• Journal of Convergence for Information Technology
• /
• v.11 no.11
• /
• pp.66-74
• /
• 2021

With the development of the Internet, user authentication technology that proves me online is improving. Existing ID methods pose a threat of personal information leakage if the service provider manages personal information and security is weak, and the information subject is to the service provider. In this study, as online identification technology develops, we propose a DID-based self-authentication model to prevent the threat of leakage of personal information from a centralized format and strengthen sovereignty. The proposed model allows users to directly manage personal information and strengthen their sovereignty over information topics through VC issued by the issuing agency. As a research method, a self-authentication model that guarantees security and integrity is presented using a decentralized identifier method based on distributed ledger technology, and the security of the attack method is analyzed. Because it authenticates through DID Auth using public key encryption algorithms, it is safe from sniffing, man in the middle attack, and the proposed model can replace real identity card.

• The KIPS Transactions:PartC
• /
• v.9C no.3
• /
• pp.313-322
• /
• 2002

In this paper, proposes Kerberos certification mechanism that improve certification service of PKINIT base that announce in IETF CAT Working Ggroup. Did to certificate other realm because search position of outside realm through DNS and apply X.509 directory certification system, acquire public key from DNS server by chain (CertPath) between realms by certification and Key exchange way that provide service between realms applying X.509, DS/BNS of PKINIT base. In order to provide regional services, Certification and key exchange between realms use Kerberos' symmetric method and Session connection used Directory service to connection X.509 is designed using an asymmetric method. Excluded random number ($K_{rand}$) generation and duplex encryption progress to confirm Client. A Design of Kerberos system that have effect and simplification of certification formality that reduce Overload on communication.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.15 no.9
• /
• pp.5790-5795
• /
• 2014

Elliptic curve cryptography (ECC) is an extremely important part of information protection systems because it has outstanding safety among public key encryption algorithms. On the other hand, as ECC cannot obtain accurate values using a real number field because of the slow calculation and errors from rounding off, studies of ECC have focused on a finite field. If ECC can be extended to the real number field, more diverse keys can be selected compared to ECC only based on a finite field. Accordingly, in this paper, a method for constructing a cryptographic system with a high degree of safety is proposed through the diversification of keys selected by the user based on the operant extension method instead of extracting keys only using integer values.

• The Journal of Information Technology
• /
• v.1 no.1
• /
• pp.173-188
• /
• 1998

In this paper we discussed various types of electronic payment schemes that are emerging. Threats vary from malicious hackers attempting to crash a system, to threats to data or transaction integrity. An understanding of the various types of threats can assist a security manager in selecting appropriate cost-effective controls to protect valuable information resources. An overview of many of today's common threats presented in this paper will be useful to mangers studying their own threat environments with a view toward developing solutions specific to their organization. To ensure security on the Internet, several methods have been developed and deployed. They include authentication of users and servers, encryption, and data integrity. Transaction security is critical : without it, information transmitted over the Internet is susceptible to fraud and other misuse. So computer systems represents an Intermediary with the potential to access the flow of information between a user. Security is needed to ensure that intermediaries cannot eavesdrop on transactions, or copy/modify data. Online firms must take additional precautions to prevent security breaches. To protect consumer information, they must maintain physical security of their servers and control access to software passwords and private keys. Techniques such as secret and public-key encryption and digital signatures play a crucial role in developing consumer confidence in electronic commerce.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.11 no.5
• /
• pp.17-30
• /
• 2001

In this paper, we implemented a scalar multiplier needed at an elliptic curve cryptosystem over standard basis in $GF(2^{163})$. The scalar multiplier consists of a radix-16 finite field serial multiplier and a finite field inverter with some control logics. The main contribution is to develop a new fast finite field inverter, which made it possible to avoid time consuming iterations of finite field multiplication. We used an algorithmic transformation technique to obtain a data-independent computational structure of the Extended Euclid GCD algorithm. The finite field multiplier and inverter shown in this paper have regular structure so that they can be easily extended to larger word size. Moreover they can achieve 100% throughput using the pipelining. Our new scalar multiplier is synthesized using Hyundai Electronics 0.6$\mu\textrm{m}$ CMOS library, and maximum operating frequency is estimated about 140MHz. The resulting data processing performance is 64Kbps, that is it takes 2.53ms to process a 163-bit data frame. We assure that this performance is enough to be used for digital signature, encryption & decryption and key exchange in real time embedded-processor environments.

