• Journal of Digital Convergence
• /
• v.10 no.2
• /
• pp.161-169
• /
• 2012

It requires a lot of costs and manpower to manage the election system. The electronic voting scheme is needed to make the election system to be economic and fair. Especially, wide spread use of smart phones and wireless networks makes the mobile voting is of major concern. In mobile voting scheme, a smart phone user can vote regardless of the places. In this paper, the mobile voting scheme is proposed where candidates can guarantee fairness of the election system. We analyze mobile voting requirements and create the mobile ID which has legal binding forces and PKI based digital signature keys. In the proposed scheme, a voter's ballot is signed by all candidates using undeniable multi-signature scheme. During the counting stage, the multi-signature on the ballot is not verified without help of all candidates.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2008.10a
• /
• pp.772-775
• /
• 2008

As the wireless communication technology developed, the Electric Commerce using a mobile was activated. WPKI was developed in order to guarantee the stability of the Electric Commerce but it is difficult to be ensured for the safe PKI service which is the same at the wire communication in the technical because of restriction of the mobile terminal. In this paper, we propose the authentication system for the electronic financial service which is safe and is effective in consideration of the restrictive characteristic of the mobile terminal. Moreover, the encryption algorithm for the safe electronic signature is proposed. In WPKI, this makes the cross certification of each certificate authority possible. Moreover, a stability was enhanced through the signature authentication using KCDSA and SEED algorithm.

• Proceedings of the Korea Contents Association Conference
• /
• 2008.05a
• /
• pp.473-476
• /
• 2008

Mobile network environments are the environments where mobile devices are distributed invisible in our daily lives so that we can conventionally use mobile services at any time and any place. But, Mobile devices has a many security vulnerabilities caused by lower computing of devices and security problem of wireless network. So in this paper, PKI structure is proposed to minimize encrypting and decrypting operation by compounding session key and public key on WIPI environment. Proposed secure authentication system based on korean standard cryptography algorithm will give a more firmness in mobile network and support a more secure service for mobile academic information service that KISTI future plan.

• Journal of Internet Computing and Services
• /
• v.13 no.2
• /
• pp.59-71
• /
• 2012

PKI-based public key scheme is outstanding in terms of authenticity and privacy. Nevertheless its application brings big burden due to the certificate/key management. It is difficult to apply it to limited computing devices in WSN because of its high encryption complexity. The Bilinear Pairing emerged from the original IBE to eliminate the certificate, is a future significant cryptosystem as based on the DDH(Decisional DH) algorithm which is significant in terms of computation and secure enough for authentication, as well as secure and faster. The practical EC Weil Pairing presents that its encryption algorithm is simple and it satisfies IND/NM security constraints against CCA. The Random Oracle Model based IBE PKG is appropriate to the structure of our target system with one secret file server in the operational perspective. Our work proposes modification of the Weil Pairing as proper to the closed network for secret file distribution[2]. First we proposed the improved one computing both encryption and message/user authentication as fast as O(DES) level, in which our scheme satisfies privacy, authenticity and integrity. Secondly as using the public key ID as effective as PKI, our improved IBE variant reduces the key exposure risk.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2001.11a
• /
• pp.371-374
• /
• 2001

This paper shows how Ebooks contents can be securely transferred to consumers in wireless environment using public key infrastructure (PKI). In addition, we show the proposed scheme to be secure. The final goal is to show that our scheme satisfies all secure requirements of digital contents in any environments.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2003.11c
• /
• pp.1827-1830
• /
• 2003

