• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.4
• /
• pp.719-731
• /
• 2012

One of the most important point in the Internet crime investigation is tracing back and pointing out a criminal host. However, criminals can forge a crime record stored in the crime host, or can utilize malicious applications in order not to leave a crime record. In addition, criminals can change the source IP address of a crime host and deny their involvement. In this study, we suggests the Network Forensic Evidence Generation and Verification Scheme (NFEGVS) to rectify the current limitation of Network Forensic technologies. This scheme can prove who and when the crime has occurred. In addition, this prevents leaking of symmetric key for guaranteeing certification and integrity of Forensic Evidence by proposing the Timestamp Secret Key Distribution Scheme, and minimizes performance degradation of router when generating forensic evidence with the Flow-Based Selection Scheme. In this paper, we implement the proposed scheme and evaluate overall performance of the proposed system.

• Journal of the Korea Society of Computer and Information
• /
• v.14 no.6
• /
• pp.51-57
• /
• 2009

Wireless sensor networks consist of numerous sensor nodes that have inexpensive and limited resources. Generally, most of the sensors are assigned to the hazardous or uncontrollable environments. If the sensor nodes are randomly assigned to the wide target area, it is very hard to see the accurate locations of sensor nodes. Therefore, this study provides an efficient key distribution scheme to solve these problems. Based on the provided scheme, the study enabled the closely neighboring nodes to exchange information with each other after securing safe links by using the pre-distributed keys. At the same time, the provided scheme could increase the probability of multiparty key detection among nodes by using the location information of sensor node. Lastly, the study intended to show the superiority of the limitation method through a performance test.

• The Transactions of the Korea Information Processing Society
• /
• v.6 no.10
• /
• pp.2722-2727
• /
• 1999

In this paper we propose verifiable self-certified identification and key distribution protocols which has advantages of certificate-based scheme and Girault's self-certified public key. The security of the proposed protocols is based on ${\gamma}$\ulcorner-residuosity problem and discrete logarithm problem.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.10 no.3
• /
• pp.69-76
• /
• 2000

In this paper we propose a new group key renewal scheme suitable for secure mobile communications in which all members of the group can re-share the new group common key excepted a revoked member using a key distribution center(a trusted center). A renewal group key in the proposed scheme can be shared many times using pre-distributed data by a smart card without a preparation stage. This scheme is also avaliable for a large group network because the transmitted data amount after identifying the revoked member does not depend on a size of group. The secuirty of this scheme is based on the difficulty of the discrete logarithm problem.

• Journal of KIISE:Information Networking
• /
• v.36 no.5
• /
• pp.437-455
• /
• 2009

In the near future, various multicast based services will be provided over clustered wireless networks. To provide multicast services in secure manner, multicast messages are encrypted by using group key which is shared by group members. Therefore, various group key management schemes have been introduced until now. Among them, tree based approach is one of the most representative paradigms in group key management. Traditional tree based approaches effectively reduce rekeying message transmissions of the key distribution center. However, they do not consider the network bandwidth used for transmitting the rekeying messages. In this paper, we firstly present formulas that describe bandwidth consumption of tree based group key management scheme. Based on our formulations, we propose a bandwidth efficient key tree management scheme for clustered wireless networks where membership changes occur frequently. Simulation results show that our scheme effectively reduces the bandwidth consumption used for rekeying compared to existing key tree schemes.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.9 no.4
• /
• pp.61-70
• /
• 1999

In this paper we propose the verifiable self-certified schemes(key distribution scheme identification scheme digital signature scheme) based on ${\gamma}$th -residuosity which make up for defects of Girault's self-certified schemes allow the authenticity of public keys to be verified during the use of the keys. The security of our schemes is based on the difficulty of ${\gamma}$th -residuosity problem and discrete logarithm problem simultaneously.

• International Journal of Contents
• /
• v.8 no.3
• /
• pp.79-82
• /
• 2012

In digital contents distribution environments, a user authentication is an important security primitive to allow only authenticated user to use right services by checking the validity of membership. For example, in Internet Protocol Television (IPTV) environments, it is required to provide an access control according to the policy of content provider. Remote user authentication and key agreement scheme is used to validate the contents accessibility of a user. We propose a novel user authentication scheme using smart cards providing a secure access to multimedia contents service. Each user is authenticated using a subset of attributes which are issued in the registration phase without revealing individual's identity. Our scheme provides the anonymous authentication and the various permissions according to the combination of attributes which are assigned to each user. In spite of more functionality, the result of performance analysis shows that the computation and communication cost is very low. Using this scheme, the security of contents distribution environments in the client-server model can be significantly improved.

• ETRI Journal
• /
• v.35 no.1
• /
• pp.173-176
• /
• 2013

Existing symmetric cryptography-based solutions against pollution attacks for network coding systems suffer various drawbacks, such as highly complicated key distribution and vulnerable security against collusion. This letter presents a novel homomorphic subspace message authentication code (MAC) scheme that can thwart pollution attacks in an efficient way. The basic idea is to exploit the combination of the symmetric cryptography and linear subspace properties of network coding. The proposed scheme can tolerate the compromise of up to r-1 intermediate nodes when r source keys are used. Compared to previous MAC solutions, less secret keys are needed for the source and only one secret key is distributed to each intermediate node.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.17 no.1
• /
• pp.74-96
• /
• 2023

At present, the smart grid has become one of the indispensable infrastructures in people's lives. As a commonly used communication method, wireless communication is gradually, being widely used in smart grid systems due to its convenient deployment and wide range of serious challenges to security. For the insecurity of the schemes based on large integer factorization and discrete logarithm problem in the quantum environment, an identity-based key management scheme for smart grid over lattice is proposed. To assure the communication security, through constructing intra-cluster and inter-cluster multi-hop routing secure mechanism. The time parameter and identity information are introduced in the relying phase. Through using the symmetric cryptography algorithm to encrypt improve communication efficiency. Through output the authentication information with probability, the protocol makes the private key of the certification body no relation with the distribution of authentication information. Theoretic studies and figures show that the efficiency of keys can be authenticated, so the number of attacks, including masquerade, reply and message manipulation attacks can be resisted. The new scheme can not only increase the security, but also decrease the communication energy consumption.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.13 no.6
• /
• pp.141-148
• /
• 2003

The self-healing key distribution scheme with revocation capability proposed by Staddon et al. enables a dynamic group of users to establish a group key over an unreliable network, and has the ability to revoke users from and add users to the group while being resistant to collusion attacks. In such a protocol, if some packet gets lost, users ale still capable of recovering the group key using the received packets without requesting additional transmission from the group manager. In this scheme, the storage overhead at each group member is O($m^2$1og p) and the broadcast message size of a group manager is O( ((m$t^2$+mt)log p), where m is the number of sessions, t is the maximum number of colluding group members, and p is a prime number that is large enough to accommodate a cryptographic key. In this paper we describe the more efficient self-healing key distribution scheme with revocation capability, which achieves the same goal with O(mlog p) storage overhead and O(($t^2$+mt)log p) communication overhead. We can reduce storage overhead at each group member and the broadcast message size of the group manager without adding additional computations at user's end and group manager's end.