• Journal of the Korea Society of Computer and Information
• /
• v.15 no.12
• /
• pp.85-92
• /
• 2010

There is an authentication method for participants with an encrypted ID and password as a symmetric-key in multilateral video conferencing. It is hard to manage when the security-keys makes many while the transportation processing for the encryption and decryption get complicated when the video conferencing involves a number of participants and the third party as an attackers to gain unauthorized symmetric-key to access video conference which makes a problem less secrecy. This study suggests three ways to enhance security in video conference: first, we present PKI-based X.509 certificate for authenticating the participants of multilateral conferencing and we suggest to encode and decode the video conference media data using a secrecy key created by each of the conference participants; second, a more secured multilateral video conferencing can be expected in a group communication by using the participants secrecy key in creating and distributing group keys, where the group key will be renewed whenever there is change in the group member; and finally, we suggest to encode the RTP payload of the media data before transmission.

• Knowledge Management Research
• /
• v.21 no.3
• /
• pp.1-25
• /
• 2020

This study analyzed key success factors of Korean car-sharing enterprises, Socar and Greencar, and the responsive strategies of Korean car-manufacturing company, Hyundai Motor Group, in the face of emerging sharing economy under the specific economic and regulatory system in Korea. The outcomes of the analysis are as follows. 'Timely market entry' in early startup phase and 'use of external resources' in early growth phase were key success factors common to both Socar and Greencar. However, the differences in the eventual business directions of the two companies also resulted in different key success factors in the expansion phase of their business. For Socar which focused on maintaining its independence and the external growth of B2C business, customer relation marketing and sufficient capital raising were key success factors. For Greencar which became a part of a business group and focused on improving the efficiency of business operations, timely market entry (B2B market) was key success factor. The use of external resources and cooperation with large corporations emerged as key success factors common to both companies in the rapid growth phase. The responsive strategies of the Hyundai Motor Group were collaboration, investment and direct management of DeliveryCar. The short-term goal of the responsive strategy was the operation of test-bed in collaboration with car-sharing company while the mid/long term goal was planning new mobility services by utilizing collected data. Securing opportunities for early market dominance for autonomous car industry was also found to be an important goal.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.12 no.6
• /
• pp.93-112
• /
• 2002

Since the multicast group which is composed of various members is dynamic, members of the group frequently join or leave. So, for a new session, group keys are efficiently updated and distributed. In this paper, we describe very simple and new efficient logical key hierarchy(ELKH) protocol which is based on an one-way function. In the previous schemes, when the group controller distributes new created keys or updated keys to the members the information is usally encryted and then transmited over a multicast channel. But ELKH secretes the multicast message by using the one-way function and XOR operator instead of encrypting it. Hence our main construction improves the computational efficiency required from the group controller and group memebers while doesn't increase size of re-keying message when compared to $EHBT^{[12]}$. Assuming the security of an underlying one-way function, we prove that our scheme satisfies forward secrecy and backward secrecy.

• The KIPS Transactions:PartC
• /
• v.11C no.5
• /
• pp.585-594
• /
• 2004

When several service providers want to work together with only one master key, they need to properly distribute the key to participants who come in for the co-work business and then securely manage the distributed keys. This paper describes the system that can efficiently and securely manage the master key on the basis of the secret sharing scheme that can reconstruct original secret information as the necessity of reconstructing original secret arises. The proposed system can distribute secret information to several groups and also redistribute the secret to subgroup in proportion to the participant's security level using smart card-based (t, t)-(k, n)-threshold secret scheme for securely keeping secret information and authentication of participant's identification.

• Journal of the Korea Convergence Society
• /
• v.6 no.6
• /
• pp.81-86
• /
• 2015

The threats to privacy and security have received increasing attention as ubiquitous healthcare applications over the Internet become more prevalent, mobile and universal. In particular, we address the communication security issues of access sharing of health information resources in the ubiquitous healthcare environment. The proposed scheme resolves the sender and data authentication problem in information systems and group communications. We propose a novel key management scheme for generating and distributing cryptographic keys to constituent users to provide form of data encryption method for certain types of data concerning resource constraints for secure communications in the ubiquitous healthcare domains.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.19 no.3
• /
• pp.119-131
• /
• 2009

