• Title/Summary/Keyword: One Time Key

Search Result 1,285, Processing Time 0.033 seconds

An Individual Privacy Protection Design for Smart Tourism Service based on Location (위치 기반 스마트 관광 서비스를 위한 개인 프라이버시 보호 설계)

  • Cho, Cook-Chin;Jeong, Eun-Hee
    • The Journal of Korea Institute of Information, Electronics, and Communication Technology
    • /
    • v.9 no.5
    • /
    • pp.439-444
    • /
    • 2016
  • This paper proposes the technique to protect the privacy of those who uses Smart Tourism Service based on location. The proposed privacy protection technique (1) generates a shared private key, OTK(One Time Key) without information exchanging Users with a Tourism Server and provides Users and a Tourism Server with message confidentiality by encrypting data with the key, (2) concatenates users' ID, login time(timestamp), and randomly-generated nonce, generates OTK by hashing with a hash function, encrypts users' location information and query by using the operation of OTK and XOR and provides Users and a Tourism Server with message confidentiality by sending the encrypted result. (3) protects a message replay attack by adding OTK and timestamp. Therefore, this paper not only provides data confidentiality and users' privacy protection but also guarantees the safety of location information and behavior pattern data.

The One Time Biometric Key Generation and Authentication Model for Portection of Paid Video Contents (상용 비디오 콘텐츠 보호를 위한 일회용 바이오메트릭 키 생성 및 인증 모델)

  • Yun, Sunghyun
    • Journal of the Korea Convergence Society
    • /
    • v.5 no.4
    • /
    • pp.101-106
    • /
    • 2014
  • Most peoples are used to prefer to view the video contents rather than the other contents since the video contents are more easy to understand with both their eyes and ears. As the wide spread use of smartphones, the demands for the contents services are increasing rapidly. To promote the contents business, it's important to provide security of subscriber authentication and corresponding communication channels through which the contents are delivered. Generally, symmetric key encryption scheme is used to protect the contents in the channel, and the session key should be upadated periodically for the security reasons. In addition, to protect viewing paid contents by illegal users, the proxy authentication should not be allowed. In this paper, we propose biometric based user authentication and one time key generation models. The proposed model is consist of biometric template registration, session key generation and chanel encryption steps. We analyze the difference and benefits of our model with existing CAS models which are made for CATV contents protection, and also provides applications of our model in electronic commerce area.

KEY EXCHANGE PROTOCOL USING MATRIX ALGEBRAS AND ITS ANALYSIS

  • CHO SOOJIN;HA KIL-CHAN;KIM YOUNG-ONE;MOON DONGHO
    • Journal of the Korean Mathematical Society
    • /
    • v.42 no.6
    • /
    • pp.1287-1309
    • /
    • 2005
  • A key exchange protocol using commutative subalge-bras of a full matrix algebra is considered. The security of the protocol depends on the difficulty of solving matrix equations XRY = T, with given matrices R and T. We give a polynomial time algorithm to solve XRY = T for the choice of certain types of subalgebras. We also compare the efficiency of the protocol with the Diffie-Hellman key exchange protocol on the key computation time and the key size.

Advanced WLAN Authentication Mechanism using One-time Session Key based on the Vulnerability Analysis in Nespot Wireless Lan System (Nespot 무선랜 사용자 인증 취약점 분석 및 일회용 세션키 기반 무선랜 인증 기법)

  • Lee, Hyung-Woo
    • Journal of Korea Multimedia Society
    • /
    • v.11 no.8
    • /
    • pp.1101-1110
    • /
    • 2008
  • Nespot provides a convenient wireless internet connection service. The existing IEEE 802.1X EAP-MD5 authentication mechanism can be achieved based on ID/password information for a wireless connection. The Nespot system offers an advanced accounting and authorization procedure for providing wireless user authentication mechanism. However, many problems were found on the existing Nespot EAP-MD5 mechanism such as a ill value exposure, a leakage of personal information on wireless authentication procedure and a weakness on Nespot mutual authentication mechanism. Therefore, we analyzed the limitation of the existing IEEE 802.1X EAP-MD5 certification system, and suggested a one-time session key based authentication mechanism. And then we offered a simplified encryption function on the Nespot certification process for providing secure mutual authentication process.

  • PDF

A Design of Hadoop Security Protocol using One Time Key based on Hash-chain (해시 체인 기반 일회용 키를 이용한 하둡 보안 프로토콜 설계)

  • Jeong, Eun-Hee;Lee, Byung-Kwan
    • The Journal of Korea Institute of Information, Electronics, and Communication Technology
    • /
    • v.10 no.4
    • /
    • pp.340-349
    • /
    • 2017
  • This paper is proposed Hadoop security protocol to protect a reply attack and impersonation attack. The proposed hadoop security protocol is consists of user authentication module, public key based data node authentication module, name node authentication module, and data node authentication module. The user authentication module is issued the temporary access ID from TGS after verifing user's identification on Authentication Server. The public key based data node authentication module generates secret key between name node and data node, and generates OTKL(One-Time Key List) using Hash-chain. The name node authentication module verifies user's identification using user's temporary access ID, and issues DT(Delegation Token) and BAT(Block Access Token) to user. The data node authentication module sends the encrypted data block to user after verifing user's identification using OwerID of BAT. Therefore the proposed hadoop security protocol dose not only prepare the exposure of data node's secret key by using OTKL, timestamp, owerID but also detect the reply attack and impersonation attack. Also, it enhances the data access of data node, and enforces data security by sending the encrypted data.

