• Journal of KIISE
• /
• v.42 no.9
• /
• pp.1175-1184
• /
• 2015

Recently, there has been an explosive increase in the volume of multimedia data that is available as a result of the development of multimedia technologies. More and more data is becoming available on a variety of web sites, and it has become increasingly cost prohibitive to have a single data server store and process multimedia files locally. Therefore, many service providers have been likely to outsource data to cloud storage to reduce costs. Such behavior raises one serious concern: how can data users be authenticated in a secure and efficient way? The most widely used password-based authentication methods suffer from numerous disadvantages in terms of security. Multi-factor authentication protocols based on a variety of communication channels, such as SMS, biometric, or hardware tokens, may improve security but inevitably reduce usability. To this end, we present a data block-based authentication scheme that is secure and guarantees usability in such a manner where users do nothing more than enter a password. In addition, the proposed scheme can be effectively used to revoke user rights. To the best of our knowledge, our scheme is the first data block-based authentication scheme for outsourced data that is proven to be secure without degradation in usability. An experiment was conducted using the Amazon EC2 cloud service, and the results show that the proposed scheme guarantees a nearly constant time for user authentication.

• Smart Media Journal
• /
• v.8 no.3
• /
• pp.23-30
• /
• 2019

With the popularization of the Internet and smartphone uses, people in the modern era are living in a multi-channel environment in which they access the information system freely through various methods and media. In the process of utilizing such services, users must authenticate themselves, the typical of which is ID & password authentication. It is considered the most convenient method as it can be authenticated only through the keyboard after remembering its own credentials. On the other hand, modern web services only allow passwords to be set with high complexity by different combinations. Passwords consisting of these complex strings also increase proportionally, since the more services users want to use, the more user authentication information they need to remember is recommended periodically to prevent personal information leakage. It is difficult for the blind, the disabled, or the elderly to remember the authentication information of users with such high entropy values and to use it through keyboard input. Therefore, this paper proposes a user authentication method using Google Assistant, MFCC and DTW algorithms and speaker authentication to provide the handicapped users with an easy user authentication method in the login process.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.14 no.3
• /
• pp.13-25
• /
• 2004

The key exchange protocols are very crucial tools to provide the secure communication in the broadband satellite access network. They should be required to satisfy various requirements such as security, key confirmation, and key freshness. In this paper, we present the guideline of security functions in BSAN(Broadband Satellite Access Network), and analyze the specification of the security primitives and the hey exchange Protocols for the authenticated key agreement between RCST(Return Channel Satellite Terminal) and NCC(fretwork Control Centre). In addition, we propose the security specification for a domestic broad satellite network based on the analysis on the analysis profile of ETSI(European Telecommunications Standards Institute) standards. The key exchange protocols proposed in ETSI standard are vulnerable to man-in-the-middle attack and they don't provide key confirmation. To overcome this shortcoming, we propose the 4 types of the key exchange protocols which have the resistant to man-in-the-middle-attack, key freshness, and key confirmation, These proposed protocols can be used as a key exchange protocol between RCST and NCC in domestic BSAN. These proposed protocols are based on DH key exchange protocol, MTI(Matsumoto, Takashima, Imai) key exchange protocol, and ECDH(Elliptic Curve Diffie-Hellman).

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.20 no.2
• /
• pp.43-55
• /
• 2010

${\mu}TESLA$ broadcast authentication protocol have been developed by many researchers for providing authenticated broadcasting message between receiver and sender in sensor networks. Those cause authentication delay Tree-based ${\mu}TESLA$[3] solves the problem of authentication delay. But, it has new problems from Merkel hash tree certificate structure. Such as an increase in quantity of data transmission and computation according to the number of sender or parameter of ${\mu}TESLA$ chain. ${\mu}TPCT$-based ${\mu}TESLA$[4] has an advantages, such as a fixed computation cost by altered Low-level Merkel has tree to hash chain. However, it only use the sequential values of Hash chain to authenticate ${\mu}TESLA$ parameters. So, It can't ensure the success of authentication in lossy sensor network. This paper is to propose the improved method for Tree-based ${\mu}TESLA$ by using XOR-based chain. The proposed scheme provide advantages such as a fixed computation cost with ${\mu}$TPCT-based ${\mu}TESLA$ and a message loss-tolerant with Tree-based ${\mu}TESLA$.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.19 no.6
• /
• pp.23-35
• /
• 2009

