• Journal of the Korea Society of Computer and Information
• /
• v.10 no.2 s.34
• /
• pp.159-167
• /
• 2005

Through the increment of group oriented application services, the multicast communication in wire/wireless network has become a widely discussed researching topic. However solution for security, efnciency and scaleability of a multicast communications are not enough to be satisfactory. Tn this paper, we Propose a new secure, efficient and scalable multicasting protocols to provide a integrated multicast service. Our protocol is an authenticated key establishment protocol which has been designed specifically for use with low powered computationally weak equipment such as Cellular phone and PDA(Personal Digital Assistant).

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.17 no.6
• /
• pp.65-76
• /
• 2007

The P2P file sharing system sends the results to users by searching the files in the shared folders. In the process of it, the problem is that the transferred information includes the pathname and file information and it can be revealed who searches which files. In related to this problem, anonymous file sharing P2P protocol has been an active research area where a number of works have been produced. However, the previous studies still have a few of weakness. Therefore, We propose two anonymous P2P file sharing protocols based on the decentralized and unstructured Random Walk. The first scheme uses the dynamic onion routing where the requester can receive the wanted file without knowing other peers' IDs. The second scheme uses the IP multicast method which lowers the computational overhead. Both of them are more suited for the dynamic P2P system.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2002.11a
• /
• pp.189-194
• /
• 2002

본 논문에서는 이동환경에서 다수의 이동 단말을 대상으로 안전하고 효율적인 멀티캐스트를 실현하는 보안 이동 멀티캐스트 서비스의 특성을 알아보기 위해서 기존의 연구를 보안 이동 멀티캐스트에 적용했을 때 나타나는 문제점들에 대해 논의했다. 기존의 연구는 이동 멀티캐스트나 보안 멀티캐스트에 초점을 맞추고 있어서, 이러한 연구 결과를 보안 이동 멀티캐스트에 그대로 적용할 경우 새로운 문제점이 발생하거나, 서비스의 성능을 저하시키는 요인으로 작용하게 된다. 이러한 문제점을 해소하기 위한 방안으로 적응적 방식의 가능성에 대해서 논의한다.

• Proceedings of the Korean Information Science Society Conference
• /
• 2005.11a
• /
• pp.106-108
• /
• 2005

멀티캐스트 환경에서 비밀키를 관리하는 방법은 않은 연구가 이루어져 왔지만, 대부분 유선 환경에 집중되어 있다. 본 논문에서는 이동 호스트를 지원하는 멀티캐스트 환경을 위한 두 개의 키관리 방법을 제안한다. 하나는 무선 네트워크 구조를 반영하는 트리 기반의 키 관리 방법이다. 다른 하나는 무선 영역과 유선 영역을 구분하여 키를 관리한다. 유선영역은 기존의 논리적 키 관리 방법을 사용하고 무선 영역은 각 셀마다 독립적으로 하나의 그룹키를 관리한다.

• Journal of the Korea Computer Industry Society
• /
• v.3 no.9
• /
• pp.1235-1244
• /
• 2002

This paper proposes a group key management protocol for a secure of all the multicast user in PIM-SM multicast group communication. With prosed architect, subgroups for multicast secure group management will be divided by RP (Rendezvous-Point) unit and each RP has a subgroup manager. Each subgroup manager gives a secure key to it's own transmitter md the transmitter compress the data with it's own secure key from the subgroup manager. Before the transmitter send the data to receiver, the transmitter prepare to encrypt a user's service by sending a encryption key to the receiver though the secure channel, after choking the user's validity through the secure channel. As the transmitter sending a data after then, the architecture is designed that the receiver will decode the received data with the transmitter's group key. As a result, the transmitting time is shortened because there is no need to data translation by group key on data sending and the data transmition is possible without new key distribution at path change to SPT (Shortest Path Tree) of the router characteristic. Additionally, the whole architecture size is samller than the other multicast secure architecture by using the conventional PIM-SIM routing structure without any additional equipment.

• Journal of KIISE:Information Networking
• /
• v.36 no.5
• /
• pp.437-455
• /
• 2009

In the near future, various multicast based services will be provided over clustered wireless networks. To provide multicast services in secure manner, multicast messages are encrypted by using group key which is shared by group members. Therefore, various group key management schemes have been introduced until now. Among them, tree based approach is one of the most representative paradigms in group key management. Traditional tree based approaches effectively reduce rekeying message transmissions of the key distribution center. However, they do not consider the network bandwidth used for transmitting the rekeying messages. In this paper, we firstly present formulas that describe bandwidth consumption of tree based group key management scheme. Based on our formulations, we propose a bandwidth efficient key tree management scheme for clustered wireless networks where membership changes occur frequently. Simulation results show that our scheme effectively reduces the bandwidth consumption used for rekeying compared to existing key tree schemes.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.10 no.2
• /
• pp.13-20
• /
• 2000

