• ETRI Journal
• /
• v.38 no.4
• /
• pp.724-734
• /
• 2016

To achieve confidentiality, integrity, authentication, and non-repudiation simultaneously, the concept of signcryption was introduced by combining encryption and a signature in a single scheme. Certificate-based encryption schemes are designed to resolve the key escrow problem of identity-based encryption, as well as to simplify the certificate management problem in traditional public key cryptosystems. In this paper, we propose a new certificate-based signcryption scheme that has been proved to be secure against adaptive chosen ciphertext attacks and existentially unforgeable against chosen-message attacks in the random oracle model. Our scheme is not based on pairing and thus is efficient and practical. Furthermore, it allows a signcrypted message to be immediately verified by the public key of the sender. This means that verification and decryption of the signcrypted message are decoupled. To the best of our knowledge, this is the first signcryption scheme without pairing to have this feature.

• Proceedings of the IEEK Conference
• /
• 2004.08c
• /
• pp.759-763
• /
• 2004

While the needs for VoIPs(Voice over IP) encourage the commercial trials for VoIP services, there are many problems such as user authentication, blocking of illegal user and eavesdropping. In this paper, a management algorithm of registration of VoIP terminals is explained and security methods for tolling and data encryption module is designed and built up. The module structure will have the advantages of the entire development of secured gatekeeper without whole modification of gatekeeper. In order to secure the ordinary gatekeeper based on H.323 standard, user authentication and data encryption technologies are developed based on the H.235 standard and simply located over the plain H.323 stacks. The data structures for secured communications are implemented according to ASN.1 structures by H.235.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2006.05a
• /
• pp.909-912
• /
• 2006

최근 MANET에서 보안적인 요소를 추가한 라우팅 연구가 활발하지만 기존에 제시된 방안들은 거짓 신고를 하는 악의적인 노드를 식별하지 못하는 문제점과 라우팅 측면에서 비효율적인 문제점이 있었다. 본 논문에서는 신고, 반박, 증명의 메시지를 이용하여 악의적인 노드의 여러 가지 공격을 차단하고 라우팅 측면에서 보다 효율적인 프로토콜을 제안한다. 제안하는 프로토콜은 여러 가지 MANET 라우팅 프로토콜에서 적용이 가능하며 라우팅 경로 선정 및 관리의 보안적인 부분을 추가하였다.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.5 no.4
• /
• pp.822-839
• /
• 2011

Group key agreement protocols derive a shared secret key for a group of users to ensure data confidentiality or/and integrity among the users in the subsequent communications. In this paper, we inspect two group key agreement schemes which have been proposed by Shi et al. and Zheng et al. in 2005 and 2007 respectively. Although both schemes were claimed to be secure in a heuristic way, we reveal several flaws using the Bellare-Rogaway security model extended to multi-party setting by Bresson et al. These flaws are found to be originated from inappropriate selection of key derivation function, inadvertent exclusion of partners' identities from the protocol specification and insufficient consideration in preserving known temporary information security and key freshness properties. Furthermore, we suggest and discuss proper countermeasures to address such flaws.

• Korean Management Science Review
• /
• v.17 no.1
• /
• pp.145-158
• /
• 2000

The medical records of diagnostic and testing information include sensitive personal information that reveals some of the most intimate aspects of an individual's life. The hospital information system (HIS) operates in a state of high risk which may lead to the possible loss to the IS resources caused by various threats. This research addresses twofold : (1) to perform asset identification ad valuation and (2) to recommend countermeasures for secure HIS network using case studies This paper applied a risk management tool CRAMM (Central Computer and Tele-communications Agency's Risk Analysis and Management Method) to assess asset values and suggest countermeasures for the security of computerized medical information of two large hospitals in Korea. CRAMM countermeasures are recommended at the reference sites from the network security requirements of system utilized for the diagnosis and treatment of patients. The results of the study will enhance the awareness of IS risk management by IS managers.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.10 no.1
• /
• pp.187-199
• /
• 2016

In this paper, we consider secure communications in multi-hop relaying systems, where multiple decode-and-forward (DF) relays are located at each individual hop and perform cooperative beamforming to improve physical layer security. In order to determine the cooperative relay beamformer at each hop, we propose an iterative beamformer update scheme using semidefinite relaxation and bisection techniques. Numerical results are presented to verify the secrecy rate performance of the proposed scheme.

