• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.5 no.1
• /
• pp.37-50
• /
• 1995

The smart card with the cryptography and VLSI technologies makes it possible to implement the electronic cash easily. A number of electronic each schemes have been proposed by many cryptographic researchers. In this paper, we propose a practical electronic cash system, using blind digital signature scheme. Schnorr's authentication scheme based on the discrete logarithm problem, and the hierarchical cash tree based on two one-way hash functions for dividable payment. Thisf electronic cash scheme has such properties as privacy of the payment, off-line payment, non-reuseability of cash, transferability of cash to another customer, and dividable payment of cash. This electronic cash protocol is well suited for implementing in smart card.

• Convergence Security Journal
• /
• v.20 no.5
• /
• pp.33-39
• /
• 2020

In MANET consisting of only mobile nodes, all nodes serve as routes. However, the dynamic topology due to frequent movement of nodes degrades routing performance and is also cause of many security vulnerabilities. Therefore, security must be applied to routing techniques that can influence the performance of MANET. In this paper, we propose a technique for efficiently responding to various routing attacks and safe data transmission through application of zone-key based security routing techniques. A zone-based network structure was used, and a management node that manages member nodes in each zone was used in the proposed technique. In addition, the damage from the attacking node was minimized by issuing a key to each node and applying this to a routing technique. The zone management node issues a key for encryption routing information and manages the issuance information. A member node that wants to transmit data encrypts routing in formation using a key issued from the zone management node, and then performs path discovery using this. The improved performance of the proposed technique was confirmed through a comparative experiment with the CBSR and ARNA technique, excellent performance was confirmed through experiments.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2011.04a
• /
• pp.871-874
• /
• 2011

The fast emerging of network technology and the high demand of computing resources have prompted many organizations to outsource their storage and computing needs. Cloud based storage services such as Microsoft's Azure and Amazon's S3 allow customers to store and retrieve any amount of data, at anytime from anywhere via internet. The scalable and dynamic of the cloud storage services help their customer to reduce IT administration and maintenance costs. No doubt, cloud based storage services brought a lot of benefits to its customer by significantly reducing cost through optimization increased operating and economic efficiencies. However without appropriate security and privacy solution in place, it could become major issues to the organization. As data get produced, transferred and stored at off premise and multi tenant cloud based storage, it becomes vulnerable to unauthorized disclosure and unauthorized modification. An attacker able to change or modify data while data inflight or when data is stored on disk, so it is very important to secure data during its entire life-cycle. The traditional cryptography primitives for the purpose of data security protection cannot be directly adopted due to user's lose control of data under off premises cloud server. Secondly cloud based storage is not just a third party data warehouse, the data stored in cloud are frequently update by the users and lastly cloud computing is running in a simultaneous, cooperated and distributed manner. In our proposed mechanism we protect the integrity, authentication and confidentiality of cloud based data with the encrypt- then-upload concept. We modified and applied proxy re-encryption protocol in our proposed scheme. The whole process does not reveal the clear data to any third party including the cloud provider at any stage, this helps to make sure only the authorized user who own corresponding token able to access the data as well as preventing data from being shared without any permission from data owner. Besides, preventing the cloud storage providers from unauthorized access and making illegal authorization to access the data, our scheme also protect the data integrity by using hash function.

• Asia-pacific Journal of Multimedia Services Convergent with Art, Humanities, and Sociology
• /
• v.6 no.2
• /
• pp.81-88
• /
• 2016

Machine-to-Machine (M2M) communication provides each component (machine) with access to Internet, evolving into the IoT technology. IoT is a trend where numbers of devices provide the communication service, using the Internet protocol. As spreading the concept of IoT(Internet of Things), various objects become home information sources. According to the wide spread of various devices, it is difficult to access data on the devices with unified manners. Under this environment, security is a critical element to create various types of application and service. In this paper propose the inter-device authentication and Centralized Remote Security Provisioning framework in Open M2M environment. The results of previous studies in this task is carried out by protecting it with the latest information on M2M / IoT and designed to provide the ultimate goal of future M2M / IoT optimized platform that can be integrated M2M / IoT service security and security model presents the information.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2021.05a
• /
• pp.649-651
• /
• 2021

In recent years, O2O services for real estate sales are widely distributed in web platforms and apps. This allows sellers, buyers, and real estate brokers to quickly and conveniently conduct real estate sales and charter contracts. However, in the O2O-based real estate sales information system, it wastes time and money for real estate buyers due to the posting of fake information, partial correction of the sales information, and intentional non-posting of the sales information. Therefore, we propose a method of detecting the false or not of real estate property information that can occur on the web platform, and design and implement a proposal system for this. To this end, we propose a method of detecting personal identity and property information based on DID, a distributed identity authentication protocol. The false real estate sales information detection system proposed by us can determine the existence of real estate sales information, partially correct the false sales information, or prove whether or not intentionally unpublished in three steps.