Password-Authenticated Key Exchange (PAKE) Protocol is a useful tool for secure communication conducted over open networks without sharing a common secret key or assuming the existence of the public key infrastructure (PKI). It seems difficult to design efficient PAKE protocols using RSA, and thus many PAKE protocols are designed based on the Diffie-Hellman key exchange (DH-PAKE). Therefore it is important to design an efficient PAKE based on RSA function since the function is suitable for designing a PAKE protocol for imbalanced communication environment. In this paper, we propose a computationally-efficient key exchange protocol based on the RSA function that is suitable for low-power devices in imbalanced environment. Our protocol is more efficient than previous RSA-PAKE protocols, required theoretical computation and experiment time in the same environment. Our protocol can provide that it is more 84% efficiency key exchange than secure and the most efficient RSA-PAKE protocol CEPEK. We can improve the performance of our protocol by computing some costly operations in offline step. We prove the security of our protocol under firmly formalized security model in the random oracle model.

• Journal of Convergence for Information Technology
• /
• v.12 no.4
• /
• pp.103-110
• /
• 2022

Online transactions are more familiar in various fields due to the development of the ICT and the increase in trading platforms. In particular, the amount of transactions is increasing due to the increase in used transaction platforms and users, and reliability is very important due to the nature of used transactions. Among them, the used car market is very active because automobiles are operated over a long period of time. However, used car transactions are a representative market to which information asymmetry is applied. In this paper presents a DID-based transaction model that guarantees reliability to solve problems with false advertisements and false sales in used car transactions. In the used car transaction model, sellers only register data issued by the issuing agency to prevent false sales at the time of initial sales registration. It is authenticated with DID Auth in the issuance process, it is safe from attacks such as sniping and middleman attacks. In the presented transaction model, integrity is verified with VP's Proof item to increase reliability and solve information asymmetry. Also, through direct transactions between buyers and sellers, there is no third-party intervention, which has the effect of reducing fees.

• CELLMED
• /
• v.11 no.4
• /
• pp.21.1-21.9
• /
• 2021

Background: Unani System of Medicine (USM) has its origin to Greece. To ensure and develop the quality, authenticity of Unani drugs, standardization on modern analytical parameter is essential requirement for drugs. Objectives: The aimed of the present study was to develop a standard profile of "Qurṣ-e-Mafasil" by systematic study through authenticated ingredients, pharmacognostic identification followed by physicochemical, TLC, HPTLC fingerprinting analysis as per standard protocol. Material and Methods: In this study three batches of "Qurṣ-e-Mafasil" QM were prepared by standard method as per UPI had been followed by organoleptic properties of formulation such as appearance, color, odor, taste. Powder Microscopy and physicochemical studies were carried out such as Uniformity of weight, Friability, Disintegration time, hardness, LOD, ash vales and extractive values in like aqueous, alcohol & hexane. Further qualitative tests such as Thin-Layer Chromatography (TLC), and High-Performance Thin Layer Chromatography (HPTLC) studies were also carried out to develop fingerprint pattern of the alcoholic solvent extract of QM. Phytochemical screening was carried out in different solvent extracts such as alcoholic, aqueous and chloroform extracts to detect the presence phytoconstituents in the formulation QM. Heavy metals, Microbial Load Contamination and pesticidal residues were also determined. Results: Qurṣ-e-Mafasil showed tablet-like appearance, light brown colour, mild pungent odour and acrid taste. Uniformity of weight (mg), friability (rpm), and hardness (kg/cm) and disintegration time was ranged between (500 to 503), (0.0340 to 0.038), (8.40 to 8.67) and (4-5 minutes) respectively for the three batches. Loss in weight on drying at 105℃ was ranged between (8.3425 to 8.7346). Extracted values were calculated in distilled water ranged between (30.9091 to 31.4358), hexane (1.1419 to 1.4281), and alcohol (3.3352 to 3.3962). The ash values recorded were ranged between (3.7336 to 3.8378), and acid insoluble ash (0.5859 to 0.6112).

