• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.8 no.12
• /
• pp.4643-4660
• /
• 2014

Integrity authentication of biometric data in Wireless Body Area Network (WBAN) is a critical issue because the sensitive data transmitted over broadcast wireless channels could be attacked easily. However, traditional cryptograph-based integrity authentication schemes are not suitable for WBAN as they consume much computational resource on the sensor nodes with limited memory, computational capability and power. To address this problem, a novel lightweight integrity authentication scheme based on reversible watermark is proposed for WBAN and implemented on a TinyOS-based WBAN test bed in this paper. In the proposed scheme, the data is divided into groups with a fixed size to improve grouping efficiency; the histogram shifting technique is adopted to avoid possible underflow or overflow; local maps are generated to restore the shifted data; and the watermarks are generated and embedded in a chaining way for integrity authentication. Our analytic and experimental results demonstrate that the integrity of biometric data can be reliably authenticated with low cost, and the data can be entirely recovered for healthcare applications by using our proposed scheme.

• Journal of Broadcast Engineering
• /
• v.18 no.4
• /
• pp.515-524
• /
• 2013

In this paper, we propose a novel face authentication method based on LBP matching of individual major blocks in mobile environment. In order to construct individual major blocks from photos, we find the blocks that have the highest similarity and use different numbers of blocks depending on the probability distribution by applying threshold. And, we use multi-radius LBP histograms in the determination of individual major blocks to improve performance of generic LBP histogram based approach. By using the multi-radius LBP histograms in face authentication, we can successfully reduce the false acceptance rate compare to the previous methods. Also, we can see that the proposed method shows low error rate about 7.72% compare to the pervious method in spite of use small number of blocks about 44.59% only.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.12 no.5
• /
• pp.863-869
• /
• 2008

In this paper, a system with sensor network security mechanism which can be applied to home network structure is designed and it is implemented on a virtual network of a home network middleware. The basic structure of home networking middleware supports one-to-one (unicast) or broadcast communication mode between the lookup server and service nodes on the network. Confidentiality and authentication are key security factors of the one-to-one communication and user authentication is crucial for broadcasting mode. One of the sensor network's security techniques SPINS consists of SNEP and ${\mu}TESLA$. The SNEP ensures confidentiality and authentication, and ${\mu}TESLA$ provides broadcast authentication. We propose a SPIN based home network middleware and it is implemented by using the CBC-MAC for MAC generation, the counter mode (CTR) for message freshness, the pseudo random function (PRF) and RC5 as encryption algorithm. The implementation result shows that an attacker cannot decrypt the message though he gets the secure key because of CTR mode. In addition, we confirmed that a received message of the server is authenticated using MAC.

• Journal of Communications and Networks
• /
• v.11 no.6
• /
• pp.574-588
• /
• 2009

Although much research has been conducted in the area of authentication in wireless networks, vehicular ad-hoc networks (VANETs) pose unique challenges, such as real-time constraints, processing limitations, memory constraints, frequently changing senders, requirements for interoperability with existing standards, extensibility and flexibility for future requirements, etc. No currently proposed technique addresses all of the requirements for message and entity authentication in VANETs. After analyzing the requirements for viable VANET message authentication, we propose a modified version of TESLA, TESLA++, which provides the same computationally efficient broadcast authentication as TESLA with reduced memory requirements. To address the range of needs within VANETs we propose a new hybrid authentication mechanism, VANET authentication using signatures and TESLA++ (VAST), that combines the advantages of ECDSA signatures and TESLA++. Elliptic curve digital signature algorithm (ECDSA) signatures provide fast authentication and non-repudiation, but are computationally expensive. TESLA++ prevents memory and computation-based denial of service attacks. We analyze the security of our mechanism and simulate VAST in realistic highway conditions under varying network and vehicular traffic scenarios. Simulation results show that VAST outperforms either signatures or TESLA on its own. Even under heavy loads VAST is able to authenticate 100% of the received messages within 107ms. VANETs use certificates to achieve entity authentication (i.e., validate senders). To reduce certificate bandwidth usage, we use Hu et al.'s strategy of broadcasting certificates at fixed intervals, independent of the arrival of new entities. We propose a new certificate verification strategy that prevents denial of service attacks while requiring zero additional sender overhead. Our analysis shows that these solutions introduce a small delay, but still allow drivers in a worst case scenario over 3 seconds to respond to a dangerous situation.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.16 no.6
• /
• pp.163-167
• /
• 2006

Multi-level ${\mu}TESLA$ is an efficient extension to ${\mu}TESLA$ to provide an extended lifetime for long-lived sensor networks. This paper presents new constructions of multi-level ${\mu}TESLA$ with immediate authentication of key chain commitments. The proposed constructions are shown to be more efficient and robust than the previous multi-level ${\mu}TESLA$ extension.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.10 no.3
• /
• pp.1249-1272
• /
• 2016

