• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.44 no.5
• /
• pp.54-62
• /
• 2007

We propose a novel authentication protocol for wireless mesh network. The proposed authentication protocol is based on the password scheme for convenience of users. The proposed protocol is evaluated through three analyses. The correctness of the proposed protocol is proved using the GNY analysis. By the security analysis, we show that the proposed protocol is resistant to various attacks. For the performance analysis, we implemented the protocol in Linux operating system based laptop and measured the transmission time. The analytic results show that the proposed protocol provides the secure wireless mesh network without considerable performance degradation.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.13 no.4
• /
• pp.691-699
• /
• 2009

Recently, the ERO protocol has been adopted as a standard to protect the routing optimization mode introduced by MIPv6. This protocol uses the public key cryptography and the early binding update method to improve the Return Routeability protocol while optimizing both security and performance. On the other hand, though various security approaches including the ERO protocol have been proposed for MIPv6, they lack formal verification. Especially, to our best knowledge, there is no formal analysis on the ERO protocol. In order to provide a good example for formal analysis on MIPv6 security protocols, this paper verifies the correctness of the ERO protocol through BAN-logic. For this goal, BAN-logic is extended to consider the address tests on the mobile nodes's CoA and HoA. It is expected that the analysis presented in this paper will be useful for the formal verifications on the security protocols related to MIPv6.

• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.47 no.2
• /
• pp.113-120
• /
• 2010

RFID system is the contact-less recognition technology and use for distribution system, environment, transport, security and so on. However, it may create many security relevant problems such as privacy because constraints of RFID communication environment. So several methods of resolving these problems have been proposed. Recently, Shin and Park proposed an efficient RFID authentication protocol with protecting user's privacy using hash function and exclusive-OR.. But Ahn and Bu et al. poia problem that a attacker can to masquerade as malicious reader because their protocol can't providing mutual authentication.nted out weakness of Shin and Park's protocol and proposed more secure and efficient protocol. Unfortunately, Ahn and But's protocol has In this paper, We propose an improved RFID authentication protocol providing mutual authentication. The proposed protocol has advantages that providing mutual authentication between a tag and a reader, secure against replay attack and spoofing attack. Also, it guarantees anonymity of RFID tag and secure against location tracking attack by collusion of malicious readers.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.3 no.1
• /
• pp.52-83
• /
• 2009

In this technical report, we have examined the basic building blocks of mobile ad-hoc networks. The paper discusses various security requirements of ad-hoc networks, attacks in ad-hoc networks, Security Implementation and Routing Protocols. The primary purpose of the paper is to address the Optimized Link State Routing (OLSR) protocol in detail, along with the various possible attacks. Finally, algorithms for securing OLSR are proposed, via the addition of digital signatures, as well as more advanced techniques such as cross checking of advertised routing control data with the node's geographical position. The main aim of this research work is the addition of security features to the existing OLSR protocol. In order to effectively design a secure routing protocol, we present a detailed literature survey of existing protocols, along with the various attacks. Based on the information gathered from the literature survey, a secure routing protocol for OLSR is proposed. The proposed secure routing protocol involves the addition of a digital signature as well as more advanced techniques such as the reuse of previous topology information to validate the actual link state. Thus, the main objective of this work is to provide secure routing and secure data transmission.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2011.10a
• /
• pp.253-254
• /
• 2011

Most of existing RFID authentication protocols either suffer from some security weaknesses or require costly operations that are not available on low-cost tags. In this paper, we analyzed the security mechanism of a lightweight authentication protocol.

• Electronics and Telecommunications Trends
• /
• v.14 no.6 s.60
• /
• pp.51-63
• /
• 1999

IPSEC (Internet Protocol Security) is a network layer security protocol that is designed to support secure TCP/IP environment over the Internet considering flexibility, scalability, and interoperability. IPSEC primarily supports security among hosts rather than users unlike the other security protocols. Recently, IPSEC is emphasized as one of the important security infrastructures in the NGI (Next Generation Internet). It also has suitable features to implement VPN (Virtual Private Network) efficiently and its application areas are expected to grow rapidly. In this paper, the basic concepts and related standard documents of IPSEC will be introduced.

• International Journal of Computer Science & Network Security
• /
• v.21 no.9
• /
• pp.91-98
• /
• 2021

Peer to Peer Networks play an increasing role in today's networks, also it's expected that this type of communication networks evolves more in the future. Since the number of users that is involved in Peer to Peer Networks is huge and will be increased more in the future, security issues will appear and increase as well. Thus, providing a sustainable solution is needed to ensure the security of Peer to Peer Networks. This paper is presenting a new protocol called Malicious Trust Managers Identification (MTMI). This protocol is used to ensure anonymity of trust manager, that computes and stores the trust value for another peer. The proposed protocol builds a secure connection between trust managers by using public key infrastructure. As well as experimental testing has been conducted to validate the proposed protocol.

• Journal of KIISE:Information Networking
• /
• v.29 no.6
• /
• pp.635-644
• /
• 2002

We propose the PBSM(Protocol-Based Security Module) system which guarantees the secure data transmission under web environments. There are two modules in the PBSM architecture. One is Web Server Security Module(WSSM) which is working on a web server, the other is the Winsock Client Security Module(WSCSM) which is working on a client. The WSCSM security module decrypts the encrypted HTML document that is received from the security web server. The decrypted HTML document is displayed on the screen of a client. The WSSM module contains the encryption function for HTML file and the decryption function for CGI(Common Gateway Interface). The formal analysis methodology is imported from format theory for analyzing the data flow of the PBSM system. The formal analysis methodology is based on the order theory.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2011.10a
• /
• pp.237-240
• /
• 2011

Voice over Internet Protocol calls using administrative agency to build a national information and communication service, 'C' group, providers, the KT, SK Broadband, LG U+, Samsung SDS, as there are four operators. To prepare for an attack on Voice over Internet Protocol for administrative agency, security is a need for research to support the model. In this paper, the Internet telephone business of Administrative Agency to investigate and analyze the specific security measures to respond. Should set priorities around confidentiality about five security threats from NIS to Study of Voice over Internet Protocol Security Response Model for Administrative Agency. (1) Illegal wiretapping, (2) call interception, (3) service misuse, (4) denial of service attacks, (5) spam attacks, write about and analyze attack scenarios. In this paper, an analysis of protection by security threats and security breaches through a step-by-step system to address the research study is a step-by-step development of the corresponding model.

• The Transactions of the Korea Information Processing Society
• /
• v.6 no.1
• /
• pp.107-114
• /
• 1999

Recently as services in ATM are diversified, the need for security has been increased, But when we added the security features in ATM, the Compatibility and transparency with existing systems must be considered after analyzing threats of security. This paper designs the security protocol in ATM protocol stack and defines the primitivies and processing procedure of messages which are need in the security layer. Also, this paper presents the authentication and key distribution procedure which can be adopted at call establishment. The presented authentication protocol can be used for point-to-point method as well as point-to-multipoint method. and the correctness of this protocol is verified using GNY logic.