• Journal of Intelligence and Information Systems
• /
• v.12 no.1
• /
• pp.17-31
• /
• 2006

In this paper, passport recognition and face verification methods which can automatically recognize passport codes and discriminate forgery passports to improve efficiency and systematic control of immigration management are proposed. Adjusting the slant is very important for recognition of characters and face verification since slanted passport images can bring various unwanted effects to the recognition of individual codes and faces. Therefore, after smearing the passport image, the longest extracted string of characters is selected. The angle adjustment can be conducted by using the slant of the straight and horizontal line that connects the center of thickness between left and right parts of the string. Extracting passport codes is done by Sobel operator, horizontal smearing, and 8-neighborhood contour tracking algorithm. The string of codes can be transformed into binary format by applying repeating binary method to the area of the extracted passport code strings. The string codes are restored by applying CDM mask to the binary string area and individual codes are extracted by 8-neighborhood contour tracking algerian. The proposed RBF network is applied to the middle layer of RBF network by using the fuzzy logic connection operator and proposing the enhanced fuzzy ART algorithm that dynamically controls the vigilance parameter. The face is authenticated by measuring the similarity between the feature vector of the facial image from the passport and feature vector of the facial image from the database that is constructed with PCA algorithm. After several tests using a forged passport and the passport with slanted images, the proposed method was proven to be effective in recognizing passport codes and verifying facial images.

• Journal of Intelligence and Information Systems
• /
• v.24 no.2
• /
• pp.21-35
• /
• 2018

Since the introduction of MP3 players, CD recordings have gradually been vanishing, and the music consuming environment of music users is shifting to mobile devices. The introduction of smart devices has increased the utilization of music through music playback, mass storage, and search functions that are integrated into smartphones and tablets. At the time of initial MP3 player supply, the bitrate of the compressed music contents generally was 128 Kbps. However, as increasing of the demand for high quality music, sound quality of 384 Kbps appeared. Recently, music content of FLAC (Free License Audio Codec) format using lossless compression method is becoming popular. The download service of many music sites in Korea has classified by unlimited download with technical protection and limited download without technical protection. Digital Rights Management (DRM) technology is used as a technical protection measure for unlimited download, but it can only be used with authenticated devices that have DRM installed. Even if music purchased by the user, it cannot be used by other devices. On the contrary, in the case of music that is limited in quantity but not technically protected, there is no way to enforce anyone who distributes it, and in the case of high quality music such as FLAC, the loss is greater. In this paper, the author proposes an audio watermarking technology for copyright protection of high quality stereo music. Two kinds of information, "Copyright" and "Copy_free", are generated by using the turbo code. The two watermarks are composed of 9 bytes (72 bits). If turbo code is applied for error correction, the amount of information to be inserted as 222 bits increases. The 222-bit watermark was expanded to 1024 bits to be robust against additional errors and finally used as a watermark to insert into stereo music. Turbo code is a way to recover raw data if the damaged amount is less than 15% even if part of the code is damaged due to attack of watermarked content. It can be extended to 1024 bits or it can find 222 bits from some damaged contents by increasing the probability, the watermark itself has made it more resistant to attack. The proposed algorithm uses quantization in DCT so that watermark can be detected efficiently and SNR can be improved when stereo music is converted into mono. As a result, on average SNR exceeded 40dB, resulting in sound quality improvements of over 10dB over traditional quantization methods. This is a very significant result because it means relatively 10 times improvement in sound quality. In addition, the sample length required for extracting the watermark can be extracted sufficiently if the length is shorter than 1 second, and the watermark can be completely extracted from music samples of less than one second in all of the MP3 compression having a bit rate of 128 Kbps. The conventional quantization method can extract the watermark with a length of only 1/10 compared to the case where the sampling of the 10-second length largely fails to extract the watermark. In this study, since the length of the watermark embedded into music is 72 bits, it provides sufficient capacity to embed necessary information for music. It is enough bits to identify the music distributed all over the world. 272 can identify $4*10^{21}$, so it can be used as an identifier and it can be used for copyright protection of high quality music service. The proposed algorithm can be used not only for high quality audio but also for development of watermarking algorithm in multimedia such as UHD (Ultra High Definition) TV and high-resolution image. In addition, with the development of digital devices, users are demanding high quality music in the music industry, and artificial intelligence assistant is coming along with high quality music and streaming service. The results of this study can be used to protect the rights of copyright holders in these industries.

