• The Journal of the Korea Contents Association
• /
• v.16 no.8
• /
• pp.90-96
• /
• 2016

The 3390 million people, around 83% of the adult population in Korea use smartphone. Although the safety problem of the certificate has been occurred continuously, most of these users use the certificate. These safety issues as a solution to 'The owner of a mobile phone using SMS authentication technology', 'Biometric authentication', etc are being proposed. but, a secure and reliable authentication scheme has not been proposed for replace the certificate yet. and there are many attacks to steal the certificate and private key. For these reasons, security experts recommend to store the certificate and private key on usb flash drive, security tokens, smartphone. but smartphones are easily infected malware, an attacker can steal certificate and private key by malicious code. If an attacker snatchs the certificate, the private key file, and the password for the private key password, he can always act as valid user. In this paper, we proposed a safe way to keep the private key on smartphone using smartphone's unique information and user password. If an attacker knows the user password, the certificate and the private key, he can not know the smart phone's unique information, so it is impossible to use the encrypted private key. Therefore smartphone user use IT service safely.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2016.10a
• /
• pp.880-881
• /
• 2016

디지털액자가 고전적 액자의 향취를 주며 또한 사진을 바꿀 수 있는 기능도 제공하지만 아직 새 흐름이 되는 못했다. 그 이유는 비싼 가격과 사진을 전송하기가 불편하기 때문이다. 우리는 디지털 액자로 사진 전송을 쉽게 하고, 거기에 더하여 위젯과 보안 기능을 추가하는 연구를 하였다. 사진 전송을 위하여 AWS(Amazon Web Service) 서버를 사용하는데 AWS 서버는 언제 어디서나 원할 때면 사진을 WiFi로 전송할 수 있게 한다. 이는 현재 사용하는 USB나 SD 카드를 이용하여 디지털 사진을 전송하는 것보다 훨씬 편리하다. 우리의 디지털 액자를 사용하면 다른 사람과 사진 교환이 쉽고 따라서 가족, 친구, 동료 사이의 친밀감도 쉽게 높일 수 있다.

• Journal of Advanced Navigation Technology
• /
• v.15 no.3
• /
• pp.378-385
• /
• 2011

This paper introduces technical aspects of the privacy exposure problem of the video and the audio information on the personal computer and proposes a countermeasure to them. According to the increased number of peripherals for computers, especially including the cameras and the mikes, it is required to be careful on the privacy exposure. Currently, some incorporated or standalone cameras have a pilot lamp to indicate their usage. However, many other cameras and all mikes have not equipped with the pilot lamp or other dedicated indicator. Even though this problem doesn't obstruct their assigned functionalities, it should make the devices susceptible to be exposed with the information they are gathering without any notice to the owners. As a countermeasure to the problem, this paper proposes a reasonable solution that alarms the access trials to the devices and implements programs for the practical sniffing and its counterpart.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.5
• /
• pp.93-101
• /
• 2008

Side channel attacks are well known as one of the most powerful physical attacks against low-power cryptographic devices and do not take into account of the target's theoretical security. As an important succeeding factor in side channel attacks (specifically in DPAs), exact time-axis alignment methods are used to overcome misalignments caused by trigger jittering, noise and even some countermeasures intentionally applied to defend against side channel attacks such as random clock generation. However, the currently existing alignment methods consider only on the position of signals on time-axis, which is ineffective for certain countermeasures based on time-axis misalignments. This paper proposes a new signal alignment method based on interpolation and decimation techniques. Our proposal can align the size as well as the signals' position on time-axis. The validity of our proposed method is then evaluated experimentally with a smart card chip, and the results demonstrated that the proposed method is more efficient than the existing alignment methods.

• The Journal of the Korea Contents Association
• /
• v.17 no.6
• /
• pp.32-38
• /
• 2017

Despite the opinion that certificate is useless, half of the population in Korea (approx. 35 million) get an certificate, and use it for internet banking, internet shopping, stock trading, and so on. Most users store their certificates on a usb memory or smartphone, and certificates or passwords stored on such storage media can be easily attacked and used to disguise as legitimate users. Due to these security problem of certificate, a various authentication technologies has been proposed such as smartphone owner authentication using SMS, and a personal authentication using biometric authentication. However, a safe technique is not presented yet without user password, and certificate. In this paper, I proposed a method to secure certificate/private key without a user password using a combination of USIM card and smartphone's information. Even if a hacker gets the user password, the certificate, and the private key, he can not use the certificate. User do not need to remember complex password which is a combination of alphabetic / numeric / special characters, and use his certificate safely.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.42 no.1
• /
• pp.233-240
• /
• 2017

Due to a recent rise in use of a wireless keyboard and mouse, attacks which take user's input information or control user's computer remotely exploiting the physical vulnerability in the wireless communication have been reported. Especially, MouseJack, announced by Bastille Network, attacks 2.4 GHz wireless keyboards and mice through exploiting vulnerability of each manufacturer's receiver. Unlike other attacks that have been revealed, this allows to attack AES wireless keyboards. Nonetheless, there is only a brief overview of the attack but no detailed information on this attacking method. Therefore, in this paper we will analyze the Microsoft 2.4 GHz wireless mouse packet and propose a way to set the packet configuration for HID packet injection simulating a wireless mouse. We also develop a system with 2.4 GHz AES wireless keyboard HID packet injection using the proposed packet and demonstrate via experiment that HID packet injection is possible through the system we built.