• Journal of the Korea Society of Computer and Information
• /
• v.16 no.3
• /
• pp.251-260
• /
• 2011

In this paper, we proposed a scheme that it safely exchanges encrypted keys without Trust Third Party (TTP) and Pre-distributing keys in multi-hop clustering sensor networks. Existing research assume that it exists a TTP or already it was pre-distributed a encrypted key between nodes. However, existing methods are not sufficient for USN environment without infrastructure. Some existing studies using a random number Diffie-Hellman algorithm to solve the problem. but the method was vulnerable to Replay and Man-in-the-middle attack from the malicious nodes. Therefore, authentication problem between nodes is solved by adding a ��TESLA. In this paper, we propose a modified Diffie-Hellman algorithm that it is safe, lightweight, and robust pair-wise agreement algorithm by adding One Time Password (OTP) with timestamp. Lastly, authentication, confidentiality, integrity, non-impersonation, backward secrecy, and forward secrecy to verify that it is safe.

• Journal of the Korean Society of Fisheries and Ocean Technology
• /
• v.41 no.4
• /
• pp.306-315
• /
• 2005

The distribution and composition of marine floating debris were recorded from a training ship 'Kyeongyang' of Gangwon Provincial University at May 19-29, 2004 and Aug.24-31, 2004. The sampled area is the middle part of East Sea of Korea(the coast of Gangwondo and region of Ulleung island and Tokdo), divided into 27 unit segments on survey areas. Debris fabrication materials were categorized with 6 items using the following; styrofoam, paper & cardboard, net & rope, vinyl & plastic, floating metal & glass, man-made or natural wood. From the investigation on May,2004, total numbers of marine floating debris in the middle part of the East Sea of Korea was 996 individuals. The No. 1 and No. 2 unit segment located at south-west region of Ulleung Island showed higher density than others. The styrofoam and vinyl & plastic accounted for 72.8% of all debris fabrication materials. From the investigation on August, 2004, total numbers of marine floating debris in the coast of the Gangwondo of Korea was 2,473 individuals. The No. 13 and No. 14 unit segment located at the vicinity of Samcheok showed higher density than others. The styrofoam and vinyl & plastic amounted to 76.1%. In the coast of the Gangwondo, the vinyl & plastic showed the highest density of 6 items were 41.3% and 68.0% on May and August, respectively. The total numbers of marine floating debris on May and August were 3,399 individuals. Vinyl & plastic accounted for 59.4%(2,019 ind.) among all debris, next styrofoam 15.8%(537 ind.) and wood 11.2%(379 ind.).

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.34 no.4B
• /
• pp.377-386
• /
• 2009

IPTV technology for providing multimedia content with high-speed is the network which combines existing network, multimedia and internet technology etc. But internet, broadcasting and web technologies which is now being used is not optimized to IPTV because the security problem between user who gets content service through mobile units and content server is not guaranteed. This paper proposes user certification mechanism between mobile device and content server to receive the service which the user for the content chooses by mobile device safely. The proposed mechanism uses the random number which user creates and certification token for preventing illegal user who uses other's service that already paid. Also the proposed protocol encrypts the delicate data like user's information or profile using shared-key between java card attached on user's mobile device and grant sewer and then prevents reply attack which happens often in wireless section and man-in-the-middle attack by MAC.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.10 no.3
• /
• pp.572-578
• /
• 2009

Bindu et al. pointed out that Chein et al. scheme is insecure insider attack and man-in-middle attack. And then they proposed new one. In the paper, However, Bindu et al's scheme also have some problems; It is strong masquerading server/user attack and restricted reply attack. Hence we proposed improved scheme. finally, we completely had evaluated the one's security on strong masquerading server/user attack, Insider attack, Restricted attack, Stolen-verifier attack and forward secrecy. In this paper, although proposed scheme includes more operation than Bindu et al. scheme, our scheme overcomes problems of Bindu et al. scheme by the operation that is light as not to influence on modern computing technology.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.20 no.10
• /
• pp.1912-1918
• /
• 2016

