• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.42 no.2 s.332
• /
• pp.33-38
• /
• 2005

In this paper, we propose a password-based authenticated key exchange protocol which authenticates each other and shares a session key using only a small memorable password between a client and a server over an insecure channel. The proposed protocol allows an authenticated client to freely change a his/her own password. The protocol is also secure against various attacks and provides the perfect forward secrecy. Furthermore, it has good efficiency compared with the previously well-known password-based protocols with the same security requirements.

• Journal of KIISE:Information Networking
• /
• v.31 no.3
• /
• pp.252-258
• /
• 2004

In this paper, we propose a new authenticated key exchange protocol in which client and sever can mutually authenticate and establish a session key over an insecure channel using only a human memorable password. The proposed protocol is based on Diffie-Hellman scheme and has many of desirable security attributes: It resists off-line dictionary attacks mounted by either Passive or active adversaries over network, allowing low-entropy Passwords to be used safely. It also offers perfect forward secrecy, which protects past sessions when passwords are compromised. In particular, the advantage of our scheme is that it is secure against an impersonation attack, even if a server's password file is exposed to an adversary. The proposed scheme here shows that it has better performance when compared to the previous notable password-based key exchange methods.

• Journal of the Optical Society of Korea
• /
• v.17 no.5
• /
• pp.362-370
• /
• 2013

In this paper, we propose a novel optical implementation of a 3DES algorithm based on dual XOR logic operations for a cryptographic system. In the schematic architecture, the optical 3DES system consists of dual XOR logic operations, where XOR logic operation is implemented by using a free-space interconnected optical logic gate method. The main point in the proposed 3DES method is to make a higher secure cryptosystem, which is acquired by encrypting an individual private key separately, and this encrypted private key is used to decrypt the plain text from the cipher text. Schematically, the proposed optical configuration of this cryptosystem can be used for the decryption process as well. The major advantage of this optical method is that vast 2-D data can be processed in parallel very quickly regardless of data size. The proposed scheme can be applied to watermark authentication and can also be applied to the OTP encryption if every different private key is created and used for encryption only once. When a security key has data of $512{\times}256$ pixels in size, our proposed method performs 2,048 DES blocks or 1,024 3DES blocks cipher in this paper. Besides, because the key length is equal to $512{\times}256$ bits, $2^{512{\times}256}$ attempts are required to find the correct key. Numerical simulations show the results to be carried out encryption and decryption successfully with the proposed 3DES algorithm.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.13 no.4
• /
• pp.903-910
• /
• 2018

The necessary rehabilitation training for patients with disability currently does not match the actual amount of training conducted, which requires interest in rehabilitation treatment, continued investment and infrastructure for rehabilitation contents, while the most common forms of rehabilitation treatment comprises of art, music, and play treatments. In this paper, we provide a game-style rehabilitation program including audio and visual elements through motion detection process on the patient and design a digital game rehabilitation program that allows different level of management for various categories of disabled people.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2007.11a
• /
• pp.1210-1213
• /
• 2007

WiBro는 무선랜과 3G 이동통신의 장점을 결합한 휴대 인터넷 기술로 최근 국내에서 상용화 되었다. WiBro의 장점인 이동성과 고속 무선 통신에 기인하여, 향후 지속적인 발전이 기대된다. 이러한 WiBro의 확산에 따라 개인 사용자에 대한 보안문제가 최근 크게 부각되고 있다. 현재 Wibro는 3G 이동통신 및 무선랜과 효율적인 연동을 위해 EAP-AKA 인증기법을 사용하고 있다. 하지만 EAP-AKA는 단말이 기지국을 인증하지 못하는 치명적인 취약점이 있다. 따라서 공격자는 임의로 rogue BS를 설치할 수 있고, 정상 사용자의 데이터를 이종 네트워크로 보내는 Redirection Attack을 시도할 수 있다. Redirection Attack은 전송 속도 저하, Denial-of-Service (DoS) 을 초래하며, 데이터가 redirection 되는 이종 네트워크에 따라 암호화된 데이터가 노출될 수 있다. 본 논문에서는 EAP-AKA와 Redirection Attack에 대해 분석하고, 그 해결책을 제시한다. 논문은 1) 프로토콜을 일부 수정하여 공격을 막는 방법과 2) traffic 분석을 통한 공격 탐지 방식을 다루고 있으며, 이러한 두 가지 방법을 통해 Redirection Attack에 대한 취약점을 근본적으로 제거할 수 있다.