• Proceedings of the Korean Information Science Society Conference
• /
• 2007.06d
• /
• pp.1-6
• /
• 2007

무선 인터넷 통신은 유선 인터넷 통신보다 더욱 정보 노출이 쉬운 상태여서 강도 높은 보안 솔루션이 요구된다. 본 논문에서는 무선 인터넷의 암호 시스템을 위해, 키 길이가 짧아 처리 속도가 빠른 타원 곡선 알고리즘을 사용한 신뢰된 파티가 없는 쓰레시홀드 암호시스템을 제안한다. 따라서 제안한 시스템은 타원 곡선 알고리즘 사용으로 휴대 단말기 용량 한계에 부딪혔던 WPKI(Wireless Public Key Infrastructure) 서비스를 개선할 수 있으며, 신뢰된 파티를 보장할 수 없는 무선 인터넷 통신에서 안전한 그룹 통신을 할 수 있게 된다. 또한 제안한 시스템은 다양한 타원 곡선을 활용할 수 있는 타원 곡선 암호시스템 장점으로 다양한 암호시스템 설계가 가능하다는 것이 증명되었다.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.26 no.4B
• /
• pp.514-519
• /
• 2001

1994년 이래, 광대역 통신 시스템에 카오스 이론을 적용하는 연구가 지속되어 왔으며, 지금까지 여러 가지 변복조기술이 개발되어왔다. 변복조기술은 두 종류로 나눌수 있다. 첫째는 동기 복조 기술로, 동기에 의해 카오스 신호를 수신 신호로부터 재생하는 것이다. 그러나 카오스 동기 기술은 채널 잡음이나 왜곡에 매우 민감하며 이 기술은 무선 통신에 사용되기 힘들다. 둘째는 비동기로 복조를 하는 것이다. 본 논문은 비동기로 구현할 수 있는 여러 가지 카오스 통신 기술을 설명하고 임계값과 오율등을 비교 평가한다. 특히 비동기 FM-DCSK는 판정회로에 필요한 임계값이 잡음 레벨에 상관없이 0으로 임계값 선정이 쉽고 데이터율이 카오스 신호의 성질에 의해 제한되지 않음을 입증함으로서 앞으로 비동기 FM-DCSK가 카오스 디지털 CDMA 시스템의 기반기술로 응용될수 있음을 확인하였다.

• The Transactions of the Korean Institute of Electrical Engineers D
• /
• v.55 no.5
• /
• pp.229-235
• /
• 2006

High speed PC-based DIO(Digital I/O) system that consists of a master device and slave I/O devices is developed. The PCI interfaced master device controls all of serial communications, reducing the load on the CPU to a minimum. The slave device is connected from the master device and another slave device is connected to the slave device, it can repeated to maximum 64 slave devices. The slave device has 3 types I/O mode, such as 16 bits input-only, 16 bits output-only, and 8bits input-output. The master device has 2 rings which can take 64 slaves each. Therefore, total I/O points covered by the master is 2048 points. The slave features 3 types of input/output function interchangeability by DIP switch settings. Library, application, and device driver software for the DIO system that have a secure and a convenient functionality are developed.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.27 no.6A
• /
• pp.540-548
• /
• 2002

Attacks have been proposed that use side information as timing measurements, power consumption, electromagnetic emissions and faulty hardware. Elimination side-channel information or prevention it from being used to attack a secure system is an tractive ares of research. In this paper, differential power analysis techniques to attack the DES are experimented and analyzed. And we propose the prevention of DPA attack by software implementation technique.