• Proceedings of the Korea Information Processing Society Conference
• /
• 2009.11a
• /
• pp.647-648
• /
• 2009

'보이스피싱(Voice Phishing)'은 전화를 통해 자신을 신뢰할 수 있는 대상으로 위장하여 개인 정보를 훔치는 행위이다. 최근 들어 보이스피싱 피해 사례가 급증하고 있으며 아직 딱히 대안이 없는 상태이다. 또한, IP 환경에서의 전화통화는 보이스피싱을 더욱 용이하게 하고 있다. 본 논문에서는 VoIP 환경에서 공개키 암호화 기법을 이용하여 발신자의 신원을 정확히 밝히는 인증을 통해 사용자가 악성 발신자에게 정보를 제공하거나 금전적 피해를 피할 수 있는 방법론을 제시한다. 이를 통해 사용자는 발신자의 정확한 신원 정보를 제공 받아 보이스피싱 당할 가능성을 줄일 수 있다.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.18 no.1
• /
• pp.1-9
• /
• 2022

Galois field arithmetic is important in error correcting codes and public-key cryptography schemes. Hardware realization of these schemes requires an efficient implementation of Galois field arithmetic operations. Multiplication is the main finite field operation and designing efficient multiplier can clearly affect the performance of compute-intensive applications. Diverse algorithms and hardware architectures are presented in the literature for hardware realization of Galois field multiplication to acquire a reduction in time and area. This paper presents a low complexity semi-systolic multiplier to facilitate parallel processing by partitioning Montgomery modular multiplication (MMM) into two independent and identical units and two-level systolic computation scheme. Analytical results indicate that the proposed multiplier achieves lower area-time (AT) complexity compared to related multipliers. Moreover, the proposed method has regularity, concurrency, and modularity, and thus is well suited for VLSI implementation. It can be applied as a core circuit for multiplication and division/exponentiation.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2008.11a
• /
• pp.1493-1495
• /
• 2008

센서네트워크는 넓은 지역에 무선 네트워크로 설치된 센서들을 사용하여, 상황 인지로 감지된 데이터를 응용서비스 서버와 연동하는 기술이다. 이는 환경 감시, 대상 추적, 환자 모니터링, 군사적 목적 등 매우 다양한 분야에 사용될 수 있다. 센서네트워크 역시 기존 네트워크에서 필요로 하는 보안 기능을 요구한다. 그러나 센서네트워크에 사용되는 노드들이 사용할 수 있는 자원에 제약이 있어, 기존의 공개키 암호기술을 적용하는데 어려움이 있다. 그런데 최근의 연구결과들은 경량화 구현 기술을 적용하여 공개키를 이용한 키 분배 기법을 센서네트워크에 적용하는 것이 실효성이 있다는 것을 보여준다. 본 논문에서는 TinyOS 환경에서 공개키를 이용하여 센서 노드 간 상호 인증 및 세션키를 생성하여 암호 데이터 통신을 수행하는 안전한 센서네트워크 플랫폼을 구현한 결과를 제시한다.

• Journal of KIISE
• /
• v.44 no.3
• /
• pp.323-331
• /
• 2017

Due to the recent developments of various smart devices, U-healthcare services using these appliances has increased. However, the security of U-healthcare services is a very important issue since healthcare services contain highly sensitive and private personal health information. In order to handle the security issues, the functionality of encrypting medical information must be provided, and an encryption key exchange method is necessary. In this paper, we propose a key exchange protocol by utilizing smart devices for secure U-healthcare services. The proposed protocol has been designed based on the elliptic curve based public key cryptography, providing high level security for smart devices by using short keys. Moreover, in order to strengthen user authentication and security, a smart watch is used as a complementary device, whenever the key exchange protocol is performed.

• Journal of the Korea Society of Computer and Information
• /
• v.25 no.1
• /
• pp.87-92
• /
• 2020

Various devices, which are powerful computer and low-performance sensors, is connected to IoT network. Accordingly, applying mutual authentication for devices and data encryption method are essential since illegal attacks are existing on the network. But cryptographic methods such as symmetric key and public key algorithms, hash function are not appropriate to low-performance devices. Therefore, this paper proposes blockchain-based lightweight IoT mutual authentication protocol for the low-performance devices.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.13 no.1
• /
• pp.95-102
• /
• 2009

In 2006, Haddad, Krishnan and Soliman proposed a Cryptographically Generated Address based protocol as a standard for protecting HMIPv6. Though this protocol can provide both the strong message authentication and binding update key negotiation based on the public-key cryptography, it is still vulnerable to several attacks such as denial of service attacks and redirection attacks. This paper improves the problems caused by the protocol. The improved protocol is analyzed in terms of security and performance, and then is shown to be better than the previous one considering the two factors together.

• Proceedings of the Korea Contents Association Conference
• /
• 2008.05a
• /
• pp.473-476
• /
• 2008

Mobile network environments are the environments where mobile devices are distributed invisible in our daily lives so that we can conventionally use mobile services at any time and any place. But, Mobile devices has a many security vulnerabilities caused by lower computing of devices and security problem of wireless network. So in this paper, PKI structure is proposed to minimize encrypting and decrypting operation by compounding session key and public key on WIPI environment. Proposed secure authentication system based on korean standard cryptography algorithm will give a more firmness in mobile network and support a more secure service for mobile academic information service that KISTI future plan.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.14 no.1
• /
• pp.47-57
• /
• 2004

The Goldreich-Goldwasser-Halevi(GGH)'s signature scheme from Crypto '97 is cryptanalyzed, which is based on the well-blown lattice problem. We mount a chosen message attack on the signature scheme, and show the signature scheme is vulnerable to the attack. We collects n lattice points that are linearly independent each other, and constructs a new basis that generates a sub-lattice of the original lattice. The sub-lattice is shown to be sufficient to generate a valid signature. Empirical results are presented to show the effectiveness of the attack Finally, we show that the cube-like parameter used for the private-key generation is harmful to the security of the scheme.

• Journal of the Korea Society of Computer and Information
• /
• v.17 no.4
• /
• pp.91-98
• /
• 2012

A group key exchange (GKE) protocol is designed to allow a group of parties communicating over a public network to establish a common secret key. As group-oriented applications gain popularity over the Internet, a number of GKE protocols have been suggested to provide those applications with a secure multicast channel. Among the many protocols is Yi et al.'s password-based GKE protocol in which each participant is assumed to hold their individual password registered with a trusted server. A fundamental requirement for password-based key exchange is security against off-line dictionary attacks. However, Yi et al.'s protocol fails to meet the requirement. In this paper, we report this security problem with Yi et al.'s protocol and show how to solve it.

• Journal of Internet of Things and Convergence
• /
• v.9 no.1
• /
• pp.1-7
• /
• 2023

Cases in which personal terminals or servers are infected by ransomware are rapidly increasing. Ransomware uses a self-developed encryption module or combines existing symmetric key/public key encryption modules to illegally encrypt files stored in the victim system using a key known only to the attacker. Therefore, in order to decrypt it, it is necessary to know the value of the key used, and since the process of finding the decryption key takes a lot of time, financial costs are eventually paid. At this time, most of the ransomware malware is included in a hidden form in binary files, so when the program is executed, the user is infected with the malicious code without even knowing it. Therefore, in order to respond to ransomware attacks in the form of binary files, it is necessary to identify the encryption module used. Therefore, in this study, we developed a mechanism that can detect and identify by reverse analyzing the encryption module applied to the malicious code hidden in the binary file.