• Journal of the Korea Convergence Society
• /
• v.8 no.2
• /
• pp.9-14
• /
• 2017

A fingerprint is unique to each person and can be represented as a digital form. As the fingerprint is the part of human body, fingerprint recognition is much more easy to use and secure rather than using password or resident card for user authentication. In addition, as the newly released smart phones have built-in camera and fingerprint sensors, the demand for biometric authentication is increasing rapidly. But, the drawback is that the fingerprint can be counterfeited easily and if it's exposed to the hacker, it cannot be reused. Thus, the original fingerprint template should be transformed for registration and authentication purposes. Existing transformation functions use passcode to transform the original template to the cancelable form. Additional module is needed to input the passcode, so it requires more cost and lowers the usability. In this paper, we propose biometric authentication scheme that is economic and easy to use. The proposed scheme is consisted of cancelable biometric template creation, registration and user authentication protocols, and can control several security levels by configuring the number of fingerprints and scan times. We also analyzed that our scheme is secure against the brute-force attack and the active attacks.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.5 no.10
• /
• pp.1783-1798
• /
• 2011

Recently, a cryptographic construct, called fuzzy vault, has been proposed for crypto-biometric systems, and some implementations for fingerprint have been reported to protect the stored fingerprint template by hiding the fingerprint features. In this paper, we implement the fuzzy fingerprint vault, combining fingerprint verification and fuzzy vault scheme to protect fingerprint templates. To implement the fuzzy fingerprint vault as a complete system, we have to consider several practical issues such as automatic fingerprint alignment, verification accuracy, execution time, error correcting code, etc. In addition, to protect the fuzzy fingerprint vault from the correlation attack, we propose an approach to insert chaffs in a structured way such that distinguishing the fingerprint minutiae and the chaff points obtained from two applications is computationally hard. Based on the experimental results, we confirm that the proposed approach provides higher security than inserting chaffs randomly without a significant degradation of the verification accuracy, and our implementation can be used for real applications.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2009.11a
• /
• pp.645-646
• /
• 2009

지문 템플릿(Fingerprint Template)을 보호하기 위해 암호학적 기법인 퍼지볼트(Fuzzy Vault)가 적용되었다. 퍼지볼트 기법은 지문으로 부터 추출되는 특징점을 은닉하기 위하여 지문 템플릿에 다수의 거짓 특징점을 "임의"로 삽입하는 방법이다. 그러나 최근 이러한 지문 퍼지볼트를 효과적으로 크래킹 할 수 있는 상관공격(Correlation Attack)에 관한 연구가 발표되었는데, 이것은 동일한 지문으로 부터 생성되는 두 개의 지문 템플릿을 획득함으로써 진짜와 거짓 특징점을 쉽게 구별하는 방법이다. 본 논문에서는 상관공격에 강인도록 지문 퍼지볼트를 생성하는 방법을 제안한다. 제안한 방법은 특징점의 각도 정보를 이용하여 거짓선분(Chaff Line)을 생성한 후 "규칙적"으로 거짓특징점을 삽입함으로써, 두 개 지문 템플릿을 획득하더라도 동일한 지문에 대해 삽입된 거짓 특징점의 위치와 각도가 유사하기 때문에 진짜와 거짓 특징점을 구별하기 어려워 상관공격을 피할 수 있다. 실험을 통하여 거짓 특징점을 규칙적으로 저장하는 방법을 적용함으로써 기존 방법의 인식 성능을 유지하면서, 상관 공격에 강인함을 확인하였다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.3
• /
• pp.27-35
• /
• 2011

Design of Sensor nodes in Wireless Sensor Network(WSN) should be considered some properties as electricity consumption, transmission speed, range, etc., and also be needed the protection against various attacks (e.g., eavesdropping, hacking, leakage of customer's secret data, and denial of services). The stream cipher Rabbit, selected for the final eSTREAM portfolio organized by EU ECRYPT and selected as algorithm in part of ISO/IEC 18033-4 Stream Ciphers on ISO Security Standardization recently, is a high speed stream cipher suitable for WSN. Since the stream cipher Rabbit was evaluated the complexity of side-channel analysis attack as 'Medium' in a theoretical approach, thus the method of power analysis attack to the stream cipher Rabbit and the verification of our method by practical experiments were described in this paper. We implemented the stream cipher Rabbit without countermeasures of power analysis attack on IEEE 802.15.4/ZigBee board with 8-bit RISC AVR microprocessor ATmega128L chip, and performed the experiments of power analysis based on difference of means and template using a Hamming weight model.

