Jangseong Kim - Academia.edu (original) (raw)
Papers by Jangseong Kim
In this paper, we provide the first scalable privacy-preserving authentication protocol for VANET... more In this paper, we provide the first scalable privacy-preserving authentication protocol for VANETs without participation of the nearby RSU. Existing authentication methods for VANETs require the participation of the nearby RSUs. So, bottleneck problem can be occurred as increasing the number of vehicles. Also, the time delay to authenticate the nearby vehicle will increase. In order to minimize the participation of the nearby RSU, we propose a verification of the authenticated vehicle, which only requires two modular exponentiations. Our verification methods uses homomorphic encryption algorithm and keyword searching on encrypted data algorithm as cryptographic tools. Through this verification, the vehicle i can verify whether the nearby vehicle j is authenticated by the nearby RSU. As a result, our solution overcomes the inefficiency and bottleneck problem of previous approaches. Our construction of privacy-preserving authentication for VANETs provides better transmission delay bet...
The financial loss that suffered from malicious worm is known to be growing annually. In order to... more The financial loss that suffered from malicious worm is known to be growing annually. In order to deal with this problem many researchers suggested the Network Intrusion Detection System (NIDS) which extracts file signature from the worms. Using the signature the NIDS checks whether received payload is worm or not. Malicious users introduced polymorphic worm that changes its signature itself to evade the NIDS, . The NIDS requires huge signatures to detect one polymorphic worm. It causes high performance overhead. Lee et al. [7] introduced polymorphic worm detection based on instruction distribution (PolyI-D). PolyI-D has 3-stage procedures to detect polymorphic worm. Throughout the 3-stage of PolyI-D, a payload is classified to polymorphic worm or not. In this paper, we describe the limitation of PolyI-D and propose hybrid polymorphic worm detection. Our proposed scheme classifies a given payload into executable code and non-executable code based on instruction distribution. Only if...
Lecture Notes in Computer Science, 2010
We introduce the novel notion of Verifiable Encryption of Chameleon Signatures (VECS), and then u... more We introduce the novel notion of Verifiable Encryption of Chameleon Signatures (VECS), and then use it to design a three-round abuse-free optimistic contract signing protocol.
Although several mobile operators such as SKT, KTF, and LGT in Korea provide their own kid's ... more Although several mobile operators such as SKT, KTF, and LGT in Korea provide their own kid's safety care services to reduce many parents' concern, three problems still remain: incorrect location information, privacy violation, and no capability of an end-user to control the safety care service during access to the service. In this paper, we derive security requirements of kid's safety care service and explain our system model to satisfy these requirements. Based on our system model we propose our protocol for kid's safety care service. Compared to the previous work, our protocol can enhance accuracy of location information, preserver privacy of an end-user, and give an end-user a capability controlling the safety care service during access to the service.
Wireless Sensor Network (WSN) is one of fundamental technologies for building ubiqui-tous computi... more Wireless Sensor Network (WSN) is one of fundamental technologies for building ubiqui-tous computing environment. As the network consists of many sensor nodes with limited resources (i.e., computation, storage and battery), the network has more security vulnerabilities (i.e., Denial-of-Service attack, Sinkhole/Wormhole/Sybil attack, node compromise, message forgery and traffic analysis). Al-though routing protocols for monitoring critical conditions should provide resilience against known attacks, most of them do not provide security at all. For example, Boukerche et al. [4] proposed HPEQ (Hierarchical Periodic, Event-driven and Query-based) for surveillance of emergency events. By supporting load balancing, it provides longer network lifetime than other routing protocols and meets requirements of monitoring critical condition, simultaneously (i.e., periodic, event-driven and query-based). However, it has several vulnerabilities to be deployed because of no guarantee of security requ...
Lecture Notes in Computer Science
In Ubiquitous Computing Environment (UCE), service provider wants to provide its service to only ... more In Ubiquitous Computing Environment (UCE), service provider wants to provide its service to only legitimate users. Some users who belong to same service provider do not want to reveal their identities while using some privacy-related services such as location information, printing, browsing web pages, etc. In addition, we should consider lightweight cryptographic protocols because UCE can be constructed by lots of resource and energy constrained devices. In this paper we propose a lightweight privacy-preserving authentication and access control scheme for UCE. Compared to the previous schemes [13, 14], our proposed scheme which was designed to reduce the number of public key operations and to improve non-linkability feature is found to be more secure and requires less memory on the user's device. Moreover the proposed scheme provides mutual authentication, accountability and differentiated access control.
