• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.15 no.3
• /
• pp.43-52
• /
• 2005

MIPv4 supports node mobility, manages MN's binding list and provides seamless communication through registration protocol. Since the registration protocol usually operating in the wireless environment involves authenticating MNs, it is a general approach to introduce the AAA infrastructure as key distribution center for the purpose of authentication. In this paper, we propose an efficient registration protocol with lightweight AAA based on domain key. Proposed protocol also withstands various replay attacks, and provides non-repudiation service for the accounts of the usage of the network service.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2009.11a
• /
• pp.709-710
• /
• 2009

IT 기술은 인터넷 및 휴대 디바이스의 발전으로 인해 유비쿼터스 환경으로 발전해 나가고 있다. 이와 같은 변화는 사용자들에게 다양한 서비스를 제공될 것이며, 사용자들은 모바일 디바이스를 이용하여 이동하면서도 서비스를 받고자 하는 요구가 증대되고 있다. 그러나 현재의 발전 예상과 다양한 서비스와는 반대로 무선 환경이라는 특성으로 인해 기존의 유선망보다 다양한 위협사항 및 취약점을 가지고 있다. 즉 무선 환경에서 모바일 디바이스에 대한 스니핑, 도청, 서비스거부 공격, 중간자 공격, 비인가 장비 공격, 악성소프트웨어 감영 등의 보안 취약성을 내포하고 있으며, 또한 기존의 무선 환경이 가지는 위협사항을 그대로 가지고 있어 모바일 디바이스 보안에 대한 연구는 매우 중요한 실정이다. 이러한 문제점을 해결하는 방안으로 기존의 유선망뿐만 아니라 비약적으로 발전하고 있는 무선망의 WiBro, Mobile IP 등과 같은 다양한 서비스 및 프로토콜 상에서 안전하고 신뢰성 있는 인증 인가 과금을 체계적으로 제공하도록 경량화된 디바이스 보안 기술에 대한 연구를 수행하고자 한다.

• The KIPS Transactions:PartC
• /
• v.14C no.5
• /
• pp.431-438
• /
• 2007

RFID system is core technology that construct ubiquitous environment for replacement of barcode technology. Use ratio of RFID system rapidly increase because the technology has many good points such as identification speed, storage space, convenience etc. But low-cost tag operates easily by query of reader, so the system happened user privacy violent problem by tag information exposure. The system studied many ways for security application, but operation capability of low-cost tag is about $5K{\sim}10K$ gates, but only $250{\sim}3K$ gates allocated security part. So it is difficult to apply security to the system. Therefore, this scheme uses dividing 64 bits and reduces arithmetic, so proposed scheme provide mutual authentication that can apply to low-cost RFID system. Existing methods divide by 4 and used 96 bits. However, that reduces 32 bits length for lightweight and reduced from communication number of times of 7 times to 5 times. Also, because offer security by random number than existing scheme that generate two random numbers, that is more efficient. However, uses hash function for integrity that was not offered by XOR arithmetic and added extension of proposed scheme. Extended scheme is not offered efficiency than methods that use XOR arithmetic, but identification distance is mode that is proposed secure so that can use in for RFID system.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.18 no.3
• /
• pp.374-380
• /
• 2017

The Internet of Things (IoT) refers to intelligent technologies and services that connect all things to the internet so they can interactively communicate with people, other things, and other systems. The development of the IoT environment accompanies advances in network protocols applicable to more lightweight and intelligent sensors, and lightweight and diverse environments. The development of those elemental technologies is promoting the rapid progress in smart car environments that provide safety features and user convenience. These developments in smart car services will bring a positive effect, but can also lead to a catastrophe for a person's life if security issues with the services are not resolved. Although smart cars have various features with different types of communications functions to control the vehicles under the existing platforms, insecure features and functions may bring various security threats, such as bypassing authentication, malfunctions through illegitimate control of the vehicle via data forgery, and leaking of private information. In this paper, we look at types of smart car services in the IoT, deriving the security threats from smart car services based on various scenarios, suggesting countermeasures against them, and we finally propose a safe smart car application plan.

• Journal of the Korea Society of Computer and Information
• /
• v.25 no.9
• /
• pp.81-90
• /
• 2020

In order to operate multi drone efficiently, existing control methods must be improved, and drones must be able to construct communication networks autonomously. FANET(Flying Ad-Hoc Network), which is being considered as an alternative to solving these problems, is based on ad hoc network technology and can be exposed to a variety of security vulnerabilities. However, due to the limited computational power and memory of FANET nodes, and rapid and frequent changes in network topology, it is not easy to apply the existing security measures to FANET without modification. Thus, this paper proposes lightweight security measures applicable to FANET, which have distinct characteristics from existing ad hoc networks by utilizing PUF technology. The proposed security measures utilize unique values generated by non-replicable PUFs to increase the safety of AODV, FANET's reactive routing protocol, and are resistant to various attacks.

