Jong-Hyuk Im

Putative TetR Family Transcriptional Regulator SCO1712 Encodes an Antibiotic Downregulator in Streptomyces coelicolor

ABSTRACT A tetR family transcriptional regulatory gene (SCO1712) was identified as a global antibiotic regulatory gene from a Streptomyces interspecies DNA microarray analysis. SCO1712 disruption in Streptomyces coelicolor not only upregulated antibiotic biosynthesis through pathway-specific regulators when a previously identified pleiotropic downregulatory wblA was expressed but also further stimulated antibiotic production in a wblA deletion mutant, implying that SCO1712 might encode a novel antibiotic downregulator.

Security Analysis and Improvement of Fingerprint Authentication for Smartphones

Currently, an increasing number of smartphones are adopting fingerprint verification as a method to authenticate their users. Fingerprint verification is not only used to unlock these smartphones, but also used in financial applications such as online payment. Therefore, it is very crucial to secure the fingerprint verification mechanism for reliable services. In this paper, however, we identify a few vulnerabilities in one of the currently deployed smartphones equipped with fingerprint verification service by analyzing the service application. We demonstrate actual attacks via two proof-of-concept codes that exploit these vulnerabilities. By the first attack, a malicious application can obtain the fingerprint image of the owner of the victimized smartphone through message-based interprocess communication with the service application. In the second attack, an attacker can extract fingerprint features by decoding a file containing them in encrypted form. We also suggest a few possible countermeasures to prevent these attacks.

Privacy-Preserving Palm Print Authentication Using Homomorphic Encryption

Biometric verification systems have security issues regarding the storage of biometric data in that a users biometric features cannot be changed into other ones even when a system is compromised. To address this issue, it may be safe to store the biometrics data on a reliable remote server instead of storing them in a local device. However, this approach may raise a privacy issue. In this paper, we propose a biometric verification system where the biometric data are stored in a remote server in an encrypted form and the similarity of the user input to the registered biometric data is computed in an encrypted domain using a homomorphic encryption. We evaluated the performance of the proposed system through an implementation on an Android-based smartphone and an i7-based server.

Vulnerability Analysis on Smartphone Fingerprint Templates

Currently, many smartphones are adopting fingerprint verification as a method to authenticate their users. Because fingerprint verification is not only used to unlock these smartphones but also used in financial applications such as online payment, it is crucial to secure the fingerprint verification mechanism for reliable services. In this paper, we identify a few vulnerabilities in one of the currently deployed smartphones equipped with fingerprint verification service by analyzing the service application. We demonstrate actual attacks via a proof-of-concept code that exploits these vulnerabilities. By these attacks, an attacker can extract fingerprint features by decoding a file containing them in encrypted form. We also suggest a few possible countermeasures against these attacks.

Password Authentication Using One-Time Key-Based Signature and Homomorphic Encryption

User authentication is a process for a system to verify the identity of a claimed user and to give access permission. Although there are many other authentication methods such as biometrics and physical tokens, passwords are still being used in many applications due to easy deployment. To enhance the security against possible attacks such as an off-line dictionary attack, passwords are usually stored in a hashed form using a random nonce called a salt. However, this does not completely solve the security issue. In this paper, we propose a new password-based authentication method using homomorphic encryption where a password is stored in a remote server in an encrypted form and an input password is compared with the stored one on the encrypted domain. For this purpose, we also propose a new cryptographic primitive called one-time private key-based digital signature.

On-line Voting System with Illegal Ballot Filtering Using Homomorphic Encryption

A simple on-line voting protocol using homomorphic encryption is proposed. In addition to the basic properties required of a voting system, e. g., a voter’s privacy, the system has additional functionalities such as automatic filtering of illegal ballot. Moreover, it is also possible that a voter who inadvertently cast a spoilt vote may vote again without revealing its secret ballot.

Framework for Secure Biometric System Design on Smartphones

ABSTRACT Fast growth of smartphone technology and advent of Fintech enabled smartphones to deal with more sensitive information. Although many devices applying biometric technology are released as a step for protecting sensitive information securely, there can be potential vulnerabilities if security is not considered at the design stage of a biometric system. By analyzing the potential vulnerabilities, we classify threats in biometric system design process on smartphones and we propose the design requirements for solving these problems. In addition, we propose a framework for secure biometric system design on smartphone by synthesizing the design requirements.Keywords:Biometrics, Smartphone Security, System Design Requirement, Framework 스마트폰 상의 안전한 바이오인식 시스템 설계를 위한 프레임워크 임 종 혁 † ⋅권 희 용 †† ⋅이 문 규 ††† 요 약 최근 스마트폰 기술의 빠른 발전과 핀테크의 등장으로 스마트폰은 더욱 많은 민감한 정보를 다루게 되었다. 이 같은 민감한 정보를 안전하게 보호하는 수단으로 바이오인식 기술이 적용된 다양한 기기들이 출시되고 있으나, 바이오인식 시스템 설계 시 보안을 고려하지 않을 경우 잠재적인 취약점이 존재할 수 있다. 이에 본 논문에서는 잠재적인 취약점의 분석을 통해 스마트폰 상의 바이오인식 시스템 설계 과정에서 주의할 점을 분류하고, 이를 해결하기 위한 설계 요구사항을 제시한다. 또한, 설계 요구사항을 종합하여 안전한 스마트폰 바이오인식 시스템 설계를 위한 프레임워크를 제시한다.키워드:바이오인식, 스마트폰 보안, 시스템 설계 요구사항, 프레임워크