• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.37 no.5C
• /
• pp.410-419
• /
• 2012

This paper proposes a secure and efficient anonymous authentication scheme for health information push service based on indoor location in hospital. The proposed scheme has the following benefits: (1)It is just based on a secure one-way hash function for avoiding complex computations for both health care operations users and health care centers. (2)It does not require sensitive verification table which may cause health care centers to become an attractive target for numerous attacks(e.g., insertion attacks and stolen-verifier attacks), (3)It provides higher security level (e.g., secure mutual authentication and key establishment, confidential communication, user's privacy, simple key management, and session key independence). As result, the proposed scheme is very suitable for various location-based medical information service environments using lightweight-device(e.g., smartphone) because of very low computation overload on the part of both health care operations users and health care centers.

• The KIPS Transactions:PartC
• /
• v.12C no.3 s.99
• /
• pp.309-316
• /
• 2005

Recently, RFID system is a main technology to realize ubiquitous computing environments, but the feature of the RFID system may bring about various privacy problem. So, many kinds of protocols To resolve this problem are researched. In this paper, we analyse the privacy problem of the previous methods and propose more secure and effective authentication protocol to protect user's privacy. Then we prove that the proposed protocol is secure and effective as we compare the proposed protocol with previous methods. The proposed protocol is based on Challenge-Response using one-way hash function and random number. The proposed protocol is secure against replay attack, spoofing attack and so on. In addition, the proposed protocol is proper for distributed database environment.

• The KIPS Transactions:PartC
• /
• v.19C no.1
• /
• pp.9-18
• /
• 2012

In 2010, Pedro et al. proposed RFID distance bounding protocol based on WSBC cryptographic puzzle. This paper points out that Pedro et al.'s protocol not only is vulnerable to tag privacy invasion attack and location tracking attack because an attacker can easily obtain the secret key(ID) of a legal tag from the intercepted messages between the reader and the tag, but also requires heavy computation by performing symmetric key operations of the resource limited passive tag and many communication rounds between the reader and the tag. Moreover, to resolve the security weakness and the computation/communication efficiency problems, this paper also present a new RFID distance bounding protocol based on WSBC cryptographic puzzle that can provide strong security and high efficiency. As a result, the proposed protocol not only provides computational and communicational efficiency because it requires secure one-way hash function for the passive tag and it reduces communication rounds, but also provides strong security because both tag and reader use secure one-way hash function to protect their exchanging messages.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.8 no.4
• /
• pp.605-610
• /
• 2013

A cryptography for enforcing hierarchic groups in a system where hierarchy is represented by a partially ordered set was introduced by Akl et al. But the key generation algorithm of Akl et al. is infeasible when there is a large number of users. To overcome this shortage, in 1985, MacKinnon et al. proposed a paper containing a condition which prevents cooperative attacks and optimizes the assignment. In 2005, Kim et al. proposed the key management systems for using one-way hash function, RSA algorithm, poset dimension and Clifford semigroup in the context of modern cryptography, the key management system using Clifford semigroup of imaginary quadratic non-maximal orders. We, in this paper, show that Kim et al. cryptosystem is insecure in some reasons and propose a revised cryptosystem.

• Journal of the Korea Computer Industry Society
• /
• v.4 no.4
• /
• pp.533-546
• /
• 2003

for the low information goods which will be traded through Internet is impossible to manage with previously existed payment system. The reason is that it's not economic because the management cost is bigger than the benefit of the information goods trade. Therefore, recently, there have been micropaymentresearches such as "Milicent", "PayWord", "MicroMint", and "iKP", etc. Though these methods don't have any problem with the low cost of the mechanism and the satisfaction of adequate security, they have big problem with the use of the unnecessary account and the aggregation of payment bill. The PayHash system which has been developed in this study simplifies the system's mechanism with "one-way hash function" which is used in generation, payment, and verification of the bill. And the system removed the generation and use of unnecessary account by making one customer have one account. The system solve the problem of the payment aggregation by using the last payment hash value and its index. And the system improves its performance by reducing the use of "digital signature" drastically, as well. As the result of this study, the PayHash system made it possible for the participants of the Internet Commerce to trade the lowest cost goods through efficient maintenance.o trade the lowest cost goods through efficient maintenance.

