• Journal of Korea Society of Digital Industry and Information Management
• /
• v.13 no.1
• /
• pp.87-101
• /
• 2017

As people increasingly rely on mobile networks in modern society, mobile communication security is becoming more and more important. In the Long Term Evolution/System Architecture Evolution (LTE/SAE) architecture, the 3rd Generation Partnership (3GPP) team has also developed the improved Evolved Packet System Authentication and Key Agreement (EPS AKA) protocol based on the 3rd Generation Authentication and Key Agreement (3G AKA) protocol in order to provide mutual authentication and secure communication between the user and the network. Unfortunately, the EPS AKA also has several vulnerabilities such as sending the International Mobile Subscriber Identity (IMSI) in plain text (which leads to disclosure of user identity and further causes location and tracing of the user, Mobility Management Entity (MME) attack), man-in-middle attack, etc. Hence, in this paper, we analyze the EPS AKA protocol and point out its deficiencies and then propose an Efficient and Security Enhanced Authentication and Key agreement (ESE-EPS AKA) protocol based on hybrid of Dynamic Pseudonym Mechanism (DPM) and Public Key Infrastructure (PKI) retaining the original framework and the infrastructure of the LTE network. Then, our evaluation proves that the proposed new ESE-EPS AKA protocol is relatively more efficient, secure and satisfies some of the security requirements such as confidentiality, integrity and authentication.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.12 no.6
• /
• pp.2801-2806
• /
• 2011

During data transmissions via Bluetooth networks, data to be encrypted, or plain text between the application layer and the device layer, can be hacked similar to a key-logger by the major function hooking technique of Windows Kernel Driver. In this paper, we introduce an improved protection module which provides data encryption transmission by modifying the data transmission driver of the Bluetooth device layer, and also suggest a self-protecting scheme which prevents data exposure by various hacking tools. We implement the protection module to verify the confidentiality guarantee. Our protection module which provides data encryption with minimal latency can be expected the widespread utilization in Bluetooth data transmission.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.36 no.11B
• /
• pp.1305-1314
• /
• 2011

Initial entry section has vulnerability which exposes plain text parameter in Mobile WIMAX environment which is the 4th generation technology. Each node message need to be encrypted to prevent the third party attack or message leakage. In this paper, we propose Mobile WIMAX initial entry section encryption using Elliptic Curve Cryptosystem. We have compared proposed model with existing model using OPNET simulator tool. He delay rate has increased little bit in initial entry section than before after the comparison, but it has shown more effective in average delay and throughput than encryption applied other existing model.

• Publications of The Korean Astronomical Society
• /
• v.20 no.1 s.24
• /
• pp.85-95
• /
• 2005

We collected eleven large astronomical catalogues, which include 2MASS, USNO B1.0, GSC 2 catalogues and so on. Most of these catalogues are the frequently used by astronomers for all sorts of applications. But the researches are faced with the problem of accessing these databases because these catalogues contain from tens millions up to thousands of millions of records. So we developed a web application system to manage these large catalogues, the main purpose of the web application is to allow a powerful and efficient querying activity on these catalogues through internet by using a simple web interface. User could retrieve the query result in variety of formats including plain text, HTML, Microsoft Excel format (XLS), and VOTable. Furthermore, user also could display and analyze result graphically by using a powerful interactive visualization tools named VOPlot which was developed by the Virtual Observatory-India (VOI) project.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.27 no.11C
• /
• pp.1090-1096
• /
• 2002

The HTTP does not support continuity for browser-server interaction between successive visits or a user due to a stateless feature. Cookies were invented to maintain continuity and state on the Web. Because cookies are transmitted in plain and contain text-character strings encoding relevant information about the user, the attacker can easily copy and modify them for his undue profit. In this paper, we design a secure cookies scheme based on X.509 public key certificate for solving these security weakness of typical web cookies. Our secure cookies scheme provides not only mutual authentication between client and server but also confidentiality and integrity of user information. Additionally, we implement our secure cookies scheme and compare it to the performance with SSL(Secure Socket Layer) protocol that is widely used for security of HTTP environment.

