• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.10 no.1
• /
• pp.221-237
• /
• 2016

The wireless body area networks (WBANs) consist of wearable computing devices and can support various healthcare-related applications. There exist two crucial issues when WBANs are utilized for healthcare applications. One is the protection of the sensitive biometric data transmitted over the insecure wireless channels. The other is the design of effective medical management mechanisms. In this paper, a secure medical information management system is proposed and implemented on a TinyOS-based WBAN test bed to simultaneously address these two issues. In this system, the electronic medical record (EMR) is bound to the biometric data with a novel fragile zero-watermarking scheme based on the modified visual secret sharing (MVSS). In this manner, the EMR can be utilized not only for medical management but also for data integrity checking. Additionally, both the biometric data and the EMR are encrypted, and the EMR is further protected by the MVSS. Our analysis and experimental results demonstrate that the proposed system not only protects the confidentialities of both the biometric data and the EMR but also offers reliable patient information authentication, explicit healthcare operation verification and undeniable doctor liability identification for WBANs.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.13 no.11
• /
• pp.2479-2487
• /
• 2009

Earlier researches on Sensor Networks preferred symmetric key-based authentication schemes in consideration of limitations in network resources. However, recent advancements in cryptographic algorithms and sensor-node manufacturing techniques have opened suggestion to public key-based solutions such as Merkle tree-based schemes. This paper proposes a new concept of public key-based authentication using Polynomial Secret Sharing that can be effectively applied to sensor networks and a detection of malicious node using the hash function. This scheme is based on exponential distributed data concept, a derivative from Shamir's (t,n) threshold scheme, in which the authentication of neighbouring nodes are done simultaneously while minimising resources of sensor nodes and providing network scalability.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.13 no.5
• /
• pp.952-958
• /
• 2009

Recently, due to problems in terms of illegal copying of medical image and the right ownership and authentication of data, it is necessary for us to study about those problems. In this study, we propose steganography with a method of the hiding information of high-resolution in digital medical image. The proposed algorithm is one of the way that inserts secret information by protecting ROI area which is regarded as and important feature of high-resolution digital medical image. As a result, the proposed method made it possible to insert secret information of massive storage and didn't affect the imperceptibility in medical image quality based on capacity and PSNR showed the all image quality of about 33.33dB.

• Journal of Communications and Networks
• /
• v.11 no.6
• /
• pp.538-543
• /
• 2009

A wiretap channel I is one of the channel models that was proved to achieve unconditional security. However, it has been an open problem in realizing such a channel model in a practical network environment. The paper is committed to solve the open problem by introducing a novel approach for building wiretap channel I in which the eavesdropper sees a binary symmetric channel (BSC) with error probability p while themain channel is error free. By taking advantage of the feedback and low density parity check (LDPC) codes, our scheme adds randomness to the feedback signals from the destination for keeping an eavesdropper ignorant; on the other hand, redundancy is added and encoded by the LDPC codes such that a legitimate receiver can correctly receive and decode the signals. With the proposed approach, unconditionallysecure communication can be achieved through interactive communications, in which the legitimate partner can realize the secret information transmission without a pre-shared secret key even if the eavesdropper has better channel from the beginning.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.10 no.5
• /
• pp.942-949
• /
• 2006

The VoIP(Voice over IP) has been worldwide used and already put to practical use in many fields. However, it is needed to ensure secret of VoIP call in a special situation. It is relatively difficult to eavesdrop the commonly used PSTN in that it is connected with 1:1 circuit. However, it is difficult to ensure the secret of call on Internet because many users can connect to the Internet at the same time. Therefore, this paper suggests a new model of Internet telephone for eavesdrop prevention enabling VoIP(using SIP protocol) to use the VPN protocol and establish the probability of practical use comparing it with Internet telephone.