• Journal of Arbitration Studies
• /
• v.17 no.3
• /
• pp.3-30
• /
• 2007

The New York Convention(formally called "United Nations Convention on the Recognition and Enforcement of Foreign Arbitral Awards") done in New York on June 10, 1958 has been adhered to by more than 140 States at the time of this writing, including almost all important trading nations from the Capitalist and Socialist World as well as many developing countries. The Convention can be considered as the most important Convention in the field of arbitration and as the cornerstone of current international commercial arbitration. Korea has acceded to the New York Convention since 1973. When acceding to the Convention, Korea declared that it will apply the Convention to the recognition and enforcement of awards made only in the territory of another Contracting State on the basis of reciprocity. Also, Korea declared that it will apply the Convention only to differences arising out of legal relationships, whether contractual or not, which are considered as commercial under the national law of Korea. The provisions relating to the enforcement of arbitral awards falling under the New York Convention begin at Article III. The Article III contains the general obligation for the Contracting States to recognize Convention awards as binding and to enforce them in accordance with their rules of procedure. The Convention requires a minimum of conditions to be fulfilled by the party seeking enforcement. According to Article IV(1), that party has only to supply (1) the duly authenticated original award or a duly certified copy thereof, and (2) the original arbitration agreement or a duly certified copy thereof. In fulfilling these conditions, the party seeking enforcement produces prima facie evidence entitling it to obtain enforcement of the award. It is then up to the other party to prove that enforcement should not be granted on the basis of the grounds for refusal of enforcement enumerated in the subsequent Article V(1). Grounds for refusal of enforcement are stipulated in Article V is divided into two parts. Firstly, listed in the first Para. of Article V are the grounds for refusal of enforcement which are to be asserted and proven by the respondent. Secondly, listed in Para. 2 of Article V, are the grounds on which a court may refuse enforcement on its own motion. These grounds are non-arbitrability of the subject matter and violation of the public policy of the enforcement country. The three main features of the grounds for refusal of enforcement of an award under Article V, which are almost unanimously affirmed by the courts, are the following. Firstly, The grounds for refusal of enforcement mentioned in Article V are exhaustive. No other grounds can be invoked. Secondly, and this feature follows from the first one, the court before which enforcement of the award is sought may not review the merits of the award because a mistake in fact or law by the arbitrators is not included in the list of grounds for refusal of enforcement set forth in Article V. Thirdly, the party against whom enforcement is sought has the burden of proving the existence of one or more of the grounds for refusal of enforcement. The grounds for refusal of enforcement by a court on its own motion, listed in the second Para. of Article V, are non-arbitrability of the subject matter and public policy of the enforcement country. From the court decisions reported so far at home and abroad, it appears that courts accept a violation of public policy in extreme cases only, and frequently justify their decision by distinguishing between domestic and international public policy. The Dec. 31, 1999 amendment to the Arbitration Act of Korea admits the basis for enforcement of foreign arbitral awards rendered under the New York Convention. In Korea, a holder of a foreign arbitral award is obliged to request from the court a judgment ordering enforcement of the award.