In-Gil Nam

Two phase approach for spam-mail filtering

This paper describes a two-phase method for filtering spam mails based on textual information and hyperlinks. Since the body of a spam mail has little text information, it provides insufficient hints to distinguish spam mails from legitimate mails. To resolve this problem, we follows hyperlinks contained in the email body, fetches contents of a remote webpage, and extracts hints (i.e., features) from original email body and fetched webpages. We divided hints into two kinds of information: definite information and less definite textual information. In our experiment, the method of fetching web pages achieved an improvement of F-measure by 9.4% over the method of using an original email header and body only.

RFID Mutual Authentication Protocol Providing Stronger Security

This paper demonstrates that an attacker can impersonate a random RFID tag and then perform the spoofing attack in the previous RFID authentication protocol. To resolve such a security problem, we also propose a new secure and efficient RFID mutual authentication protocol. The proposed RFID mutual authentication protocol is not only to resolve many security problems with the existing RFID authentication mechanism and the vulnerability against spoofing attack, but also to guarantee reliable authentication time as reducing computational overhead performing by tag. As a result, the proposed RFID mutual authentication protocol provides stronger security including the forward secrecy and more efficiency.

Secure and Efficient DB Security and Authentication Scheme for RFID System

In the RFID system, bulk tag information is stored into the back-end database as plaintext format not ciphertext. In this case, the tags`s private informations can be easily compromised by an external hacker or an insider attacker. If the private informations of tags disclosed by the attackers, it can occur serious privacy invasion problem. Recently the database(DB) security is an important issue to prevent the above DB compromised attack. However, DB security for RFID systeme has not been considered yet. If we use the DB security technique into the RFID system, the above described privacy invasion` problem can be easily prevented. Based on this motivation, this paper proposes a secure and efficient back-end database security and authentication(S-DB) scheme with XOR-based encryption/decryption algorithm. In the proposed scheme, all tag`s private information is encrypted and stored by using the DB secret key to protect the DB compromised attack. As a result, the proposed S-DB scheme `can provide stronger security and more efficiency for the secure RFID system environment.

Privacy Preserving and Relay Attack Preventing Multi-Context RFID Mutual Authentication Protocol

Recently, Selim et al proposed public key cryptography based privacy preserving multi-context RFID authentication protocol. However Selim et al`s proposed protocol not only doesn`t fit into passive tag based RFID system because it uses public key based encryption algorithm to perform authentication between reader and tag, but also is insecure to an impersonation attack because it doesn`t provide mutual authentication. In order to eliminate the above described efficiency problem and security vulnerabilities, this paper proposes a new multi-context RFID mutual authentication protocol that can prevent privacy invasion and tag impersonation attack through providing mutual authentication between single passive tag which is located different application space and readers which provide multi-context purposes and can secure against relay attack and denial-of-service attack. As a result, the proposed protocol performs secure mutual authentication based on the collected space and time information from the RFID reader and provides strong security and high computation efficiency because if performs secure one-way hash function and symmetric encryption operations suitable to the environments of passive RFID tags.

An RFID Distance Bounding Protocol Based on Cryptographic Puzzles Providing Strong Privacy and Computational Efficiency

In 2010, Pedro et al. proposed RFID distance bounding protocol based on WSBC cryptographic puzzle. This paper points out that Pedro et al.`s protocol not only is vulnerable to tag privacy invasion attack and location tracking attack because an attacker can easily obtain the secret key(ID) of a legal tag from the intercepted messages between the reader and the tag, but also requires heavy computation by performing symmetric key operations of the resource limited passive tag and many communication rounds between the reader and the tag. Moreover, to resolve the security weakness and the computation/communication efficiency problems, this paper also present a new RFID distance bounding protocol based on WSBC cryptographic puzzle that can provide strong security and high efficiency. As a result, the proposed protocol not only provides computational and communicational efficiency because it requires secure one-way hash function for the passive tag and it reduces communication rounds, but also provides strong security because both tag and reader use secure one-way hash function to protect their exchanging messages.

An Anonymous Authentication Scheme for Health Information Push Service Based on Indoor Location in Hospital

This paper proposes a secure and efficient anonymous authentication scheme for health information push service based on indoor location in hospital. The proposed scheme has the following benefits: (1)It is just based on a secure one-way hash function for avoiding complex computations for both health care operations users and health care centers. (2)It does not require sensitive verification table which may cause health care centers to become an attractive target for numerous attacks(e.g., insertion attacks and stolen-verifier attacks), (3)It provides higher security level (e.g., secure mutual authentication and key establishment, confidential communication, users privacy, simple key management, and session key independence). As result, the proposed scheme is very suitable for various location-based medical information service environments using lightweight-device(e.g., smartphone) because of very low computation overload on the part of both health care operations users and health care centers.

A Light-Weight RFID Distance Bounding Protocol

ABSTRACT Recently, it is proved that contactless smart-card based RFID tags, which is used for proximity authentication, are vulnerable to relay attacks with various location-based attacks such as distance fraud, mafia fraud and terrorist fraud attacks. Moreover, distance bounding protocols have been researched to prevent these relay attacks that can measure the message transmitted round-trip time between the reader and the tag. In 2005, Hancke and Kuhn first proposed an RFID distance bounding protocol based on secure hash function. However, the Hancke-Kuhn protocol cannot completely prevent the relay attacks because an adversary has (3/4) n attack success probability. Thus, this paper proposes a new distance-bounding protocol for light-weight RFID systems that can reduce to (5/8) n for the adversarys attack success probability. As a result, the proposed protocol not only can provide high-space efficient based on a secure hash function and XOR operation, but also can provide strong security against the relay attacks because the adversarys attack success probability is optimized to (5/8)