2011 IEEE Ninth International Symposium on Parallel and Distributed Processing with Applications Workshops, 2011
So far, conventional RFID protocols provide the security and privacy protections by utilizing the... more So far, conventional RFID protocols provide the security and privacy protections by utilizing the central database model where readers should maintain the persistent connection between the readers and the central database. Recently, severless RFID protocols [4], [5] have been proposed to provide more flexible RFID service by removing the need of this connection. In this paper, we first point out the tracing vulnerability of the existing serverless RFID protocols. To address this vulnerability, we suggest a novel method which generates a unique access list for each reader based on groups of tags and multiple pseudonyms. We then propose untraceable and serverless RFID authentication and search protocols with this method. In comparison with [4], our protocols provide more resilient protection to the tracing vulnerability. Moreover, our protocols show less computation overhead than [4].
2011 IEEE Ninth International Symposium on Parallel and Distributed Processing with Applications Workshops, 2011
In this paper, we proposed a novel anonymous authentication scheme in VANETs. Our scheme provides... more In this paper, we proposed a novel anonymous authentication scheme in VANETs. Our scheme provides message authentication, anonymity, unlinkability, and traceability of an end-user simultaneously. The unlinkability which enables privacy preservation and the traceability which enables conditional tracking are contradictory. Compared with the existing work, we claim that our scheme has better performance in terms of storage, computation, and communication overhead. Index Terms-Vehicular ad-hoc network, anonymous authentication, conditional tracking.
Telecommunication Systems, 2011
The previous schemes of key establishment in the wireless sensor networks may not be employed for... more The previous schemes of key establishment in the wireless sensor networks may not be employed for the mission-critical application due to several limitations: lightweightness and scalability from the point of performance, vulnerabilities against node compromise and various existing attacks from the point of security. In this paper, after identifying security requirements of mission-critical applications over sensor networks, we propose a scalable and robust hierarchical key establishment scheme which enhances resilience against node capture, traffic analysis attack and acknowledgment spoofing attack. In addition, our scheme provides periodic key updates without communication costs for key transport. We verified that our scheme requires less storage, computation and communication cost compared with the previous scheme in the open literature. When AES-256 is used for symmetric encryption and one cluster consists of 50 sensor nodes, we can reduce 93.4% storage requirement and 17.2% ∼ 51.3% communication cost of the authentication request for the cluster. Since the reduced communication and computation costs enable the time of authentication process to be short, our scheme can support relatively fast initialization and fault recovery. Moreover, our scheme prolongs the lifetime of the wireless sensor networks.
Personal and Ubiquitous Computing, 2012
The Radio Frequency for Consumer Electronics (RF4CE) is developed to support the rapid increasing... more The Radio Frequency for Consumer Electronics (RF4CE) is developed to support the rapid increasing demand of bi-directional communication and remote control functionalities in CE market such as TV, home theater. However, current security model in RF4CE standard has potential weakness that transmission of initial key seeds is operated via unencrypted air interface. In this paper, we propose a secure key agreement protocol that uses preshared information between consumer devices and manufacturers and controllers receive the information by communication with manufacturers.
Mathematical and Computer Modelling, 2012
Recently, the technologies for child care and safety have been developing rapidly, together with ... more Recently, the technologies for child care and safety have been developing rapidly, together with the various IT convergence services. In particular, several mobile operators (e.g., SKT, KTF, and LGT) in Korea and Gangnam province in Seoul provide their own childcare services. However, some problems such as incorrect location information, privacy violation, and difficulty of an end-user to control the childcare service still exist. In this paper, we derive the security requirements of a childcare and safety service and establish a conceptual model satisfying the requirements. Based on the system model, we propose a privacy-preserving location supporting protocol for a childcare and safety service using wireless sensor networks. While addressing the above problems, our protocol can be operated over various networks (e.g., Wi-Fi and UWB) providing an RSSI (received signal strength indication) without any modification. Through performance and security analysis of our protocol, we show that our protocol is efficient and secure. More precisely, our protocol reduces the computation and communication overhead of the existing infrastructures to support better scalability.
