• Journal of KIISE:Information Networking
• /
• v.29 no.5
• /
• pp.583-594
• /
• 2002

Assuring the security of group communications such as tole-conference and software distribution requires a common group key be shared among the legal members in a secure manner. Especially for large groups with frequent membership change, efficient rekey mechanism is essential for scalability. One of the most popular ways to provide sealable rekey is to partition the group into several subgroups. In this paper, we propose a two-layered key management scheme which combines DEP and CBT, a protocol in which subgroup manager cannot access the multicast data and another that has a multi-core, respectively. We also select sub-group key management protocols suitable for our structure and design new rekey protocols to exclude the subgroup managers from the multicast data. Compared to previous protocols based on CBT, our scheme provides forward secrecy, backward secrecy and scalability. This would reduce the number of encryption and decryption for a rekey message and would improve the efficiency number of rekey messages and the amount of information related to group members that group managers must maintain compared to DEP.

• The KIPS Transactions:PartC
• /
• v.15C no.6
• /
• pp.573-586
• /
• 2008

The improved performance and miniaturization of computer and the improvement of wireless communication technology have enabled the emergence of many high quality services. Among them multicast services are receiving much attention and their usage is increasing due to the increase of Internet multimedia services such as video conference, multimedia stream, internet TV, etc. Security plays an important role in mobile multicast services. In this paper, we proposed a secure multicast protocol for a hierarchical micro-mobility environment. The proposed secure multicast protocol provides security services such as authentication, access control, confidentiality and integrity using mechanisms including symmetric/asymmetric key crypto-algorithms and capabilities. To provide forward/backward secrecy and scalability, we used sub-group keys based on the hierarchical micro-mobility environment. With this security services, it is possible to guard against all kinds of security attacks performed by illegal mobile nodes. Attacks executed by internal nodes can be thwarted except those attacks which delete packet or cause network resources to be wasted. We used simulator to measure the performance of proposed protocol. As a result, the simulation showed that effect of these security mechanisms on the multicast protocol was not too high.

• Journal of the Korea Convergence Society
• /
• v.6 no.6
• /
• pp.81-86
• /
• 2015

The threats to privacy and security have received increasing attention as ubiquitous healthcare applications over the Internet become more prevalent, mobile and universal. In particular, we address the communication security issues of access sharing of health information resources in the ubiquitous healthcare environment. The proposed scheme resolves the sender and data authentication problem in information systems and group communications. We propose a novel key management scheme for generating and distributing cryptographic keys to constituent users to provide form of data encryption method for certain types of data concerning resource constraints for secure communications in the ubiquitous healthcare domains.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.6
• /
• pp.1561-1569
• /
• 2016

As the use of the sensor device increases in IoT environment, the need for device security is becoming more and more important When a sensor device is deployed in IEEE 802.15.4-based LoWPAN, it has to perform the join operation with PAN Coordinator and the binding operation with another device. In the join and binding process, authentication and key distribution of the device are performed using the pre-distributed network key or certificate. However, the network key used in the conventional method has problems that it's role is limited to the group authentication and individual identification is not applied in certificate issuing. In this paper, we propose a secure join and binding protocol in LoWPAN environment that solves the problems of pre-distributed network key.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.15 no.3
• /
• pp.109-114
• /
• 2005

On the research for constructing secure group-oriented proxy signature schemes, there are several proposals of threshold proxy signature schemes which combine the notions of proxy signature with threshold signature. Recently, Hsu and Wu proposed a threshold proxy signature scheme which uses a self-certified public key based on discrete logarithm problem. In this paper, we show that this scheme is vulnerable to original signer's forgery attack. So our attack provides the evidence that this scheme does not satisfy nonrepudiation property.