• Journal of Sensor Science and Technology
• /
• v.27 no.1
• /
• pp.59-63
• /
• 2018

Among Internet of things (IoT) applications, the most demanding requirements for the widespread realization of many IoT visions are security and low power. In terms of security, IoT applications include tasks that are rarely addressed before such as secure computation, trusted sensing, and communication, privacy, and so on. These tasks ask for new and better techniques for the protection of data, software, and hardware. An integral part of hardware cryptographic primitives are secret keys and unique IDs. Physical Unclonable Functions(PUF) are a unique class of circuits that leverage the inherent variations in manufacturing process to create unique, unclonable IDs and secret keys. In this paper, we propose a low power Arbiter PUF circuit with low error rate and high reliability compared with conventional arbiter PUFs. The proposed PUF utilizes a power gating structure to save the power consumption in sleep mode, and uses a razor flip-flop to increase reliability. PUF has been designed and implemented using a FPGA and a ASIC chip (a 0.35 um technology). Experimental results show that our proposed PUF solves the metastability problem and reduce the power consumption of PUF compared to the conventional Arbiter PUF. It is expected that the proposed PUF can be used in systems required low power consumption and high reliability such as low power encryption processors and low power biomedical systems.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.5 no.4
• /
• pp.139-150
• /
• 2009

Authentication and key exchange are fundamental for establishing secure communication channels over public insecure networks. Password-based protocols for authenticated key exchange are designed to work even when user authentication is done via the use of passwords drawn from a small known set of values. There have been many protocols proposed over the years for password authenticated key exchange in the three-party scenario, in which two clients attempt to establish a secret key interacting with one same authentication server. However, little has been done for password authenticated key exchange in the more general and realistic four-party setting, where two clients trying to establish a secret key are registered with different authentication servers. In fact, the recent protocol by Yeh and Sun seems to be the only password authenticated key exchange protocol in the four-party setting. But, the Yeh-Sun protocol adopts the so called "hybrid model", in which each client needs not only to remember a password shared with the server but also to store and manage the server's public key. In some sense, this hybrid approach obviates the reason for considering password authenticated protocols in the first place; it is difficult for humans to securely manage long cryptographic keys. In this work, we introduce a key agreement protocol and a key distribution protocol, respectively, that requires each client only to remember a password shared with its authentication server.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.11 no.4
• /
• pp.77-89
• /
• 2001

Recently, with the explosive growth of communication technologies, group oriented services such as teleconference and multi-player game are increasing. Access control to information is handled by secret communications with group keys shared among members, and efficient updating of group keys is vital to such secret communications of large and dynamic groups. In this paper, we employ (2,4)-tree as a key tree, which is one of height balanced trees, to reduce the number of key updates caused by join or leave of members. Especially, we use CBT(Core Based Tree) to gather network configurations of group members and reflect this information to key tree structure to update group keys efficiently when splitting or merging of subgroups occurs by network failure or recovery.

• International Journal of Computer Science & Network Security
• /
• v.23 no.12
• /
• pp.81-90
• /
• 2023

Cloud computing is an emerging business model popularized during the last few years by the IT industry. Providing "Everything as a Service" has shifted many organizations to choose cloud-based services. However, some companies still fear shifting their data to the cloud due to issues related to the security and privacy. The paper suggests a novel Trust based Mutual Authentication Mechanism using Secret P-box based Mutual Authentication Mechanism (TbMAM-SPb) on the criticality of information. It uses a particular passcodes from one of the secret P-box to act as challenge to one party. The response is another passcode from other P-box. The mechanism is designed in a way that the response given by a party to a challenge is itself a new challenge for the other party. Access to data is provided after ensuring certain number of correct challenge-responses. The complexity can be dynamically updated on basis of criticality of the information and trust factor between the two parties. The communication is encrypted and time-stamped to avoid interceptions and reuse. Overall, it is good authentication mechanism without the use of expensive devices and participation of a trusted third party.

• Convergence Security Journal
• /
• v.16 no.7
• /
• pp.121-127
• /
• 2016

Recently, the popularity of smart devices such as Wi-Fi and LTE has increased the use ratio of wireless dramatically. On the other hand, the use ratio of wired internet is decreasing. The IoT(Internet of Things) is not only for people but also for communication between people and things, and communication between things and things by connecting to a wireless without choosing a place. Along with the rapid spread of the IoT there is a growing concern about the threat of IoT security. In this paper, the proposed scheme is a efficiency group key agreement in IoT environment that guarantees secure communication among light-weight devices. The proposed scheme securely be able to communication with the group devices who share a group key, generated by own secret value and the public value. Such property is suitable to the environment which are required a local area and a group.