• The KIPS Transactions:PartC
• /
• v.13C no.2 s.105
• /
• pp.195-202
• /
• 2006

For applying sensor networking technology for our daily life, security service is essential, and pairwise key establishment is the key point for security. In this paper, we propose fairwise key establishment mechanism for secure coumunication in sensor networks. In the mechanism, we cluster the network field before deployment and predistribute key materials to normal sensor nodes and clusterheads. For clusterheads, more key materials are predistributed, and after deployment, sensor nodes which need to establish pairwise keys with other sensor nodes in different clusters make request for related key materials to their own clusterheads. Our proposal reduces the memory requirements for normal sensor nodes by distributing more information to clusterheads, and it raises the security level and resilience against node captures. In addition, it guarantees perfect pairwise key establishments for every pair of neighboring nodes and provides efficient and secure sensor communications.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.41 no.4
• /
• pp.479-488
• /
• 2016

For a secure communication system, it is necessary to use secure cryptographic algorithms and keys. Modern cryptographic system generates high entropy encryption key through standard key derivation functions. Using recent progress in quantum key distribution(QKD) based on quantum physics, it is expected that we can enhance the security of modern cryptosystem. In this respect, the study on the dual key agreement is required, which combines quantum and modern cryptography. In this paper, we propose two key derivation functions using dual key agreement based on QKD and RSA cryptographic system. Furthermore, we demonstrate several simulations that estimate entropy of derived key so as to support the design rationale of our key derivation functions.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.29 no.1C
• /
• pp.25-34
• /
• 2004

In mobile agent environments, cascaded delegations among places occur frequently due to the mobility of agents. Cascaded delegation in mobile agent environments can be defined as the process whereby the delegated place delegates the rights of the delegating place further. The representative study for delegation in mobile agent environments is Berkovits et al.'s study. Their study only defines the messages that is sent between the place executing the agent and the place where the agent migrates. Because their study considers only the delegation between two places which participate in migration of an agent, it is inadequate in the situation that the cascaded delegation is necessary. In other words, the relationships among the messages sent from and to places is necessary. However, their study does not exist the relationships. In this paper, we propose a delegation scheme that provides agents with secure cascaded delegation. The proposed scheme achieves the goal by nesting each delegation token within the signed part of the next immediate delegation token. We prove that the proposed scheme is secure against the attack of replaying a message and of substituting a delegation token.

• Journal of Communications and Networks
• /
• v.14 no.4
• /
• pp.352-363
• /
• 2012

In this paper, we study the role of cooperative relays to provide and improve secure communication rates through decodeand-forward (DF) strategies in a full-duplex multiple relay network with an eavesdropper. We consider the DF scheme as a basis for cooperation and propose several strategies that implement different versions of this scheme suited for cooperation with multiple relays. Our goal is to give an efficient cooperation paradigm based on the DF scheme to provide and improve secrecy in a multiple relay network. We first study the DF strategy for secrecy in a single relay network. We propose a suboptimal DF with zero forcing (DF/ZF) strategy for which we obtain the optimal power control policy. Next, we consider the multiple relay problem. We propose three different strategies based on DF/ZF and obtain their achievable secrecy rates. The first strategy is a single hop strategy whereas the other two strategies are multiple hop strategies. In the first strategy, we show that it is possible to eliminate all the relays' signals from the eavesdropper's observation (full ZF), however, the achievable secrecy rate is limited by the worst source-relay channel. Our second strategy overcomes the drawback of the first strategy, however, with the disadvantage of enabling partial ZF only. Our third strategy provides a reasonable compromise between the first two strategies. That is, in this strategy, full ZF is possible and the rate achieved does not suffer from the drawback of the first strategy. We conclude our study by a set of numerical results to illustrate the performance of each of the proposed strategies in terms of the achievable rates in different practical scenarios.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.32 no.11A
• /
• pp.1128-1137
• /
• 2007

Recently, according to being advanced internet, mobile communication technique, Telematics environment which users in vehicle can use internet service in LAN(Local Area Network) via mobile device has being realized. In this paper, we propose the remote user authentication protocol to solve these issues. Additionally, we use biometrics(fingerprint) for our user authentication protocol cause it can provide to avoid critical weakness that can be lost, stolen, or forgotten and to make authentication easily. In our user authentication protocol, to protect the biometric we use session key which is generated from master key distributed in our key distribution protocol. In particular, we propose secure protocol between APs considering weakness of security in mobile environment. Based on implementation of our proposed protocol, we conform that our proposed protocols are secure from various attack methods and provide real-time authentication.

