• Journal of the Institute of Electronics Engineers of Korea CI
• /
• v.42 no.5
• /
• pp.21-30
• /
• 2005

Recently, a mobile IPv6 binding update protocol using Address Based Keys (BU-ABK) was proposed. This protocol applies Address Based Keys (ABK), generated through identity-based cryptosystem, to enable strong authentication and secure key exchange without any global security infrastructure. However, because it cannot detect that public cryptographic parameters for ABKs are altered or forged, it is vulnerable to man-in-the-middle attacks and denial of service attacks. Furthermore, it has heavy burden of managing the public cryptographic parameters. In this paper, we show the weaknesses of BU-ABK and then propose an enhanced BU-ABK (EBU-ABK). Furthermore, we provide an optimization for mobile devices with constraint computational power. The comparison of EBU-ABK with BU-ABK shows that the enhanced protocol achieves strong security while not resulting in heavy computation overhead on a mobile node.

• Journal of Internet Computing and Services
• /
• v.5 no.3
• /
• pp.25-33
• /
• 2004

Mobile IP Low Latency Handoffs(l) allow greater support for real-time services on a Mobile IP network by minimizing the period of time when a mobile node is unable to send or receive IP packets due to the delay in the Mobile IP Registration process. However, on Mobile IP network with AAA servers that are capable of performing Authentication, Authorization, and Accounting(AAA) services, every Registration has to be traversed to the home network to achieve new session keys, that are distributed by home AAA server, for a new Mobile IP session. This communication delay is the time taken to re-authentication the mobile node and to traverse between foreign and home network even if the mobile node has been previously authorized to old foreign agent. In order to reduce these extra time overheads, we present a method that performs Low Latency Handoffs without requiring further involvement by home AAA server. The method re-uses the previously assigned session keys. To provide confidentiality and integrity of session keys in the phase of key exchange between agents, it uses a key sharing method by gateway foreign agent that performs a trusted thirty party. The proposed method allows the mobile node to perform Low Latency Handoffs with fast as well as secure operation.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.5
• /
• pp.931-938
• /
• 2013

It is hard to extract original data from encrypted data before getting the password in encrypted data with disk encryption software. This encryption key of disk encryption software can be extract by using physical memory analysis. Searching encryption key time in the physical memory increases with the size of memory because it is intended for whole memory. But physical memory data includes a lot of data that is unrelated to encryption keys like system kernel objects and file data. Therefore, it needs the method that extracts valid data for searching keys by analysis. We provide a method that collect only saved memory parts of disk encrypting keys in physical memory by analyzing Windows kernel virtual address space. We demonstrate superiority because the suggested method experimentally reduces more of the encryption key searching space than the existing method.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.28 no.1C
• /
• pp.24-31
• /
• 2003

In this paper, a new opto-digital multiple information hiding and real-time extracting system is implemented. That is, multiple information is hidden in a cover image by using the stego keys which are generated by combined use of random sequence(RS) and Hadamard matrix(HM) and these hidden information is extracted in real-time by using a new optical correlator-based extraction system. In the experiment, 3 kinds of information, English alphabet of "N", "R", "L" having 512$\times$512 pixels, are formulated 8$\times$8 blocks and each of these information is multiplied with the corresponding stego keys having 64$\times$64 pixels one by one. And then, by adding these modulated data to a cover image of "Lena"having 512$\times$512 pixels, a stego image is finally generated. In this paper, as an extraction system, a new optical nonlinear joint transform correlator(NJTC) is introduced to extract the hidden data from a stego image in real-time, in which optical correlation between the stego image and each of the stego keys is performed and from these correlation outputs the hidden data can be asily exacted in real-time. Especially, it is found that the SNRs of the correlation outputs in the proposed optical NJTC-based extraction system has been improved to 7㏈ on average by comparison with those of the conventional JTC system under the condition of having a nonlinear parameter less than k=0.4. This good experimental results might suggest a possibility of implementation of an opto-digital multiple information hiding and real-time extracting system.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.34 no.9B
• /
• pp.923-930
• /
• 2009

Digital Rights Management(DRM) is a term that refers technologies for imposing limitations on the use of digital content for protecting media copyright holders. This paper proposes a generic scheme for digital media copy protection that can be applied to any digital media such as audio, video, etc. The scheme will make it very hard to play a copied content on a foreign platform and to guess secret content encryption keys. Unlike other DRM techniques, the scheme uses the stream cipher HC-256 only for encrypting media content and it allows a client to start content playback immediately following its streamed decryption. As to the encryption, it requires to generate several secret keys for each new client(player copy), rather than for each media content, which makes it scalable in terms of managed keys. Also, for simplicity, the scheme supports the popular unlimited-play-after-download policy only, which would eliminate the necessity for deploying separate server or process for licensing.

