• The Journal of the Korea institute of electronic communication sciences
• /
• v.15 no.3
• /
• pp.433-438
• /
• 2020

Nodes on a data communication path in a wireless network emit electro-magnetic waves whenever they transmit packets; thus, the path can be exposed and identified with capturing and analyzing a sequence of the signals emitted there. One of countermeasures against a malicious eavesdropper is to let certain nodes mimic the nodes on the data path in sending dummy packets. In this paper we propose a packet transfer protocol which establishes the shortest path between source-destination pair a time and restricts heavy generation of dummy packets. We verify the location-privacy of a node on the communication paths through simulation.

• Proceedings of the Korea Multimedia Society Conference
• /
• 2004.05a
• /
• pp.131-134
• /
• 2004

위치기반서비스(Location Based Service)는 이동중인 사용자의 위치 정보를 타 정보와 결합해 사용자가 요청, 혹은 필요로 하는 부가적인 응용 서비스를 제공하기 위한 기술을 말한다. 현재의 개인 위주의 서비스에서 국가 전반적인 인프라 차원으로 급속히 확대 발전함에 따라 사용자의 프라이버시(Privacy) 문제나 접근제어와 같은 인증문제가 중요한 이슈로 대두되고 있다. 본 논문에서는 LBS 기업체 동향 및 전반적인 사항을 분석하여 문제점을 도출하고 LBS 프라이버시(Privacy) 보호를 위한 접근제어 문제, 인증 문제 및 키 신규성 확인 기능을 제공하는 타원곡선 기반의 인증 및 키 교환 프로토콜 기술을 제시한다.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.32 no.3C
• /
• pp.348-354
• /
• 2007

RFID system is emerging new technology for ubiquitous computing environment. RFID system, however, provides privacy problems while the technology offers incredible rich opportunities for applications in the filed of logistics, distribution, and medical services, etc. Many researches have been conducted in order to solve this problem, but the current RFID authentication protocols are still insufficient for settling the privacy problem in the point of view of privacy intrusion and system efficiency. The purpose of this paper is to present a RFID mutual authentication protocol which improves safety level, compared with current authentication protocols. The proposed authentication protocol can provide mutual authentication services, and is secure against location tracing, spoofing, reflection attack.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.14 no.6
• /
• pp.57-68
• /
• 2004

Recently, Radio Frequency Identification (RFID) systems stands in the spotlight of industry as a common and useful tool in manufacturing, supply chain management (SCM) and stock management. In the near future, low-cost RFID Electronic Product Code; (EPC) or smart-labels may be a practical replacement for optical barcodes on consumer items. However, manufacturing cheap and small RFID tags, and developing secure RFID authentication Protocols are problems which need to be solved. In spite of advances in semiconductor technology, computation and storage ability of the tag are so limited that it is difficult and too expensive to apply existing crypto-systems to RFID tags. Thus it is necessary to create a new protocol which would require less storage space and lower computation costs and that is secure in the RFID system's environments. In this paper, we propose a RFID authentication protocol that is secure against location tracking and spoofing attacks. Our protocol can be used as a practical solution for privacy protection because it requires less computations in database than the previous RFID authentication protocol.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.2
• /
• pp.139-147
• /
• 2011

More convenient and value-added application services can be provided to user in case of using location-based service on Smart phone. However, privacy problem will be happen when an application disclosures the personal location information. Therefore, each user should securely control and manage his own personal location information by specifying access control list and profiles. In this study, we implemented personal location information self-control protocol and developed secure personal location management system with OTP based authentication procedure.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.10 no.12
• /
• pp.2193-2201
• /
• 2006

In related to mobile communication environment. Kesdogan and Pfitzmann[1,2,3] proposed solutions using temporary pseudonym identification, called TP(Temporary Pseudonym) to solve the problems concerning current locations of mobile users and exposure of their movements in the privacy aspect. After that, we proposed more improved method protecting mobile users from active attacks of network providers in [4]. But it is the case that mobile users are located in only home domain. As a more extended method. we propose new mobile terminated protocol protecting user privacy in case of moving from the home domain to the remote domain and analyze its security.

• The KIPS Transactions:PartC
• /
• v.19C no.1
• /
• pp.9-18
• /
• 2012

In 2010, Pedro et al. proposed RFID distance bounding protocol based on WSBC cryptographic puzzle. This paper points out that Pedro et al.'s protocol not only is vulnerable to tag privacy invasion attack and location tracking attack because an attacker can easily obtain the secret key(ID) of a legal tag from the intercepted messages between the reader and the tag, but also requires heavy computation by performing symmetric key operations of the resource limited passive tag and many communication rounds between the reader and the tag. Moreover, to resolve the security weakness and the computation/communication efficiency problems, this paper also present a new RFID distance bounding protocol based on WSBC cryptographic puzzle that can provide strong security and high efficiency. As a result, the proposed protocol not only provides computational and communicational efficiency because it requires secure one-way hash function for the passive tag and it reduces communication rounds, but also provides strong security because both tag and reader use secure one-way hash function to protect their exchanging messages.

• Journal of the Korea Society of Computer and Information
• /
• v.12 no.6
• /
• pp.193-200
• /
• 2007

There is an advantage that RFID system is better than previous bar code system in storage ability and noncontact property. But, everyone can easily receive the transmitting information by using RF signal. So, there is a problem that system security and personal privacy are threatened. In this paper, I propose RFID system that is secure against attacks like eavesdropping, replay, spoofing and location tracking and can efficiently provide mutual authentication services between reader and tag. The proposed RFID system can be used in various sections of ubiquitous computing environment.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.30 no.6C
• /
• pp.593-600
• /
• 2005

Recently, RFID system is a main technology to realize ubiquitous computing environments. Because RFID system that is an automatic identification technology using radio frequency is a system to read and write the data of the entity. Therefore, many companies are interested in RFID system to reduce supply chain management and inventory control cost. However, for providing secure service, RFID authentication technology secure against tracking by an adversary is researched first. In this paper, we proposed security level based RFID authentication protocol providing reduce computational and communicational workload in the back-end database. The proposed protocol is secure against reply attack, spoofing attack, traffic analysis, and location privacy, since the proposed protocol based on the security of the hash function.

• Journal of Information Processing Systems
• /
• v.7 no.1
• /
• pp.121-136
• /
• 2011

With the rapid growth of GPS-enable Smartphones, the interest on using Location Based Services (LBSs) has increased significantly. The evolution in the functionalities provided by those smartphones has enabled them to accurately pinpoint the location of a user. Because location information is what all LBSs depend on to process user's request, it should be properly protected from attackers or malicious service providers (SP). Additionally, maintaining user's privacy and confidentiality are imperative challenges to be overcome. A possible solution for these challenges is to provide user anonymity, which means to ensure that a user initiating a request to the SP should be indistinguishable from a group of people by any adversary who had access to the request. Most of the proposals that maintain user's anonymity are based on location obfuscation. It mainly focuses on adjusting the resolution of the user's location information. In this paper, we present a new protocol that is focused on using cryptographic techniques to provide anonymity for LBSs users in the smartphone environment. This protocol makes use of a trusted third party called the Anonymity Server (AS) that ensures anonymous communication between the user and the service provider.