MPTCP(Multipath Transmission Control Protocol) is able to compose many TCP paths when two hosts connect and the data is able to be transported through these paths simultaneously. When a new path is added, the authentication between both hosts is necessary to check the validity of host. So, MPTCP exchanges a key when initiating an connection and makes a token by using this key for authentication. However the original MPTCP is vulnerable to MITM(Man In The Middle) attacks because the key is transported in clear text. Therefore, we applied a ECDH(Elliptic Curve Diffie-Hellman) key exchange algorithm to original MPTCP and replaced the original key to the ECDH public key. And, by generating the secret key after the public key exchanges, only two hosts is able to make the token using the secret key to add new subflow. Also, we designed and implemented a method supporting encryption and decryption of data using a shared secret key to apply confidentiality to original MPTCP.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.13 no.4
• /
• pp.1839-1848
• /
• 2012

Recently, smartphone communications using Wi-Fi channel are increasing rapidly to provide diverse internet services. The WPA security protocol was used for data protection between user and wireless AP. However, WPA-PSK protocol was known to be weak to the dictionary attack. In this paper, we proposed a secure WPA-PSK protocol to resist the dictionary attack. Since the proposed method was designed to generate a strong encryption key which is combined the Diffie-Hellman key agreement scheme with secrecy property of PSK(Pre-Shared Key), we can protect the Wi-Fi channel from Man-In-The-Middle attack and Rogue AP impersonation attack.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.29 no.3C
• /
• pp.426-435
• /
• 2004

The DIAMETER protocol provides Authentication, Authorization, and Accounting (AAA) transactions across the Internet. SIP(Session Initiation Protocol) will be used for new types of signaling, such as instant messaging and application level mobility across networks. And SIP will be a major signaling protocol for next generation wireless networks. But the Digest authentication scheme is not using a secure method of user authentication in SIP, and it is vulnerable to man-in-the-middle attacks or dictionary attacks. This study focused on designing a SIP proxy for interworking with AAA server with respect to user authentication and security analysis. We compared and analyzed the security aspects of the scenarios and propose two proposals that a response which include the user address and password-based mutual authentication and key agreement protocol. It is claimed to be more secure against common attacks than current scenarios.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.3
• /
• pp.431-444
• /
• 2013

Widespread use of smartphones and wireless LAN accompany a threat called rogue AP. When a user connects to a rogue AP, the rogue AP can mount the man-in-the-middle attack against the user, so it can easily acquire user's private information. Many researches have been conducted on how to detect a various kinds of rogue APs, and in this paper, we are going to propose an algorithm to identify and detect a rogue AP that impersonates a regular AP by showing a regular AP's SSID and connecting to a regular AP. User is deceived easily because the rogue AP's SSID looks the same as that of a regular AP. To detect this type of rogue APs, we use a machine learning algorithm called SVM(Support Vector Machine). Our algorithm detects rogue APs with more than 90% accuracy, and also adjusts automatically detection criteria. We show the performance of our algorithm by experiments.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.19 no.2
• /
• pp.105-115
• /
• 2009

At the most recent, IPTV service is increasing, which isa communicative broadcasting fusion service that provides various multimedia contents interactively followed by user's request through super high-speed internet. For IPTV user service with high mobility, IPTV user's enrollment is essential. However, IPTV service provided to mobile users can't provide the certification of mobile user securely. This paper proposes light user certification protocol which can certificate mobile users by attaching RFID to IPTV STB for secure awareness of mobile users who get IPTV service. The proposed protocol prevent reply attack and man-in-the-middle attack from happening oftenin a wireless section by transmitting the result value hashed by hash function with both its' ID and random number received from tag after tag transmits random number which generated randomly in the process of certification of mobile user to IPTV STB.

• Journal of the Korea Society of Computer and Information
• /
• v.12 no.1 s.45
• /
• pp.83-88
• /
• 2007

The goal of this research was to investigate the effect the computer game-based learning has on learning achievement in computer education for middle school students. To achieve this goal 74 middle schoolers were allocated into the experiment group(34 students) with the educational computer games class and the control group(34 students) with the traditional face-to-face class. After identifying the homogeneity of two groups through the pre-test, the experiment was carried out. As a result, the mean difference between the experiment group and the control group was statistically significant. That is, learning achievement of middle schoolers utilizing the computer games was higher than that of the face-to-face class. It is suggested that the game factors should be considered in designing the computer education.