• Journal of KIISE:Information Networking
• /
• v.28 no.3
• /
• pp.309-320
• /
• 2001

This paper deals with security issues in a mobile agent system, especially protecting agent data from malicious agent servers. For this purpose, one-time key generation system, OKGS in short, is proposed. In OKGS, we integrate notions of a one-way hash function and a coupler. One-way function plays a major role in ensuring confidentiality and integrity of agent data. And the notion of a coupler is used to establish inter-relationship among consecutive encryption keys for agent data, i.e. all agent keys form a unidirectional chain. With these two features of OKGS, therefore, only the agent owner, who creates the agent bearing data, can decrypt and protect all the agent data which are gathered in the itinerary.

• Journal of the Korea Society of Computer and Information
• /
• v.15 no.10
• /
• pp.121-128
• /
• 2010

In this paper, we proposed a new secure RFID(Radio Frequency IDentification) mutual authentication protocol on insecure communication channel which assumed that all communication channels between the database, the reader and the tag are insecure communication channels. The proposed protocol used a secure one-way hash function and the goal is to improve search time of a tag ID and overload of hash calculational load in DB. In addition, the proposed protocol supports not only basic security requirements to be provided by RFID mutual authentication protocol but also forward secrecy, and the tag does not generate a random number to reduce overload of processing capacity in it.

• Proceedings of the Korean Information Science Society Conference
• /
• 2004.10a
• /
• pp.286-288
• /
• 2004

무선 통신의 발달로 언제 어디서나 누구와도 통신이 자유롭게 되었다 하지만, 무선 통신을 사용하게 됨으로써 통신 사용자와 액세스 포인트, 액세스 포인트와 서버(Server)가 통신을 할 경우 유선 네트워크와는 다른 인증 방식이 요구되었다. 무선 네트워크에서 사용자 인증을 위해 801.x EAP, SSID, CHAP 및 WEP를 이용한 다양한 인증 방식이 사용되고 있다. 본 논문에서는 사용자를 안전하게 인증할 수 있는 효율적인 인증 방법을 제안한다. 절기서는 기존의 PPP CHAP을 수정하여 인증 서버와 사용자간의 상호 인증을 할 수 있도록 했다. 또한 강한 일-방향 해시 함수(Strength One-Way Hash Function)을 사용하여 생성된 결과 값을 일회용 패스워드(One Time Password:OTP)로 사용하여 재공격(Reply Attack)을 방지했다.

• Journal of Computing Science and Engineering
• /
• v.9 no.1
• /
• pp.1-8
• /
• 2015

Accessing and searching in a sequence of numbers are fundamental operations in computing that are encountered in a wide range of applications. One of the applications of the problem is cryptanalytic time-memory tradeoff which is aimed at a one-way function. A rainbow table, which is a common method for the time-memory tradeoff, contains elements from an input domain of a hash function that are normally sorted integers. In this paper, we present a practical indexing method for a monotonically increasing static sequence of numbers where the access and search queries can be addressed efficiently in terms of both time and space complexity. For a sequence of n numbers from a universe $U=\{0,{\ldots},m-1\}$, our data structure requires n lg(m/n) + O(n) bits with constant average running time for both access and search queries. We also give an analysis of the time and space complexities of the data structure, supported by experiments with rainbow tables.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.10 no.9
• /
• pp.4585-4602
• /
• 2016

A novel key sharing fuzzy vault scheme is proposed based on the classic fuzzy vault and the Diffie-Hellman key exchange protocol. In this proposed scheme, two users cooperatively build their fuzzy vault for their shared key using their own biometrics. Either of the users can use their own biometrics to unlock the fuzzy vault with the help of the other to get their shared key without risk of disclosure of their biometrics. Thus, they can unlock the fuzzy vault cooperatively. The security of our scheme is based on the security of the classic fuzzy vault scheme, one-way hash function and the discrete logarithm problem in a given finite group.