• IEIE Transactions on Smart Processing and Computing
• /
• v.2 no.2
• /
• pp.57-66
• /
• 2013

Wireless Sensor Networks consist of small, inexpensive, low-powered sensor nodes that communicate with each other. To achieve a low communication cost in a resource constrained network, a novel concept of signcryption has been applied for secure communication. Signcryption enables a user to perform a digital signature for providing authenticity and public key encryption for providing message confidentiality simultaneously in a single logical step with a lower cost than that of the sign-then-encrypt approach. Ring signcryption maintains the signer's privacy, which is lacking in normal signcryption schemes. Signcryption can provide confidentiality and authenticity without revealing the user's identity of the ring. This paper presents the security notions and an evaluation of an ID-based ring signcryption scheme for wireless sensor networks. The scheme has been proven to be better than the existing schemes. The proposed scheme was found to be secure against adaptive chosen ciphertext ring attacks (IND-IDRSC-CCA2) and secure against an existential forgery for adaptive chosen message attacks (EF-IDRSC-ACMA). The proposed scheme was found to be more efficient than scheme for Wireless Sensor Networks reported by Qi. et al. based on the running time and energy consumption.

• Proceedings of the KSRS Conference
• /
• 2005.10a
• /
• pp.678-682
• /
• 2005

IETF suggested AAA for safe and reliable user authentication on various network and protocol caused by development in internet and increase in users. Diameter standard authentication system does not provide mutual authentication and non-repudiation. AAA authentication system using public key was suggested to supplement such Diameter authentication but application in mobile service control nodes is difficult due to overhead of communication and arithmetic. ID based AAA authentication system was suggested to overcome such weak point but it still has the weak point against collusion attack or forgery attack. In this thesis, new ID based AAA authentication system is suggested which is safe against collusion attack and forgery attack and reduces arithmetic quantity of mobile nodes with insufficient arithmetic and power performance. In this thesis, cryptological safety and arithmetical efficiency is tested to test the suggested system through comparison and assessment of current systems. Suggested system uses two random numbers to provide stability at authentication of mobile nodes. Also, in terms of power, it provides the advantage of seamless service by reducing authentication executing time by the performance of server through improving efficiency with reduced arithmetic at nodes.

• Journal of the Korea Society of Computer and Information
• /
• v.18 no.7
• /
• pp.85-92
• /
• 2013

In this paper, on the basis of Guilin Wang's proxy signature scheme and the Schnorr blind signature, we propose a secure proxy blind signature scheme. A proxy blind signature scheme is a digital signature scheme which combines the properties of a proxy signature and a blind signature scheme. Guilin Wang proposed a provably secure proxy signature scheme, which is based on a two-party Schnorr signature scheme. Also, using the proposed proxy blind signature scheme, we propose the proxy agent system for the electronic voting. We show the proposed scheme satisfies the security properties of both the blind signature and the proxy signature scheme and is efficient and optimal proxy blind signature scheme.

• The KIPS Transactions:PartC
• /
• v.10C no.6
• /
• pp.825-834
• /
• 2003

In this paper, we propose a new certified e-mail system which reduces user's computational overhead and distributes confidentiality of TTP(Trusted Third Partty). Based on the traditional cryptographic schemes and server-supported signiture for fairness and confidentiality of message, we intend to minimize to computation overhead of mobile device on public key algorithm. Therefore, our proposal becomes to be suitable for mail user sho uses mobile devices such as cellular phone and PDA. Moreover, the proposed system is fault-tolerant, secure against mobile adversary and conspiracy attack, since it is based on the threshold cryptography on server-side.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2019.05a
• /
• pp.254-256
• /
• 2019

소수체 GF(p)와 이진체 $GF(2^m)$ 상의 다중 타원곡선을 지원하는 듀얼 필드 ECC (DF-ECC) 프로세서를 설계하였다. DF-ECC 프로세서의 저면적 설와 다양한 타원곡선의 지원이 가능하도록 워드 기반 몽고메리 곱셈 알고리듬을 적용한 유한체 곱셈기를 저면적으로 설계하였으며, 페르마의 소정리(Fermat's little theorem)를 유한체 곱셈기에 적용하여 유한체 나눗셈을 구현하였다. 설계된 DF-ECC 프로세서는 스칼라 곱셈과 점 연산, 그리고 모듈러 연산 기능을 가져 다양한 공개키 암호 프로토콜에 응용이 가능하며, 유한체 및 모듈러 연산에 적용되는 파라미터를 내부 연산으로 생성하여 다양한 표준의 타원곡선을 지원하도록 하였다. 설계된 DF-ECC는 FPGA 구현을 하드웨어 동작을 검증하였으며, 0.18-um CMOS 셀 라이브러리로 합성한 결과 22,262 GEs (gate equivalences)와 11 kbit RAM으로 구현되었으며, 최대 100 MHz의 동작 주파수를 갖는다. 설계된 DF-ECC 프로세서의 연산성능은 B-163 Koblitz 타원곡선의 경우 스칼라 곱셈 연산에 885,044 클록 사이클이 소요되며, B-571 슈도랜덤 타원곡선의 스칼라 곱셈에는 25,040,625 사이클이 소요된다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.15 no.3
• /
• pp.53-64
• /
• 2005