• Journal of Korea Multimedia Society
• /
• v.12 no.4
• /
• pp.550-558
• /
• 2009

In ubiquitous environment, more small, lightweight, cheap and movable device is used than one device used in wired network environment. Multimedia service which is anytime, anywhere, is provided by device. However, it does not ensure the fair use of multimedia contents and causes damage to the contents providers because of illegal copy and distribution and indiscriminate use of digital contents. For solving this problems, DRM is applied to wired network but it has the problems does not protect stored license and manage license completely because of depending on simple protection such as device authentication and cryptographic algorithm. This paper proposes the license management model using digital forensic and DRM that prevents contents and licenses from distributing illegally and also enables the creation of evidence for legal countermeasure and the protection of license in whole life cycle.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.11 no.4
• /
• pp.2276-2291
• /
• 2017

Data protection of removable storage devices is an important issue in information security. Unfortunately, most existing data protection mechanisms are aimed at protecting computer platform which is not suitable for ultra-low-power devices. To protect the flash disk appropriately and efficiently, we propose a trust based USB flash disk, named UTrustDisk. The data protection technologies in UTrustDisk include data authentication protocol, data confidentiality protection and data leakage prevention. Usually, the data integrity protection scheme is the bottleneck in the whole system and we accelerate it by WH universal hash function and speculative caching. The speculative caching will cache the potential hot chunks for reducing the memory bandwidth pollution. We adopt the symmetric encryption algorithm to protect data confidentiality. Before mounting the UTrustDisk, we will run a trusted virtual domain based lightweight virtual machine for preventing information leakage. Besides, we prove formally that UTrustDisk can prevent sensitive data from leaking out. Experimental results show that our scheme's average writing throughput is 44.8% higher than that of NH scheme, and 316% higher than that of SHA-1 scheme. And the success rate of speculative caching mechanism is up to 94.5% since the access pattern is usually sequential.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.40 no.3
• /
• pp.568-574
• /
• 2015

Recently RFID not only is widely utilized in various fields such as inventory management, merchandize logistics, etc., but also, has evolved as an important component of the Internet of Things (IoT). According to increasing the utilization field of RIFD, studies for security and privacy for RFID system have been made diverse. Among them, the ownership transfer protocols for RFID tags have also been proposed in connection with the purchase of products embedded with RFID tag. Recently, Kapoor and Piramuthu proposed a RFID ownership transfer protocol to solve the problems of security weakness of the previous RFID ownership transfer protocols. In this paper, we show that Kapoor-Piramuthu's protocol also has security problems and provide a new protocol to resolve them. Security analysis of newly proposed protocol shows the security concerns are resolved.

• KIPS Transactions on Computer and Communication Systems
• /
• v.6 no.8
• /
• pp.329-342
• /
• 2017

Recently, interest and investment in the Internet of Things (IoT) have increased significantly, and security issues are constantly being raised. As a solution, the IETF ACE Working Group is establishing the ACE framework standard, which is a new security framework for various constrained IoT environments based on the existing OAuth 2.0. However, additional work is required to apply the ACE framework, which proposes a new lightweight security system, to the existing Internet environment, and this additional cost is a factor that hinders the application of OAuth 2.0 to the IOT environment. Therefore, we propose an IoT authentication framework based on OAuth 2.0's existing development motivation, and implement a proposal framework based on CoAPthon and analyze its performance.

• Journal of the Korea Society of Computer and Information
• /
• v.13 no.5
• /
• pp.229-236
• /
• 2008

In this paper, re proposed scheme that it safely exchange encrypted keys without Trust Third Party(TTP) and Pre-distributing keys in ubiquitous environments. Existing paper assume that exist a TTP or already pre-distributed encrypted keys between nodes. However, there methods are not sufficient for wireless environments without infrastructure. Some existing paper try to use the Diffie-Hellman algorithm for the problem, but it is vulnerable to Replay and Man-in-the middle attack from the malicious nodes. Therefore, Authentication problem between nodes is solved by modified the Diffie-Hellman algorithm using ${\mu}TESLA$. We propose safe, lightweight, and robust pair-wise agreement algorithm adding. One Time Password(OTP) using timestamp to modified the Diffie-Hellman in ubiquitous environments, and verify a safety about proposed algorithm.