• Title/Summary/Keyword: Security Token

Search Result 152, Processing Time 0.026 seconds

Low-Power Design of Hardware One-Time Password Generators for Card-Type OTPs

  • Lee, Sung-Jae;Lee, Jae-Seong;Lee, Mun-Kyu;Lee, Sang-Jin;Choi, Doo-Ho;Kim, Dong-Kyue
    • ETRI Journal
    • /
    • v.33 no.4
    • /
    • pp.611-620
    • /
    • 2011
  • Since card-type one-time password (OTP) generators became available, power and area consumption has been one of the main issues of hardware OTPs. Because relatively smaller batteries and smaller chip areas are available for this type of OTP compared to existing token-type OTPs, it is necessary to implement power-efficient and compact dedicated OTP hardware modules. In this paper, we design and implement a low-power small-area hardware OTP generator based on the Advanced Encryption Standard (AES). First, we implement a prototype AES hardware module using a 350 nm process to verify the effectiveness of our optimization techniques for the SubBytes transform and data storage. Next, we apply the optimized AES to a real-world OTP hardware module which is implemented using a 180 nm process. Our experimental results show the power consumption of our OTP module using the new AES implementation is only 49.4% and 15.0% of those of an HOTP and software-based OTP, respectively.

The Distributed Encryption Processing System for Large Capacity Personal Information based on MapReduce (맵리듀스 기반 대용량 개인정보 분산 암호화 처리 시스템)

  • Kim, Hyun-Wook;Park, Sung-Eun;Euh, Seong-Yul
    • Journal of the Korea Institute of Information and Communication Engineering
    • /
    • v.18 no.3
    • /
    • pp.576-585
    • /
    • 2014
  • Collecting and utilizing have a huge amount of personal data have caused severe security issues such as leakage of personal information. Several encryption algorithms for collected personal information have been widely adopted to prevent such problems. In this paper, a novel algorithm based on MapReduce is proposed for encrypting such private information. Furthermore, test environment has been built for the performance verification of the distributed encryption processing method. As the result of the test, average time efficiency has improved to 15.3% compare to encryption processing of token server and 3.13% compare to parallel processing.

QNFT: A Post-Quantum Non-fungible Tokens for Secure Metaverse Environment

  • Abir El Azzaoui;JaeSoo Kim
    • Journal of Information Processing Systems
    • /
    • v.20 no.2
    • /
    • pp.273-283
    • /
    • 2024
  • The digital domain has witnessed unprecedented growth, reshaping the way we interact, work, and even perceive reality. The internet has evolved into a vast ecosystem of interconnected virtual worlds, giving birth to the concept of the Metaverse. The Metaverse, often envisioned as a collective virtual shared space, is created by the convergence of virtually enhanced physical reality and interactive digital spaces. Within this Metaverse space, the concept of ownership, identity, and authenticity takes on new dimensions, necessitating innovative solutions to safeguard individual rights. The digital transformation through Metaverse has also brought forth challenges, especially in copyright protection. As the lines between the virtual and physical blur, the traditional notions of ownership and rights are being tested. The Metaverse, with its multitude of user-generated content, poses unique challenges. The primary objective of this research is multifaceted. Firstly, there's a pressing need to understand the strategies employed by non-fungible token (NFT) marketplaces within the Metaverse to strengthen security and prevent copyright violations. As these platforms become centers for digital transactions, ensuring the authenticity and security of each trade becomes paramount. Secondly, the study aims to delve deep into the foundational technologies underpinning NFTs, from the workings of blockchain to the mechanics of smart contracts, to understand how they collectively ensure copyright protection. Thus, in this paper, we propose a quantum based NFT solution that can secure Metaverse and copyright contents in an advanced manner.

Study on the Connection with Public Authentication and Bio Authentication (공인인증서와 바이오인증 연계를 위한 연구)

  • Ryu, Gab-Sang
    • Journal of Internet of Things and Convergence
    • /
    • v.1 no.1
    • /
    • pp.39-44
    • /
    • 2015
  • Organization is increasing the authorizing process to use public certificate and bio information. Certificate, has evolved to be able to parallel distributes the bio authentication and portable bio-authentication device. Authentication using an individual's PC and smart devices continue to generalize, while convenience for authentication is increased by comparison Study on cooperation with the security at the network level's a weak situation. If ask authentication method through the cooperation of the public certificate and bio information work with current network access control, there is a possibility to develop a more powerful security policy. by cooperation weaknesses against vulnerable personal authentication techniques on security token in a reliable and secure personal authentication techniques, such as bio-recognition, Bio Information for identification and to prevent exposing a methodology suggest to validate whether or not to carry out in this paper. In addition, organize the scenario that can work with the 802.1x network authentication method, and presented a proposal aimed at realization.

A Convergence Technology of IPTV-RFID against Clone Attack (Clone 공격에 강한 IPTV-RFID 융합 기술)

  • Jeong, Yoon-Su;Kim, Yong-Tae;Park, Gil-Cheol;Lee, Sang-Ho
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.20 no.2
    • /
    • pp.145-156
    • /
    • 2010
  • Now a days, the development of TV and internet like communicational technique makes IPTV service which combines internet with multimedia contents increase. But when a user gets service in specific place, the certification process and user's ID check in IPTV service is complicate so that there occurs communicational difficulty like increasing illegal users and service delay etc. This paper proposes communication security mechanism to prevent Clone attack which happens in wireless section by efficiently extracting illegal user. The proposed mechanism performs key distribution procedure, inter certification procedure, and key initiation procedure by putting security agent in RFID-USB for RFID tags users use to perform plug-and-plug function. Also, the proposed mechanism updates the hased token value by its ID and the random number which RFID-USB creates whenever a user accesses in the area of RFID-USB so that it protects reply attack and man-in-the-middle attack which happen often in the area of wireless section.

