• 정보보호학회논문지
• /
• 제27권4호
• /
• pp.943-949
• /
• 2017

경량 사물인터넷 디바이스 상에서의 암호화 구현은 정확하고 빠르게 연산을 수행하여 서비스의 가용성을 높이는 것이 중요하다. 하지만 공격자가 해당 경량 디바이스 상에서 수행되는 연산 특징을 분석하여 비밀정보를 추출해 낼 경우 사용자의 비밀번호가 공격자에게 쉽게 노출될 수 있는 문제점을 가지고 있다. 특히 최신 ARM Cortex-M3의 경우 곱셈연산이 입력의 크기에 따라 수행 속도가 달라지는 취약점을 가지고 있다. 본 논문에서는 지금까지 제안된 안전한 곱셈 구현기법의 장단점을 분석하고 더 나아가 최신 곱셈기법을 최적화하는 방안에 대해 확인해 본다. 제안된 기법은 기존 방식의 속도를 최대 28.4% 향상시킨다.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제9권2호
• /
• pp.811-829
• /
• 2015

One-way authenticated key agreement protocols, aiming at solving the problems to establish secure communications over public insecure networks, can achieve one-way authentication of communicating entities for giving a specific user strong anonymity and confidentiality of transmitted data. Public Key Infrastructure can design one-way authenticated key agreement protocols, but it will consume a large amount of computation. Because one-way authenticated key agreement protocols mainly concern on authentication and key agreement, we adopt multi-server architecture to realize these goals. About multi-server architecture, which allow the user to register at the registration center (RC) once and can access all the permitted services provided by the eligible servers. The combination of above-mentioned ideas can lead to a high-practical scheme in the universal client/server architecture. Based on these motivations, the paper firstly proposed a new one-way authenticated key agreement scheme based on multi-server architecture. Compared with the related literatures recently, our proposed scheme can not only own high efficiency and unique functionality, but is also robust to various attacks and achieves perfect forward secrecy. Finally, we give the security proof and the efficiency analysis of our proposed scheme.

• Journal of Advanced Research in Ocean Engineering
• /
• 제3권2호
• /
• pp.59-65
• /
• 2017

When an anchor is dropped into the sea, there exists a danger of collision on the pipeline and subsea cables in the seabed. This collision could cause huge environmental disasters and serious economic losses. In order to secure the safety of subsea structures such as pipelines and subsea cables from the external impact, it is necessary to estimate the exact external force through the anchor's terminal velocity on the water. FLUENT, a computational fluid dynamic program, was used to acquire the terminal velocity and drag coefficient computation. A half-symmetry condition was used in order to reduce the computational time and a moving deforming mesh technique also adapted to present hydrostatic pressure. The results were examined with the equation based on Newton's Second Law to check the error rate. In this study, three example cases were calculated by stockless anchors of 5.25 ton, 10.5 ton, and 15.4 ton, and for the onshore experiment dropped height was back calculated with the anchor's terminal velocity in the water.

• 한국정보과학회논문지:정보통신
• /
• 제37권2호
• /
• pp.135-141
• /
• 2010

모바일 결제 시스템은 모바일 장치의 특성과 모바일 결제 과정의 안전성 때문에 실제 모바일 결제 네트워크에 많은 문제점을 가지고 있다. 특히 이전에 제안된 모바일 결제 프로토콜에서는 결제 기관인 발행 은행의 신뢰 검증을 할 수 없다. 따라서 본 논문에서는 발행 은행의 신뢰성을 높이기 위한 발행 은행 검증 위임 기관을 제안하여, 모바일 결제 효율성을 분석하였다. 그 결과 은행의 결제 검증 위임 기관을 둔 모바일 결제 프로토콜은 키 동의 계산 시간과 통신 신뢰성 회복에서 향상을 보였다.

• 한국멀티미디어학회논문지
• /
• 제17권7호
• /
• pp.769-777
• /
• 2014

With the rapid interest in Geographic Information System (GIS) contents, a large volume of valuable GIS dataset has been distributed illegally by pirates, hackers, or unauthorized users. Therefore the problem focus on how to protect the copyright of GIS vector map data for storage and transmission. At this point, GIS security techniques focusing on secure network and data encryption have been studied and developed to solve the copyright protection and illegal copy prevention for GIS digital map. But GIS vector map data is very large and current data encryption techniques often encrypt all components of data. That means we have encrypted large amount of data lead to the long encrypting time and high complexity computation. This paper presents a novel selective encryption scheme for GIS vector map data protection to store, transmit or distribute to authorized users using K-means algorithm. The proposed algorithm only encrypts a small part of data based on properties of polylines and polygons in GIS vector map but it can change whole data of GIS vector map. Experimental results verified the proposed algorithm effectively and error in decryption is approximately zero.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제11권12호
• /
• pp.6169-6187
• /
• 2017

