• Journal of KIISE:Information Networking
• /
• v.31 no.4
• /
• pp.347-352
• /
• 2004

In this paper, we propose a new key exchange protocol which authenticates each other and shares a session key between a user and a server over an insecure channel using only a small password. The security of the protocol is based on the difficulty of solving the discrete logarithm problem and the Diffie-Hellman problem and the cryptographic strength of hash function. The protocol is secure against the man-in-the-middle attack, the password guessing attack, the Denning-Sacco attack, and the stolen-verifier attack, and provide the perfect forward secrecy. Furthermore, it is more efficient than other well-known protocols in terms of protocol execution time because it could be executed in parallel and has a simple structure.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.5 no.1
• /
• pp.10-16
• /
• 2010

90/150 CA is a CA completely specified by using rule 90 and rule 150. Since 90/150 CA whose minimal and characteristic polynomials are identical has outstanding randomness, this CA is more attractive than LFSR. Sarkar proposed a scheme based on the 90 uniform CA and the 150 uniform CA. That scheme provided authentication by digital signature and other basic security requirements like confidentiality. In this paper we analyze 90 or 150 uniform CA and give a synthesis method of 2n-cell uniform CA and (2n+1)-cell uniform CA using a special n-cell 90/150 CA. And we propose an effective method of computation of characteristic polynomial corresponding to uniform CA.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.15 no.4
• /
• pp.51-62
• /
• 2019

Recently, as the number of Smart Phone users increase, the simple payment system has been able to make payments using only card information such as a registered password without extra authorized certificate authentication or input of card information. In this paper, it will examine and analyze simple payment system provided by IT companies and financial institutions and the simple payment system that operates global online payment system by case view of operational direction. Then with this examination, it will study ways to improve the problems with terms of convenience and stability in terms of users. In this paper, it will analyze the inconvenient problem in using the QR code system that recently introduced and will propose solutions. Also, it will propose suggestions to solve inconvenience that caused by system that supports NFC simple payment terminal in Korea is not universalize by analyze case study on the overseas simple payment system. It will also propose opinions on the matters that customer having responsible for event of a small financial accident related to loss or theft when using the simple payment system. Then it will suggest expected requirements to prepare new security technical countermeasures and solve the conditions of meeting expectation satisfaction of users.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.17 no.1
• /
• pp.49-56
• /
• 2013

Among U-healthcare services adapting the latest IT technique and medical technique, a body-injecting device technique providing medical service to a patient who has incurable disease. But the body-injecting device technique can be easily exposed during wireless section to the third person and it can be used illegally. This paper proposes certification protocol which certifies a patient and hospital staff using random number created by certification server and a patient with hospital staff by synchronization. Specially, the proposed protocol uses security information created by information registered in certification server previously by a patient and hospital staff so that in keeps from accessing of third person who didn't get approval. And it gives more stability.

• Journal of IKEEE
• /
• v.23 no.2
• /
• pp.413-418
• /
• 2019

Attacks on existing sensor networks include sniffing, flooding, and spoofing attacks. The basic countermeasures include encryption and authentication methods and switching methods. Wormhole attack, HELLO flood attack, Sybil attack, sinkhole attack, and selective delivery attack are the attacks on the network layer in wireless sensor network (WSN). These attacks may not be defended by the basic countmeasures mentioned above. In this paper, new countermeasures against these attacks include periodic key changes and regular network monitoring. Moreover, we present various threats (attacks) in the network layer of wireless sensor networks and new countermeasures accordingly.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.17 no.5
• /
• pp.1450-1470
• /
• 2023

In a Vehicular Cloud (VC) network, an announcement protocol plays a critical role in promoting safety and efficiency by enabling vehicles to disseminate safety-related messages. The reliability of message exchange is essential for improving traffic safety and road conditions. However, verifying the message authenticity could lead to the potential compromise of vehicle privacy, presenting a significant security challenge in the VC network. In contrast, if any misbehavior occurs, the accountable vehicle must be identifiable and removed from the network to ensure public safety. Addressing this conflict between message reliability and privacy requires a secure protocol that satisfies accountability properties while preserving user privacy. This paper presents a novel announcement protocol for secure communication in VC networks that utilizes group signature to achieve seemingly contradictory goals of reliability, privacy, and accountability. We have developed the first comprehensive announcement protocol for VC using group signature, which has been shown to improve the performance efficiency and feasibility of the VC network through performance analysis and simulation results.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.3 no.2
• /
• pp.118-128
• /
• 2008

Currently analyzed the various real estate electronic transaction relation service present condition which is enforced from the government offices. And applied a real estate electronic transaction and enforces and the representative instance which selected analyzed. Analysis leads, groped the constituent unit by construction plan of real estate electronic transaction system of governmental leading and unit system construction investigated a priority. And delivered Real Estate Contents Information in DRM Serever for authentication, decoding, and license downloading for cases of charged contents. This can retain the merits of P2P technology to its full extent while solving the biggest issue addressed: copyright problems.

• Journal of the Korea Computer Industry Society
• /
• v.4 no.4
• /
• pp.625-632
• /
• 2003

We are view of the information on VPN(Virtual private Network) into each difference layer protocol. network on mutuality exchanged of information is importance of the confidentiality and Integrity. But it is presented problems about compatability and availability between variable equipment as several protocol. hence, it was achieved of the transmission through encryption and authentication of information, although there is secured an intended attack from the third intruder. so tunneling VPN system on achieving, each layer position transmit of mutuality exchanged. This study will investigate the codification and certified security status when layer2 and layer 3 informations are each transmitted using protocol with integrity Public Key. In addition, we will using protocol and the performance analysis difference between layers and layers.

• Journal of Sensor Science and Technology
• /
• v.16 no.4
• /
• pp.277-285
• /
• 2007

In this paper, we outline the research issues that we are pursuing towards building of location aware environments for mainly ubiquitous healthcare applications. Such location aware application can provide what is happening in this space. To locate an object, such as patient or elderly person, the active ceiling-mounted reference beacons were placed throughout the building. Reference beacons periodically publish location information on RF and ultrasonic signals to allow application running on mobile or static nodes to study and determine their physical location. Once object-carried passive listener receives the information, it subsequently determines it's location from reference beacons. The cost of the system was reduced while the accuracy in our experiments was fairly good and fine grained between 7 and 12 cm for location awareness in indoor environments by using only the sensor nodes and wireless sensor network technology. Passive architecture used here provides the security of the user privacy while at the server the privacy was secured by providing the authentication using Geopriv approach. This information from sensor nodes is further forwarded to base station where further computation is performed to determine the current position of object.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.14 no.1
• /
• pp.35-43
• /
• 2018

MANET composed of only wireless nodes is increasingly utilized in various fields. However, it is exposed to many security vulnerabilities because it doesn't have any infrastructure and transmits data by using multi-hop method. Therefore, MANET should be applied the intrusion detection technique that can detect efficiently malicious nodes and decrease impacts of various attacks. In this paper, we propose a distributed intrusion detection technique that can detect the various attacks while improving the efficiency of attack detection and reducing the false positive rate. The proposed technique uses the cluster structure to manage the information in the center and monitor the traffic of their neighbor nodes directly in all nodes. We use three parameters for attack detection. We also applied an efficient authentication technique using only key exchange without the help of CA in order to provide integrity when exchanging information between cluster heads. This makes it possible to free the forgery of information about trust information of the nodes and attack nodes. The superiority of the proposed technique can be confirmed through comparative experiments with existing intrusion detection techniques.