• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.17 no.6
• /
• pp.99-119
• /
• 2007

The USB flash drive is common used for portable storage. That is able to store large data and transfer data quickly and carry simply. But when you lose your USB flash drive without any security function in use, all stored data will be exposed. So the new USB flash drive supported security function was invented to compensate for the problem. In this paper, we analyze vulnerability of 6 control access program for secure USB flash drives. And we show that exposed password on communication between secure USB flash drive and PC. Also we show the vulnerability of misapplication for initialization. Further we develop a protection profile for secure USB flash drive based on the common criteria version 3.1. Finally, we examine possible threat of 6 secure USB flash drives and supports of security objectives which derived from protection profile.

• Journal of the Korea Society of Computer and Information
• /
• v.6 no.2
• /
• pp.116-122
• /
• 2001

A conventional multicast secure protocol. MVMRP, CBT is designed for a large scaled r protocol so the PIM-SM (protect Independent Multicst-Sparse Mode) routing protocol which small number of clients, long distance path among the hosts and shortest path routing chara weak point of require it's own Core tree and re-keying when the traffic is pass through the ro In this study, proposes a architect for a licit information secure of join/leave to all the user or on-service user. With proposed architect, subgroups for multicast secure group mana will be divided by RP (Rendezvous-Point) unit and each RP has a subgroup manager. As a result, the transmitting time is shortened because there is no need to data translation by group key on data sending and the whole architecture size is samller than the other multicast secure architecture.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.13 no.11
• /
• pp.5616-5630
• /
• 2019

Fully homomorphic encryption allows a third-party to perform arbitrary computation over encrypted data and is especially suitable for secure outsourced computation. This paper investigates secure outsourced computation of multiple matrix multiplication based on fully homomorphic encryption. Our work significantly improves the latest Mishra et al.'s work. We improve Mishra et al.'s matrix encoding method by introducing a column-order matrix encoding method which requires smaller parameter. This enables us to develop a binary multiplication method for multiple matrix multiplication, which multiplies pairwise two adjacent matrices in the tree structure instead of Mishra et al.'s sequential matrix multiplication from left to right. The binary multiplication method results in a logarithmic-depth circuit, thus is much more efficient than the sequential matrix multiplication method with linear-depth circuit. Experimental results show that for the product of ten 32×32 (64×64) square matrices our method takes only several thousand seconds while Mishra et al.'s method will take about tens of thousands of years which is astonishingly impractical. In addition, we further generalize our result from square matrix to non-square matrix. Experimental results show that the binary multiplication method and the classical dynamic programming method have a similar performance for ten non-square matrices multiplication.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.13 no.6
• /
• pp.3280-3298
• /
• 2019

Vehicular ad-hoc networks (VANETs) have become increasingly significant in intelligent transportation systems, they play a great role in improving traffic safety and efficiency. In the deployment of intelligent VANETs, intelligent vehicles can efficiently exchange important or urgent traffic information and make driving decisions. Meanwhile, secure data communication and vehicle's identity privacy have been highlighted. To cope with these security issues, in this paper, we construct an efficient anonymous authentication scheme with secure communication in intelligent VANETs. Combing the ElGamal encryption technique with a modified Schnorr signature technique, the proposed scheme provides secure anonymous authentication process for encrypted message in the vehicle-to-infrastructure communication model, and achieves identity privacy, forward security, and reply attack resistance simultaneously. Moreover, except the trusted authority (TA), any outside entity cannot trace the real identity of an intelligent vehicle. The proposed scheme is designed on an identity-based system, which can remove the costs of establishing public key infrastructure (PKI) and certificates management. Compared with existing authentication schemes, the proposed scheme is much more practical in intelligent VANETs.

• International Journal of Computer Science & Network Security
• /
• v.21 no.9
• /
• pp.1-10
• /
• 2021

The Internet of things (IoT) is the main advancement in data processing and communication technologies. In IoT, intelligent devices play an exciting role in wireless communication. Although, sensor nodes are low-cost devices for communication and data gathering. However, sensor nodes are more vulnerable to different security threats because these nodes have continuous access to the internet. Therefore, the multiparty security credential-based key generation mechanism provides effective security against several attacks. The key generation-based methods are implemented at sensor nodes, edge nodes, and also at server nodes for secure communication. The main challenging issue in a collaborative key generation scheme is the extensive multiplication. When the number of parties increased the multiplications are more complex. Thus, the computational cost of batch key and multiparty key-based schemes is high. This paper presents a Secure Multipart Key Distribution scheme (SMKD) that provides secure communication among the nodes by generating a multiparty secure key for communication. In this paper, we provide node authentication and session key generation mechanism among mobile nodes, head nodes, and trusted servers. We analyzed the achievements of the SMKD scheme against SPPDA, PPDAS, and PFDA schemes. Thus, the simulation environment is established by employing an NS 2. Simulation results prove that the performance of SMKD is better in terms of communication cost, computational cost, and energy consumption.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.1
• /
• pp.83-94
• /
• 2015