무선 단말기 기반 기술의 발달에 따라 많은 이용자들이 있고, 일반 PC 에서만 사용되던 기술들을 무선의 시간 공간 제약이 없는 작업환경에서 이용하고자 하는 욕구의 증가로 점차 확산되고 있다. 이에 발 맞추어 2003 년 중반 4 개 은행이 PC 에서 사용되던 인터넷 뱅킹을 무선 단말기를 이용하는 서비스로 확장 시행하였다 현재 단말기는 PPC(Pocket PC)와 Palm, 사용되는 운영체제로는 Window CE 와 Palm 을 운영체제로 하는 기기에서 서비스를 제공하고 있어, 위의 단말기를 제외한 이 기종에서 서비스 사용이 어렵다. 더 많은 사용자들의 사용을 위해서는 다양한 단말기에서의 사용이 가능하여야 하기 때문에 이 논문에서는 Linux를 OS로 하는 단말기에서의 WPKI인증 기술을 구현한다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2009.04a
• /
• pp.1500-1502
• /
• 2009

무선 메쉬 네트워크는 무선 네트워크 환경을 구성하는 방안들 중 비교적 낮은 비용으로 서비스 지역을 효율적으로 늘릴 수 있다. 그러나 무선 네트워크의 특성상 많은 보안상의 문제점이 나타나고 공격형태 또한 다양화 되고 있다. 특히 악의적인 노드에 의한 공격은 네트워크 성능을 저하시키거나 파괴시킬 수 있다. 현재 이러한 취약점을 해결하기 위해 많은 보안 메커니즘들이 나와 있지만 이 또한 완벽히 해결하지 못했다. 기존 공개키 기반 알고리즘은 인증된 노드들의 오류 동작과 인증된 노드가 악의적 해커에 의해 감염된 경우 차단할 수 없다. 본 논문에서는 이러한 무선 메쉬 네트워크에서 악의적인 노드를 차단하기 위해 기존 공개키 기반 알고리즘의 문제점을 보완한 메쉬 라우터 인증 기법을 제안한다.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.15 no.6
• /
• pp.3865-3871
• /
• 2014

The U-health service provides medical services with patients anytime or anywhere and is defined as the service that combines information and communication technology with health and medical service. However, it causes some troubles, such as the disclosure of patients' medical information or data spills (personal information extrusion). Moreover, it has the weak point of the security threats associated with data based on existing wire-wireless systems because it conducts data transmission and reception through the network. Therefore, this paper suggests a safe personal information management system by designing integrated certification schema that will help compensate for the weaknesses of the U-health service. In the proposal, the protocols for user information, certification between medical institution and users, data communication encryption & decryption, and user information disuse were designed by applying the ID-Based Encryption, and analyzed such existing systems and PKI Based-based communication process, securely and safely.

• Journal of KIISE:Information Networking
• /
• v.31 no.5
• /
• pp.429-437
• /
• 2004

The mobileip working group is equipped with the RR(Return Routabilit) taking the simple procedures and small amount of cryptographic operations by considering the processing capability of the mobile node however it dose not provide security features enough. To replace with enhanced methods, mobileip WG is making an effort to find the approved solutions include CGA(Craptographically Generated Address), IPsec(Internet Protocol Security) as well as the existing infrastructure such as AAA(Authentication, Authorization and Account) and PKI(Public Key Infrastructure). In this paper, we propose the authentication and route optimization based on AAA suitable for the requested security service for its successful story in wireless network such as 802.11 and 3GPP(3rd Generation Partnership Project) as well as wired one. We analyze the effectiveness of our scheme according to the traffic and mobility properties. The result shows the cost reduction up to 20 percent comparing with RR.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.16 no.9
• /
• pp.1983-1989
• /
• 2012

The IEEE 802.1x standard provides an architectural framework which can be used various authentication methods. But, IEEE 802.1x also has vulnerabilities about the DoS(Denial of Service), the session hijacking and the MiM(Man in the Middle) attack due to caused by structural of authentication protocol. In this paper, we propose a WLAN system which can offer safety communication by complement of IEEE 802.1x vulnerabilities. The WLAN system accomplishes mutual authentications between authentication servers, clients and the AP using PKI and prevents an illegal user from intervening in communication to disguise oneself as a client, the AP or authentication servers. Also, we guarantee the safety of the communication by the Dynamic WEP key distribution between clients and the AP.