In this paper, proposes Kerberos certification mechanism that improve certification service of PKINIT base that announce in IETF CAT Working Croup. Also proposed Authentication Mechanism for reusability of Ticket that after Ticket's Lifetime is ended, message exchange that Local Client receives Remote Server's service. Since my suggestion to regional services are not described in Kerberos, authentication between regions can be performed via PKINIT(Public Key Cryptography for Initial Authentication) presented by IETF(Internet Engineering Task Force) CAT working group. The new protocol is better than the authentication mechanism proposed by IETF CAT Working group in terms of communication complexity and mechanism according to simplified Ticket issue processing.

• KIPS Transactions on Computer and Communication Systems
• /
• v.11 no.3
• /
• pp.91-98
• /
• 2022

With the recent increase in interest in metaverse in which virtual and physical spaces are digitally fused, many activities in physical spaces are expected to take place in web-based virtual spaces. Therefore, there is a need for research on a self-sovereign identity system that can secure privacy and mutual trust in a DID(decentralized identifier)-based virtual space environment. We, in this paper, developed and validated a reliable communication method consisting of DIDComm messages, a procedure for generating distributed identifiers, asymmetric keys, and DID documents based on Hyperledger Indy and DIDComm open sources. The developed communication method can be applied to verify each other by exchanging additional information and verifiable credentials for trust among communication participants.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2009.04a
• /
• pp.1438-1441
• /
• 2009

RFID 시스템에서 태그는 객체를 유일하게 식별하기 위한 정보를 가지고 있기 때문에 개인정보의 노출, 위치 추적 등의 프라이버시 침해를 유발할 수 있는 문제점이 있다. 태그가 다양한 목적을 위해 사용되어지는 경우 키 분배, 키 관리 등의 문제로 인해 공개키 암호화 기법이 적용될 수 있다. 공개키 암호화 기법을 이용한 기존 RFID 인증 프로토콜에서는 서버와 태그 사이에 공개키를 사전에 공유하고 있다고 가정을 하여 설계를 하였다. 하지만 하나의 태그가 다양한 목적으로 사용되는 다목적 구조에서 수동형 RFID 태그가 서로 다른 서버의 공개키를 모두 공유한다는 것은 현실적으로 불가능하다. 본 논문에서는 다목적 구조에서 XOR 연산과 리더와 태그가 사전에 공유한 마스터 키($K_m$)를 사용하여 태그에게 공개키를 안전하게 전달하며 이를 이용한 공개키 암호화 기반의 RFID 인증 프로토콜을 제안한다. 또한 제안한 인증 프로토콜은 프라이버시 침해를 유발할 수 있는 도청, 재전송 공격, 위치 추적과 같은 공격에도 안전성을 보장한다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.6A
• /
• pp.85-96
• /
• 2008

Neighbor Discovery(ND) protocol is used to exchange an information of the neighboring nodes on the same link in the IPv6 protocol environment. For protecting the ND protocol, firstly utilizing Authentication Header(AH) of the IPsec protocol was proposed. But the method has some problems-uses of key exchange protocol is not available and it is hard to distribute manual keys. And then secondly the SEcure Neighbor Discovery(SEND) protocol which protects all of the ND message with digital signature was proposed. However, the digital signature technology on the basis of public key cryptography system is commonly known as requiring high cost, therefore it is expected that there is performance degradation in terms of the availability. In the paper, to improve performance of the SEND protocol, we proposed a modified CGA(Cryptographically Generated Address) which is made by additionally adding MAC(Media Access Control) address to the input of the hash function. Also, we proposed cache mechanism. We compared performance of the methods by experimentation.

• The Transactions of the Korea Information Processing Society
• /
• v.6 no.1
• /
• pp.122-133
• /
• 1999

Uses can share information and use resources effectively by using TCP/IP-based networks. So, a protocol to manage complex networks effectively is needed. For the management of the distributed networks, the SNMP(Simple Network Management Protocol) has been adopted as an international standard in 1989, and the SNMPv2 in which a security function was added was published in 1993. There are two encryption schemes in SNMPv2, the one is a DES using symmetric encryption scheme and the other is a MD5(Message Digest5) hash function for authentication. But the DES has demerits that a key length is a few short and the encryption and the authentication is executed respectively. In order to solve these problems, wer use a RSA cryptography in this paper. In this paper, we examine the items related with SNMP. In addition to DES and MD5 propose in SNMPv3, we chance security functionality by adopting RSA, a public key algorithm executing the encryption and the authentication simultaneously. The proposed SNMPv3 security module is written in JAVA under Windows NT environment.