• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.16 no.6
• /
• pp.73-80
• /
• 2006

Recently, Sun et el. proposed a three-party authenticated key exchange protocol using the public key of the server and the derived verifier from the Password of a user. This paper proposes a password-based three-party authenticated key exchange protocol using smartcards. Since the proposed protocol has very low computation cost by using XOR and hash function operation instead of the public key operation, and reduces the count of message transmission to 20% compared with the protocol of Sun et el., it can execute an effective authenticated key exchange. Furthermore, the proposed protocol is safe from password guessing attack by not saving passwords in the server, and it is also safe from server compromise attack because the server cannot know the shared session key between the two users.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.15 no.12
• /
• pp.4508-4530
• /
• 2021

Today distributed data storage service are being widely used. However lack of proper means of security makes the user data vulnerable. In this work, we propose a Randomized Block Size (RBS) model for secure data storage in distributed environments. The model work with multifold block sizes encrypted with the Chinese Remainder Theorem-based RSA (C-RSA) technique for end-to-end security of multimedia data. The proposed RBS model has a key generation phase (KGP) for constructing asymmetric keys, and a rand generation phase (RGP) for applying optimal asymmetric encryption padding (OAEP) to the original message. The experimental results obtained with text and image files show that the post encryption file size is not much affected, and data is efficiently encrypted while storing at the distributed storage server (DSS). The parameters such as ciphertext size, encryption time, and throughput have been considered for performance evaluation, whereas statistical analysis like similarity measurement, correlation coefficient, histogram, and entropy analysis uses to check image pixels deviation. The number of pixels change rate (NPCR) and unified averaged changed intensity (UACI) were used to check the strength of the proposed encryption technique. The proposed model is robust with high resilience against eavesdropping, insider attack, and chosen-plaintext attack.

• Journal of the Korea Computer Industry Society
• /
• v.2 no.11
• /
• pp.1383-1394
• /
• 2001

Through the extension of damages caused by hacking and computer virus, although security control has been emphasized, hackers' capability exceeded the security controllability. The basic security setup of server system will be free from the damages by primary and intermediate level which are the major group. It should be noted that security condition of most middle-sized and personal systems is widely open for hacker's intrusion. There is no perfect information system either software-wise or hardware-wise. It has to be recognized that our systems will be attacked easily by the hackers and computer virus. Computer users are demanded to be prepared for these types of surprise attacks. In this paper, I will propose a formation of Bastion server. This will protect risks from inside & outside intrusion which have been known till today.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.9 no.12
• /
• pp.4987-5014
• /
• 2015

The bilinear pairing, also known as Weil pairing or Tate pairing, is widely used in cryptography and its properties help to construct cryptographic schemes for different applications in which the security of the transmitted data is a major concern. In remote login authentication schemes, there are two major requirements: i) proving the identity of a user and the server for legitimacy without exposing their private keys and ii) freedom for a user to choose and change his password (private key) efficiently. Most of the existing methods based on the bilinear property have some security breaches due to the lack of features and the design issues. In this paper, we develop a new scheme using the bilinear property of an elliptic point and the biometric characteristics. Our method provides many features along with three major goals. a) Checking the correctness of the password before sending the authentication message, which prevents the wastage of communication cost; b) Efficient password change phase in which the user is asked to give a new password after checking the correctness of the current password without involving the server; c) User anonymity - enforcing the suitability of our scheme for applications in which a user does not want to disclose his identity. We use BAN logic to ensure the mutual authentication and session key agreement properties. The paper provides informal security analysis to illustrate that our scheme resists all the security attacks. Furthermore, we use the AVISPA tool for formal security verification of our scheme.

