• The Journal of the Korea institute of electronic communication sciences
• /
• v.6 no.3
• /
• pp.389-395
• /
• 2011

Since Elliptic Curve Cryptosystems(ECCs) support the same security as RSA cryptosystem and ElGamal cryptosystem with 1/6 size key, ECCs are the most efficient to smart cards, cellular phone and small-size computers restricted by high memory capacity and power of process. In this paper, we explicitly explain methods for finite fields operations used in ECC, and then construct some composite fields over finite fields which are secure under Weil's decent attack and maximize the speed of operations. Lastly, we propose a fast multiplier over our composite fields.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.2
• /
• pp.169-179
• /
• 2013

Recently, with rapid advances of mobile devices such as smart phone and wireless networking, a number of services using mobile device based wireless network have been explosively increasing. From the viewpoint of security, because wireless network is more vulnerable than wired network, strong security is required in wireless network. On the contrary, the security for mobile devices has to be efficient due to the restrictions of battery powered mobile device such as low computation, low memory space and high communication cost. Therefore, in this paper, we propose an efficient authentication scheme with mobile devices in wireless network environment. The proposed scheme satisfies security requirements for the service using mobile device and it is suitable in wireless network environment.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.4
• /
• pp.617-624
• /
• 2014

Smart phone usage has increased exponentially and open source based Android OS occupy significant market share. However, various malicious applications that use the characteristic of Android threaten users. In this paper, we construct an efficient malicious application detector by using the principle component analysis and the incremental k nearest neighbor algorithm, which consider an required permission, of Android applications. The cross validation is exploited in order to find a critical parameter of the algorithm. For the performance evaluation of our approach, we simulate a real data set of Contagio Mobile.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.3
• /
• pp.131-141
• /
• 2011

OMA(Open Mobile Alliance) is one of the most active group about DRM technology in mobile device field. OMA announced an OMA-DRM v 2.1 standardization in 2007. After then OMA announced OMA-SRM(Secure Removable Media) and SCE(Secure Contents Exchanges) that are the extension of OMA-DRM v2.1. In SCE, a user can form user domain to share contents and rights. So the user can share contents and rights with not only the the OMA-DRM v2.1 but also home devices like mobile phones, personal computers and audios. In this paper, we analyze a sharing technology of OMA-DRM and SCE, and then propose key distribution method using proxy re-encryption and smart card to use shared contents and rights.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.7 no.3
• /
• pp.85-95
• /
• 2011

Smart phones, greatly expanding in the recent mobile market, are equipped with various features compared to existing feature phones and provide the conveniences to in several ways. The camera, one of the features of a smartphone, creates the digital contents, such photos and videos, and plays a role for the media which transmits information, such as video calls and bar code reader. QR-Code recognition is also one of the camera features. It contains a variety of information in two-dimensional bar code type in matrix format, and makes it possible to obtain the information by using smart phones. This paper analyzes the method of QR-Code recognition, password method-the existing user-authentication technique, smart card, biometrics and voice recognition and so on and thenn designs a new user-authentication technique. The proposed user-authentication technique is the technique in which QR-Code, which can be simply granted is read by smart phones and transmitted to a server, for authentication. It has the advantages in view that it will simply the process of authentication and conteract the disadvantages, such as brute force attack, man-inthe-middle attack, and keyboard hacking, which may occur in other authentication techniques.

• Journal of the Korea Convergence Society
• /
• v.3 no.3
• /
• pp.7-12
• /
• 2012

mVoIP (mobile Voice over Internet Protocol) service is a technology to transmit voice data through an IP network using mobile device. mVoIP provides various supplementary services with low communication cost. It can maximize the availability and efficiency by using IP-based network resources. In addition, the users can use voice call service at any time and in any place, as long as they can access the Internet on mobile device easily. However, SIP on mobile device is exposed to IP-based attacks and threats. Observed cyber threats to SIP services include wiretapping, denial of service, and service misuse, VoIP spam which are also applicable to existing IP-based networks. These attacks are also applicable to SIP and continuously cause problems. In this study, we analysis the threat and vulnerability on mVoIP service and propose several possible attack scenarios on existing mobile VoIP devices. Based on a proposed analysis and vulnerability test mechanism, we can construct more enhanced SIP security mechanism and stable mobile VoIP service framework after eliminating its vulnerability on mobile telephony system.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.21 no.7
• /
• pp.1393-1400
• /
• 2017

As the number of smartphone users increases, vulnerability to privacy protection is increasing. This is because personal information is stored on various servers connected to the Internet and the user is authenticated using the same ID and password. Authentication methods such as OTP, FIDO, and PIN codes have been introduced to solve traditional authentication methods, but their use is limited for authentication that requires sharing with other users. In this paper, we propose the authentication method that is needed for the management of shared information such as hospitals and corporations. The proposed algorithm is an algorithm that can authenticate users in the same place in real time using smart phone IMEI, QR code, BLE, push message. We propose an authentication algorithm that can perform user authentication through mutual cooperation using a smart phone and can cancel realtime authentication. And we designed and implemented a mutual authentication system using proposed algorithm.

• Journal of Digital Convergence
• /
• v.12 no.12
• /
• pp.93-106
• /
• 2014

All of smart phone users not always make a good use of mobile shopping. The main cause is that in case of non-user of mobile shopping, potential apprehension to psychological and security weakness affects building up resistance on mobile shopping. In this paper, we designed models of innovation resistance heavily based on literature reviews and previous studies, and tried to find how perceived risk affects consumer's purchase intention in mobile shopping process. In conclusion, it shows that security, one of psychological factors, affects perceived risk in all aspects, while negative influence of society and cognitive dissonance just affect social risk and delivery risk, and uncertainty also just affects performance risk. Besides, it shows that all of variables made up perceived risk affects resistance of purchase. Especially social risk turns out to be a most influential factor to purchase behavior through smart phone.

• Convergence Security Journal
• /
• v.15 no.2
• /
• pp.11-17
• /
• 2015

According to NIA (National Information Society Agency) report, digital divide is a vicious circle which makes quality interval of human's life between people who have information and relatively not. Especially in a smart phone society, there is a big problem between disabled people and normal people. This paper suggests a braille keyboard system for the blind to solve these problems. It is designed for portable use, convenience and quick text typing based on bluetooth communication technique. In text input test, all texts (Korean, English, number) were accurately expressed and typing speed was about 22 [c/m](characters per a minute). Especially, we design text2voice function to provide more accurate key input system. Popular applications such as call, alarm, message, kakao talk, internet, music, were performed without carring problems using the proposed braille keyboard system. The proposed technique is thought to contribute to eliminating the digital divide through the expansion of smartphone users.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2013.10a
• /
• pp.141-145
• /
• 2013

Damage is increasing by (Smishing) hacking attack Smishing you use a smart phone after entering 2013. Takeover of personal information and direct financial damage in collaboration with graphics sewing machine hacking attack has occurred. Monetary damage that leads to Internet payment service (ISP) and secure payment system in conjunction with graphics sewing machine hacking attack on a smartphone has occurred. In this paper, I will study analysis in the laboratory examples of actual infringement vinegar sewing machine hacking attack. It is a major power security measures to prevent damage to the secure payment system that a case analysis and practical principle technical nest sewing machine hacking attack, using Smishing. In this paper, I will be to research to be able to through a smart phone, to the online payment safer and more convenient.