• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.1
• /
• pp.93-104
• /
• 2011

A conditional access system is an essential element in IPTV services enabling service providers to allow authorized access to their services only to paid subscribers. Currently, there are two types of IPTV service models, namely PPC (pay-per-channel) and PPV (pay-per-view). However, a more desirable model would be the flexible PPC model, in which subscribers are free to choose any combination of preferred channels and add/remove channels independently. In this paper, we first point out that a previously proposed key management scheme for F-PPC is not secure. We then propose a new conditional access system using 4-level key hierarchy to realize secure F-PPC services. Compared to existing schemes, the proposed system is very efficient, just requiring O(1) communication for key update.

• The KIPS Transactions:PartC
• /
• v.11C no.2
• /
• pp.163-170
• /
• 2004

The additional mechanism Is required to set up a secure connection among the communication subjects in the internet environment. Each entity should transfer and receive the encrypted and hashed data to guarantee the data integrity. Also, the mutual authentication procedure should be processed using a secure communication protocol. The SSL/TLS is a protocol which creates the secure communication channel among the communication subjects and sends/receives a data. Although the OpenSSL which implements the TLS is using by many developers and its stability and performance are proved, it has a difficulty in using because of its large size. So, this Paper designs and implements the secure communication which the users can use easily by modification works of OpenSSL library API. We proved the real application results using the DRM client/server case which supports a secure communication using the implemented API.

• The Journal of Korea Institute of Information, Electronics, and Communication Technology
• /
• v.12 no.1
• /
• pp.58-71
• /
• 2019

This paper proposes architecture of a cognitive radio engine platform and the allowable frequency channel reasoning method that enables acquisition of the allowable channels for the military tactical network environment. The current military tactical wireless communication system is increasing need to secure a supplementary radio frequency to ensure that multiple wireless networks for different military wireless devices coexist, so that tactical wireless communication between the same or different systems can be operated effectively. This paper presents the allowable frequency channel reasoning method based on cognitive radio engine for realizing DSA(Dynamic Spectrum Access) as an optimal available frequency channel. To this end, a case-based allowable frequency channel reasoning method for cognitive radio devices is proposed through modeling of primary user's traffic status and calculation of channel occupancy probability. Also through the simulation of the performance analysis, changing rate of collision probability between the primary users' occupancy channel and the available channel acquisition information that can be used by the cognitive radio device was analysed.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.13 no.4
• /
• pp.1839-1848
• /
• 2012

Recently, smartphone communications using Wi-Fi channel are increasing rapidly to provide diverse internet services. The WPA security protocol was used for data protection between user and wireless AP. However, WPA-PSK protocol was known to be weak to the dictionary attack. In this paper, we proposed a secure WPA-PSK protocol to resist the dictionary attack. Since the proposed method was designed to generate a strong encryption key which is combined the Diffie-Hellman key agreement scheme with secrecy property of PSK(Pre-Shared Key), we can protect the Wi-Fi channel from Man-In-The-Middle attack and Rogue AP impersonation attack.

• Journal of Broadcast Engineering
• /
• v.13 no.1
• /
• pp.62-68
• /
• 2008

Remote user authentication scheme is a cryptographic tool which permits a server to identify a remote user. In 2007, Wang et al. pointed out that Ku's remote user authentication scheme is vulnerable to a dictionary attack by obtaining some secret information in a smart card using side channel attacks. They also proposed a remote user authentication scheme which is secure against dictionary attack. In this paper, we analyze the protocol proposed by Wang et al. In the paper, it is claimed that the protocol is secure even though some values, which is stored in a smart card, are revealed to an adversary, However, we show that their protocol is insecure if the values are disclosed to an adversary.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.16 no.4
• /
• pp.59-68
• /
• 2006

Although the cryptographic algorithms in IC chip such as smart card are secure against mathematical analysis attack, they are susceptible to side channel attacks in real implementation. In this paper, we analyze the security of smart card using a developed experimental tool which can perform power analysis attacks and fault insertion attacks. As a result, raw smart card implemented SEED and ARIA without any countermeasure is vulnerable against differential power analysis(DPA) attack. However, in fault attack about voltage and clock on RSA with CRT, the card is secure due to its physical countermeasures.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.15 no.5
• /
• pp.981-986
• /
• 2020

The Internet of Things refers to a space-of-things connection network configured to allow things with built-in sensors and communication functions to interact with people and other things, regardless of the restriction of place or time.IoT is a network developed for the purpose of services for human convenience, but the scope of its use is expanding across industries such as power transmission, energy management, and factory automation. However, the communication protocol of IoT, MQTT, is a lightweight message transmission protocol based on the push technology and has a security vulnerability, and this suggests that there are risks such as personal information infringement or industrial information leakage. To solve this problem, we designed a synchronous MQTT security channel that creates a secure channel by using the characteristic that different chaotic dynamical systems are synchronized with arbitrary values in the lightweight message transmission MQTT protocol. The communication channel we designed is a method of transmitting information to the noise channel by using characteristics such as random number similarity of chaotic signals, sensitivity to initial value, and reproducibility of signals. The encryption method synchronized with the proposed key value is a method optimized for the lightweight message transmission protocol, and if applied to the MQTT of IoT, it is believed to be effective in creating a secure channel.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.26 no.3
• /
• pp.436-442
• /
• 2022

In this paper, the performance of the selective combining according to the channel selection decision method of frequency diversity is evaluated in the underwater frequency selective channel. The underwater acoustic channel in the shallow sea has a complex multipath characteristic by combining various environmental factors such as boundary surface reflection and sound wave refraction according to the water temperature layer. In particular, frequency selectivity due to multipath causes energy fluctuation in a communication channel, which reduces SNR (Signal to Noise Ratio) and deteriorates communication performance. In this paper, we applied the frequency diversity technique using multiple channels to secure the communication performance according to the frequency selectivity by multipath. For each channel, 4-FSK (Frequency Shift Keying) and selective combining were applied, the performance was evaluated by applying the maximum value, average value, and majority decision of the signal in order to decide the demodulation channel selection of the selective combining.

• Journal of the Korea Computer Industry Society
• /
• v.4 no.12
• /
• pp.1053-1068
• /
• 2003

In this paper, we propose a new scheduling method without timing covert channel of real-time transaction for secure database systems that implement mandatory access control. Our scheduling method use the wait queue based on security level to remove timing covert channel. And it use priority queue that consider transaction type, deadline, and weight. Therefore, the proposed scheduling method prevents timing covert channel because it is kept noninterference between transactions with different security level, and maximizes the sum of the weight of transactions that satisfy its deadline. The simulation results, is a comparison of traditional methods, show that our scheduling method is improved to 30%.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.28 no.12C
• /
• pp.1258-1267
• /
• 2003

As the need for stable and high speed wireless Internet service Brows, the wireless LAN service provider hurries to preempt wireless LAN service market. IAPP(InterAccess Point protocol) is defined to be able to provide a secure handoff mechanism of wireless LAN terminal information between AP(Access Point)s, and the related IEEE standard is IEEE 802.11f. For the secure handoff of wireless LAN terminal, it is necessary to transfer terminal's authentication & accounting information securely from old AP to new AP IEEE 802.11f recommends RADIUS server as IAPP server which authenticates AP and provides information for secure channel between APs. This paper proposes IAPP server using Diameter protocol to overcome the limit of RADIUS sewer, and describes about the interaction between server components and integration method with the current IAPP client system.