IEICE Transactions on Information and Systems, 2012
Recently, numerous service discovery protocols have been introduced in the open literature. Unfor... more Recently, numerous service discovery protocols have been introduced in the open literature. Unfortunately, many of them did not consider security issues, and for those that did, many security and privacy problems still remain. One important issue is to protect the privacy of a service provider while enabling an end-user to search an alternative service using multiple keywords. To deal with this issue, the existing protocols assumed that a directory server should be trusted or owned by each service provider. However, an adversary may compromise the directory server due to its openness property. In this paper, we suggest an efficient verification of service subscribers to resolve this issue and analyze its performance and security. Using this method, we propose an efficient and secure service discovery protocol protecting the privacy of a service provider while providing multiple keywords search to an end-user. Also, we provide performance and security analysis of our protocol.
IEICE Transactions on Communications, 2011
In this paper, we establish our system model over the sensor network addressing contradictory iss... more In this paper, we establish our system model over the sensor network addressing contradictory issue caused by mutual authentication and privacy protection of an end-user. Based on the system model, we propose the protocol for a location-aware and privacy-preserving approach for childcare and safety over wireless sensor networks. Although we illustrate our protocol over the sensor network, our protocol can be operated over various networks (e.g., WiFi and UWB) which can provide RSSI (Received Signal Strength Indication). Compared to previous work, our protocol can enhance the accuracy of location information, preserve privacy of an enduser, and give the capability of controlling the childcare and safety service to an end-user.
IEEE Transactions on Consumer Electronics, 2011
Although wireless sensor network is considered as one of promising technologies for ubiquitous co... more Although wireless sensor network is considered as one of promising technologies for ubiquitous computing environment, more researches for re-authentication of mobile nodes in wireless sensor network are required due to user mobility, one of important properties in ubiquitous computing environment. As the citizens in a city can be mobile user in wireless sensor network and the resource of the sensor nodes is limited, scalability of re-authentication is important. In other words, re-authentication with less communication cost should be proposed. In this paper, we suggest an efficient method of membership verification for re-authentication of mobile node and show the performance analysis of our membership verification. Using this method, we propose an efficient and scalable reauthentication protocol over wireless sensor network. Also, we provide performance and security analysis of our protocol 1 .
Lecture Notes in Computer Science, 2011
In this paper, we provide the first scalable privacy-preserving authentication protocol for VANET... more In this paper, we provide the first scalable privacy-preserving authentication protocol for VANETs without participation of the nearby RSU. Existing authentication methods for VANETs require the participation of the nearby RSUs. So, bottleneck problem can be occurred as increasing the number of vehicles. Also, the time delay to authenticate the nearby vehicle will increase. In order to minimize the participation of the nearby RSU, we propose a verification of the authenticated vehicle, which only requires two modular exponentiations. Our verification methods uses homomorphic encryption algorithm and keyword searching on encrypted data algorithm as cryptographic tools. Through this verification, the vehicle i can verify whether the nearby vehicle j is authenticated by the nearby RSU. As a result, our solution overcomes the inefficiency and bottleneck problem of previous approaches. Our construction of privacy-preserving authentication for VANETs provides better transmission delay bet...
The financial loss that suffered from malicious worm is known to be growing annually. In order to... more The financial loss that suffered from malicious worm is known to be growing annually. In order to deal with this problem many researchers suggested the Network Intrusion Detection System (NIDS) which extracts file signature from the worms. Using the signature the NIDS checks whether received payload is worm or not. Malicious users introduced polymorphic worm that changes its signature itself to evade the NIDS, . The NIDS requires huge signatures to detect one polymorphic worm. It causes high performance overhead. Lee et al. [7] introduced polymorphic worm detection based on instruction distribution (PolyI-D). PolyI-D has 3-stage procedures to detect polymorphic worm. Throughout the 3-stage of PolyI-D, a payload is classified to polymorphic worm or not. In this paper, we describe the limitation of PolyI-D and propose hybrid polymorphic worm detection. Our proposed scheme classifies a given payload into executable code and non-executable code based on instruction distribution. Only if...
Lecture Notes in Computer Science, 2010
We introduce the novel notion of Verifiable Encryption of Chameleon Signatures (VECS), and then u... more We introduce the novel notion of Verifiable Encryption of Chameleon Signatures (VECS), and then use it to design a three-round abuse-free optimistic contract signing protocol.
