• The Journal of The Korea Institute of Intelligent Transport Systems
• /
• v.3 no.1 s.4
• /
• pp.45-52
• /
• 2004

There are many cities installing ITS(Intelligent Transportation Systems) and running TMC(Trafnc Management Center) to improve mobility and safety of roadway transportation by providing roadway information to drivers. There are many devices in ITS which collect real-time traffic data. We can obtain many valuable traffic data from the devices. But it's impossible to avoid missing traffic data for many reasons such as roadway condition, adversary weather, communication shutdown and problems of the devices itself. We couldn't do any secondary process such as travel time forecasting and other transportation related research due to the missing data. If we use the traffic data to produce AADT and DHV, essential data in roadway planning and design, We might get skewed data that could make big loss. Therefore, He study have explored some imputation techniques such as heuristic methods, regression model, EM algorithm and time-series analysis for the missing traffic volume data using some evaluating indices such as MAPE, RMSE, and Inequality coefficient. We could get the best result from time-series model generating 5.0$\%$, 0.03 and 110 as MAPE, Inequality coefficient and RMSE, respectively. Other techniques produce a little different results, but the results were very encouraging.

• Journal of KIISE:Information Networking
• /
• v.36 no.1
• /
• pp.12-23
• /
• 2009

Sensor networks deployed in battlefields to support military operations or deployed in natural habitats to monitor the rare wildlifes must take account of protection of the location of valuable assets(i.e., soldiers or wildlifes) from an adversary or malicious tracing as well as the security of messages in transit. In this paper we propose a routing protocol GSLP(GPSR-based Source-Location Privacy) that is capable of enhancing the location privacy of an active source node(i.e., message-originating node) in the presence of multiple dormant sources(i.e., nodes lying nearby an asset whose location needs to be secured). Extended is a simple, yet scalable, routing scheme GPSR(greedy perimeter stateless routing) to select randomly a next-hop node with a certain probability for randomizing paths and to perform perimeter routing for detouring dormant sources so that the privacy strength of the active source, defined as safety period, keeps enhanced. The simulation results obtained by increasing the number of dormant sources up to 1.0% of the total number of nodes show that GSLP yields increased and nearly invariant safety periods, while those of PR-SP(Phantom Routing, Single Path), a notable existing protocol for source-location privacy, rapidly drop off as the number of dormant sources increases. It turns out that delivery latencies of GSLP are roughly less than two-fold of the shortest path length between the active source and the destination.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.2
• /
• pp.179-187
• /
• 2020

The FBC(Fixed-Base Comb) is a method to efficiently operate scalar multiplication, a core operation for signature generations of the ECDSA(Elliptic Curve Digital Signature Algorithm), utilizing precomputed lookup tables. Since the FBC refers to the table depending on the secret information and the values of the table are publicly known, an adversary can perform HCA(Horizontal Correlation Analysis), one of the single trace side channel attacks, to reveal the secret. However, HCA is a statistical analysis that requires a sufficient number of unit operation traces extracted from one scalar multiplication trace for a successful attack. In the case of the scalar multiplication for signature generations of ECDSA, the number of unit operation traces available for HCA is significantly fewer than the case of the RSA exponentiation, possibly resulting in an unsuccessful attack. In this paper, we propose an improved HCA on lookup table based scalar multiplication algorithms such as FBC. The proposed attack improves HCA by increasing the number of unit operation traces by determining such traces for the same intermediate value through collision analysis. The performance of the proposed attack increases as more secure elliptic curve parameters are used.

• Journal of the Institute of Electronics Engineers of Korea SD
• /
• v.46 no.11
• /
• pp.8-15
• /
• 2009

Side-channel attacks including the differential power analysis attack are often more powerful than classical cryptanalysis and have to be seriously considered by cryptographic algorithm's implementers. Various countermeasures have been proposed against such attacks. In this paper, we deal with the masking method, which is known to be a very effective countermeasure against the differential power analysis attack and propose new gate-level conversion methods between Boolean and arithmetic masks. The new methods require only 6n-5 XOR and 2n-2 AND gates with 3n-2 gate delay for converting n-bit masks. The basic idea of the proposed methods is that the carry and the sum bits in the ripple adder are manipulated in a way that the adversary cannot detect the relation between these bits and the original raw data. Since the proposed methods use only bitwise operations, they are especially useful for DPA-securely implementing cryptographic algorithms in hardware which use both Boolean and arithmetic operations. For example, we applied them to securely implement the block encryption algorithm SEED in hardware and present its detailed implementation result.

• Journal of the Institute of Electronics Engineers of Korea SP
• /
• v.47 no.5
• /
• pp.183-191
• /
• 2010

Unique and invariant biometric characteristics have been used for secure user authentication. Storing original biometric data is not acceptable due to privacy and security concerns of biometric technology. In order to enhance the security of the biometric data, the cancelable biometrics was introduced. Using revocable and non-invertible transformation, the cancelable biometrics can provide a way of more secure biometric authentication. In this paper, we present a new cancelable bits extraction method for the facial data. For the feature extraction, the Subpattern-based Principle Component Analysis (PCA) is adopted. The Subpattern-based PCA divides a whole image into a set of partitioned subpatterns and extracts principle components from each subpattern area. The feature extracted by using Subpattern-based PCA is discretized with a helper data based method. The elements of the obtained bits are evaluated and ordered according to a measure based on the fisher criterion. Finally, the most discriminative bits are chosen as the biometric bits string and used for authentication of each identity. Even if the generated bits string is compromised, new bits string can be generated simply by changing the helper data. Because, the helper data utilizes partial information of the feature, the proposed method does not reveal privacy sensitive biometric information of the user. For a security evaluation of the proposed method, a scenario in which the helper is compromised by an adversary is also considered.

