers who make temporary a group delivery a request efficient and safe. And the resources can be jointed common, cooperation and communication. When P2P is developed more, we can expect more formation of online community and development. But to be a safe of personal ID and password in internet, it should be possible to make a key-exchange. In the paper, it suggest P2P security system suitable to personal security that Kerberos be transformed. The user who make community in P2P, have Kerberos Server, and using Physical Address of Ethernet card in personal computer, authenticate users.

• Journal of the Korea Computer Industry Society
• /
• v.2 no.10
• /
• pp.1269-1284
• /
• 2001

The Secure Sockets Layer is a protocol for encryption TCP/IP traffic that provides confidentiality, authentication and data integrity. Also the SSL is intended to provide the widely applicable connection-oriented mechanism which is applicable for various application-layer, for Internet client/server communication security. SSL, designed by Netscape is supported by all clients' browsers and server supporting security services. Now the version of SSL is 3.0. The first official TLS vl.0 specification was released by IETF Transport Layer Security working group in January 1999. As the version of SSL has had upgraded, a lot of vulnerabilities were revealed. SSL and TLS generate the private key with parameters exchange method in handshake protocol, a lot of attacks may be caused on this exchange mechanism, also the same thing may be come about in record protocol. In this paper, we analyze SSL protocol, compare the difference between TLS and SSL protocol, and suggest what developers should pay attention to implementation.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2003.11c
• /
• pp.1977-1980
• /
• 2003

현재 가상사설망(VPN)의 보안 프로토콜로 사용되고 있는 IPSec(IP security)은 보안에 취약한 인터넷망을 타고 전달되는 IP 패킷을 대상으로 패킷의 기밀성과 무결성 및 송신자 인증이라는 보안 서비스를 제공해주는 강력한 인터넷 보안 메커니즘의 하나이다. 그러나 IPSec의 키 분배 및 관리를 위해 사용되고 있는 IKE(Internet Key Exchange)는 그 복잡성으로 인해 정확한 암호학적 분석이 어렵고 이를 응용한 어플리케이션 사이의 상호 호환을 어렵게 하고 있다. 따라서 본 논문에서는 이러한 문제를 해결하기 위해 기존의 IKE를 변형한 새로운 키 알고리즘을 제시한다.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.7 no.1
• /
• pp.149-157
• /
• 2003

Recently, the Internet enhanced by development of IT makes the processing and exchanging of information, As the Internet is sending and receiving digitized documents over the Internet e-mail system. The security of document information is being threated when exchanging digitized documents over an open network such as the Internet. The degree of threat is even higher when sensitive documents are involved Therefore, in this paper, the secure e-mail system on a client is designed and implemented in order to make secure exchanging of digitized documents. By using the public key infrastructure in which encrypted mail transmission, proof of delivery and integrity of the message are garanted, unauthorized manipulation, illegal acquisition and mutual authentication problem can be prevented in order to secure the document information which is crucial and sensible when exchanging the digitized document over the Internet. Futhenmore, by using the SET protocol based on public key cryptography, the secure mail system is designed and implemented in order for the users not having any professional knowledge to deal with the system easily and friendly in GUI environment.

• The Journal of Korea Institute of Information, Electronics, and Communication Technology
• /
• v.10 no.1
• /
• pp.66-76
• /
• 2017

As the IoT communication environment has been established, communications that utilize not only high-spec machines but also low-spec machines are increasing, but security threats are increasing, too. In recent times, a lot of papers have attempted to reduce the weight of IP layer security techniques such as IPsec and IKEv2 for low-spec machines. Typically, Smyslov proposed Lightweight IKEv2 protocol which is used in IoT environment. However, This proposed protocol had compatibility problem with IKEv2 protocol, So, It is hard to be expected to be used in IoT communication environment. Unlike the Smyslov's protocol, this paper proposed Lightweight IKEv2 protocol which can be compatible of IKEv2 protocol and applied lossless compression algorithm to payload. To suggest lightweight IKEv2 protocol, this paper analyzed IKEv2 protocol and existed lightweight IKEv2 protocol. Furthermore, This paper proved that proposed protocol is more efficient than existed lightweight IKEv2 protocol through performance evaluation as a method.

