• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.10 no.4
• /
• pp.21-32
• /
• 2000

We have seen a lot of developments on computer application areas with the wide spread use of computers and the rapid growth of communication network. It is necessary to use a cryptographic technique for electronic voting, but, at present, despite of its importance electronic voting protocols so far have many shortcomings. In this paper, with the assumption of a trustable voting centers we propose a large-scale and practical electronic voting protocol satisfying protocol requirements, such as secureness, fairness, privacy of voter and correctness. Voters are able to get a vote without revealing their voted information by using the blinding technique. We can find the injustice between a voter and the tallier by using undeniable challenge and responsible protocol. Also, we proposes a secure protocol that compensates a integrity of electronic voting and protects a privacy of voter from outer attacks as using a anonymity of voter.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.13 no.3
• /
• pp.101-110
• /
• 2003

Secure and reliable group communication is an increasingly active research area prompted by the growing popularity of many types of group-oriented and collaborative applications. The central challenge is secure and efficient group key management. While centralized methods are often appropriate for key distribution in large multicast-style groups, many collaborative group settings require distributed key agreement techniques. Most of prior group key agreement protocols have been focused on reducing the computational costs. One exception is STR protocol that optimizes communicational cost. On the other hand, it requires O(n) number of modular exponentiations. In this paper, we propose a new group key agreement protocol that modifies STR protocol by utilizing pairing based cryptography. The resulting protocol reduces computational cost of STR protocol while preserving the communication cost.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.16 no.1
• /
• pp.35-44
• /
• 2006

The area of ad hoc networking has been receiving increasing attention among researchers in recent years and a variety of routing protocols targeted specifically at the ad hoc networking environment have been proposed. Selfish nodes are those which do not perform certain operations that the protocol specifies that they should, through a wish to conserve power. We propose a scheme as a mean to mitigate the detrimental effect of selfish nodes. We also propose a new area that might affect nodes' behavior - the environment's influence. In order to let nodes fairly be able to communicate in the networks we proposed solution to this problem. And our scheme can be applied to other reputation methods. We also contain the simulation results in our paper, and through the result, we can conclude that we can solve the problem by adding a little overhead.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.4
• /
• pp.675-686
• /
• 2021

According to the recent revision of Privacy Policy and the emerging importance of personal information, cooperations must verify customer identity (Know Your Costomer, KYC) while processing and managing this information so that it does not violate the Privacy Policy. One of the solution of this problem is zero-knowledge proof (ZKP). The use of the ZKP enables to verify the identity without exposing the identity information directly, thereby reducing the burden on the management of personal information while fulfilling the obligation of the cooperations to verify the identity. The ZKP could be employed to many other applications. In this paper, we analyze the ZKP technique and its applications currently being actively studied.

• International Journal of Computer Science & Network Security
• /
• v.22 no.9
• /
• pp.183-188
• /
• 2022

Recently, more and more researches aimed at the development of automated and autonomous ships are appearing in the scientific environment. One of the main reason is the need to solve the problems of safe navigation and reducing accidents due to human factor, as well as the ever-increasing problem associated with the lack of qualified maritime personnel. Development of technologies based on application of artificial intelligence also plays important role, after all for realization of autonomous navigation concept and enhancement of ship automatic maneuvering processes, advancement of maneuvering functions and elaboration of specific algorithms on prevention of close quarter situations and dangerous approach of ships will be required. The purpose of this work is the review of preconditions of occurrence of the autonomous ship navigation conception, overview of introduction stages and prospects for ship remote control based on unmanned technologies, analysis of technical and intellectual decisions of autonomous surface ships, main research tendencies. The research revealed that the technology of autonomous ship navigation requires further development and improvement, especially in terms of the data transmission protocols upgrading, sensors of navigation information and automatic control systems modernization, which allows to perform monitoring of equipment with the aim of improving the functions of control over the autonomous surface ship operation.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2022.05a
• /
• pp.82-84
• /
• 2022

In recent years, research has been actively conducted to solve overhead problems caused by the increase in the number of IoT devices. MQTT, one of the IoT lightweight protocols for resolving performance degradation in IoT environments, is standardized to enable efficient operation in many-to-many communication environments, but there is a security vulnerability as it does not provide encryption by default. Although TLS communication technology can be applied to solve these problems, it is difficult to meet IoT's lightweight power-saving requirements. This paper introduces the latest MQTT communication encryption trends and analyzes IoT applicability by comparing TLS encryption and payload encryption methods.