• Journal of the Institute of Electronics Engineers of Korea SP
• /
• v.47 no.1
• /
• pp.83-90
• /
• 2010

Cancelable biometrics is a robust and secure biometric recognition method using revocable biometric template in order to prevent possible compromisation of the original biometric data. In this paper, we present a new cancelable bits extraction method for the facial data. We use our previous cancelable feature template for the bits extraction. The adopted cancelable template is generated from two different original face feature vectors extracted from two different appearance-based approaches. Each element of feature vectors is re-ordered, and the scrambled features are added. With the added feature, biometric bits string is extracted using helper data based method. In this technique, helper data is generated using statistical property of the added feature vector, which can be easily replaced with straightforward revocation. Because, the helper data only utilizes partial information of the added feature, our proposed method is a more secure method than our previous one. The proposed method utilizes the helper data to reduce feature variance within the same individual and increase the distinctiveness of bit strings of different individuals for good recognition performance. For a security evaluation of our proposed method, a scenario in which the system is compromised by an adversary is also considered. In our experiments, we analyze the proposed method with respect to performance and security using the extended YALEB face database

• Journal of the Korea Society of Computer and Information
• /
• v.17 no.5
• /
• pp.59-70
• /
• 2012

RSA-CRT is one of the commonly used techniques to speedup RSA operation. Since RSA-CRT performs its operations based on the modulus of two private primes, it is about four times faster than RSA. In RSA, the two primes are normally thrown away after generating the public key pair. However, in RSA-CRT, the two primes are directly used in RSA operations. This led to hardware fault attacks which can be used to factor the public modulus. The most common way to counter these attacks is based on error propagation. In these schemes, all the outputs of RSA are affected by the infected error which makes it difficult for an adversary to use the output to factor the public modulus. However, the error propagation has sequentialized the RSA operation. Moreover, these schemes have been found to be still vulnerable to hardware fault attacks. In this paper, we propose two new RSA-CRT schemes which are both resistant to hardware fault attack and support parallel execution: one uses common modulus and the other one perform operations in each prime modulus. Both proposed schemes takes about a time equal to two exponentiations to complete the RSA operation if parallel execution is fully used and can protect the two private primes from hardware fault attacks.

• Journal of the Korean Institute of Intelligent Systems
• /
• v.23 no.6
• /
• pp.558-564
• /
• 2013

Wireless sensor networks (WSNs) contain limited energy resources and are left in open environments. Since these sensor nodes are self-operated, attacks such as sinkhole attacks are possible as they can be compromised by an adversary. The sinkhole attack may cause to change initially constructed routing paths, and capture of significant information at the compromised node. A localized encryption and authentication protocol (LEAP) has been proposed to authenticate packets and node states by using four types of keys against the sinkhole attack. Even though this novel approach can securely transmits the packets to a base station, the packets are forwarded along the constructed paths without checking the next hop node states. In this paper, we propose the next hop node selection method to cater this problem. Our proposed method evaluates the next hop node considering three factors (i.e., remaining energy level, number of shared keys, and number of filtered false packets). When the suitability criterion for next hop node selection is satisfied against a fix threshold value, the packet is forwarded to the next hop node. We aim to enhance energy efficiency and a detour of attacked areas to be effectively selected Experimental results demonstrate validity of the proposed method with up to 6% energy saving against the sinkhole attack as compared to the LEAP.

• Journal of Broadcast Engineering
• /
• v.13 no.1
• /
• pp.53-61
• /
• 2008

Public Key Broadcast Encryption (PKBE) allows a sender to distribute a message to a changing set of users over an insecure channel. PKBE schemes should be able to dynamically exclude (i.e., revoke) a certain subset of users from decrypting a ciphertext, so that only remaining users can decrypt the ciphertext. Another important requirement is for the scheme to be forward-secrecy. A forward-secure PKBE (fs-PKBE) enables each user to update his private key periodically. This updated private key prevents an adversary from obtain the private key for certain past period, which property is particularly needed for pay-TV systems. In this paper, we present a fs-PKBE scheme where both ciphertexts and private keys are of $O(\sqrt{n})$ size. Our PKBE construction is based on Boneh-Boyen-Goh's hierarchical identity-based encryption scheme. To provide the forward-secrecy with our PKBE scheme, we again use the delegation mechanism for lower level identities, introduced in the BBG scheme. We prove chosen ciphertext security of the proposed scheme under the Bilinear Diffie-Hellman Exponent assumption without random oracles.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.1
• /
• pp.145-153
• /
• 2018

SSL (Secure Socket Layer) and TLS (Transport Layer Security) are widely used protocols for secure and encrypted communication over a computer network. However, there have been reported several security vulnerabilities of SSL/TLS over the years. The vulnerabilities can let an adversary carry out critical attacks on SSL/TLS enabled servers. In this paper, we have developed a system which can periodically scan SSL/TLS vulnerabilities on internal network servers and quickly detects, reports and visualizes the vulnerabilities. We have evaluated the system on working servers of Naver services and analyzed detected vulnerabilities. 816 vulnerabilities are found on 213 internal server domains (4.2 vulnerabilities on average) and most vulnerable servers are not opened to public. However, 46 server domains have old vulnerabilites which were found 2016. We could patch and response to SSL/TLS vulnerabilites of servers by leveraging the proposed system.