• Journal of KIISE:Information Networking
• /
• v.29 no.4
• /
• pp.368-374
• /
• 2002

In the third generation mobile telecommunication systems such as UMTS, one of the important problems for value-added services is to check the recoverability of costs used by a mobile user. Previous authentication and payment schemes for value-added services by a mobile user across multiple service domains, rely on the concept of the on-line TTP, which serves as the users certification authority. In the third generation systems with many service providers, a wide range of services, and a diverse user population, authentication mechanisms with the on-line TTP provide a far from ideal solution. In this paper we present an efficient public-key protocol for mutual authentication and key exchange designed for value-added services in the third generation mobile telecommunications systems. The proposed ticket based authentication and payment protocol provides an efficient way for VASP to check the recoverability of costs without communication with the on-line TTP Furthermore, the proposed ticket based protocol can provide anonymous service usage for a mobile user.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.17 no.5
• /
• pp.1471-1483
• /
• 2023

One of the fastest-growing mobile services accessible today is mobile payments. For the safety of this service, the Near Field Communication (NFC) technology is used. However, NFC standard protocol has prioritized transmission rate over authentication feature due to the proximity of communicated devices. Unfortunately, an adversary can exploit this vulnerability with an antenna that can eavesdrop or alter the exchanged messages between NFC-enabled devices. Many researchers have proposed authentication methods for NFC connections to mitigate this challenge. However, the security and privacy of payment transactions remain insufficient. We offer a privacy-preserving, anonymity-based, safe, and efficient authentication protocol to protect users from tracking and replay attacks to guarantee secure transactions. To improve transaction security and, more importantly, to make our protocol lightweight while ensuring privacy, the proposed protocol employs a secure offline session key generation mechanism. Formal security verification is performed to assess the proposed protocol's security strength. When comparing the performance of current protocols, the suggested protocol outperforms the others.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2006.05a
• /
• pp.187-190
• /
• 2006

TETRA system provides the radio authentication service which permits only authorized radio to access network. Radio authentication is the process which checks the sameness of authentication-key(K) by challenge-response protocol between radio and authentication center. This paper analyzes authentication-key generation/delivery/injection model in TETRA authentication system and analyzes the threat of clone radio caused by authentication-key exposure.

• Journal of the Korea Society of Computer and Information
• /
• v.9 no.2
• /
• pp.41-48
• /
• 2004

Access control protocol have verified security of external mobile terminal that access to inner information sever at Ubiquitous ages. In this paper, I would design for If Access Control Protocol of considering operation time when make cipher digital signature. Public key are used Individual identification number that issued from certify communication company, and cipher algorithm are used ECDSA definition factor for generation and verification of digital signature and it used Elliptic Curve with over 160 bit Key. Also, Access control operate on If level that designed IPv6 frame architecture. I would conclude that IP Access Control Protocol have verified security and improved performance in operation time more 4 times than before protocols when through the communication of use cipher digital signature for authentication and verification.

• Journal of Communications and Networks
• /
• v.17 no.5
• /
• pp.453-462
• /
• 2015

Body area networks (BANs) have emerged as an enabling technique for e-healthcare systems, which can be used to continuously and remotely monitor patients' health. In BANs, the data of a patient's vital body functions and movements can be collected by small wearable or implantable sensors and sent using shortrange wireless communication techniques. Due to the shared wireless medium between the sensors in BANs, it may be possible to have malicious attacks on e-healthcare systems. The security and privacy issues of BANs are becoming more and more important. To provide secure and correct association of a group of sensors with a patient and satisfy the requirements of data confidentiality and integrity in BANs, we propose a novel enhanced secure sensor association and key management protocol based on elliptic curve cryptography and hash chains. The authentication procedure and group key generation are very simple and efficient. Therefore, our protocol can be easily implemented in the power and resource constrained sensor nodes in BANs. From a comparison of results, furthermore, we can conclude that the proposed protocol dramatically reduces the computation and communication cost for the authentication and key derivation compared with previous protocols. We believe that our protocol is attractive in the application of BANs.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.5
• /
• pp.885-896
• /
• 2013

