Soonhwa Sung

ID-based Sensor Node Authentication for Multi-Layer Sensor Networks

Despite several years of intense research, the security and cryptography in wireless sensor networks still have a number of ongoing problems. This paper describes how identification (ID)-based node authentication can be used to solve the key agreement problem in a three-layer interaction. The scheme uses a novel security mechanism that considers the characteristics, architecture, and vulnerability of the sensors, and provides an ID-based node authentication that does not require expensive certificates. The scheme describes the routing process using a simple ID suitable for low power and ID exposure, and proposes an ID-based node authentication. This method achieves low-cost communications with an efficient protocol. Results from this study demonstrates that it improves routing performance under different node densities, and reduces the computational cost of key encryption and decryption.

User authentication using mobile phones for mobile payment

Mobile authentication systems for mobile payment often use either the Web or mobile channel individually to confirm the identity request of a remote user. Most common activity in mobile commerce is done through mobile phones. The mobile phones are vulnerable to numerous security threats due to involvement of valuable financial and personal information.To provide secure Web transactions using mobile phones, multifactorial authentication techniques are preferred. In former study, user authentication software technology using mobile phones, one of the multifactorial authentication techniques, can potentially be copied to another device. For the solution of the problem, this paper proposes Transaction Certificate Mode (TCM), a software token, which supports mutual authentication considering stolen, borrowed, and infected mobile phones for mobile payments. It uses a novel approach based on TCM to enforce a lightweight mobile security and provides a highly secure environment that is simple to use and deploy.

Mobile Payment System Design with Transaction Certificate Mode

ABSTRACT The Web or Mobile channel of previous Web access authentication system for a payment only provides the authentication of remote users, and does not provide the authentication between a user and a bank/financial institution. Therefore, this paper proposes the Transaction Certificate Mode(TCM) for a payment which can preserve the mutual authentication between a user and a bank/financial institution for Web-based payment systems. The proposed system has designed for wireless network instead o f Secure Electronic Transaction (SET) designed for wired electronic transaction. In addition, this system with TCM is able to support an account-based transaction for wireless network s instead of a disadvantage of SET such as a card-based transacti on for wired networks. Therefore, customers can check their balances without logging on their bank’s web site again due to mutual authentication between a customer and his bank/financial institution.Keywords: mobile payment, transaction certificate, mutual authentication , user-based payment 접수일(2014년 6월 16일), 수정일(2014년 8월 21일), 게재확정일(2014년 10월1일) * 이 논문은 2014년 정부재원(미래창조과학부 여성과학기술인 R&D 경력복귀지원 사업)으로 한국연구재단과 한국여성과학기술인지원센터의 지원을 받아 연구되었으며, 한국전자통신연구원-산업융합원천기술개발사업(No.10047528)의 지원을 일부 받아 수행된 연구임.†주저자, shsung@cnu.ac.kr ‡교신저자, jcryou@cnu.ac.kr(Corresponding author)

Multipath key management with aggregators in sensor networks

A distributed wireless sensor network (WSN) is a collection of n sensors with limited hardware resources. Due to the resource constraints on sensors, it is infeasible to use traditional key management techniques such as key distribution center. Distributed sensor networks may be deployed in hostile areas where communication is monitored and nodes are subject to capture and surreptitious use by an adversary. Therefore, this paper presents broadcast authentication involving multipath key with aggregators in sensor networks. The making multipath key is a new key management in spite of sensor network limitations.

Zone-based self-organized clustering with Byzantine agreement in MANET

The proposed zone-based self-organized clustering broadcasts neighbor information to only a zone with the same ID. Besides, the zone-based self-organized clustering with unique IDs can communicate securely even if the state transition of nodes in zone-based self-organized clustering is threatened by corrupted nodes. For this security, the Byzantine agreement protocol with proactive asynchronous verifiable secret sharing (AVSS) is considered. As a result of simulation, an efficiency and a security of the proposed clustering are better than those of a traditional clustering. Therefore, this paper describes a new and extended self-organized clustering that securely seeks to minimize the interference in mobile ad hoc networks (MANETs).

Multi User-Authentication System using One Time-Pseudo Random Number and Personal DNA STR Information in RFID Smart Card

Thia paper suggests a milti user-authentication system comprises that DNA biometric informatiom, owner`s RFID(Radio Frequency Identification) smartcard of hardware token, and PKI digital signqture of software. This system improved items proposed in [1] as follows : this mechanism provides one RFID smartcard instead of two user-authentication smartcard(the biometric registered seal card and the DNA personal ID card), and solbers user information exposure as RFID of low proce when the card is lost. In addition, this can be perfect multi user-autentication system to enable identification even in cases such as identical twins, the DNA collected from the blood of patient who has undergone a medical procedure involving blood replacement and the DNA of the blood donor, mutation in the DNA base of cancer cells and other cells. Therefore, the proposed system is applied to terminal log-on with RFID smart card that stores accurate digital DNA biometric information instead of present biometric user-authentication system with the card is lost, which doesn`t expose any personal DNA information. The security of PKI digital signature private key can be improved because secure pseudo random number generator can generate infinite one-time pseudo randon number corresponding to a user ID to keep private key of PKI digital signature securely whenever authenticated users access a system. Un addition, this user-authentication system can be used in credit card, resident card, passport, etc. acceletating the use of biometric RFID smart` card. The security of proposed system is shown by statistical anaysis.