• Journal of Korea Multimedia Society
• /
• v.25 no.2
• /
• pp.221-236
• /
• 2022

BLE protocol prevents MITM attacks with user interaction through some input/output devices such as keyboard or display. Therefore, If it use a device which has no input/output facility, it can be vulnerable to MITM attack. If messages to be sent to a control device is forged by MITM attack, the device can be abnormally operated by malicious attack from attacker. Therefore, we describes a scenario which has the vulnerabilities of the BLE network in this paper and propose countermeasure method against MITM attacks integrity violations. Its mechanism provides data confidentiality and integrity with MD5 and security key distribution of Diffie Helman's method. In order to verify the effectiveness of the countermeasure method proposed in this paper, we have conducted the experiments. ​As experiments, the message was sent 200 times and all of them successfully detected whether there was MITM attack or not. In addition, it took at most about 4.2ms delay time with proposed countermeasure method between devices even attacking was going on. It is expected that more secure data transmission can be achieved between IoT devices on a BLE network through the method proposed.

• The KIPS Transactions:PartC
• /
• v.10C no.2
• /
• pp.133-140
• /
• 2003

IKE, which is the standard key management protocol for IPSEC, is said to have several known problems. To resolve the problems of the IKE, two protocol proposals are being discussed in the IETF. the IKE version 2 and Just Fast Keying protocols. They should satisfy several protocol design requirements such as the protocol simplicity, the endurability against DOS attacks, the degree of the PFS, the identity protection, the cryptographic negotiation, and the authentication methods. In this paper, we summarize the characteristics of these two protocols and try to analyze their implications according to the protocol design requirements.

• Journal of Advanced Navigation Technology
• /
• v.16 no.2
• /
• pp.375-385
• /
• 2012

The fingerprint is the identity authentication method which is representative uses biometrics. Compared with password methods there is a feature where the dangerousness of embezzling or lossing is few. With like these features using the fingerprint in OTP creations. In this paper, we introduce the developed prototype of OTP system using fingerprint. And the overcome method of OTP system's demerit using fingerprint which extracts few minutiae points into a whole fingerprint image is proposed. A few minutiae points wasn't generated many encryption key for OTP session. The proposed method is overlaid the same fingerprint simply and added many minutiae points as biased overlaid fingerprints. Hence the security of OTP using fingerprint and the randomness over password-guessing are strengthened.

• The Journal of the Korea Contents Association
• /
• v.13 no.4
• /
• pp.17-22
• /
• 2013

Impersonation attack, based on vulnerable security of SIP, facilitate a intruder to take malicious actions such as toll fraud and session hijacking. This paper suggests a new technique for a countermeasure. When receiving a register request message, registrar checks whether the value of Form header or the value of Call-ID header is stored in location server or not. If the record containing either of them are stored and periodically updated, we regard that message as impersonation attack and discard it. Since this technique uses the information stored in server instead of adding encryption mechanism for user authentication, it can easily build securer SIP environment.

• Journal of KIISE:Computer Systems and Theory
• /
• v.31 no.11
• /
• pp.617-625
• /
• 2004

We propose an efficient stream authentication scheme that is an improvement of PCC scheme by using information dispersal algorithm. The drawback of PCC scheme is that received packets for each group are verifiable only if the signature packet of the group is successfully received. The proposed scheme processes the signature packet by introducing some amount of redundancy and splitting the result into pieces, which are then transmitted. The receiver is able to reconstruct the signature packet if the number of the received pieces is larger than the threshold. It is shown that under the same communication overhead verification probability of the proposed scheme is higher than that of SAIDA. Moreover, its computational cost is lower than that of SAIDA.