Although several mobile operators such as SKT, KTF, and LGT in Korea provide their own kid's ... more Although several mobile operators such as SKT, KTF, and LGT in Korea provide their own kid's safety care services to reduce many parents' concern, three problems still remain: incorrect location information, privacy violation, and no capability of an end-user to control the safety care service during access to the service. In this paper, we derive security requirements of kid's safety care service and explain our system model to satisfy these requirements. Based on our system model we propose our protocol for kid's safety care service. Compared to the previous work, our protocol can enhance accuracy of location information, preserver privacy of an end-user, and give an end-user a capability controlling the safety care service during access to the service.
Wireless Sensor Network (WSN) is one of fundamental technologies for building ubiqui-tous computi... more Wireless Sensor Network (WSN) is one of fundamental technologies for building ubiqui-tous computing environment. As the network consists of many sensor nodes with limited resources (i.e., computation, storage and battery), the network has more security vulnerabilities (i.e., Denial-of-Service attack, Sinkhole/Wormhole/Sybil attack, node compromise, message forgery and traffic analysis). Al-though routing protocols for monitoring critical conditions should provide resilience against known attacks, most of them do not provide security at all. For example, Boukerche et al. [4] proposed HPEQ (Hierarchical Periodic, Event-driven and Query-based) for surveillance of emergency events. By supporting load balancing, it provides longer network lifetime than other routing protocols and meets requirements of monitoring critical condition, simultaneously (i.e., periodic, event-driven and query-based). However, it has several vulnerabilities to be deployed because of no guarantee of security requ...
Lecture Notes in Computer Science
In Ubiquitous Computing Environment (UCE), service provider wants to provide its service to only ... more In Ubiquitous Computing Environment (UCE), service provider wants to provide its service to only legitimate users. Some users who belong to same service provider do not want to reveal their identities while using some privacy-related services such as location information, printing, browsing web pages, etc. In addition, we should consider lightweight cryptographic protocols because UCE can be constructed by lots of resource and energy constrained devices. In this paper we propose a lightweight privacy-preserving authentication and access control scheme for UCE. Compared to the previous schemes [13, 14], our proposed scheme which was designed to reduce the number of public key operations and to improve non-linkability feature is found to be more secure and requires less memory on the user's device. Moreover the proposed scheme provides mutual authentication, accountability and differentiated access control.
2011 IEEE Ninth International Symposium on Parallel and Distributed Processing with Applications Workshops, 2011
So far, conventional RFID protocols provide the security and privacy protections by utilizing the... more So far, conventional RFID protocols provide the security and privacy protections by utilizing the central database model where readers should maintain the persistent connection between the readers and the central database. Recently, severless RFID protocols [4], [5] have been proposed to provide more flexible RFID service by removing the need of this connection. In this paper, we first point out the tracing vulnerability of the existing serverless RFID protocols. To address this vulnerability, we suggest a novel method which generates a unique access list for each reader based on groups of tags and multiple pseudonyms. We then propose untraceable and serverless RFID authentication and search protocols with this method. In comparison with [4], our protocols provide more resilient protection to the tracing vulnerability. Moreover, our protocols show less computation overhead than [4].
2011 IEEE Ninth International Symposium on Parallel and Distributed Processing with Applications Workshops, 2011
In this paper, we proposed a novel anonymous authentication scheme in VANETs. Our scheme provides... more In this paper, we proposed a novel anonymous authentication scheme in VANETs. Our scheme provides message authentication, anonymity, unlinkability, and traceability of an end-user simultaneously. The unlinkability which enables privacy preservation and the traceability which enables conditional tracking are contradictory. Compared with the existing work, we claim that our scheme has better performance in terms of storage, computation, and communication overhead. Index Terms-Vehicular ad-hoc network, anonymous authentication, conditional tracking.
Telecommunication Systems, 2011
The previous schemes of key establishment in the wireless sensor networks may not be employed for... more The previous schemes of key establishment in the wireless sensor networks may not be employed for the mission-critical application due to several limitations: lightweightness and scalability from the point of performance, vulnerabilities against node compromise and various existing attacks from the point of security. In this paper, after identifying security requirements of mission-critical applications over sensor networks, we propose a scalable and robust hierarchical key establishment scheme which enhances resilience against node capture, traffic analysis attack and acknowledgment spoofing attack. In addition, our scheme provides periodic key updates without communication costs for key transport. We verified that our scheme requires less storage, computation and communication cost compared with the previous scheme in the open literature. When AES-256 is used for symmetric encryption and one cluster consists of 50 sensor nodes, we can reduce 93.4% storage requirement and 17.2% ∼ 51.3% communication cost of the authentication request for the cluster. Since the reduced communication and computation costs enable the time of authentication process to be short, our scheme can support relatively fast initialization and fault recovery. Moreover, our scheme prolongs the lifetime of the wireless sensor networks.
