• Smart Media Journal
• /
• v.13 no.4
• /
• pp.76-85
• /
• 2024

In this paper, we propose a system that improves the data integrity of IoT(Internet of Things) devices in the virtual environment by combining Hyperledger Indy and MQTT(Message Queuing Telemetry Transport). The system complements the limitations of the centralized system by realizing a DPKI(Decentralized Public Key Infrastructure) structure that utilizes a distributed network in publish-subscribe(pub/sub) pattern communication. Digital signature technology was applied to ensure the data integrity of IoT devices and communication scenarios between the four core components of the client, IoT device, broker, and blockchain, as well as a topic structure using a decentralized identifier to ensure safety in the virtual environment. We present a systematic method for transparent data exchange. To prove the performance of the proposed system, this paper conducted experiments on four scenarios and evaluated communication performance in a virtual environment. The experimental results confirmed that the proposed system provides a reliable IoT data communication structure in a virtual environment.

• Proceedings of the IEEK Conference
• /
• 2002.07b
• /
• pp.948-950
• /
• 2002

IPSec authentication provides support for data integrity and authentication of IP packets. Authentication is based on the use of a message authentication code(MAC). Hash function algorithm is used to produce MAC , which is referred to HMAC. In this paper, we propose a cryptographic accelerator using FPGA implementations. The accelator consists of a hash function mechanism based on MD5 algorithm, and a public-key generator based on a Elliptiv Curve algorithm with small scale of circuits. The accelator provides a messsage authentification as well as a digital signature. Implementation results show the proposed cryptographic accelerator can be applied to IPSec authentications.

• 한국IT서비스학회:학술대회논문집
• /
• 2002.11a
• /
• pp.374-378
• /
• 2002

웹을 이용한 서비스는 위와 같은 여러 장점을 가지고 있지만 각종 데이터 및 문서가 웹 상에 존재하므로 가상공간에서의 문서의 처리가 위조나 변경이 가능하다. 이러한 웹 상에서의 전송 시 발생할 수 있는 수많은 역기능들을 줄일 수 있는 가장 강력한 방법은 암호 응용 기술을 전자상거래 시스템 구축에 사용함으로써, 기밀성(confidentiality), 무결성(integrity), 인증(authentication) 등의 보안 서비스를 제공하는 것이다. 이에 본 논문에서는 현재 진행중인 표준화 단체의 동향을 파악하고 WS-Security 명세서를 통해 웹 서비스 보안의 전반적인 기술을 분석한다.

• Proceedings of the KAIS Fall Conference
• /
• 2009.05a
• /
• pp.421-424
• /
• 2009

SCADA control systems and protocols are developed based on reliability, availability, and speed but with no or little attention paid to security. Specifically in Modbus protocol, there are inherent security vulnerabilities in their design. The lack of common security mechanisms in the protocol such as authentication, confidentiality and integrity must be addressed. In this paper, security vulnerabilities of Modbus-based SCADA controls systems will be studied. An in-depth analysis of the message frame formats being sent between master and slave will be discussed to expose the security vulnerabilities. This will enable SCADA users to find ways to fix the security flaws of the protocol and design mitigation strategies to reduce the impact of the possible attacks. Security mechanisms are recommended to further enhance the security of SCADA control systems.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.8 no.6
• /
• pp.1982-2004
• /
• 2014

Wireless Mesh Networks (WMNs) are emerging as promising, convenient next generation wireless network technology. There is a great need for a secure framework for routing in WMNs and several research studies have proposed secure versions of the default routing protocol of WMNs. In this paper, we propose a security framework for Hybrid Wireless Mesh Protocol (HWMP) in WMNs. Contrary to existing schemes, our proposed framework ensures both end-to-end and point-to-point authentication and integrity to both mutable and non-mutable fields of routing frames by adding message extension fields to the HWMP path selection frame elements. Security analysis and simulation results show that the proposed approach performs significantly well in spite of the cryptographic computations involved in routing.

• The KIPS Transactions:PartC
• /
• v.16C no.3
• /
• pp.317-324
• /
• 2009

In this paper, a 4-way Handshake protocol in the IEEE 802.11i is analyzed in terms of both security and reliability. It is shown that the 4-way Handshake protocol breaks down under some conditions due to a MIC (message integrity code) failure, and a solution to fix it is proposed. It is also proposed that a new 2-way Handshake protocol which is more secure and efficient than the 4-way Handshake protocol.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2003.11c
• /
• pp.1737-1740
• /
• 2003

There are many security problems in the electronic payment system because it is built into the open network. Security problems include both system penetrations from outside and unauthorized access by the inside. Nevertheless, the integrity of messages can be guaranteed through a transfer message with the SEED and HASH encryption algorithm. This paper demonstrates how electronic payment system messages and the information they contain can be made safeguarded using the SEED and HASH encryption algorithm, even when there may be some information loss.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.3
• /
• pp.3-9
• /
• 2011

In this paper, we propose workload partitioning methods in parallelizing AES-CCM which is proposed as the wireless encryption and message integrity standard IEEE 802.11i. In parallelizing AES-CCM having data dependency, synchronizations among processors are required, and multi-core processors have a very large range of synchronization performance. We propose and compare the performance of various workload partitioning methods by considering both the computational characteristics of AES-CCM and the synchronization overhead.

• Journal of Positioning, Navigation, and Timing
• /
• v.12 no.4
• /
• pp.369-377
• /
• 2023

This paper presents the analysis results of navigation performance of Korea Augmentation Satellite System (KASS) test signals. Performance analysis was performed with Global Positioning System (GPS) and Satellite Based Augmentation System (SBAS) signals received from 7 KASS reference stations. And the performances were analyzed in terms of the signal strength, statistics for each SBAS message, coverage of ionospheric correction, accuracy, integrity, continuity, and availability. In addition, the navigation solutions provided by commercial receiver was analyzed and the performance experienced by general users was presented. Lastly, directions for further improvement of the KASS system were addressed. These performance analysis results can be used to confirm the feasibility of utilizing KASS in user applications.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.20 no.4
• /
• pp.41-52
• /
• 2010

Message authentication is an essential security element in vehicular ad-hoc network(VANET). For a secure message authentication, integrity, availability, privacy preserving skill, and also efficiency in various environment should be provided. RAISE scheme has been proposed to provide efficient message authentication in the environment crowded with lots of vehicles and generally considered to be hard to provide efficiency. However, as the number of vehicles communicating in the area increases, the overhead is also incurred in proportion to the number of vehicles so that it still needs to be reduced, and the scheme is vulnerable to some attacks. In this paper, to make up for the vulnerabilities in dense vehicular communication network, we propose a more secure and efficient scheme using a process that RSU(Road Side Unit) transmits the messages of neighbor vehicles at once with Bloom Filter, and timestamp to protect against replay attack. Moreover, by adding a handover function to the scheme, we simplify the authentication process as omitting the unnecessary key-exchange process when a vehicle moves to other area. And we confirm the safety and efficiency of the scheme by simulating the false positive probability and calculating the traffic.