• Journal of the Korean Institute of Intelligent Systems
• /
• v.14 no.3
• /
• pp.279-284
• /
• 2004

Fingerprints have been widely used in the biometric authentication because of its performance, uniqueness and universality. Recently, the speed of identification becomes a very important point in the fingerprint-based security applications. Also, the reliability still remains the main issue in the fingerprint identification. In this paper, we propose the fast and reliable fingerprint matching algorithm based on the process of the 'self-nonself' discrimination in the biological immune system. The proposed algorithm is organized by two-matching stage. The 1st matching stage does the matching process by the use of the 'self-space' and MHC detector string set that are generated from the minutiae and the values of the directional field. Then the 2nd matching stage is made based on the local-structure of the minutiae. The proposed two matching stage reduces matching time while the reliability of the matching algorithm is maintained.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.5
• /
• pp.1259-1267
• /
• 2016

With the growing use of fingerprint authentication systems in recent years, the fake fingerprint detection is becoming more and more important. This paper mainly proposes a method for fake fingerprint detection based on CNN, it will visualize the distinctive part of detected fingerprint which provides a deeper insight in CNN model. After the preprocessing part using fingerprint segmentation, the pretrained CNN model is used for detecting the liveness detection. Not only a liveness detection but also feature analysis about the live fingerprint and fake fingerprint are provided after classifying which materials are used for making the fake fingerprint. Our system is evaluated on three databases in LivDet2013, which compromise almost 6500 live fingerprint images and 6000 fake fingerprint images in total. The proposed method achieves 3.1% ACE value about the liveness detection and achieves 79.58% accuracy on LiveDet2013.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2017.10a
• /
• pp.170-172
• /
• 2017

Due to the technological advances in modern society, the distinction between mask and authenticity is becoming very difficult. to solve these problems, this paper describes a high-level improvement of the image processing technique of the code authentication system which discriminates the good and the bad by using the color information and the dot information. Labels were given to each genuine article and the article, which can not be distinguished from each other. In the proposed method, image matching of labels is performed using the opencv library, and genuine and good products are discriminated by using the halftone dots and w dot dots of each label. In this paper, the proposed method stores genuine and good labels on the server and compares them with the user's labels to determine genuine products.

• KIPS Transactions on Computer and Communication Systems
• /
• v.6 no.8
• /
• pp.329-342
• /
• 2017

Recently, interest and investment in the Internet of Things (IoT) have increased significantly, and security issues are constantly being raised. As a solution, the IETF ACE Working Group is establishing the ACE framework standard, which is a new security framework for various constrained IoT environments based on the existing OAuth 2.0. However, additional work is required to apply the ACE framework, which proposes a new lightweight security system, to the existing Internet environment, and this additional cost is a factor that hinders the application of OAuth 2.0 to the IOT environment. Therefore, we propose an IoT authentication framework based on OAuth 2.0's existing development motivation, and implement a proposal framework based on CoAPthon and analyze its performance.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.14 no.2
• /
• pp.303-308
• /
• 2019

Spring framework is widely used as a base technology for e-government frameworks and to the extent it is a standard for web service development tools of Korean public institutions. However, recently, a remote code execution vulnerability(CVE-2018-1270) was found in an application using a spring framework. This paper proposes a method of analyzing the vulnerability experiment using a hacking scenario, Proof Of Concept(POC), in which the spring framework is a hazard to the server. We propose the patch to version 4.3.16 and version 5.0.5 or later as an ultimate response. It is also expected that the proposed experiment analysis on vulnerability of hacking scenario will be used as a data for improving performance of security programs and establishing a new authentication system.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.13 no.3
• /
• pp.1502-1522
• /
• 2019