• Journal of the Institute of Electronics Engineers of Korea CI
• /
• v.41 no.4
• /
• pp.113-123
• /
• 2004

This paper presents a new collusion-secure fingerprinting scheme to embed fingerprints into three-dimensional(3-D) mesh models efficiently. In the proposed scheme, we make the same number of fingerprints as the number of customers based on the finite projective geometry, partition a 3-D mesh model related to the number of bits assigned to each fingerprint and then embed a watermark representing copyright information into each submesh to be marked. Considering imperceptibility and robustness of the watermarking algorithm we embed the watermark signal into mid-frequency DCT coefficients obtained by transforming vertex coordinates in the triangle strips which are generated from the submeshes to be marked. Experimental results show that our scheme is robust to additive random noises, MPEG-4 SNHC 3-D mesh coding, geometrical transformations, and fingerprint attacks by two traitors' collusion. In addition, we can reduce the number of bits assigned to each fingerprint significantly.

• The Journal of Korean Institute of Electromagnetic Engineering and Science
• /
• v.27 no.7
• /
• pp.599-611
• /
• 2016

This paper proposes a cognitive engine platform that enables dynamic spectrum access(DSA) based on a spectrum sharing system for the military tactical network environment. The current military tactical wireless communication system is increasing need to secure a supplementary wireless spectrum to ensure that multiple wireless networks for different weapon systems co-exist, so that tactical wireless communication between the same or different systems can be operated effectively. This paper examined policy development and research activities engaged by the U.S. and European countries on wireless spectrum sharing to secure more spectrum. It also introduces the current status of cognitive engine development, which is the core technology of tactical wireless communication for DSA. In addition, based on the investigation performed into the latest trends, we propose a platform structure for a cognitive engine based on a spectrum sharing method where more frequencies can be added for tactical radio communication, so that DSA can be realized, and wireless networks of different weapon systems can co-exist.

• The KIPS Transactions:PartC
• /
• v.9C no.4
• /
• pp.597-604
• /
• 2002

Changing group key is necessary for the remaining members when a new member joins or a member leaves the group in multicast communications. It is required to guarantee perfect forward and backward confidentiality. Unfortunately, in large groups with frequent membership changes, key changes become the primary bottleneck for scalable group. In this paper, we propose a novel approach for providing efficient group key distribution in large and dynamic groups. Unlike existing secure multicast protocols, our protocol is scalable to large groups because both the frequency and computational overhead of re-keying is determined by the size of a subgroup instead of the size of the whole group, and offers mechanism to prevent the subgroup managers with group access control from having any access to the multicast data that are transfered by sender. It also provides security service for preserving privacy in wireless computing environments.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.40 no.8
• /
• pp.1597-1605
• /
• 2015

Password authenticated key exchange (PAKE) is a protocol that a client stores its password to a server, authenticates itself using its password and shares a session key with the server. In multi-server PAKE, a client splits its password and stores them to several servers separately. Unless all the servers are compromised, client's password will not be disclosed in the multi-server setting. In attribute-based encryption (ABE), a sender encrypts a message M using a set of attributes and then a receiver decrypts it using the same set of attributes. In this paper, we introduce multi-server PAKE protocol that utilizes a set of attributes of ABE as a client's password. In the protocol, the client and servers do not need to create additional public/private key pairs because the password is used as a set of public keys. Also, the client and the servers exchange only one round-trip message per server. The protocol is secure against dictionary attacks. We prove our system is secure in a proposed threat model. Finally we show feasibility through evaluating the execution time of the protocol.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.36 no.3C
• /
• pp.133-139
• /
• 2011

Nowadays, it is considered as an important task to protect digital contents from illegal use and reproduction. In many cases, there are secure servers to authenticate the allowed users and the user authentication process is performed by communication between the servers and users. However, if the number of users and contents are increased, the servers should treat a large amount of authentication loads and the authentication cost will be considerably increased. Moreover, this scheme is not adequate for some players in which only a limited function of communication is deployed. In order to solve this problem, this paper proposes an authentication method which can certificate both the digital contents and players, and prevent illegal reproduction without the certification server. The proposed scheme is secure in the replay attack, the man in the middle attack, and data substitution attack.