In this paper, we propose a symmetric key establishment scheme for wireless sensor networks which tries to minimize the resource usage while satisfying the security requirements. This is accomplished by taking advantage of the communication pattern of wireless sensor networks and adopting heterogeneous wireless sensor networks. By considering the unique communication pattern of wireless sensor networks due to the nature of information gathering from the physical world, the number of keys to be established is minimized and, consequently, the overhead spent for establishing keys decreases. With heterogeneous wireless sensor networks, we can build a hybrid scheme where a small number of powerful nodes do more works than a large number of resource-constrained nodes to provide enhanced security service such as broadcast authentication and reduce the burden of resource-limited nodes. In addition, an on-demand key establishment scheme is introduced to support extra communications and optimize the resource usage. Our performance analysis shows that the proposed scheme is very efficient and highly scalable in terms of storage, communication and computation overhead. Furthermore, our proposed scheme not only satisfies the security requirements but also provides resilience to several attacks.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.35 no.4B
• /
• pp.713-720
• /
• 2010

Lately, IPTV is in the limelight using a broadband information service to provide video content and broadcast services. Current IPTV system is combining CAS and DRM system for VOD contents to protect transmitting contents and authentication, but it has drawbacks such as system's complexity and high construction costs. Multicast DRM system emerged as a method to improve them, but, in the multicast DRM system, if the key is intercepted by a malicious user, it can be viewed by an unauthorized user of illegal broadcasting which can be a problem. In this paper, we suggest to protect content from a malicious user by applying the techniques using user authentication in the multicast DRM system.

• International journal of advanced smart convergence
• /
• v.12 no.1
• /
• pp.140-148
• /
• 2023

With the OTT media market growing rapidly, the significance of trustworthy data verification and certification cannot be emphasized enough. This study delves into the crucial need for such measures in South Korea, exploring the steps involved, the technological and policy-related considerations, and the challenges that may arise once these measures are put into place. Drawing on in-depth interviews and the analytical hierarchy process (AHP), this study surveyed various stakeholder groups, both directly and indirectly related to OTT data authentication and certification. By assessing the severity of OTT data-related issues and identifying the requirements for reliability-improvement policies, participants shared their valuable insights and opinions on this pressing matter. The survey results clearly indicate a divided opinion among stakeholders and industry experts on the reliability of OTT data, with some expressing trust while others remain skeptical. However, there was a consensus that advertising-based AVOD is more reliable than SVOD. By analyzing the priorities of authentication and verification, this study paves the way for the establishment and operation of a Korean MRC (KMRC), centered on the OTT media industry. The KMRC will serve as a vital platform for ensuring the authenticity and accuracy of OTT data in South Korea, providing businesses and industry players with a reliable source of information for informed decision-making. This study highlights the pressing need for reliable data authentication and certification in the rapidly growing OTT media market, and provides a persuasive case for the establishment of a KMRC in South Korea to meet this critical need.

• The KIPS Transactions:PartC
• /
• v.18C no.4
• /
• pp.227-236
• /
• 2011

IPTV(Internet Protocol Television) is one of the typical businesses which are the convergence of Broadcast and Communication. It provides broadcasting service using IP networks. Recently, IPTV service is developed to Mobile IPTV or Open IPTV. Especially, Open IPTV uses open platform so not only service providers but also general users can provide contents to other users. Open IPTV system has many content providers, so existing security solution of IPTV cannot be adopted. In this paper, we suggest user authentication and key distribution mechanism on Open IPTV. Our proposed mechanism is based on Kerberos, so it can support distribution environment such as Open IPTV. We demonstrate that proposed mechanism can guarantee secure transmission of contents and reduce the delay of user authentication on Open IPTV system compared to other authentication mechanisms. We also compare our proposal and other mechanisms in various aspects, and analyze efficiency and safety of proposed mechanism. As a result, we insist that this mechanism satisfies the security requirements for IPTV.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.11 no.7
• /
• pp.3678-3698
• /
• 2017

With the rapid development of vehicular ad hoc Network (VANET), it has gained significant popularity and received increasing attentions from both academics and industry communities in aspects of security and efficiency. To address the security and efficiency issues, a self-authentication and deniable efficient group key agreement protocol is proposed in this paper. The scheme establishes a group between road side units (RSUs) and vehicles by using self-authentication without certification authority, and improves certification efficiency by using group key (GK) transmission method. At the same time, to avoid the attacker attacking the legal vehicle by RSUs, we adopt deniable group key agreement method to negotiation session key (sk) and use it to transmit GK between RSUs. In addition, vehicles not only broadcast messages to other vehicles, but also communicate with other members in the same group. Therefore, group communication is necessary in VANET. Finally, the performance analysis shows superiority of our scheme in security problems, meanwhile the verification delay, transmission overheard and message delay get significant improvement than other related schemes.