• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.16 no.7
• /
• pp.4884-4890
• /
• 2015

These days most of people possesses an average of one to two mobile devices in the world and a wireless network market is gradually expanding. Wi-Fi preference are increasing in accordance with the use growth of mobile devices. A number of areas such as public agencies, health care, education, learning, and content, manufacturing, retail create new values based on Wi-Fi, and the global network is built and provides complex services. However, There exist some attacks and vulnerabilities like wireless radio device identifier vulnerability, illegal use of network resources through the MAC forgery, wireless authentication key cracking, unauthorized AP / devices attack in the next generation radio network environment. In addition, advanced security technology research, such as authentication Advancement and high-speed secure connection is not nearly progress. Therefore, this paper designed a secure communication system for message protection in next-generation wireless network environments by device identification and, designing content classification and storage protocols. The proposed protocol analyzed safeties with respect to the occurring vulnerability and the securities by comparing and analyzing the existing password techniques in the existing wireless network environment. It is slower 0.72 times than existing cypher system, WPA2-PSK, but enforces the stability in security side.

• Journal of KIISE:Computer Systems and Theory
• /
• v.37 no.4
• /
• pp.226-238
• /
• 2010

OpenSSL is an open-source library implementing SSL that is a secure communication protocol. However, the library has a severe vulnerability that its security information can be easily exposed to malicious software when the library is used in a form of shared library on Linux and UNIX operating systems. We propose a scheme to attack the vulnerability of the OpenSSL library. The scheme injects codes into a running client program to execute the following attacks on the vulnerability in a SSL handshake. First, when a client sends a server a list of cryptographic algorithms that the client is willing to support, our scheme replaces all algorithms in the list with a specific algorithm. Such a replacement causes the server to select the specific algorithm. Second, the scheme steals a key for data encryption and decryption when the key is generated. Then the key is sent to an outside attacker. After that, the outside attacker decrypts encrypted data that has been transmitted between the client and the server, using the specified algorithm and the key. To show that our scheme is realizable, we perform an experiment of collecting encrypted login data that an ftp client using the OpenSSL shared library sends its server and then decrypting the login data.

• The KIPS Transactions:PartC
• /
• v.14C no.1 s.111
• /
• pp.27-38
• /
• 2007

IPv6 has appeared for solving the address exhaustion of IPv4 and for guaranteeing the problems of security and QoS. It occurs the unexpected new attacks of IPv6 as well as the existing attacks of IPv4 because of the increasing address space to 128bits and the address hierarchies for efficient network management and additions of the new messages between nodes and routers like neighbor discovery and auto address configuration for the various comfortable services. For the successful transition from IPv4 to IPv6, we should get the secure compatibility between IPv4 hosts or routers working based on secure and systematic policy and IPv6. Network manager should design security technologies for efficient management in IPv4/IPv6 co-existence network and IPv6 network and security management framework designation. In this paper, we inspected the characteristics of IPv4 and IPv6, study on security requirement for efficient security management of various attacks, protocol, service in IPv4/IPv6 co-existence and IPv6 network, and finally suggest integrated solution about security vulnerability of IPv6 network in considering of analysis of IPv6 system, host and application, IPv6 characteristics, modified CGA(MCGA).

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.19 no.3
• /
• pp.119-131
• /
• 2009

The world's widely used key exchange protocols are open cryptographic communication protocols, such as TLS/SSL, whereas in the financial field in Korea, key exchange protocols developed by industrial classification group have been used that are based on PKI(Public Key Infrastructure) which is suitable for the financial environments of Korea. However, the key exchange protocols are not only vulnerable to client impersonation attacks and known-key attacks, but also do not provide forward secrecy. Especially, an attacker with the private keys of the financial security server can easily get an old session-key that can decrypt the encrypted messages between the clients and the server. The exposure of the server's private keys by internal management problems, etc, results in a huge problem, such as exposure of a lot of private information and financial information of clients. In this paper, we analyze the weaknesses of the cryptographic communication protocols in use in Korea. We then propose two key exchange protocols which reduce the replacement cost of protocols and are also secure against client impersonation attacks and session-key and private key reveal attacks. The forward secrecy of the second protocol is reduced to the HDH(Hash Diffie-Hellman) problem.

• Journal of the Korea Society of Computer and Information
• /
• v.14 no.11
• /
• pp.105-111
• /
• 2009

The study aims to propose the intelligent clustering technique that calculates the distance by improving the problems of multi-hop clustering technique for inter-vehicular secure communications. After calculating the distance between vehicles with no connection for rapid transit and clustering it, the connection between nodes is created through a set distance vale. Header is selected by the distance value between nodes that become the identical members, and the information within a group is transmitted to the member nodes. After selecting the header, when the header is separated due to its mobility, the urgent situation may occur. At this time, the information transfer is prepared to select the new cluster header and transmit it through using the intelligent cluster provided from node by the execution of programs included in packet. The study proposes the cluster technique of the intelligent distance estimation for the mobile Ad-hoc network that calculates the cluster with the Store-Compute-Forward method that adds computing ability to the existing Store-and-Forward routing scheme. The cluster technique of intelligent distance estimation for the mobile Ad-hoc network suggested in the study is the active and intelligent multi-hop cluster routing protocol to make secure communications.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.33 no.8B
• /
• pp.636-645
• /
• 2008