Deduplication, which is a technique of eliminating redundant data by storing only a single copy of each data, provides clients and a cloud server with efficiency for managing stored data. Since the data is saved in untrusted public cloud server, however, both invasion of data privacy and data loss can be occurred. Over recent years, although many studies have been proposed secure deduplication schemes, there still remains both the security problems causing serious damages and inefficiency. In this paper, we propose secure and efficient client-side deduplication with Key-server based on Bellare et. al's scheme and challenge-response method. Furthermore, we point out potential risks of client-side deduplication and show that our scheme is secure against various attacks and provides high efficiency for uploading big size of data.

• Journal of the Korea Society of Computer and Information
• /
• v.27 no.4
• /
• pp.53-60
• /
• 2022

Recently, as the amount of data collected by drones has rapidly increased, it is necessary to support cloud computing technology that can securely and efficiently store and process data. However, various security threats such as stealing, leaking, or tampering with data communicated by drones can occur due to attackers. Therefore, there is a need for security technology to provide secure communication of data collected from drones. Among various security technologies, the KP-ABE scheme, which is attribute-based encryption, is a security technology that satisfies two characteristics: data encryption and user access control. This paper researched the KP-ABE scheme and proposed a secure data access control scheme to the drone environment. This proposed scheme provides confidentiality and integrity of data communicated in a drone environment and secure access control and availability. In addition, it provides a fast ciphertext search and constant size ciphertext among the requirements to be provided in the KP-ABE scheme.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.10 no.5
• /
• pp.2394-2406
• /
• 2016

ABE has become an effective tool for data protection in cloud computing. However, since users possessing the same attributes share the same private keys, there exist some malicious users exposing their private keys deliberately for illegal data sharing without being detected, which will threaten the security of the cloud system. Such issues remain in many current ABE schemes since the private keys are rarely associated with any user specific identifiers. In order to achieve user accountability as well as provide key exposure protection, in this paper, we propose a key-insulated ciphertext policy attribute based encryption with key exposure accountability (KI-CPABE-KEA). In our scheme, data receiver can decrypt the ciphertext if the attributes he owns match with the self-centric policy which is set by the data owner. Besides, a unique identifier is embedded into each user's private key. If a malicious user exposes his private key for illegal data sharing, his identity can be exactly pinpointed by system manager. The key-insulation mechanism guarantees forward and backward security when key exposure happens as well as provides efficient key updating for users in the cloud system. The higher efficiency with proved security make our KI-CPABE-KEA more appropriate for secure data sharing in cloud computing.

• Design & Manufacturing
• /
• v.15 no.4
• /
• pp.14-23
• /
• 2021

In this study, we have analyzed the access status and the data usage trend of the public Wi-Fi on the bus, which has not been carried out in the previous studies. The analysis period of this study is 5 months from Nov. 2020 to Mar. 2021. When we compared the access status of Seoul metropolitan and the non-metropolitan region against each region's deployment status ratio, the access ratio of the metropolitan region was higher than the non-metropolitan region, of which the gap was 4.53%. The access for each region showed the growing trend, which was 43.5% on average. The data usage also showed the growing trend, 2.7% on average. Weekly data usage showed the growing trend irrespective of weekdays or weekends. The data usage of the weekdays was 695GB higher than weekends. The data usage during commuting hours including school (7:00~9:00 a.m. and 4:00~6:00 p.m.) was higher than 3,000GB. We can conclude that bus public Wi-Fi was used more actively in non-metropolitan region than Seoul metropolitan region by the office workers and students. The secure access also showed the growing trend. And the secure data usage also showed the growing trend.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.11 no.3
• /
• pp.69-77
• /
• 2015

MANET is composed of only the mobile nodes have a limited transmission range. The dynamic topology by the frequent movement of nodes makes routing difficult and is also cause exposed to security vulnerabilities. In this paper, we propose the security routing technique consisted of mechanism of two steps in order to respond effectively to attack by the modification of the routing information and transmit secure data. The hierarchical structure is used and the authentication node that issues the key of the nodes within each cluster is elected in this proposed method. The authentication node manages key issues and issued information for encrypting the routing information from the source node. The reliability value for each node is managed to routing trust table in order to secure data transmission. In the first step, the route discovery is performed using this after the routing information is encrypted using the key issued by the authentication node. In the second step, the average reliability value of the node in the found path is calculated. And the safety of the data transmission is improved after the average reliability value selects the highest path. The improved performance of the proposed method in this paper was confirmed through comparative experiments with CBSR and SEER. It was confirmed a better performance in the transmission delay, the amount of the control packet, and the packet transmission success ratio.