• The Korea Journal of Herbology
• /
• v.26 no.3
• /
• pp.57-63
• /
• 2011

Objectives : Peucedani Radix ('Jeonho' in Korean) is the root of Peucedanum praeruptorum or Angelica decursiva. However, the root of Anthriscus sylvestris has usually been distributed as Jeonho. This study was performed to determine the discriminative criteria of Jeonho, focused on distribution in Korean markets. Methods : We have determined identification keys to discriminate each Jeonho samples, through observation of external morphology of original plants, and the research of external and internal morphological features of dried Jeonho herbs. Results : Because of identical to the Korean plant name 'Jeonho', Anthrisci Radix had been came into use as a substitute of Jeonho in Korea during the time of Japanese colonial rule. The original plants of Jeonho and its substitute are discriminated with shape of leaf, leaf margin and color of stem. External morphological features of the medicinal herbs of Jeonho are different in the color of cross-sections, pellucid dot, white powder. Internal morphological points, such as fiber bundle of xylem, seconadary mudullary ray and ray of xylem were also used as discriminative criteria for Jeonho. Further details(e.g. identificaion keys) are in the article. Conclusions : We think that these discriminative criteria will be meaningful in identifying the substitutes and adulterants of Jeonho.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.3
• /
• pp.547-557
• /
• 2015

The security of all cryptographic algorithms and protocols is based on the confidentiality of secret keys. Key management mechanism is an indispensable part of the cryptographic system and this deals with the generation, exchange, storage, use, and replacement of keys. Within the key management mechanism there are key derivation functions (KDFs) which derive one or more keys from a master key. NIST specifies three families of PRF-based KDFs in SP 800-108. In this paper, we examine the difference of security models between the KDFs and the encryption modes of operations. Moreover we focus on the provable security of PRF-based KDFs according to input types of counters, and show that the counter and feedback modes of KDFs using XOR of counters are insecure, while these modes using concatenation of counters are secure.

• The Journal of Korean Association of Computer Education
• /
• v.9 no.2
• /
• pp.111-124
• /
• 2006

Multicast services are provided on the Internet in fast increasing. Therefore it is important to keep security for multicast communication. If a member of the group is removed, new group key has to be generated and distributed to all remaining members of group. Minimizing number of messages and operation cost for generation of the composite keys to be used to encrypting group key are important evaluating criteria of multicast key management scheme since generation and distribution of new keys for rekeying require expensive operation. Periodic batch rekeying can reduce these important parameters rather than rekeying sequentially in fashion one after another. In this paper, Hamming distance is calculated between every members to be removed. In batch rekeying the members with Hamming distance less than threshold are selected for rekeying procedure. With running the round assignment algorithm in the case of removing several members simultaneously, our scheme has advantages of reducing messages and operation cost for generation of the composite keys and eliminating possibility of collusion attack for rekeying. We evaluate performance of round assignment algorithm through simulation and show that our scheme is excellent after performance comparison of existent schemes and our scheme.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.13 no.12
• /
• pp.2563-2568
• /
• 2009

Although a symmetric cryptographic system has many advantages in speed of encryption decryption, the security problems with the distribution method of secret keys have been still raised. Especially, the distribution method of secret keys for unspecified individuals who want secret communication is becoming a core issue. As a simple solution to this issue, Diffie-Hellman key exchange methods were proposed, but proved to be insufficient in depending MITM(Main In The Middle) attacks. To find effective solution to problems mentioned above, this paper proposes the strengthened Diffie-Hellman key exchange methods applied for the mobile-phone channel which are widely used. This paper emphasizes the way to distribute the synthesized session keys to the sender and the receiver, which are created with authentication numbers exchanged between the mobile-phones and Diffie-Hellman key. Using proposed ways, MITMattacks can be effectively defended.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.23 no.5
• /
• pp.604-612
• /
• 2019

PKI Internet banking is used to have users register their public keys with the banking server together with the identity information, and verify the signature for both user and transaction authentications by using the registered public keys. Although the Blockchain-based financial systems such as Bitcoin adopt similar digital signature-based authentication scheme, there is no server that participants can register public keys with because they perform P2P payment transactions. The purpose of this paper is to identify the advantages and disadvantages of the Blockchain-based payment transactions by analyzing the differences between the most common PKI Internet banking and Blockchain payment systems. Based on the analysis, this paper suggests the issues that need to be enhanced from the aspects of architecture and security in order for Blockchain payment transaction systems to be applied universally.