Most of routing schemes that protect the source's location from a malicious attacker usually make use of a path of a long length per message for the sake of lengthening the safety period. The biggest problem to such approaches is taking a very long latency in transferring messages to the destination. In this paper we show the problem to find the least-cost single path that is enough to keep the source-location always secure from the attacker, provided that it is used for the delivery of a set of messages given in priori, is NP-complete. Consequently we propose a routing protocol GSLP-w(GPSR-based Source-Location Privacy with crew size co) that is a trade-off between two extreme approaches. The advantage of GSLP-co lies in its enhanced safety period for the source and its lowered delivery latency in messaging. We consider NSP(Normalized Sefety Period) and NDL(Normalized Delivery Latency), measured in terms of the least number of hops to the destination, to achieve tangible interpretation of the results. We ran a simulation to confirm our claim by generating 100 topologies of 50,000 nodes with the average number of neighbors being 8. The results show that GSLP-$\omega$ provides more enhanced NSP compared to other protocols GSLP, an earlier version of GSLP-$\omega$, and PR-SP(Phantom Routing - Single Path), the most notable existing protocol for the source-location privacy, and less NDL than that of GSLP but more than that of PR-SP.

• Management & Information Systems Review
• /
• v.28 no.3
• /
• pp.191-210
• /
• 2009

Internet was first designed only for sending data, but as the time passed, internet started to evolve into a broadband multi-media web that is capable of transmitting sound, video, high-capacity data and more due to the demands of internet users and the rapid changing internet-communication technology. Domestically, in January, 2000 Saerom C&T, launched a free VoIP, but due to limited ways of conversation(PC to PC) and absence of a revenue model, and bad speech quality, it had hit it's growth limit. This research studied VoIP based on technological enhancement in super-speed internet. According to IDC, domestic internet market's size was 80,800 million in 2008, and it formed a percentage of 12.5% out of the whole sound-communication market. in case of VoIP, it is able to maximize it's profit by connecting cable and wireless network, also it has a chance of becoming firm-concentrated monopoly market by fusing with IPTV. Considering the fact that our country is insignificant in MVNO revitalization, regulating organizations will play a significant roll on regulating profit between large and small businesses. Further research should be done to give VoIP a secure footing to prosper and become popularized.

• The KIPS Transactions:PartC
• /
• v.12C no.7 s.103
• /
• pp.949-958
• /
• 2005

In the paper we study key agreement schemes when a party needs to establish a session key with each of several parties, thus having multiple session keys. This situation can be represented by a graph, tailed a key graph, where a vertex represents a party and an edge represents a relation between two parties sharing a session key. graphs to establish all session keys corresponding to all edges in a key graph simultaneously in a single session. A key agreement protocol of a key graph is a natural extension of a two-party key agreement protocol. We propose a new key exchange model for key graphs which is an extension of a two-party key exchange model. using the so-called randomness re-use technique which re-uses random values to make session keys for different sessions, we suggest two efficient key agreement protocols for key graphs based on the decisional Diffie-Hellman assumption, and prove their securities in the key exchange model of key graphs. Our first scheme requires only a single round and provides key independence. Our second scheme requires two rounds and provides forward secrecy. Both are proven secure In the standard model. The suggested protocols are the first pairwise key agreement protocols and more efficient than a simple scheme which uses a two-party key exchange for each necessary key. Suppose that a user makes a session key with n other users, respectively. The simple scheme's computational cost and the length of the transmitted messages are increased by a factor of n. The suggested protocols's computational cost also depends on n, but the length of the transmitted messages are constant.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.21 no.10
• /
• pp.602-608
• /
• 2020

Development of Internet technology and the spread of various smart devices provide a convenient computing environment for people, which is becoming common thanks to the Internet of Things (IoT). However, attacks by hackers have caused various problems, such as leaking personal information or violating privacy. In the IoT environment, various smart devices are connected, and network attacks that are used in the PC environment are occurring frequently in the IoT. In fact, security incidents such as conducting DDoS attacks by hacking IP cameras, leaking personal information, and monitoring unspecified numbers of personal files without consent are occurring. Although attacks in the existing Internet environment are PC-oriented, we can now confirm that smart devices such as IP cameras and tablets can be targets of network attacks. Through performance evaluation, the proposed protocol shows 11% more energy efficiency on servers than RSA, eight times greater energy efficiency on clients than Kerberos, and increased efficiency as the number of devices increases. In addition, it is possible to respond to a variety of security threats that might occur against the network. It is expected that efficient operations will be possible if the proposed protocol is applied to the IoT environment.

• The Journal of Korean Society for Radiation Therapy
• /
• v.17 no.1
• /
• pp.41-43
• /
• 2005

Purpose : Wish to present degree management process that is efficient confirm radiation treatment exclusive use CT simulator's Q.A item that become Q.A and Differentiation of diagnosis area that present Report of the AAPM Task Group No.66 using Q.A tool that produce itself and secure safe and correct CT-simulation process and equip convenience. Method and material : Manufacture CT simulator's Q.A tool on source and confirm virtue between isocenter of wall laser system, patient table, CT scanner's imaging plane that present in Report of the AAPM Task Group No.66 by daily publication unit. Result : Confirmed measured value from Report of the AAPM Task Group No.66 to confirmation of presenting degree management item in wall laser's ${\pm}2mm$, table's ${\pm}2mm$, imaging plane's ${\pm}2mm$ tolerance extent. Conclusion : There is unconfirmed item from CT-simulation process for therapy to CT Q.A protocol of existent diagnosis area, premising suitable degree management of radiation treatment exclusive use CT-simulator equipment confirming presenting Q.A item in Report of the AAPM Task Group No.66 safe and correct CT-simulation process guarantee can