• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.4
• /
• pp.137-147
• /
• 2011

Because of the convergence between Internet and broadcast communication, users are able to use multimedia contents anytime. In addition, with the change of existing one-way service to two-way service, the provider can offer efficient and useful broadcast communication. However, As multimedia contents is provided by STB, it can validate only end-node STB. Thus, this method is limiting possibilities of individual service. Also, providers' STB are different, so problem of compatibility is emerging as an issue. Therefore, in this paper we proposed STB virtualization based enhanced IPTV user authentication system to improve individual authentication and compatibility of services.

• Journal of information and communication convergence engineering
• /
• v.8 no.2
• /
• pp.129-135
• /
• 2010

Wireless sensor networks (WSNs) are an emerging technology and offers economically viable monitoring solution to many challenging applications. However, deploying new technology in hostile environment, without considering security in mind has often proved to be unreasonably unsecured. Apparently, security techniques face many critical challenges in WSNs like data security and secrecy due to its hostile deployment nature. In order to resolve security in WSNs, we propose a novel and efficient secure framework called TriSec: a secure data framework for wireless sensor networks to attain high level of security. TriSec provides data confidentiality, authentication and data integrity to sensor networks. TriSec supports node-to-node encryption using PingPong-128 stream cipher based-privacy. A new PingPong-MAC (PP-MAC) is incorporated with PingPong stream cipher to make TriSec framework more secure. PingPong-128 is fast keystream generation and it is very suitable for sensor network environment. We have implemented the proposed scheme on wireless sensor platform and our result shows their feasibility.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.2
• /
• pp.397-408
• /
• 2017

As mobile traffic increases rapidly, DMM (Distributed Mobility Management) has been proposed as a mobility management technology for seamless communication of mobile devices as mobile traffic increases rapidly. the DMM distributes mobility management from the core network to the edge network, enabling stable binding updates with low latency. However, the DMM still have network delay and security problems for sessions. In this paper, we point out the problems existing in the DMM and propose a new protocol in which the MN (Mobile Node) directly participates in authentication and mutual authentication is correctly performed to solve this problem. We demonstrate not only security improvements but also performance improvements with performance analysis.

• Journal of Internet Computing and Services
• /
• v.4 no.1
• /
• pp.19-25
• /
• 2003

Mobile IPv6 services exposes its vulnerability when a mobile node is roaming across the subnets which belongs to the different domains. The AAA Infrastructure Is strongly recommended when the ISPs need to authenticate the mobile user come from the different domains. In addition to the basic requirements for AAA service, the authentication latency and AAA message overhead should be minimized for contiguity of the service. This paper considers the roaming service with AAA infra structure in Mobile IPv6 and proposes the key distribution method to authenticate the mobile node with secure manner by reducing and optimizing the exchanged messages for AAA entities.

• Journal of the Korea Society of Computer and Information
• /
• v.13 no.2
• /
• pp.167-175
• /
• 2008

The current pre-distribution of secret keys uses a-composite random key and it randomly allocates keys. But there exists high probability not to be public-key among nodes and it is not efficient to find public-key because of the problem for time and energy consumption. We presents key establishment scheme designed to satisfy authentication and confidentiality, without the need of a key distribution center. Proposed scheme is scalable since every node only needs to hold a small number of keys independent of the network size, and it is resilient against node capture and replication due to the fact that keys are localized. In simulation result, we estimate process time of parameter used in proposed scheme and efficiency of Proposed scheme even if increase ECC key length.

• Proceedings of the Korean Information Science Society Conference
• /
• 2005.11a
• /
• pp.214-216
• /
• 2005

We consider Wireless Sensor Network Security (WSN) and focus our attention to tolerate damage caused by an adversary who has compromised deployed sensor node to modify, block, or inject packets. We adopt a probabilistic secret sharing protocol where secrets shared between two sensor nodes are not exposed to any other nodes. Adapting to WSN characteristics, we incorporate these secrets to establish new pairwise key for node to node authentication and design multipath routing to multiple base stations to defend against HELLO flood attacks. We then analytically show that our defense mechanisms against HELLO flood attack can tolerate damage caused by an intruder.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.12 no.9
• /
• pp.4183-4204
• /
• 2018

The existing en-route filtering schemes only consider some simple false data injection attacks, which results in lower safety performance. In this paper, we propose an efficient geographical information-based en-route filtering scheme (EGEFS), in which each forwarding node verifies not only the message authentication codes (MACs), but also the report identifier and the legitimacy and authenticity of locations carried in a data report. Thus, EGEFS can defend against not only the simple false data injection attacks and the replay attack, but also the collusion attack with forged locations proposed in this paper. In addition, we propose a new method for electing the center-of-stimulus (CoS) node, which can ensure that only one detecting node will be elected as the CoS node to generate one data report for an event. The simulation results show that, compared to the existing en-route filtering schemes, EGEFS has higher safety performance, because it can resist more types of false data injection attacks, and it also has higher filtering efficiency and lower energy expenditure.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.31 no.11B
• /
• pp.979-986
• /
• 2006

DSTM is one of the 1Pv6/IPv4 transition mechanisms using IPv4-in-IPv6 tunneling for communication between IPv6 node with dual stack and Ipv4-only node. In DSTM, the DSTM server using the DHCPv6 is vulnerable to DoS attacks which can exhaust the IPv4 address pool. In this paper, an authentication model using a HRAA (Human Recognition Address Allocation) scheme was proposed to protect DHCP server against DoS attacks. The proposed authentication model in DSTM that uses an image file for verification is effective because only human can respond to the challenge for authenticated address allocation. The proposed model can be used anytime and anywhere in a DSTM domain, and is secure against DoS attacks.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.6
• /
• pp.1247-1260
• /
• 2021

For more efficient energy management of nodes in wireless sensor networks, research has been conducted on mobile sink nodes that deliver data from sensor nodes to server recently. UAV (Unmanned Aerial vehicle) is used as a representative mobile sink node. Also, most studies on UAV propose algorithms for calculating optimal paths and have produced rapid advances in the IoD (Internet of Drones) environment. At the same time, some papers proposed mutual authentication and secure key exchange considering nature of the IoD, which requires efficient creation of multiple nodes and session keys in security perspective. However, most papers that proposed secure communication in mobile sink nodes did not protect end-to-end data privacy. Therefore, in this paper, we propose integrated security model that authentication between mobile sink nodes and sensor nodes to securely relay sensor data to base stations. Also, we show informal security analysis that our scheme is secure from various known attacks. Finally, we compare communication overhead with other key exchange schemes previously proposed.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.16 no.6
• /
• pp.95-101
• /
• 2016

With the rapid development of Internet and communication network technology, various studies had proceeded to develop the technology of wireless sensor networks. Authentication schemes for user and sensor are critical and important security issue to use wireless sensors legally. First, Das introduce a user authentication scheme using smart card and password for wireless sensor networks, various studies had proceeded. Chem et al. suggested a secure user authentication scheme against smart card loss attack but Chen et al. scheme does not still resolve some security vulnerability such as perfect forward secrecy, session key exposure by gateway node, anonymity, and the password check. To resolve the problems, this paper proposes a security enhanced user authentication using the fuzzy extraction, elliptic curves cryptography and dynamic ID and analyzes the security.