The world's widely used key exchange protocols are open cryptographic communication protocols, such as TLS/SSL, whereas in the financial field in Korea, key exchange protocols developed by industrial classification group have been used that are based on PKI(Public Key Infrastructure) which is suitable for the financial environments of Korea. However, the key exchange protocols are not only vulnerable to client impersonation attacks and known-key attacks, but also do not provide forward secrecy. Especially, an attacker with the private keys of the financial security server can easily get an old session-key that can decrypt the encrypted messages between the clients and the server. The exposure of the server's private keys by internal management problems, etc, results in a huge problem, such as exposure of a lot of private information and financial information of clients. In this paper, we analyze the weaknesses of the cryptographic communication protocols in use in Korea. We then propose two key exchange protocols which reduce the replacement cost of protocols and are also secure against client impersonation attacks and session-key and private key reveal attacks. The forward secrecy of the second protocol is reduced to the HDH(Hash Diffie-Hellman) problem.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.2
• /
• pp.27-35
• /
• 2011

Due to the advancement of IPTV technologies, Mobile IPTV service is needed to be supported for service and content protection. CAS is generally used in the IPTV service to protect service and content. However, the CAS is not efficient in the Mobile IPTV. The CAS needs too much bandwidth for Service Key update to the each subscriber. Moreover, the CAS is increasing computation burden for the service key refreshment in the key management server when the subscriber frequently changes of the IPTV service group. To solve the problems, we used hierarchical key structure based on pre-shared key that is securely stored into smart card or USIM and do not use the EMM for Service Key update. As a result, the proposed scheme decreases computation burden at the key management server and wireless bandwidth burden in the Mobile IPTV service.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.11 no.11
• /
• pp.5625-5641
• /
• 2017

Certificateless public key cryptography resolves the certificate management problem in traditional public key cryptography and the key escrow problem in identity-based cryptography. In recent years, some good results have been achieved in speeding up the computation of bilinear pairing. However, the computation cost of the pairing is much higher than that of the scalar multiplication over the elliptic curve group. Therefore, it is still significant to design cryptosystem without pairing operations. A multi-signer universal designated multi-verifier signature scheme allows a set of signers to cooperatively generate a public verifiable signature, the signature holder then can propose a new signature such that only the designated set of verifiers can verify it. Multi-signer universal designated multi-verifier signatures are suitable in many different practical applications such as electronic tenders, electronic voting and electronic auctions. In this paper, we propose a certificateless multi-signer universal designated multi-verifier signature scheme and prove the security in the random oracle model. Our scheme does not use pairing operation. To the best of our knowledge, our scheme is the first certificateless multi-signer universal designated multi-verifier signature scheme.

• Journal of the Korea Society of Computer and Information
• /
• v.11 no.3
• /
• pp.57-66
• /
• 2006

In this paper. proposes Multi_Kerberos certification mechanism that improve certification service of based on PKINIT that made public in IETF CAT Working Group. This paper proposed to a certificate other realm because search position of outside realm through DNS and apply X.509 directory certification system, to get public key from DNS server by chain (CertPath) between realms by certification and key exchange way that provide service between realms applying X.509, DS/DNS of based on PKINIT, in order to provide regional services. This paper proposed mechanism that support efficient certification service about cross realm including key management. the path generation and construction of Certificate using Validation Server, and recovery of Session Key. A Design of Multi_Kerberos system that have effects simplify of certification formality that reduce procedures on communication.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.6
• /
• pp.1243-1257
• /
• 2019

With the emergence of the IoT environment, various smart devices provide consumers with the convenience and various services. However, as security threats such as invasion of privacy have been reported, the importance of security issues in the IoT environment has emerged, and in particular, the security problem of key management has been discussed, and the PUF has been discussed as a countermeasure. In relation to the key management problem, a protocol using MIPUF has been proposed for the security problem of the group key management system. The system can be applied to lightweight IoT environments and the safety of the PUF ensures the safety of the entire system. However, in some processes, it shows vulnerabilities in terms of safety and efficiency of operation. This paper improves the existing protocol by adding authentication for members, ensuring data independence, reducing unnecessary operations, and increasing the efficiency of database searches. Safety analysis is performed for a specific attack and efficiency analysis results are presented by comparing the computational quantities. Through this, this paper shows that the reliability of data can be improved and our proposed method is lighter than existing protocol.