The automatic generation of MPTCP session keys using ECDH (MPTCP에서 ECDH를 이용한 세션 키 자동생성에 관한 연구)

  • Sun, Seol-hee;Kim, Eun-gi
    • Journal of the Korea Institute of Information and Communication Engineering
    • /
    • v.20 no.10
    • /
    • pp.1912-1918
    • /
    • 2016
  • MPTCP(Multipath Transmission Control Protocol) is able to compose many TCP paths when two hosts connect and the data is able to be transported through these paths simultaneously. When a new path is added, the authentication between both hosts is necessary to check the validity of host. So, MPTCP exchanges a key when initiating an connection and makes a token by using this key for authentication. However the original MPTCP is vulnerable to MITM(Man In The Middle) attacks because the key is transported in clear text. Therefore, we applied a ECDH(Elliptic Curve Diffie-Hellman) key exchange algorithm to original MPTCP and replaced the original key to the ECDH public key. And, by generating the secret key after the public key exchanges, only two hosts is able to make the token using the secret key to add new subflow. Also, we designed and implemented a method supporting encryption and decryption of data using a shared secret key to apply confidentiality to original MPTCP.

A Design of Smart Banking System using Digital Signature based on Biometric Authentication (바이오인증 기반의 전자서명을 이용한 스마트 뱅킹 시스템 설계)

  • Kim, Jae-Woo;Park, Jeong-Hyo;Jun, Moon-Seog
    • Journal of the Korea Academia-Industrial cooperation Society
    • /
    • v.16 no.9
    • /
    • pp.6282-6289
    • /
    • 2015
  • Today, there is an increasing number of cases in which certificate information is leak, and accordingly, electronic finance frauds are prevailing. As certificate and private key a file-based medium, are easily accessible and duplicated, they are vulnerable to information leaking crimes by cyber-attack using malignant codes such as pharming, phishing and smishing. Therefore, the use of security token and storage toke' has been encouraged as they are much safer medium, but the actual users are only minimal due to the reasons such as the risk of loss, high costs and so on. This thesis, in an effort to solve above-mentioned problems and to complement the shortcomings, proposes a system in which digital signature for Internet banking can be made with a simply bio-authentication process. In conclusion, it was found that the newly proposed system showed a better capability in handling financial transitions in terms of safety and convenience.

An Extended I-O Modeling Methodology based on FSM (유한상태기계에 기반한 확장된 I-O 모델링 방법론)

  • Oh, Soo-Yeon;Wang, Gi-Nam;Kim, Ki-Hyung;Kim, Kangseok
    • Journal of the Korea Society for Simulation
    • /
    • v.25 no.4
    • /
    • pp.21-30
    • /
    • 2016
  • Recently manufacturing companies have used PLC control programs popularly for their automated production systems. Since the life cycle of production process is not so long, the change of the production lines occur frequently. Most of changes happen with modification of the position information and control process of the equipment. PLC control program is also modified based on the fundamental process. Therefore, to verify new PLC program by configuring virtual space according to real environment is needed. In this paper we show a logical modeling method, based on Timed-FSA useful for sequence control and dead-lock prevention. There is a problem wasting user's labor and time when defining a variety of states in a device. To overcome this problem, we propose an extended I-O model based on existing methods by adding a token concept of Petri Nets. Also we will show the usability of the extended I-O modeling through user study.

A GDPR based Approach to Enhancing Blockchain Privacy (GDPR에 기반한 블록체인 프라이버시 강화 방안)

  • Han, Sejin;Kim, Suntae;Park, Sooyoung
    • The Journal of the Institute of Internet, Broadcasting and Communication
    • /
    • v.19 no.5
    • /
    • pp.33-38
    • /
    • 2019
  • In this paper, we propose a new blockchain technology that could comply with GDPR. The proposed model can prevent illegal access by controlling access to the personal information according to a access policy. For example, it can control access to the information on a role-basis and information validation period. The core mechanism of the proposed model is to encrypt the personal information with public key which is associated with users attributes policy, and then decrypt it with a private key and users attributes based on a Attribute-based Encryption scheme. It can reduce a trusted third-part risk by replacing it with a number of nodes selected from the blockchain. And also the private key is generated in the form of one-time token to improve key management efficiency. We proved the feasibility by simulating the proposed model using the chaincode of the Hyperledger Fabric and evaluate the security.

A Design and Implementation of the Easy Payment System by Using Mobile Device (모바일 휴대장치(스마트폰)를 이용한 간편 결제 시스템 설계 및 구현)

  • Kim, Dae-Kyu;Choi, Se-Ill
    • The Journal of the Korea institute of electronic communication sciences
    • /
    • v.10 no.5
    • /
    • pp.607-614
    • /
    • 2015
  • In this paper, we propose about NFC-based mobile Easy Payment System. Already announced about kind of similar payment system by use smart phone NFC function. However this proposition system will uses an encrypted token and user indirect authentication. This feature makes through to simplify payment without other input necessary information. Also my proposition system has easy security certification process. This mean my system does not adequately to use payment of a large amount. But in retail payment will be very useful payment system.