• Proceedings of the Korea Multimedia Society Conference
• /
• 2004.05a
• /
• pp.45-48
• /
• 2004

Diffie-Hellman(DH) 키공유 기법[1]이 제안된 후 많은 종류의 키공유 기법들이 연구되었으며, 특히 특정한 그룹 내의 구성원들이 안전한 통신을 할 수 있게 하기 위한 그룹 기반의 키공유 기법들이 제안되었다. 이러한 기법들은 PKI(Public Key Infrastructure) 등을 사용하는 여러 응용들에서 쉽게 사용될 수 있지만, ad-hoc통신망과 같이 특정한 기반구조를 사용할 수 없는 환경에서는 적용하기 어렵다. [2]에서는 ad-hoc 환경에서 사용할 수 있는 그룹(conference) 기반의 키공유 기법을 제안하였지만, n$^{+2}$ 라운드의 통신량이 요구되며, 그룹 구성원들의 위치정보와 같은 부가정보를 알고 있어야 하는 문제점이 있다. 본 논문에서는 ad-hoc 환경에서 그룹 구성원들의 위치정보를 알 필요 없는 효율적인 2-라운드 키공유 기법을 제안한다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2012.11a
• /
• pp.969-972
• /
• 2012

기존의 CCTV와는 달리 IP Camera는 네트워크에 유선 또는 무선으로 직접 연결되며 IP Camera에 임베디드된 웹 서버를 통하여 서비스를 제공한다. 한 건물 또는 지역 안에는 다수의 IP Camera가 설치될 수 있다. 이때 각 각의 IP Camera에 웹 서버가 존재하기 때문에 웹서버 마다 다른 key를 가지고 관리하게 되어 서버 관리에 있어서 비효율적이다. 또한 단순 ID, Password로 사용자 인증을 하며 별도의 암호화 과정을 거치지 않기 때문에 취약점을 갖는다. 따라서 본 논문에서는 그룹 키를 이용하여 다수의 웹 서버의 키를 관리하고 PKI 암호를 통하여 사용자 인증 및 세션 키를 생성함으로써 위장 공격, 기밀성, 무결성, 재사용 공격 등의 보안 취약점을 강화한다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.11 no.6
• /
• pp.89-103
• /
• 2001

Through the increment of requirement for group oriented communication services, the multicast infrastructure based on a wire and wireless network has become a widely discussed researching topic. However the research of the security properties safety, efficiency and scaleability in a multicast structure, has not been enough. In this study, we propose a scalable secure multicast key management structure based on PKI(Public Key Infrastructure), IPSec, domain subgroup and structural two mode scheme to provide a integrated multicast service. Also we discuss and propose the digital nominative group signature a refreshing method for satisfying the security and trusty on the network. At the base of this work we certify to the usability of new proposed scheme from comparing it with conventional schemes in the part of safety, efficiency and scaleability.

• Journal of KIISE:Information Networking
• /
• v.37 no.1
• /
• pp.72-83
• /
• 2010

Group communication in a wireless mesh network is complicated due to dynamic intermediate mesh points, access control for communications between different administrative domains, and the absence of a centralized network controller. Especially, many-to-many multicasting in a dynamic mesh network can be modeled by a decentralized framework where several subgroup managers control their members independently and coordinate the inter-subgroup communication. In this study, we propose a topology-matching decentralized group key management scheme that allows service providers to update and deliver their group keys to valid members even if the members are located in other network domains. The group keys of multicast services are delivered in a distributed manner using the identity-based encryption scheme. Identity-based encryption facilitates the dynamic changes of the intermediate relaying nodes as well as the group members efficiently. The analysis result indicates that the proposed scheme has the advantages of low rekeying cost and storage overhead for a member and a data relaying node in many-to-many multicast environment. The proposed scheme is best suited to the settings of a large-scale dynamic mesh network where there is no central network controller and lots of service providers control the access to their group communications independently.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.10 no.8
• /
• pp.1443-1448
• /
• 2006

As computers and networks become popular, distributing information on the Internet is common in our daily life. In the past, e-mail has been the primary choice of exchanging information but messengers are gaining popularity abroad and domestically because of their nature of getting immediate responses. Information leakage by invasion that is enemy of evil in communication of communications division Server and Agent between each agents that become burden of communication for effective administration of data for most of existing messenger is becoming an issue. In this paper, we design a secure messenger system that could be obtained maximum security. It use ECC based on ElGamal methodology using PKI for secure communication. For the message encryption and decryption between the same group non, each group is kept distinct by drawing an elliptic curve and an arbitrary point is chosen on the curve.