Kun-Hee Han

Proposing and verifying a security-enhanced protocol for IoT-based communication for medical devices

Internet of things technology has recently drawn much attention across industries. IoT technology has gradually been applied to industries and everyday life in general including healthcare, where people can access hospital information systems to view personal health and medical information. Still, due to security vulnerabilities, personal health and medical information is prone to hacking attacks. Thus, concerns over privacy invasion have come to the fore, and at the same time security issues are considered to override information services. This paper proposes a communication protocol based on hash lock, session keys, random numbers and security keys designed to be safe against intruders’ hacking attempts in information communication between medical devices. Instead of arguing for the safety of the proposed protocol with mathematical theorem proving as in prior research on protocol proving, this paper verifies the safety of the proposed authentication protocol against a range of attacks using a model checking program, Casper/FDR program. In brief, the proposed communication protocol for medical devices is safe and secure against diverse attacks.

Proposing and verifying a security protocol for hash function-based IoT communication system

Internet of things (IoT) has recently drawn much attention around the world. Technological development in relevant industries has facilitated great strides in the advancement of multifunctional high-performance electronic communication system. IoT technology conceptually encompasses information service, transmission, identification, hardware, infrastructure, embedded, security, material and network technologies. In particular, the importance of security technology is highlighted in IoT technology due in part to the concerns over hacking attacks leading to system malfunction, remote control and authorization in the guise of administrators. Thus, mutual authentication and security are regarded as the overarching aspect of communication. In the same vein, secure communication protocols have extensively been explored in the field of security. The present paper designed a secure communication protocol using hash locks, timestamps, agent passwords and security keys. Unlike most of previous studies intended to prove the security of protocols using mathematical theorems, the present paper established the security of the proposed protocol against a range of intruders’ attacks by testing it using a formal verification tool, Casper/FDR. The test results confirmed the security of the proposed protocol in terms of safety, deadlock and livelock.

Remote System User Authentication Scheme using Smartcards

Bindu et al. pointed out that Chein et al. scheme is insecure insider attack and man-in-middle attack. And then they proposed new one. In the paper, However, Bindu et al`s scheme also have some problems; It is strong masquerading server/user attack and restricted reply attack. Hence we proposed improved scheme. finally, we completely had evaluated the one`s security on strong masquerading server/user attack, Insider attack, Restricted attack, Stolen-verifier attack and forward secrecy. In this paper, although proposed scheme includes more operation than Bindu et al. scheme, our scheme overcomes problems of Bindu et al. scheme by the operation that is light as not to influence on modern computing technology.

Access Control Protocol for Privacy Guarantee of Patient in Emergency Environment

Recently, m-health care is be a problem that the patients information is easily exposed to third parties in case of emergency situation. This paper propose an attribute-based access control protocol to minimize the exposure to patient privacy using patient information in the emergency environment. Proposed protocol, the patients sensitive information to a third party do not expose sensitive information to the patients personal health information, including hospital staff and patients on a random number to generate cryptographic keys to sign hash. In addition, patient information from a third party that is in order to prevent the illegal exploitation of the patient and the hospital staff to maintain synchronization between to prevent the leakage of personal health information.

Service Management Scheme using Security Identification Information adopt to Big Data Environment

Recently, the quantity and type of data that is being processed in cloud environment are varied. A method for easy access in different network in a heterogeneous environment of big data stored in the device is required. This paper propose security management method for smoothly access to big data in other network environment conjunction with attribute information between big data and user. The proposed method has a high level of safety even if user-generated random bit signal is modulated. The proposed method is sufficient to deliver any number of bits the user to share information used to secure recognition. Also, the security awareness information bit sequence generated by a third party to avoid unnecessary exposure value by passing a hash chain of the user anonymity is to be guaranteed to receive.

Three-Party Key Exchange Protocol Providing User Anonymity based on Smartcards

Three-party authenticated key exchange protocol based on smartcards using XOR and hash function operation instead of the public key operation has been proposed in 2006. Recently, it is doing for research because of increasing interest in privacy. This paper pointed out that proposed three-party authenticated key exchange protocol in 2006 has some problems; it is user anonymity and slow wrong input detection, and then we proposed new one to overcome these problems.