• The Transactions of the Korean Institute of Electrical Engineers P
• /
• v.67 no.1
• /
• pp.9-14
• /
• 2018

In this paper, we introduce an AES-based security chip for the embedded system of Internet of Things(IoT). We used Verilog HDL to implement the AES algorithm in FPGA. The designed AES module creates 128-bit cipher by encrypting 128-bit plain text and vice versa. RTL simulations are performed to verify the AES function and the theory is compared to the results. An FPGA emulation was also performed with 40 types of test sequences using two Altera DE0-Nano-SoC boards. To evaluate the performance of security algorithms, we compared them with AES implemented by software. The processing cycle per data unit of hardware implementation is 3.9 to 7.7 times faster than software implementation. However, there is a possibility that the processing speed grow slower due to the feature of the hardware design. This can be solved by using a pipelined scheme that divides the propagation delay time or by using an ASIC design method. In addition to the AES algorithm designed in this paper, various algorithms such as IPSec can be implemented in hardware. If hardware IP design is set in advance, future IoT applications will be able to improve security strength without time difficulties.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2017.11a
• /
• pp.702-705
• /
• 2017

최근 들어 개인정보 보호의 중요성에 대한 인식이 높아지고 있다. 개인정보 위협 요소 증가 및 유출 사고 증가 등으로 개인정보 보호 필요성이 높아지고 있으며, 개인정보보호법 발효 및 시행에 따른 기술적 보호 마련을 위하여 외국계 카드 발행사에서 지속적으로 PCI DSS(Payment Card Industry Data Security Standard)의 준수를 요청하고 있다. 카드 소유자의 데이터를 전송, 처리, 저장하는 환경에 대한 인증으로 적격업체 선정의 자격을 주기도 한다. 이러한 보안성 심의 기준이 강화되고 있으나 DB 암호화 제품인 TDE(Transparent Data Encryption) 방식의 암호화 방법은 암호화 기능 이외에 접근제어, 키 기밀성 보장을 위한 옵션의 추가 도입 검토가 필요하며, 서비스를 위해서 DB 전용 메모리 영역(SGA)의 Buffer Cache에 평문(Plain Text)으로 복호화한 후 로드하여 사용하므로 예상치 못한 또 다른 심각한 데이터 유출의 위험이 있다. 본 논문에서는 개인정보 암호화 방법을 연구하고 구현과정에서 발생한 문제에 대한 해결 과정을 설명하였다.

• Journal of the Korea Safety Management & Science
• /
• v.17 no.2
• /
• pp.153-160
• /
• 2015

This study tried to investigate the difference of the legibility in different age groups (young and old) with same near visual acuity and to provide preliminary guidelines for the text sizes in the pesticides products based on the legibility experiments. To achieve the objective, legibility evaluation experiments were conducted to test the effects of different age(20s, 50-60s), gender, font type(thick gothic-type and fine gothic-type), thickness (plain and bold), and number of syllables(2 and 3 syllables) in the same near visual acuity(0.6). The results showed that legibility 50s was higher than 20s. And 20s are appealed higher discomfort than 50s. Considering these experimental results, it was recommended that the 14 pt or larger characters (100% readable size) should be used the important information such as toxicity, and the minimum character size was 7 pt (50% readable size) for other information.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.9 no.4
• /
• pp.103-110
• /
• 2013

In Information Technology era, various amazing IT technologies, for example Big Data, are appearing and are available as the amount of information increase. The number of counselling for violation of personal data protection is also increasing every year that it amounts to over 160,000 in 2012. According to Korean Privacy Act, in the case of treating unique personal identification information, appropriate measures like encipherment should be taken. The technologies of encipherment are the most basic countermeasures for personal data invasion and the base elements in information technology. So various cryptography algorithms exist and are used for encipherment technology. Therefore studies on safer new cryptography algorithms are executed. Cryptography algorithms started from classical replacement enciphering and developed to computationally secure code to increase complexity. Nowadays, various mathematic theories such as 'factorization into prime factor', 'extracting square root', 'discrete lognormal distribution', 'elliptical interaction curve' are adapted to cryptography algorithms. RSA public key cryptography algorithm which was based on 'factorization into prime factor' is the most representative one. This paper suggests algorithm utilizing telescoping series as a safer cryptography algorithm which can maximize the complexity. Telescoping series is a type of infinite series which can generate various types of function for given value-the plain text. Among these generated functions, one can be selected as a original equation. Some part of this equation can be defined as a key. And then the original equation can be transformed into final equation by improving the complexity of original equation through the command of "FullSimplify" of "Mathematica" software.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.5
• /
• pp.1023-1032
• /
• 2017

When a cryptographic device such as smart card performs an encryption for a plain text, an attacker can extract the secret key in it using side channel information. Especially, many researches found some weaknesses for side channel attack on the lightweight block cipher LEA designed to apply in IoT environments. In this paper, we survey several masking countermeasures to defeat the side channel attack and propose a novel masking conversion method. Even though the proposed Arithmetic-to-Boolean masking conversion method requires storage memory of 256 bytes, it can improve the LEA encryption speed up to 17 percentage compared to the case adopted the previous masking method.