MTC(Machine Type Communications), providing a variety of services anytime and anywhere by connecting the cellular network to the machine and things without human intervention, is being considered as a major challenge of the next-generation communications. Currently, When a massive MTC devices simultaneously connect to the network, each MTC device needs an independent access authentication process. Because of this process, authentication signaling congestion and overload problems will cause in LTE-Advanced. In this paper, we propose a group-based authentication protocol and a key management protocol. For managing the MTC devices as group units, the proposed protocol elects a group leader and authentications only once with the core network. After the authentication is completed, a group leader manages the rest members and MME(Mobility Management Entity) by constructing a binary tree. Finally, the propose protocol analysis show that the proposed protocol not only can reduces the authentication signaling which generated in between the MTC devices and the core network but also can manages the MTC devices, efficiently.

• The KIPS Transactions:PartC
• /
• v.13C no.2 s.105
• /
• pp.137-146
• /
• 2006

Because the traditional public key-based cryptosystems are unsuitable for the sensor node with limited computational and communication capability, a secure communication between two neighbor sensor nodes becomes an important challenging research in sensor network security. Therefore several session key establishment protocols have been proposed for that purpose. In this paper, we analyzed and compared the existing session key establishment protocols based on the criterions of generation strategy and uniqueness of the session key, connectivity, overhead of communication and computation, and vulnerability to attacks. Based on the analysis results, we specify the requirements for the secure and efficient protocols for establishing session keys. Then, we propose an advanced protocol to satisfy the specified requirements and verify the superiority of our protocol over the existing protocols through the detailed analysis.

• Journal of Digital Convergence
• /
• v.12 no.3
• /
• pp.237-242
• /
• 2014

Recently, wind energy is expanding to combination of computing to forecast of wind power generation as well as intelligent of wind powerturbine. Wind power is rise and fall depending on weather conditions and difficult to predict the output for efficient power production. Wind power is need to reliably linked technology in order to efficient power generation. In this paper, distributed power generation forecasts to enhance the predicted and actual power generation in order to minimize the difference between the power of distributed power short-term prediction model is designed. The proposed model for prediction of short-term combining the physical models and statistical models were produced in a physical model of the predicted value predicted by the lattice points within the branch prediction to extract the value of a physical model by applying the estimated value of a statistical model for estimating power generation final gas phase produces a predicted value. Also, the proposed model in real-time National Weather Service forecast for medium-term and real-time observations used as input data to perform the short-term prediction models.

• Journal of Korea Multimedia Society
• /
• v.16 no.12
• /
• pp.1413-1426
• /
• 2013

RFID thecnology has been widely adopted by industries for supply chain management. When a product item is manufactured RFID tag is attached to the product item and supply chain management among factories, distributors, retailers and customers needs to handle ownership transfer for the product item carefully. With RFID technology, the secure and efficient ownership transfer protocol is an important issue for the identification of product items and the overall system efficiency on supply chain. Many ownership transfer protocols have been proposed now. They have security problems and use complex operations such as encryption operation and hash function. Lo et al. proposed a protocol using lightweight operations such as shift, addition, XOR, and random number generation[1]. However, this protocol has a security problem in which the secret key between the tag and the new owner is disclosed to the attackers, and it is also weak against the Fraud attack[2]. In this paper, we propose a new ownership transfer protocol using lightweight operations such as shift, addition, and random number generation. This protocol is the modified version of Lo et al.'s protocol and is secure against the security attacks.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.20 no.10
• /
• pp.1912-1918
• /
• 2016

MPTCP(Multipath Transmission Control Protocol) is able to compose many TCP paths when two hosts connect and the data is able to be transported through these paths simultaneously. When a new path is added, the authentication between both hosts is necessary to check the validity of host. So, MPTCP exchanges a key when initiating an connection and makes a token by using this key for authentication. However the original MPTCP is vulnerable to MITM(Man In The Middle) attacks because the key is transported in clear text. Therefore, we applied a ECDH(Elliptic Curve Diffie-Hellman) key exchange algorithm to original MPTCP and replaced the original key to the ECDH public key. And, by generating the secret key after the public key exchanges, only two hosts is able to make the token using the secret key to add new subflow. Also, we designed and implemented a method supporting encryption and decryption of data using a shared secret key to apply confidentiality to original MPTCP.