• The Journal of the Korea Contents Association
• /
• v.5 no.3
• /
• pp.9-17
• /
• 2005

Recently, there are rapid development of information and communication technology and rapid growing of e-business users. We propose a method for security problem on the internet environment which changes from wire internet to wireless internet or wire/ wireless internet. Wireless e-business adopts credit card WPP protocol and AIP protocol proposed by ASPeCT. WAP, one of the protocol used by WPP has weakness of leaking out information from WG which connected wire and wireless communication. Certification chain based AIP protocol requires a lot of computation time and user IDs are known to others. We propose a Micro-Payment protocol based on credit card. Our protocol use the encryption techniques of the public key with ID to ensure the secret of transaction in the step of session key generation. IDs are generated using ECC based Weil pairing. We also use the certification with hidden electronic sign to transmit the payment result. The proposed protocol also solves the privacy protection and Non-repudiation problem.

• Convergence Security Journal
• /
• v.18 no.4
• /
• pp.27-33
• /
• 2018

Stream cipher is an one-time-pad type encryption algorithm that encrypt plaintext using simple operation such as XOR with random stream of bits (or characters) as symmetric key and its security depends on the randomness of used stream. Therefore we can design more secure stream cipher algorithm by using mathematical analysis of the stream such as period, linear complexity, non-linearity, correlation-immunity, etc. The key stream in stream cipher is generated in linear feedback shift register(LFSR) having characteristic polynomial. The primitive polynomial is the characteristic polynomial which has the best security property. It is used widely not only in stream cipher but also in SEED, a block cipher using 8-degree primitive polynomial, and in Chor-Rivest(CR) cipher, a public-key cryptosystem using 24-degree primitive polynomial. In this paper we present the concept and various properties of primitive polynomials in Galois field and prove the theorem finding the number of irreducible polynomials and primitive polynomials over $F_p$ when p is larger than 2. This kind of research can be the foundation of finding primitive polynomials of higher security and developing new cipher algorithms using them.

• KIPS Transactions on Computer and Communication Systems
• /
• v.9 no.12
• /
• pp.307-314
• /
• 2020

The video surveillance service is being widely deployed around our lives and the service stores sensitive data such as video streams in the cloud over the Internet or the centralized data store in an on-premise environment. The main concerning of these services is that the user should trust the service provider how secure the video or data is stored and handled without any concrete evidence. In this paper, we proposed the approach to protecting video by PKI (public key infrastructure) with a blockchain network. The video is encrypted by a symmetric key, then the key is shared through a blockchain network with taking advantage of the PKI mechanism. Therefore, the user can ensure the sensitive data is always kept secure and traceable in its lifecycle.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.5
• /
• pp.779-790
• /
• 2022

Fuzzy extractor is a biometric encryption that generates keys from biometric data where input values are not always the same due to the noisy data, and performs authentication securely without exposing biometric information. However, if a user registers biometric data on multiple servers, various attacks on helper data which is a public information used to extract keys during the authentication process of the fuzzy extractor can expose the keys. Therefore many studies have been conducted on reusable fuzzy extractors that are secure to register biometric data of the same person on multiple servers. But as the key length increases, the studies presented so far have gradually increased the number of key recovery processes, making it inefficient and difficult to utilize in security systems. In this paper, we design an efficient and reusable fuzzy extractor based on LWE with the same or similar number of times of the authentication process even if the key length is increased, and show that the proposed algorithm is reusably-secure defined by Apon et al.[5].

• Journal of KIISE:Computing Practices and Letters
• /
• v.13 no.7
• /
• pp.540-544
• /
• 2007

Researches on Sensor Network has become much more active and is currently being applied to many different fields. However since sensor network is limited to only collecting and reporting information regarding a certain event, and requires human intervention with that given information, it is often difficult to react to an event or situation immediately and proactively. To overcome this kind of limitation, Wireless Sensor and Actor Networks (WSANs) with immediate-response Actor Nodes has been proposed which adds greater mobility and activity to exisiting sensor networks. Although WSANs shares many common grounds with sensor networks, it is difficult to apply exisiting security technologies due to the fact that WSAN contains Actor Nodes that are resource-independent and mobile. This research therefore seeks to demonstrate ways to provide security, integrity and authentication services for WSAN's secure operation, by separating networks into hierarchcial structure by each node's abilities and providing different encryption key-based secure protocols for each level of hierarchy: Pair-wise Key, Node Key, and Region Key for sensor levels, and Public Key for actor levels.