High-dimentional data authentication protocol based on hash chain for Hadoop systems

Social media networks along with mobile devices are major sources of big data. A recent trend involves using Hadoop for big data to extract unique trends, insights, and patterns. However, Hadoop lacks secure authentication mechanisms that prevent unauthorized access to data. The current authentication token system that is used for user authentication in the Hadoop distributed file system (HDFS) is vulnerable to replay and datanode hacking attacks. This paper proposes a data authentication protocol that protects sensitive data in HDFS against malicious attacks. The proposed protocol uses the hash chain method instead of the key exchange method based on public-key encryption. An HDFS blocks in datanodes of the proposed protocol are accessed by a client with a valid block access token from a namenode. In addition, clients’ anonymity is guaranteed because an HDFS adopting the proposed protocol passes hash-chained block values so the HDFS blocks that generates security awareness information is not exposed unnecessarily to a third party. An HDFS adopting the proposed protocol has the performance (e.g., communication power, computational power, and area efficiency) as good as that of conventional HDFS systems.

Verifying a Safe P2P Security Protocol in M2M Communication Environment

In parallel with evolving information communication technology, M2M(Machine-to-Machine) industry has implemented multi-functional and high-performance systems, and made great strides with IoT(Internet of Things) and IoE(Internet of Everything). Authentication, confidentiality, anonymity, non-repudiation, data reliability, connectionless and traceability are prerequisites for communication security. Yet, the wireless transmission section in M2M communication is exposed to intruders` attacks. Any security issues attributable to M2M wireless communication protocols may lead to serious concerns including system faults, information leakage and privacy challenges. Therefore, mutual authentication and security are key components of protocol design. Recently, secure communication protocols have been regarded as highly important and explored as such. The present paper draws on hash function, random numbers, secret keys and session keys to design a secure communication protocol. Also, this paper tests the proposed protocol with a formal verification tool, Casper/FDR, to demonstrate its security against a range of intruders` attacks. In brief, the proposed protocol meets the security requirements, addressing the challenges without any problems.

Cryptanalysis and Enhancement of the An's Remote User Authentication Scheme using the Smart Cards

Abstract Hsiang-Shin proposed a user authentication scheme which was created by improving Yoon’s scheme. Afterwards, An showed the failure to meet security requirements which are considered in user authentication using password-based smart card in Hsiang-Shih-suggested scheme. In other words, it was found that an attacker can steal a user’s card, and detect a user’s password by temporarily accessing it and extracting the information stored in it. However, An-proposed scheme also showed its vulnerability to password-guessing attack and forgery/impersonation attack, etc. and thus, this paper proposed the improved user authentication scheme. The proposed authentication scheme can thwart the password-guessing attack completely and this paper proposed scheme also includes an efficient mutual authentication method that can make it possible for users and authentication server to certify the other party. Key Words : User Authentication, Smart Cards, Password Guessing Attack, Replay Attack * 교신저자 : 신승수(shinss@tu.ac.kr)접수일 11년 09월 05일 수정일 (1차 11년 09월 26일, 2차 11년 10월 01일, 3차 11년 10월 05일) 게재확정일 11년 10월 06월

HMAC-based 3-factor Authentication using OTP

Recently, most of information services are provided by the computer network, since the technology of computer communication is developing rapidly, and the worth of information over the network is also increasing with expensive cost. But various attacks to quietly intercept the informations is invoked with the technology of communication developed, and then most of the financial agency currently have used OTP, which is generated by a token at a number whenever a user authenticates to a server, rather than general static password for some services. A 2-factor OTP generating method using the OTP token is mostly used by the financial agency. However, the method is vulnerable to real attacks and therefore the OTP token could be robbed and disappeared. In this paper, we propose a 3-factor OTP way using HMAC to conquer the problems and analyze the security of the proposed scheme.