• Bulletin of the Korean Chemical Society
• /
• v.33 no.3
• /
• pp.775-778
• /
• 2012

The potential energy surfaces of ammonia molecule adsorptions on the symmetrically chlorinated Si(100)-$2{\times}1$ surface were explored with SIMOMM:MP2/6-31G(d). It was found that the initial nucleophilic attack by ammonia nitrogen to the surface Si forms a $S_N2$ type transition state, which eventually leads to an HCl molecular desorption. The second ammonia molecule adsorption requires much less reaction barrier, which can be rationalized by the surface cooperative effect. In general, it was shown that the surface Si-Cl bonds can be easily subjected to the substitution reactions by ammonia molecules yielding symmetric surface Si-$NH_2$ bonds, which can be a good initial template for subsequent surface chemical modifications. The ammonia adsorptions are in general more facile than the corresponding water adsorption, since ammonia is better nucleophile.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.11 no.9
• /
• pp.3548-3557
• /
• 2010

Security enhancement technologies are required to preventing phishing and pharming attacks on Internet banking. One-time password(OTP) should be used with certificate for enhancing user authentication and security performance. However, existing OTP technique is weak on MITM(Man-In-The-Middle) attack and synchnonization should be provided on OTP system. Therefore, more advanced mechanism such as combining biometic data with OTP can be suggested to enhancing security on authentication system. In this paper, we designed and implemented a multifactor authentication system using one-time biometric template to generate unique authentication data after adapting biometric transform on each user's biometric data.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.4
• /
• pp.527-536
• /
• 2020

It has been found that an attacker can extract the secret key embedded in a security device and recover the operation instruction using power consumption traces which are some kind of side channel information. Many profiling-based side channel attacks based on a deep learning model such as MLP(Multi-Layer Perceptron) method are recently researched. In this paper, we implemented a disassembler for operation instruction set used in the micro-controller AVR XMEGA128-D4. After measuring the template traces on each instruction, we automatically made the pre-processing process and classified the operation instruction set using a deep learning model CNN. As an experimental result, we showed that all instructions are classified with 87.5% accuracy and some core instructions used frequently in device operation are with 99.6% respectively.

• Strategy21
• /
• s.41
• /
• pp.52-84
• /
• 2017

After finishing Cold War, the U.S. Navy's ability to Sea control has been gradually eroded last 15-20 years. The global security environment demands that the surface Navy rededicate itself to sea control, as a new group of potential adversaries is working to deny U.S. navy command of the sea. China has been increasing their sea denial capability, such as extended anti-surface cruise missile and anti-surface ballistic missile. To cope with this situation, the U.S. Naval Surface Forces Command has announced Surface Forces Strategy: Return to Sea Control. It is a new operating and organizing concept for the U.S. surface fleet called 'distributed lethality'. Under distributed lethality, offensive weapons such as new ASCMs are to be distributed more widely across all types of Navy surface ships, and new operational concept for Navy surface fleet's capability for attacking enemy ships and make it less possible for an enemy to cripple the U.S. fleet by concentrating its attack on a few very high-value Navy surface ships. By increasing the lethality of the surface ships and distributing them across wide areas, the Navy forces potential adversaries to not only consider the threat from our carrier-based aircraft and submarines, but they now consider the threat form all of those surface ships. This idea of using the distributed lethality template to generate surface action groups and adaptive force package and to start thinking about to increase the lethal efficacy of these ships. The U.S. Navy believes distributed lethality increases the Navy's sea control capability and expands U.S. conventional deterrence. Funding new weapons and renovated operating concept to field a more lethal and distributed force will enable us to establish sea control, even in contested area. The U.S. Navy's Surface Forces Strategy provides some useful implications for The ROK Navy. First the ROK Navy need to reconsider sea control mission. securing sea control and exploiting sea control are in a close connection. However, recently the ROK Navy only focuses on exploiting sea control, for instance land attack mission. the ROK Navy is required to reinvigorate sea control mission, such as anti-surface warfare and anti-air warfare. Second, the ROK Navy must seek the way to improve its warfighting capability. It can be achieved by developing high-edge weapons and designing renewed operating concept and embraced new weapon's extended capabilities.