• The KIPS Transactions:PartC
• /
• v.9C no.4
• /
• pp.551-562
• /
• 2002

We usually applied PPP CHAP when the visited ISP subscriber accesses to authentication server in own home ISP network and IP Assignment for remote Internet service. But PPP CHAP doesn't support in case of visited ISP subscriber in GPRS network accesses to authentication sorrel in own home ISP network for wireless Internet service. We suggest solution for this problem with PPP CHAP improvement. For this we propose the modified PPP CHAP message format, PCO Message format at MT, and interworking message and format between GGSN and RADIUS in home ISP network for wireless internet service of mobile ISP subscriber at GPRS network in this paper. We also show authentication results when visited mobile ISP subscriber via PPP CHAP at GPRS network accesses the RADIUS server in home ISP network.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2017.05a
• /
• pp.258-259
• /
• 2017

Recently, as science and technology is very growing, wire and wireless communication is merged and interconnected. Therefore, advanced internet technology allow all kinds of communication to integrate with heterogeneous device and sensors. The representative example is smart home network based on internet of things. Communication surroundings under IoT services are more complex. Conventional encryption techniques can't provide to IoT application because of its limited resources such as small memory capacity and low computing power. In this paper, we analyzed authentication procedure between home gateway and node in sensor under smart home network.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.13 no.4
• /
• pp.13-23
• /
• 2017

In order to protect personal information and important information (confidential information, sales information, user information, etc.) in the internal network, companies and organizations apply encryption to the Server-To-Server or Server-To-Client communication section, And are experiencing difficulties due to the increasing number of known attacks and intelligent security attacks. In order to apply the existing S / W encryption technology, it is necessary to modify the application. In the financial sector, "Comprehensive Measures to Prevent the Recurrence of Personal Information Leakage in the Domestic Financial Sector" has been issued, and standard guidelines for financial computing security have been laid out, and it is required to expand the whole area of encryption to the internal network. In addition, even in environments such as U-Health and Smart Grid, which are based on the Internet of Things (IoT) environment, which is increasingly used, security requirements for each collection gateway and secure transmission of the transmitted and received data The requirements of the secure channel for the use of the standard are specified in the standard. Therefore, in this paper, we propose a secure encryption algorithm through mutual authentication and grouping for each node through H / W based Network Control Server (NCS) applicable to internal system and IoT environment provided by enterprises and organizations. We propose a protocol design that can set the channel.

• Convergence Security Journal
• /
• v.23 no.1
• /
• pp.63-68
• /
• 2023

In this study, in relation to blockchain protocol and network security, we study the configuration of blockchain and encryption key management methods on smart contracts so that we can have a strong level of response to MITM attacks and DoS/DDoS attacks. It is expected that the use of blockchain technology with enhanced security can be activated through respond to data security threats such as MITM through encryption communication protocols and enhanced authentication, node load balancing and distributed DDoS attack response, secure coding and vulnerability scanning, strengthen smart contract security with secure consensus algorithms, access control and authentication through enhanced user authentication and authorization, strengthen the security of cores and nodes, and monitoring system to update other blockchain protocols and enhance security.

• Convergence Security Journal
• /
• v.4 no.2
• /
• pp.53-60
• /
• 2004

We describe CHAP authentication for roaming service method of visited ISP subscriber on GPRS network. We also illustrate how visited mobile ISP subscriber can access ISP server and authenticate RADIUS in home network via Gateway GPRS Support Node (GGSN) on GPRS/UMTS network for wireless internet service and roaming. For this we propose the modified CHAP message format, PCO Message format at MT, and interworking message and format between GGSN and RADIUS in home ISP network for wireless internet service of mobile ISP subscriber at GPRS network in this paper. We also show authentication results when visited mobile ISP subscriber via CHAP at GPRS network accesses the RADIUS server in home ISP network.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.13 no.3
• /
• pp.43-51
• /
• 2017