• The KIPS Transactions:PartC
• /
• v.12C no.5 s.101
• /
• pp.623-632
• /
• 2005

In ad-hoc network, there is no fixed infrastructure such as base stations or mobile switching centers. The security of ad-hoc network is more vulnerable than traditional networks because of the basic characteristics of ad-hoc network, and current muting protocols for ad-hoc networks allow many different types of attacks by malicious nodes. Malicious nodes can disrupt the correct functioning of a routing protocol by modifying routing information, by fabricating false routing information and by impersonating other nodes. We propose a routing suity mechanism based on one-time digital signature. In our proposal, we use one-time digital signatures based on one-way hash functions in order to limit or prevent attacks of malicious nodes. For the purpose of generating and keeping a large number of public key sets, we derive multiple sets of the keys from hash chains by repeated hashing of the public key elements in the first set. After that, each node publishes its own public keys, broadcasts routing message including one-time digital signature during route discovery and route setup. This mechanism provides authentication and message integrity and prevents attacks from malicious nodes. Simulation results indicate that our mechanism increases the routing overhead in a highly mobile environment, but provides great security in the route discovery process and increases the network efficiency.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.14 no.11
• /
• pp.2442-2450
• /
• 2010

Using sensor devices applied to various objects will be needed wireless network that it is easy to install in them. Tiny devices configured to processor that bas comparatively low computing ability are inappropriate to use devices that are wireless LAN, etc. In result, network devices needed to not only have simple communication protocol, but have Plug and Play function that it works as soon as it connects without installing any device driver. it also will industrially have both low power and low cost because of mobility of it. From IEEE 802.11 standard, WPAN(Wireless Personal Area Network) included in LAN is being developed by WPAN WG(Working Group) on area with low power consumption and low complexity. In addition to, it is standardizing MAC and PRY of the standard that is expected to wirelessly communicate within 10m. WPAN will be used generally in the more near future because of both low power and low cost of Zigbee. In this paper we designed zigbee based user authentication module for a automotive smart-key system.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.29 no.11B
• /
• pp.920-929
• /
• 2004

Nowadays, wireless packet data services are provided over cdma2000 1x/1xEV-DO mobile communication network and Portable Internet are being standardized for users demanding higher data rate services. Portable Internet can provide high data rate services, but its service coverage is relatively small. If Portable Internet may be integrated with cdma2000 mobile networks, users are able to choose the best service according to service areas and get seamless services while they are moving around. At the same time, it is cost-effective for operators to construct and maintain the integrated network. For the purpose of effectively integrating Portable Internet into cdma2000 networks, we propose an integration scheme including network architecture, protocol architecture, functions in network elements, interfaces between them, and call-flow procedures. The integration scheme proposed in this paper adopts a tightly-coupled architecture for unified authentication/accounting and seamless services. In addition, the scheme can be implemented without modifying the existing cdma2000 mobile communication networks. It is also simple to develop the dual-mode mobile station. Through the simulation results based on the performance model for handoffs between cdma2000 and Portable Internet, it has teen validated that the proposed scheme diminishes packet losses compared with the loosely-coupled architecture.

• The Journal of Korea Institute of Information, Electronics, and Communication Technology
• /
• v.11 no.4
• /
• pp.436-444
• /
• 2018

Currently, the new substation automation uses the international standard IEC 61850 communication protocol. KEPCO is also constructing a new substation based on IEC 61850 from 2013 through the pilot application and research and development starting from 2007. However, there are few cases where existing substations(Transformer, T/L GIS, D/L GIS, etc.) have been used, and RTU based substations operating systems have been changed to SA substations based on IEC 61850. Therefore, the introduction of IEC 61850 in existing substation facilities has the advantage of enhancing the substantiality of the substation by reusing existing facilities, improving the interoperability with the latest substations introduced, and converting existing substations into systems suitable for unmanned operation. In this paper, we introduce a case of changing the existing RTU based substation operation system to digital substation using IEC 61850 field information processor, Ethernet switch and SA operation system. Also, IEC 61850 client authentication program and Wireshark, which is a packet analysis tool, verify IEC 61850 conformance and its feasibility.

• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.48 no.11
• /
• pp.35-43
• /
• 2011

In this paper, we propose a novel architecture for seamless mobility management to provide users with seamless Internet connection when users roam between diverse wireless local area networks (WLANS) controlled by different management entities. There have been many researches in IETF, i.e., MIPv6, HMIPv6, and PMIPv6, to provide the mobility management. However, practically since wireless access points or access routers, which are managed by an individual manager or ISP managers, have different authentication scheme and the supported mobility management, the previous mobility management protocol developed by IETF can not guarantee the quality of service of application services as the mobile node performs the handover. To solve this drawback, we propose the mobility management scheme to provide QoS-guaranteed Internet services during the handover by configurating the wireless networks which is defined by users. More specifically, we present a model, the architecture and an algorithm for user-defined network (UDN) to provide the seamless Internet service. Finally, the performance of the proposed algorithm is evaluated by the network simulation tool.