• Convergence Security Journal
• /
• v.23 no.4
• /
• pp.43-52
• /
• 2023

Many businesses and organizations use smartcard-based user authentication for remote access. In the meantime, through various studies, dynamic ID-based remote user authentication protocols for distributed multi-server environments have been proposed to protect the connection between users and servers. Among them, Qiu et al. proposed an efficient smart card-based remote user authentication system that provides mutual authentication and key agreement, user anonymity, and resistance to various types of attacks. Later, Andola et al. found various vulnerabilities in the authentication scheme proposed by Qiu et al., and overcame the flaws in their authentication scheme, and whenever the user wants to log in to the server, the user ID is dynamically changed before logging in. An improved authentication protocol is proposed. In this paper, by analyzing the operation process and vulnerabilities of the protocol proposed by Andola et al., it was revealed that the protocol proposed by Andola et al. was vulnerable to offline smart card attack, dos attack, lack of perfect forward secrecy, and session key attack.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.16 no.7
• /
• pp.4884-4890
• /
• 2015

These days most of people possesses an average of one to two mobile devices in the world and a wireless network market is gradually expanding. Wi-Fi preference are increasing in accordance with the use growth of mobile devices. A number of areas such as public agencies, health care, education, learning, and content, manufacturing, retail create new values based on Wi-Fi, and the global network is built and provides complex services. However, There exist some attacks and vulnerabilities like wireless radio device identifier vulnerability, illegal use of network resources through the MAC forgery, wireless authentication key cracking, unauthorized AP / devices attack in the next generation radio network environment. In addition, advanced security technology research, such as authentication Advancement and high-speed secure connection is not nearly progress. Therefore, this paper designed a secure communication system for message protection in next-generation wireless network environments by device identification and, designing content classification and storage protocols. The proposed protocol analyzed safeties with respect to the occurring vulnerability and the securities by comparing and analyzing the existing password techniques in the existing wireless network environment. It is slower 0.72 times than existing cypher system, WPA2-PSK, but enforces the stability in security side.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.18 no.3
• /
• pp.374-380
• /
• 2017

The Internet of Things (IoT) refers to intelligent technologies and services that connect all things to the internet so they can interactively communicate with people, other things, and other systems. The development of the IoT environment accompanies advances in network protocols applicable to more lightweight and intelligent sensors, and lightweight and diverse environments. The development of those elemental technologies is promoting the rapid progress in smart car environments that provide safety features and user convenience. These developments in smart car services will bring a positive effect, but can also lead to a catastrophe for a person's life if security issues with the services are not resolved. Although smart cars have various features with different types of communications functions to control the vehicles under the existing platforms, insecure features and functions may bring various security threats, such as bypassing authentication, malfunctions through illegitimate control of the vehicle via data forgery, and leaking of private information. In this paper, we look at types of smart car services in the IoT, deriving the security threats from smart car services based on various scenarios, suggesting countermeasures against them, and we finally propose a safe smart car application plan.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.38B no.5
• /
• pp.394-400
• /
• 2013

WoT (Web of Things) was proposed to realize intelligent thing to thing communications using WEB standard technology. It is difficult to adapt security protocols suited for existing Internet communications into WoT directly because WoT includes LLN(Low-power, Lossy Network) and resource constrained sensor devices. Recently, IETF standard group propose to use DTLS protocol for supporting security services in WoT environments. However, DTLS protocol is not an efficient solution for supporting end to end security in WoT since it introduces complex handshaking procedures and high communication overheads. We, therefore, divide WoT environment into two areas- one is DTLS enabled area and the other is an area using lightweight security scheme in order to improve them. Then we propose a mutual authentication scheme and a session key distribution scheme for the second area. The proposed system utilizes a smart device as a mobile gateway and WoT proxy. In the proposed authentication scheme, we modify the ISO 9798 standard to reduce both communication overhead and computing time of cryptographic primitives. In addition, our scheme is able to defend against replay attacks, spoofing attacks, select plaintext/ciphertext attacks, and DoS attacks, etc.