MANET consists of only wireless nodes having limited processing capability. It processes routing and data transmission through cooperation among each other. And it is exposed to many attack threats due to the dynamic topology by movement of nodes and multi-hop communication. Therefore, the reliability of transmitted data between nodes must be improved and security of integrity must be high. In this paper, we propose a method to increase the reliability of transmitted data by providing a secure cryptography protocol. The proposed method used a hierarchical structure to provide smooth cryptographic services. The cluster authentication node issues the cluster authentication key pair and unique key to the nodes. The nodes performs the encryption through two steps of encryption using cluster public key and block encryption using unique key. Because of this, the robustness against data forgery attacks was heightened. The superior performance of the proposed method can be confirmed through comparative experiment with the existing security routing method.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.17 no.3
• /
• pp.938-957
• /
• 2023

The limited computing power of sensor nodes in wireless sensor networks (WSNs) and data tampering during wireless transmission are two important issues. In this paper, we propose a scheme for independent individual authentication of WSNs data based on digital watermarking technology. Digital watermarking suits well for WSNs, owing to its lower computational cost. The proposed scheme uses independent individual to generate a digital watermark and embeds the watermark in current data item. Moreover, a sink node extracts the watermark in single data and compares it with the generated watermark, thereby achieving integrity verification of data. Inherently, individual validation differs from the grouping-level validation, and avoids the lack of grouping robustness. The improved performance of individual integrity verification based on proposed scheme is validated through experimental analysis. Lastly, compared to other state-of-the-art schemes, our proposed scheme significantly reduces the false negative rate by an average of 5%, the false positive rate by an average of 80% of data verification, and increases the correct verification rate by 50% on average.

• Journal of the Institute of Electronics Engineers of Korea CI
• /
• v.42 no.3 s.303
• /
• pp.1-8
• /
• 2005

At IETF (Internet Engineering Task Force), recently RFC3775, RFC3776 documents about the mobile IPv6 were standardized by IETF (Internet Engineering Task Force). Those specifications propose that during the roaming, the mobile node sends securely the binding update to the home agent and the correspondent node after setting the security association between Mobile Node and Home Agent. But there is no secure bootstrapping method between a mobile node and a home agent at the two RFC documents. This paper proposed a method for the secure bootstrapping between a mobile node and a home agent. This makes the authentication, binding update, home agent assignment, security association distribution through the AAA-based secure channel between mobile node and home agent. And the proposed method was analyzed in the view of the procedure, round trip and security strength.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.37 no.5B
• /
• pp.385-394
• /
• 2012

The tactical mobile communication network, which comprises a part of the next-generation Tactical Information and Communication Network (TICN), provides means of communication and control for Tactical Multi-Functional Terminals (TMFT) belonging to a Mobile Subscriber Access Point (MSAP). The next-generation of MSAP is capable of constructing a backbone network via LCTR and HCTR directional antennas. At the same time, WMN modules are used to create and manage a wireless mesh backbone. When directional antennas are used in mobile environments, seamless services cannot be efficiently supported as the movement of the node prevents the angle of the antenna to constantly match. Therefore, data communication through the wireless mesh networks is required to provide direct communication between mobile MSAPs. Accordingly, mutual authentication and data encryption mechanisms are required to provide reliable data transmission in this environment. To provide efficient mutual authentication between MSAP devices, the process of verifying a certificate of the other MSAP device through its own authentication server is required. This paper proposes mutual authentication mechanisms where the MSAP requiring authentication and the MSAP that permits it initiates low-cost and efficient authentication in a distributed way. More specifically, we propose a method of applying EAP-ELS (Extensible Authentication Protocol-Transport Layer Security) in the next-generation TICN.

• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.46 no.9
• /
• pp.39-45
• /
• 2009

When Mobile IPv6 is deployed in commercial network, a mobile node needs AAA services for an authentication, authorization and accounting. AAA and Mobile IPv6 are protocols which are operated independently. Then schemes which merge these protocols have been emerged. These schemes can enable a mobile node to establish a security association between the mobile node and a home agent and to perform a binding update for the home agent using AAA authentication request. But these schemes introduce many signal messages and long handover latency during the handover, since Route Optimization mode for Mobile Ipv6 is performed using Return Routability procedure. To solve this problem, we propose a scheme for Route Optimization mode that the home agent performs the binding update for a correspondent node via the AAA infrastructure between the home agent and the correspondent node instead of Return Routability procedure. For performance evaluation, we analyze signal message transmission costs and handover latencies during handover. We show performance improvement of the proposed scheme which reduces handover latency as 61% compared with the existing scheme.