• The Journal of the Korea Contents Association
• /
• v.10 no.3
• /
• pp.32-43
• /
• 2010

IPTV is an emerging technology that combines both broadcasting and tele-communication technologies, and provides various multi-media contents to the service subscribers. In general, IPTV broadcasters transmit scrambled signals (multi-media contents) to the paying subscribers, and the users within the acknowledged network descramble the signals using the smart-card. That is, users are verified through communication between STB (Set-Top Box) and smart-card. In 2004, Jiang et al. proposed a secure protocol regarding the verification process. The method has been modified and enhanced by several following research works. However, all the methods that have been proposed so far required modular exponentiation operations which may raise the smart-card costs. In this paper, we propose a new efficient mutual authentication and session-key establishment protocol using only hash functions and exclusive-or operations, and show that the proposed protocol is still secure under various security attacks.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.6
• /
• pp.1247-1260
• /
• 2021

For more efficient energy management of nodes in wireless sensor networks, research has been conducted on mobile sink nodes that deliver data from sensor nodes to server recently. UAV (Unmanned Aerial vehicle) is used as a representative mobile sink node. Also, most studies on UAV propose algorithms for calculating optimal paths and have produced rapid advances in the IoD (Internet of Drones) environment. At the same time, some papers proposed mutual authentication and secure key exchange considering nature of the IoD, which requires efficient creation of multiple nodes and session keys in security perspective. However, most papers that proposed secure communication in mobile sink nodes did not protect end-to-end data privacy. Therefore, in this paper, we propose integrated security model that authentication between mobile sink nodes and sensor nodes to securely relay sensor data to base stations. Also, we show informal security analysis that our scheme is secure from various known attacks. Finally, we compare communication overhead with other key exchange schemes previously proposed.

• Journal of KIISE:Information Networking
• /
• v.30 no.1
• /
• pp.75-81
• /
• 2003

User authentication, including confidentiality, integrity over untrusted networks, is an important part of security for systems that allow remote access. Using human-memorable Password for remote user authentication is not easy due to the low entropy of the password, which constrained by the memory of the user. This paper presents a new password authentication and key agreement protocol suitable for authenticating users and exchanging keys over an insecure channel. The new protocol resists the dictionary attack and offers perfect forward secrecy, which means that revealing the password to an attacher does not help him obtain the session keys of past sessions against future compromises. Additionally user passwords are stored in a form that is not plaintext-equivalent to the password itself, so an attacker who captures the password database cannot use it directly to compromise security and gain immediate access to the server. It does not have to resort to a PKI or trusted third party such as a key server or arbitrator So no keys and certificates stored on the users computer. Further desirable properties are to minimize setup time by keeping the number of flows and the computation time. This is very useful in application which secure password authentication is required such as home banking through web, SSL, SET, IPSEC, telnet, ftp, and user mobile situation.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2015.10a
• /
• pp.594-597
• /
• 2015

IoT(Internet of Thing) 환경이 도래하면서 다양한 무선 통신 기술들이 사용되고 있다. 그 중에서 가장 많이 쓰이는 무선 통신 기술은 Z-WAVE이다. Z-WAVE는 저전력, 양방향 RF 등의 장점을 가지며, 세계 스마트 홈 시장에서 가장 폭 넓게 사용되는 기술이다. 이 기술을 채택한 연합을 Z-WAVE 연합이라고 하는데, 이 연합은 수백 개 이상의 제조사들과 1000개 이상의 활성화된 제품을 가지고 있다. 하지만 Z-WAVE는 중간자 공격 등과 같은 보안성의 취약점을 가지고 있으며 아직까지 연구가 부족한 실정이다. 따라서 본 논문에서는 IoT 환경에서 Z-WAVE 기반의 향상된 키 교환 프로토콜 기법을 제안한다.