• Journal of Digital Convergence
• /
• v.14 no.10
• /
• pp.287-293
• /
• 2016

Wireless sensor networks (WSNs) have many applications and are deployed in a wide variety of areas. They are often deployed in potentially adverse or even hostile environment so that there are concerns on security issues in these WSNs. Recently, an anonymous user authentication and key agreement scheme (AUAKAS) was proposed based on symmetric cryptosystem in WSNs. It is claimed in AUAKAS that it assures security against different types of attacks including impersonation attacks. However, this paper shows that AUAKAS does not cope from user impersonation attack and gateway impersonation attack from the legally registered user on the gateway. The security analysis could guide the required features of the security scheme to be satisfied.

• Journal of Convergence Society for SMB
• /
• v.4 no.1
• /
• pp.41-45
• /
• 2014

Only if the secret key stored in the engine ECU matches car key stored in the car, immobilizer system is a car anti-theft system that automobile engine takes. To take an action as soon in case of losing car key or being stolen, the ASPI protocol is proposed for assigning a new password after finishing user authentication by the smart phone etc. The shortcoming point of that directly bring the car to a service center in case of losing key can be complemented by the proposed protocol. In case of the car and key both are theft together, the car can be stopped soon.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.10 no.2
• /
• pp.351-357
• /
• 2009

Home network is a network composed of devices in home and is being expanded by evolving devices. Also, The number of digital contents in home network has been increasing steadily. But it is difficult to continually protect the rights of digital contents due to lack of interoperability among contents devices. Besides, a license has to be re-issued by DRM sever for contents transfer between devices. Thus, this paper proposes framework which can freely transfer and contents to another device through mutual device authentication and a system that can decrease overload of license management of the DRM sever and that enable device outside home network to use contents through user authentication.

• The Journal of the Korea Contents Association
• /
• v.8 no.6
• /
• pp.66-73
• /
• 2008

The concept of u-Vehicle is a technological model that people try to build the ubiquitous world in the car which moves, by using the RFID technology as well as the telematics service based on the location. RFID is weak on the point of information security because RFID has possibility for being abused such as chasing, counterfeiting, and invading personal privacy. RFID's tags use a weak cryptographic algorithm. This paper presents the vulnerabilities of information security under u-Vehicle environments. To solve that, we propose a mechanism enhancing RFID tag's security but with low cost by reducing the number of mutual authentication stages and using the hash function.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.36 no.7B
• /
• pp.858-867
• /
• 2011

The RFID(Radio-Frequency IDentification) systems have many security problem such as eavesdropping, a replay attack, location tracking and DoS(Denial of Service) attacks. Because RFID systems use radio-frequency. So research are being made to solve the problem of RFID systems, one of which is AES algorithm. This paper presents an authentication protocol using AES and one-time random number to secure other attacks like eavesdropping, a replay attack, location tracking, In addtion, RSMAP uses OTP(One-Time Pad) in order to safely transmit.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.17 no.2
• /
• pp.41-49
• /
• 2007

USIM(UMTS Subscriber Identity Module) technology that accept 3GPP(3rd Generation Partnership Project) standards for information security supports security function in 3GPP. Supported security functions of USIM are confidentiality of user identity, mutual authentication and key agreement between end user and network, confidentiality of user data and data integrity. It is very important technology in wireless network. It makes secure environment that user and service provider can use securely mobile service in network. In this paper, design and implementation USIM security module that supports common network access method and authentication protocol in 3GPP and WLAN(Wireless LAN) and AAA (3A-Authentication Authorization Accounting) server system based RADIUS.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.5
• /
• pp.125-134
• /
• 2008

A great number of RFID authentication protocols have been proposed for the secure RFID system. These are typically divided into three types according to primitive that they use : Hash-based, Re-encryption based, and XORing-based protocol. The well-known attacks in RFID system are eavesdropping. impersonating, location tracking, and so on. However, existing protocols could not provide security against above attacks, or it was not efficient to search for tags on database. Therefore, in this paper we present a protocol which is secure against above attacks by using hash function and makes Database search tags easily by attaining the state information of previous session through the shared values with all tags and database.

• International Commerce and Information Review
• /
• v.12 no.1
• /
• pp.55-73
• /
• 2010

The thesis examines new innovation of various aspect to overcome lots of problems which come by when we execute simplification of trade procedure and administration fairly. Practical implications regarding the innovation of electronic trade infrastructure are as follows. First, it will propel the standardization of electronic trade section in the technical side and the construction atmosphere of international authentication system must be created. The work process should be redesigned in order to implement export-import procedures that meet the relevant standards. Second, the improvement of system for electronic process is necessary in the law and institutional aspect. In order to eliminate any obstacles to the trade procedure, clearer legal grounds regarding legitimate controls and minimum necessity must be established. Also, laws should be revised to admit mutual recognition among certification organizations, in lieu of international agreement-based mutual recognition between government. Third, the detailed improvement for the integration of the electronic trade infrastructure will be demanded. Additionally, user-centered quality management protocols should be established via connections with the systems already existing in governmental bodies. Fourth, various trade institution should harmonized and interconnected with other partners through mutual cooperation for standardization of operational system. A system which can monitor and remotely diagnose and resolve system errors should be established to provide tailor-made service and improve operational efficiency. At the same time, it is necessary to build a cooperative system to share information and promote comprehensive management for efficient operation.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.30 no.5A
• /
• pp.426-435
• /
• 2005

this paper, we made out blocking probability analysis for a new authentication structure for reducing the certificate acquisition time which is one of the factors that should be improved in a conventional wireless PKI. A conventional key exchange method simply performs the key exchange setup step based on discrete algebraic subjects. But the mutual-authentication procedure of wireless PKI for reducing authentication time uses an elliptical curve for a key exchange setup step. Besides, we proposed advanced handover method and blocking probability analysis for wireless PKI. Proposed handover method shows reduced handover processing time than conventional method since it can reduce CRL retrieval time. Also, we compared proposed authentication structure and conventional algorithm, and simulation results show that proposed authentication method outperforms conventional algorithm in all environment regardless of call arrival rate, queue service rate, queue size

• The Journal of Society for e-Business Studies
• /
• v.18 no.3
• /
• pp.107-123
• /
• 2013

In a wireless sensor network environment, it is required to ensure anonymity by keeping sensor nodes' identifiers not being revealed and to support real-time authentication, lightweight authentication and synchronization. In particular, there exist possibilities of location information leakage by others, privacy interference and security vulnerability when it comes to wireless telecommunications. Anonymity has been an importance issue in wired and wireless network environment, so that it has been studied in wide range. The sensor nodes are interconnected among them based on wireless network. In terms of the sensor node, the researchers have been emphasizing on its calculating performance limit, storage device limit, and smaller power source. To improve of biometric-based D. He scheme, this study proposes a real-time authentication protocol using Unique Random Sequence Code(URSC) and variable identifier for enhancing network performance and retaining anonymity provision.