Leakage of secret keys may be the most devastating problem in public key cryptosystems because it means that all security guarantees are missing. The forward security mechanism allows users to update secret keys frequently without updating public keys. Meanwhile, it ensures that an attacker is unable to derive a user's secret keys for any past time, even if it compromises the user's current secret key. Therefore, it offers an effective cryptographic approach to address the private key leakage problem. As an extension of the forward security mechanism in certificate-based public key cryptography, forward-secure certificate-based signature (FS-CBS) has many appealing merits, such as no key escrow, no secure channel and implicit authentication. Until now, there is only one FS-CBS scheme that does not employ the random oracles. Unfortunately, our cryptanalysis indicates that the scheme is subject to the security vulnerability due to the existential forgery attack from the malicious CA. Our attack demonstrates that a CA can destroy its existential unforgeability by implanting trapdoors in system parameters without knowing the target user's secret key. Therefore, it is fair to say that to design a FS-CBS scheme secure against malicious CAs without lying random oracles is still an unsolved issue. To address this problem, we put forward an enhanced FS-CBS scheme without random oracles. Our FS-CBS scheme not only fixes the security weakness in the original scheme, but also significantly optimizes the scheme efficiency. In the standard model, we formally prove its security under the complexity assumption of the square computational Diffie-Hellman problem. In addition, the comparison with the original FS-CBS scheme shows that our scheme offers stronger security guarantee and enjoys better performance.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.23 no.8
• /
• pp.1018-1023
• /
• 2019

Since 2010, vehicle black boxes have become popular with many people, if there is no record of the vehicle accident scene, or if the offender deliberately deletes the image data, the victim succeeds. The biggest advantage of blockchain is that it is impossible to modify and delete data by data distribution storage. The biggest disadvantage is that sensitive data is also distributed. In this paper, we propose a blockchain method for the black box by using the advantage of shared block data and we intend to solve the problem of personal information leakage which is a disadvantage of blockchain by storing sensitive information stored in a blockchain in a private server by LINK blockchain with a private server. We also attached code(Github) and demonstration video(Youtube) linking LINK blockchain with the private server in this paper.

• Journal of Digital Convergence
• /
• v.17 no.1
• /
• pp.195-201
• /
• 2019

This paper proposes a blockchain system to share Wireless Local Area Network (WLAN) that recently suffers from mutual interference among increasing devices using unlicensed bands. Blockchain technology can induce cooperation from users by incentivizing them with cryptocurrency like shown in Bitcoin example. In this paper, we describe Blockchain based access mechanism in WLAN instead of conventional authentication based access. Here, users can access any WLAN access point by paying through smart contract while they also receive payment from others. In order to support real-time transaction, we apply proof-of-authority that is realized by Byzantine fault tolerant protocol instead of well-known proof-of-work that requires huge computing power and delay.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.4
• /
• pp.167-174
• /
• 2008

As both a digital camera and a digital camcorder are popularized in recent years, UCC created by general users is also popularized. Unfortunately, according to that, the lack of privacy is also increasing more and more. The UCC is saved on the recordable media(Media) like DVD and deposited personally as well as distributed through Internet portal service. If you use Internet portal service to put up your contents, you can partially prevent the violation of privacy using security technologies such as authentication and illegal copy protection offered by internet portal service providers. Media also has technologies to control illegal copy. However, it is difficult to protect your privacy if your Media having personal contents is stolen or lost. Therefore, it is necessary to develope an additional security mechanism to guarantee privacy protection when you use Media. In this paper, we describe AACS framework for Media Security and propose improved AACS framework to control the access to personal contents saved on Media.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.4
• /
• pp.103-109
• /
• 2008

Many Internet application provide the PKI(public key infrastructure)-based service to provide authentication and message integrity. Several researchers proposed PKI-based p2p network framework. However, in the real world, the use of PKI is not suitable for peer to peer network, because the peer-to-peer network is an open and dynamic network. Moreover, currently there is no nation-to-nation interoperable certificate. In this paper, we designed reliable p2p file sharing application without public key infrastructure. To do this we propose reliable public key distribution mechanism to distribute public key safely without PKI infrastructure for two-tier super-peer architecture. In our system, each peer generates and distributes its public/private key pairs, and the public key is securely distributed without PKI. The proposed mechanism is safe against MITM attack. This mechanism can be applied various P2P applications such as file sharing, IPTV, distributed resource sharing and so on