멀티캐스트 응용들이 많아지면서 보안 멀티캐스트 통신은 점차로 중요하게 되었다 그러나 멀티캐스트는 대부분의 네트워크 보안 프로토콜들의 점대점 유니캐스트의 개념과는 많이 다르다. 기본적으로 안전한 멀티캐스트 통신은 안전한 유니캐스트 통신과 다르다. 멀티레벨 구조의 강제적 접근 제어는 주체에 대해 의미를 부여하여 접근을 통제하는 방식인 보안 레벨에 기초한 접근 제어 보안을 제안할 것이다 본 논문에서 유니캐스트와 멀티캐스트 보안의 차이점을 조사하고 멀티캐스트 상에서 멀티레벨 보안을 제안할 것이다 본문에서 제안하는 구조에 기반하는 프로토콜은 보안 멀티캐스트 통신이나 그룹 키 관리 서비스를 제공 등 다양한 보안 목적들을 위해 쓰일 수 있고 멀티레벨 보안을 통한 접근제어로 등급화 된 보안 서비스를 제공할 수 있다.

• Journal of KIISE:Information Networking
• /
• v.30 no.3
• /
• pp.377-386
• /
• 2003

In this paper, we present an application layer protocol to support secure wireless Internet services, called Application Layer Security(ALS). The drawbacks of the two traditional approaches to secure wireless applications motivated the development of ALS. One is that in the conventional application-specific security protocol such as Secure HyperText Transfer Protocol(S-HTTP), security mechanism is included in the application itself. This gives a disadvantage that the security services are available only to that particular application. The other is that a separate protocol layer is inserted between the application and transport layers, as in the Secure Sockets Layer(SSL)/Transport Layer Security(TLS). In this case, all channel data are encrypted regardless of the specific application's requirements, resulting in much waste of network resources. To overcome these problems, ALS is proposed to be implemented on top of HTTP so that it is independent of the various transport layer protocols, and provides a common security interface with security applications so that it greatly improves the portability of security applications. In addition, since ALS takes advantages of well-known TLS mechanism, it eliminates the danger of malicious attack and provides applications with various security services such as authentication, confidentiality integrity and digital signature, and partial encryption. We conclude this paper with an example of applying ALS to the solution of end-to-end security in a present commercial wireless protocol stack, Wireless Application Protocol.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.9 no.11
• /
• pp.4623-4643
• /
• 2015

This paper considers physical-layer security protocols in multicast cognitive radio (CR) networks. In particular, we propose dual-hop cooperative decode-and-forward (DF) and randomize-and-forward (RF) schemes using partial relay selection method to enhance secrecy performance for secondary networks. In the DF protocol, the secondary relay would use same codebook with the secondary source to forward the source's signals to the secondary destination. Hence, the secondary eavesdropper can employ either maximal-ratio combining (MRC) or selection combining (SC) to combine signals received from the source and the selected relay. In RF protocol, different codebooks are used by the source and the relay to forward the source message secretly. For each scheme, we derive exact and asymptotic closed-form expressions of secrecy outage probability (SOP), non-zero secrecy capacity probability (NzSCP) in both independent and identically distributed (i.i.d.) and independent but non-identically distributed (i.n.i.d.) networks. Moreover, we also give a unified formula in an integral form for average secrecy capacity (ASC). Finally, our derivations are then validated by Monte-Carlo simulations.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2003.05c
• /
• pp.2205-2208
• /
• 2003

대부분의 인터넷 서비스는 일대일 전송방식의 best-effort를 지향하는 유니캐스트(Unicast)가 보편화 되어있다. 하지만, 다자간 통신 서비스는 고려하지 않아 망 자원 이용측면에서 매우 비효율적이다. 최근, 인터넷방송이나 소프트웨어 분배, 원격 화상회의, 다중사용자 게임, 증권시세 정보서비스 등 다자간 멀티미디어 서비스가 주요 인터넷 사업으로 각광을 밭으면서, 멀티캐스트(Multicast) 전송기술의 사용범위가 점차 증가되고 있다. 멀티캐스트는 그룹참가자의 가입과 탈퇴가 빈번한 특징이 있어 키 전달 과정에서 네트워크의 과부하를 초래한다. 본 논문에서는 빈번하게 생성되는 그룹 키의 길이를 축소시켜 메시지의 생성과정을 단축하고, 독립된 그룹간 통신에 사용되는 유니캐스트에 IPSec(Internet Protocol Security Protocol)을 적용시켜 보다 안전하게 구간의 접근제어와 무결성 및 기밀성을 보장하는 SDKD(Secure Dynamic Key Distribution)를 제안한다.