A Secure S/KEY One-Time Password Authentication Scheme Using Smart Cards (스마트 카드를 이용한 안전한 S/KEY 일회용 패스워드 인증 스킴)

  • 윤은준;류은경;유기영
    • Proceedings of the Korean Information Science Society Conference
    • /
    • 2003.10a
    • /
    • pp.763-765
    • /
    • 2003
  • 본 논문에서는 RFC 1760 표준 S/KEY 일회용 패스워드 인증 스킴이 서버 스푸핑 공격 재시도 공격 오프라인 패스워드 공격, 능동적 공격 등 여러 가지 공격에 취약함에 대해서 설명하고 이들 공격에 안전한 스마트 카드를 이용한 새로운 스킴을 제안한다. 본 논문에서 제안한 스킴은 스마트 카드를 이용한 안전한 S/KEY 일회용 패스워드 인증 스킴으로 기존의 S/KEY 일회용 패스워드 인증 스킴의 보안 문제점을 개선하였으며 상호 인증을 가능하게 하는 새로운 스킴으로 여러 가지 안전성 향상을 보인다.

  • PDF

A Study on Encrypted Matrix Puzzle for Digital Contents Protection (디지털 컨텐츠 보호를 위한 메트릭스 퍼즐 암호화방법에 대한 연구)

  • Min, So-Yeon;Kim, Jung-Jae
    • Journal of the Korea Academia-Industrial cooperation Society
    • /
    • v.9 no.4
    • /
    • pp.936-944
    • /
    • 2008
  • DRM system is a technology that protects and manages copyright holder's privilege by using a copyright protection technology. This paper contributes to improvement of the secret key transmission and encryption/decryption processing time base on DRM system. In this paper, we will suggest that as follow: First, we will propose the algorithm to transmit the encryption key which use Multidimensional Method more safe than the existing One-path XOR method. Second, we will provide the high quality algorithm of security than the existing system because the Multidimensional which generated from the algorithm does not saved to the server side. Third, we will support the client decryption system which can decrypt the Multidimensional with OPT in decryption with client side. Fourth, we will adopt the more safr method of transmission with the compound of Multidimensional Method and OPT.

1D finite element artificial boundary method for layered half space site response from obliquely incident earthquake

  • Zhao, Mi;Yin, Houquan;Du, Xiuli;Liu, Jingbo;Liang, Lingyu
    • Earthquakes and Structures
    • /
    • v.9 no.1
    • /
    • pp.173-194
    • /
    • 2015
  • Site response analysis is an important topic in earthquake engineering. A time-domain numerical method called as one-dimensional (1D) finite element artificial boundary method is proposed to simulate the homogeneous plane elastic wave propagation in a layered half space subjected to the obliquely incident plane body wave. In this method, an exact artificial boundary condition combining the absorbing boundary condition with the inputting boundary condition is developed to model the wave absorption and input effects of the truncated half space under layer system. The spatially two-dimensional (2D) problem consisting of the layer system with the artificial boundary condition is transformed equivalently into a 1D one along the vertical direction according to Snell's law. The resulting 1D problem is solved by the finite element method with a new explicit time integration algorithm. The 1D finite element artificial boundary method is verified by analyzing two engineering sites in time domain and by comparing with the frequency-domain transfer matrix method with fast Fourier transform.

Wireless PKI for Reducing Certificate Acquisition Time According to Authentication Path

  • Choi Seung-Kwon;Cho Yong-Hwan;Shin Seung-Soo;Jang Yoon-Sik
    • International Journal of Contents
    • /
    • v.1 no.1
    • /
    • pp.29-34
    • /
    • 2005
  • In this paper, we proposed an advanced authentication structure for reducing the certificate acquisition time which is one of the factors that should be improved in a conventional wireless PKI. A conventional key exchange method simply performs the key exchange setup step based on discrete algebraic subjects. But the mutual-authentication procedure of wireless PKI for reducing authentication time uses an elliptical curve for a key exchange setup step. We simulated and compared the authentication structure proposed by Sufatrio, K. Lam[4] and proposed authentication structure in terms of the authentication time. Simulation results show that the proposed method reduces the authentication time compared to the conventional wireless PKI authentication method.

  • PDF

Design and Implementation of a Peer-to-Peer Data Sharing Scheme for Closed User Group with Security and Flexibility (보안성과 유연성을 갖춘 Peer-to-Peer 데이터 공유 기법의 설계 및 구현)

  • Lee Goo-Yeon;Lee Yong;Kim Hwa-Jong;Jeong Choong-Kyo;Lee Dong-Eun
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.15 no.4
    • /
    • pp.61-70
    • /
    • 2005
  • We propose and implement a flexible secure peer-to-peer(P2P) file sharing scheme which can be used for data sharing among closed user group (CUG) members. When a member wants to share data, notification messages are sent to the members with whom the member wants to share data. Each notification message includes one-time password encrypted with the receiver's public key. A member who received the notification message can download the data by using the one-time password. The proposed scheme provides selective sharing, download confirmation and efficient storage management. In terms of security, the proposed scheme supports authentication, entity privacy, replay attack protection and disguise prevention. We also implement the proposed system and find that the system is very useful among P2P service of closed user groups.