• Journal of Korea Multimedia Society
• /
• v.25 no.10
• /
• pp.1416-1432
• /
• 2022

The access control system is a system that allows users to selectively enter the building by granting an access key to the user for security. Access keys with weak security are easily exposed to attackers and cannot properly perform the role that authenticates users. Access code keys should be protected from forgery or spoofing. For this reason, access key verification service models is important in security. However, most models manage all access keys on one central server. This method not only interrupts all services due to server errors, but also risks forgery and spoofing in the process of transmitting access keys. Therefore, blockchain algorithms are used to reduce this risk. This paper proposes a blockchain-based access key verification service model that used distributed stored blockchain gateways on storing access keys and authenticates the user's identity based on them. To evaluate the performance of this model, an experiment was conducted to confirm the performance of the access key forgery recovery rate and the blockchain network performance. As a result, the proposed method is 100% forgery recovery rate, and the registration and verification process is evaluated at 387.58 TPS and 136.66 TPS.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2012.05a
• /
• pp.456-460
• /
• 2012

Privacy Protection Act of 30 March 2012 was performed. In general, personal information management to enhance security in the DB server has a security system but, PC for the protection of the privacy and security vulnerability analysis is needed to research on self-diagnosis. In this paper, from a PC to search information relating to privacy and enhance security by encrypting and for delete file delete recovery impossible. In pc found vulnerability analysis is Check user accounts, Checking shared folders ,Services firewall check, Screen savers, Automatic patch update Is checked. After the analysis and quantification of the vulnerability checks through the expression, enhanced security by creating a checklist for the show, PC security management, server management by semi-hwahayeo activates. In this paper the PC privacy and PC security enhancements a economic damage and of the and Will contribute to reduce complaints.

• Proceedings of the KIEE Conference
• /
• 1998.07c
• /
• pp.1173-1175
• /
• 1998

This paper presented the development plan of voltage security on-line monitoring system (VSECOMs). VSECOMs consists of voltage security monitoring system and data management system. VSECOMs has the function of bus voltage watch. voltage stability analysis, and voltage security assessment. EMS data on-line acquisition, PSS/E file conversion, and overall data management. VSECOMs is designed with client/server structure. We will seek stable operation of KEPCO's power system by installation of VSECOMs in EMS of KEPCO.

• Journal of Korea Multimedia Society
• /
• v.15 no.8
• /
• pp.1048-1058
• /
• 2012

This paper proposes the DDMPF(Distributed Data Management Protocol using FAT) which prevents data loss and keeps the security of self-organized storages by comprising a client, a storage server, and a verification server in clouding environment. The DDMPF builds a self-organized storage server, solves data loss by decentralizing the partitioned data in it in contrast to the centralized problem and the data loss caused by the storage server problems of existing clouding storages, and improves the efficiency of distributed data management with FAT(File Allocation Table). And, the DDMPF improves the reliability of data by a verification server's verifying the data integrity of a storage server, and strengthens the security in double encryption with a client's private key and the system's master key using EC-DH algorithm. Additionally, the DDMPF limits the number of verification servers and detects the flooding attack by setting the TS(Time Stamp) for a verification request message and the replay attack by using the nonce value generated newly, whenever the verification is requested.

• Journal of the Korea Society for Simulation
• /
• v.24 no.4
• /
• pp.153-161
• /
• 2015

We propose a privacy-preserving location-based service (LBS) which supports top-k search service. The previous schemes hurt the privacy of either the user and the location of the objects because they are sent to the LBS server in a plaintext form. In the proposed method, by encrypting them with the fully-homomorphic encryption, we achieved the top-k search is possible while the information on them is not given to the LBS server. We performed a simulation on the proposed scheme with 16 locations where k is 3. The required time is 270 hours in a conventional desktop machine, which seems infeasible to be used in practice. However, as the progress of the hardware, the performance will be improved.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.9 no.2
• /
• pp.25-36
• /
• 1999

In this paper we propose a one-time password mechanism that solves the problems of the S/KEY: the limitation of a usage and the need of storage for keys. because of using a cryptographic algorithm the proposed mechanism has no the limitation of a usage. Also because of producing the key for an authentication from a user's password it is easy to manage the authentication key and is possible to share the session key between a client and a server after the authentication process. In addition the proposed mechanism is easy to protect and manage the authentication information because of using a smart card and is adopted by the system that needs a noe-way authentication from a client to a server without the challenge of a server.