With the fast growth of mobile services, Mobile Cloud Computing(MCC) has gained a great deal of attention from researchers in the academic and industrial field. User authentication and privacy are significant issues in MCC environment. Recently, Tsai and Lo proposed a privacy-aware authentication scheme for distributed MCC services, which claimed to support mutual authentication and user anonymity. However, Irshad et.al. pointed out this scheme cannot achieve desired security goals and improved it. Unfortunately, this paper shall show that security features of Irshad et.al.'s scheme are achieved at the price of multiple time-consuming operations, such as three bilinear pairing operations, one map-to-point hash function operation, etc. Besides, it still suffers from two minor design flaws, including incapability of achieving three-factor security and no user revocation and re-registration. To address these issues, an enhanced and provably secure authentication scheme for distributed MCC services will be designed in this work. The proposed scheme can meet all desirable security requirements and is able to resist against various kinds of attacks. Moreover, compared with previously proposed schemes, the proposed scheme provides more security features while achieving lower computation and communication costs.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제12권10호
• /
• pp.5100-5119
• /
• 2018

Most of existing privacy-preserving multi-authorities attribute-based encryption schemes (PP-MA-ABE) only considers the privacy of the user identity (ID). However, in many occasions information leakage is caused by the disclosing of his/her some sensitive attributes. In this paper, we propose a collusion-resisting ciphertext-policy PP-MA-ABE (CRPP-MACP-ABE) scheme with hiding both user's ID and attributes in the cloud storage system. We present a method to depict anonymous users and introduce a managerial role denoted by IDM for the management of user's anonymous identity certificate ($AID_{Cred}$). The scheme uses $AID_{Cred}$ to realize privacy-preserving of the user, namely, by verifying which attribute authorities (AAs) obtain the blinded public attribute keys, pseudonyms involved in the $AID_{Cred}$ and then distributes corresponding private keys for the user. We use different pseudonyms of the user to resist the collusion attack launched by viciousAAs. In addition, we utilize IDM to cooperate with multiple authorities in producing consistent private key for the user to avoid the collusion attack launched by vicious users. The proposed CRPP-MACP-ABE scheme is proved secure. Some computation and communication costs in our scheme are finished in preparation phase (i.e. user registration). Compared with the existing schemes, our scheme is more efficient.

• 한국강구조학회 논문집
• /
• 제23권5호
• /
• pp.557-568
• /
• 2011

공공 건설공사에서 공사 단계별 합리적인 공사비를 산정하는 것은 국가 예산의 효율적 확보 및 집행 등에 있어 매우 중요한 요소이다. 본 논문에서는 사업 초기단계의 가용정보가 제한된 조건에서 사례기반을 적용하여 강박스거더교의 개략공사비 추정 방안을 제시하였다. 또한 공사비 예측모델을 기존 설계사례에 대해 적용하여 본 논문에서 제시한 개략공사비 추정 모델의 정확성을 검증하였다. 연구 결과, 오차율은 비교적 안정적인 결과를 도출할 수 있었다. 따라서 국가 예산의 집행이나 수립에서 개략공사비 추정을 효율적으로 제시 할 수 있을 것으로 판단된다.

• 한국통신학회논문지
• /
• 제39B권6호
• /
• pp.370-378
• /
• 2014

잘 알려진 바와 같이 데이터마이닝 (Data Mining)은 대용량의 데이터를 분석하여 필요한 정보를 추출하는데 있어서 매우 중요한 역할을 수행한다. 그중에서 집합에 포함된 원소들의 빈도수 (Frequency)를 알아내는 것은 데이터마이닝에서 기본적으로 지원되어야 하는 필수기능이다. 동시에 사용자가 소유한 다중집합 (혹은 집합) 자체의 공개를 원하지 않는 경우에 대비하여 다중집합의 원소는 공개하지 않고 빈도수만 계산하는 방법이 필요하다. 본 논문에서는 암호학적 도구를 기반으로 사용하여 이러한 조건을 만족하는 기법을 개발하고, 이것의 안전성을 엄밀하게 증명한다. 본 논문에서 제안된 기법은 기존 기법들과 달리 첫째, 시스템 가정이 일반적이고 둘째, 통신/연산 복잡도가 효율적이고 마지막으로 엄밀한 안전성 증명을 제시한다.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제11권9호
• /
• pp.4609-4623
• /
• 2017

The commercialization of LTE/SAE technologies has begun a new era in which data can be transmitted at remarkably high rates. The security of the LTE/SAE network, however, remains problematic. The forward security in LTE/SAE X2 handover key management can be threatened by key compromise and de-synchronization attacks as base station in public spaces can be compromised. This study was conducted to address the lack of forward key security in X2 handover key management in scenarios in which an adversary controls a legal base station. We developed the proposed X2 handover key management by changing the parameter in the renewing step and adding a verification step. We compare the security and performance of our proposal with other similar schemes. Our enhancement scheme ensures forward separation security accompanied by favorable signal and computation load performance.