• Proceedings of the Korea Information Processing Society Conference
• /
• 2007.05a
• /
• pp.1100-1101
• /
• 2007

This paper proposes an efficient mechanism of node membership verification within the groups of sensors in a wireless sensor network (WSN). We utilize one-way accumulator to check the memberships of the legitimate nodes in a secure way. Our scheme also supports the addition and deletion of nodes in the groups in the network. Our analysis shows that, our scheme could be well-suited for the resource constrained sensors in a sensor network and it provides a lightweight mechanism for secure node membership verification in WSN.

• Journal of Information Processing Systems
• /
• v.9 no.2
• /
• pp.247-258
• /
• 2013

A new secure network communication technique that has been designed for mobile wireless services, is presented in this paper. Its network services are mobile, distributed, seamless, and secure. We focus on the security of the scheme and achieve anonymity and reliability by using cryptographic techniques like blind signature and the electronic coin. The question we address in this paper is, "What is the best way to protect the privacy and anonymity of users of mobile wireless networks, especially in practical applications like e-commerce?" The new scheme is a flexible solution that answers this question. It efficiently protects user's privacy and anonymity in mobile wireless networks and supports various applications. It is employed to implement a secure e-auction as an example, in order to show its advantages in practical network applications.

• IEMEK Journal of Embedded Systems and Applications
• /
• v.10 no.4
• /
• pp.199-206
• /
• 2015

In this paper, we present the implementation of a secure OTP(One Time Password) generator for IoT(Internet of Things) devices. Basically, MTM(Mobile Trusted Module) is used and expanded considering secure IoT services. We combine the MTM architecture with a new hardware-based OTP generation engine. The new architecture is more secure, offering not only the security of devices but also that of the OTP service. We have implemented and verified the MTM-based OTP generator on a real mobile platform embedded with the MTM chip. The proposed method can be used as a solution for enhancing security of IoT devices and services.

• Proceedings of the IEEK Conference
• /
• 2004.08c
• /
• pp.600-607
• /
• 2004

The paper describes the implementation of the video conferencing system using public key infrastructure which is used for user authentication and media stream encryption. Using public key infrastructure, we are able to reinforce the authentication for conference participant and block several malicious hacking while protecting conference control information. The paper shows the implementation of the transportation layer secure protocol in conformity with Korea public key authentication algorithm standard and symmetric key encryption algorithm (RC2, SEED, DES and 3DES) for media stream encryption. The feature of the paper is transportation layer secure protocol that is implemented for protection of information on a user authentication and video conference and the media streaming encryption algorithm also can be envisioned with another block encryption algorithm. The key for media streaming encryption may be safely distributed by the transportation layer secure protocol.

• IEMEK Journal of Embedded Systems and Applications
• /
• v.8 no.6
• /
• pp.303-309
• /
• 2013

Cloud storage services are used for efficient sharing or synchronizing of user's data across multiple mobile devices. Although cloud storages provide flexibility and scalability in storing data, security issues should be handled. Currently, typical cloud storage services offer data encryption for security purpose but we think such method is not secure enough because managing encryption keys by software and identifying users by simple ID and password are main defectives of current cloud storage services. We propose a secure data access method to cloud storage in mobile environment. Our framework supports hardware-based key management, attestation on the client software integrity, and secure key sharing across the multiple devices. We implemented our prototype using ARM TrustZone and TPM Emulator which is running on secure world of the TrustZone environment.

• Proceedings of the Korean Institute of Intelligent Systems Conference
• /
• 2003.09a
• /
• pp.575-578
• /
• 2003

In this paper, we introduce a hyper-chaos secure communication method using Hyper-chaos consist of State-Controlled Cellular Neural Network (SC-CNN). A hyper-chaos circuit is created by applying identical n-double scroll with weak coupled method to each cell. Hyper-chaos synchronization was achieved using embedding synchronization between the transmitter and receiver about in SC CNN. And then, we accomplish secure communication by synthesizing the desired information with a hyper-chaos circuit by embedding the information signal to the only one state variable instead of all state variables in the driven-synchronization method. After transmitting the synthesized signal to the identical channel, we confirm secure communication by separating the information signal and the hyper-chaos signal in the receiver.

• Proceedings of the Korean Institute of Intelligent Systems Conference
• /
• 2000.11a
• /
• pp.231-234
• /
• 2000

In this paper, we formed a transmitter and receiver by using three identical Chuas circuits and then formed wire and wireless transmission line from the channel which was between those three circuits. We proposed a secure communication method in which the desired information signal was synthesized with the chaos signal created in a Chuas circuit and sent to the transmitter through channel. Then the signal was demodulated receiver of Chuas circuit. The method we used to accomplish the secure communication was synthesizing the desired information with the chaos circuit by parallel connection in a wireless transmission line. After transmitting the synthesized signal to the wire and wireless transmission line, we confirmed the actuality of the secure communication by separating the information signal and the chaos signal in the receiver.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.5 no.1
• /
• pp.63-70
• /
• 2009

As individuals spend more time doing social and economic life on the web, the importance of protecting privacy against Phishing and Pharming attacks also increases. Until now, there have been researches on the methods of protection against Phishing and Pharming. However, these researches don't provide efficient methods for protecting privacy and don't consider Pharming attacks. In this paper, we propose an authentication protocol that protects user information from Phishing and Pharming attacks. In this protocol, the messages passed between clients and servers are secure because they authenticate each other using a hash function of password and location information which are certificated to clients and servers only. These messages are used only once, so that the protocol is secure from replay attacks and man-in-the-middle attacks. Furthermore, it is also secure from Pharming attacks.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.6 no.1
• /
• pp.33-54
• /
• 2010

Providing a secure 3-tier Web application has become a high priority for companies as e-businesses have increased the amount and the sensitivity of corporate information that can be accessed through the web. Web applications become more difficult to secure with this very increase in online traffic and transactions. This paper first reviews the 3-tier of web application, types of attacks that can threaten web application services and security principles. We then are designing and implementing a secure web application with open source software that able to mitigate the web application vulnerable to attack.

• Journal of information and communication convergence engineering
• /
• v.3 no.3
• /
• pp.163-166
• /
• 2005

The Key exchange protocols are very crucial tools to provide the secure communication in the broadband satellite access network. They should be required to satisfy various requirements such as security, Key confirmation, and Key freshness. In this paper, Two authenticated key exchange protocols TPEKE-E(Two Pass Encrypted Key Exchange-Exchange-Efficient) and TPEKE-S(Two Pass Encrypted Key xchange-Secure) are introduced. A basic idea of the protocols is that a password can be represented by modular addition N, and the number of possible modular addition N representing the password is $2^N$. The TPEKE-E is secure against the attacks including main-in-the-middle attack and off-line dictionary attack, and the performance is excellent so as beyond to comparison with other authenticated key exchange protocols. The TPEKE-S is a slight modification of the TPEKE-E. The TPEKE-S provides computational in feasibility for learning the password without having performed off line dictionary attack while preserving the performance of the TPEKE-E.