Personal and Ubiquitous Computing, 2012
The Radio Frequency for Consumer Electronics (RF4CE) is developed to support the rapid increasing... more The Radio Frequency for Consumer Electronics (RF4CE) is developed to support the rapid increasing demand of bi-directional communication and remote control functionalities in CE market such as TV, home theater. However, current security model in RF4CE standard has potential weakness that transmission of initial key seeds is operated via unencrypted air interface. In this paper, we propose a secure key agreement protocol that uses preshared information between consumer devices and manufacturers and controllers receive the information by communication with manufacturers.
Mathematical and Computer Modelling, 2012
Recently, the technologies for child care and safety have been developing rapidly, together with ... more Recently, the technologies for child care and safety have been developing rapidly, together with the various IT convergence services. In particular, several mobile operators (e.g., SKT, KTF, and LGT) in Korea and Gangnam province in Seoul provide their own childcare services. However, some problems such as incorrect location information, privacy violation, and difficulty of an end-user to control the childcare service still exist. In this paper, we derive the security requirements of a childcare and safety service and establish a conceptual model satisfying the requirements. Based on the system model, we propose a privacy-preserving location supporting protocol for a childcare and safety service using wireless sensor networks. While addressing the above problems, our protocol can be operated over various networks (e.g., Wi-Fi and UWB) providing an RSSI (received signal strength indication) without any modification. Through performance and security analysis of our protocol, we show that our protocol is efficient and secure. More precisely, our protocol reduces the computation and communication overhead of the existing infrastructures to support better scalability.
IEICE Transactions on Information and Systems, 2012
Recently, numerous service discovery protocols have been introduced in the open literature. Unfor... more Recently, numerous service discovery protocols have been introduced in the open literature. Unfortunately, many of them did not consider security issues, and for those that did, many security and privacy problems still remain. One important issue is to protect the privacy of a service provider while enabling an end-user to search an alternative service using multiple keywords. To deal with this issue, the existing protocols assumed that a directory server should be trusted or owned by each service provider. However, an adversary may compromise the directory server due to its openness property. In this paper, we suggest an efficient verification of service subscribers to resolve this issue and analyze its performance and security. Using this method, we propose an efficient and secure service discovery protocol protecting the privacy of a service provider while providing multiple keywords search to an end-user. Also, we provide performance and security analysis of our protocol.
IEICE Transactions on Communications, 2011
In this paper, we establish our system model over the sensor network addressing contradictory iss... more In this paper, we establish our system model over the sensor network addressing contradictory issue caused by mutual authentication and privacy protection of an end-user. Based on the system model, we propose the protocol for a location-aware and privacy-preserving approach for childcare and safety over wireless sensor networks. Although we illustrate our protocol over the sensor network, our protocol can be operated over various networks (e.g., WiFi and UWB) which can provide RSSI (Received Signal Strength Indication). Compared to previous work, our protocol can enhance the accuracy of location information, preserve privacy of an enduser, and give the capability of controlling the childcare and safety service to an end-user.
IEEE Transactions on Consumer Electronics, 2011
Although wireless sensor network is considered as one of promising technologies for ubiquitous co... more Although wireless sensor network is considered as one of promising technologies for ubiquitous computing environment, more researches for re-authentication of mobile nodes in wireless sensor network are required due to user mobility, one of important properties in ubiquitous computing environment. As the citizens in a city can be mobile user in wireless sensor network and the resource of the sensor nodes is limited, scalability of re-authentication is important. In other words, re-authentication with less communication cost should be proposed. In this paper, we suggest an efficient method of membership verification for re-authentication of mobile node and show the performance analysis of our membership verification. Using this method, we propose an efficient and scalable reauthentication protocol over wireless sensor network. Also, we provide performance and security analysis of our protocol 1 .
Lecture Notes in Computer Science, 2011