Your search keyword '"Won, Dongho"' showing total 27 results

1. Absolute configuration determination of isoflavan-4-ol stereoisomers

Author

Kim, Mihyang, Won, Dongho, and Han, Jaehong

Subjects

*ORGANIC compounds, *STEREOISOMERS, *STEREOCHEMISTRY, *METABOLITES, *BIOACTIVE compounds, *BIOSYNTHESIS, *PHYTOESTROGENS, *THERAPEUTICS

Abstract

Abstract: Elucidation of the correct stereochemistry of the metabolite is essential for the mechanistic study of bioactive compounds. Isoflavan-4-ol has the same chiropical chromophore as THD, the biosynthetic precursor of the potent phytoestrogen S-equol. Interested in the correct absolute configuration of isoflavan-4-ol stereoisomers and to compare the available practical approaches for the absolute configuration determination, complete absolute configuration analysis of isoflavan-4-ol stereoisomers has been carried out with by means of ECD and VCD spectroscopy as well as modified Mosher method. Theoretical TD-DFT computations resulted in a poor simulation of the observed experimental ECD spectra, and thus inconclusive absolute configuration assignments of isoflavan-4-ol stereoisomers were obtained. However, DFT-assisted VCD spectroscopic analyses successfully determined correct absolute configurations, and further confirmed by modified Mosher method. [Copyright &y& Elsevier]

Published

2010

2. Absolute configurations of isoflavan-4-ol stereoisomers

Author

Won, Dongho, Shin, Bok-Kyu, Kang, Suil, Hur, Hor-Gil, Kim, Mihyang, and Han, Jaehong

Subjects

*FLAVONOIDS, *ACTIVATED carbon, *CHROMATOGRAPHIC analysis, *STEREOISOMERS

Abstract

Abstract: Isoflavan-4-ol has been synthesized quantitatively from the reduction of isoflavone in the presence of Pd/C and ammonium formate under N2 atmosphere. Isolation of cis- and trans-isomers was achieved by flash column chromatography and each enantiomer was separated by Sumi-Chiral column chromatography. Absolute configurations of four stereoisomers were determined by circular dichroism spectroscopy. [Copyright &y& Elsevier]

Published

2008

3. Lightweight Hash-Based Authentication Protocol for Smart Grids.

Author

Kook, Sangjin, Kim, Keunok, Ryu, Jihyeon, Lee, Youngsook, and Won, Dongho

Subjects

*NEAR field communication, *SMART meters, *ELECTRIC power distribution grids, *CONSUMERS, *MANUFACTURING processes

Abstract

Smart grids integrate information and communications technology into the processes of electricity production, transportation, and consumption, thereby enabling interactions between power suppliers and consumers to increase the efficiency of the power grid. To achieve this, smart meters (SMs) are installed in households or buildings to measure electricity usage and allow power suppliers or consumers to monitor and manage it in real time. However, SMs require a secure service to address malicious attacks during memory protection and communication processes and a lightweight communication protocol suitable for devices with computational and communication constraints. This paper proposes an authentication protocol based on a one-way hash function to address these issues. This protocol includes message authentication functions to address message tampering and uses a changing encryption key for secure communication during each transmission. The security and performance analysis of this protocol shows that it can address existing attacks and provides 105,281.67% better computational efficiency than previous methods. [ABSTRACT FROM AUTHOR]

Published

2024

4. An Improved Lightweight User Authentication Scheme for the Internet of Medical Things.

Author

Kim, Keunok, Ryu, Jihyeon, Lee, Youngsook, and Won, Dongho

Subjects

*COMPUTER passwords, *INTERNET of things, *BODY temperature, *MEDICAL records, *MEDICAL personnel, *SENSOR networks, *BLOOD sugar

Abstract

The Internet of Medical Things (IoMT) is used in the medical ecosystem through medical IoT sensors, such as blood glucose, heart rate, temperature, and pulse sensors. To maintain a secure sensor network and a stable IoMT environment, it is important to protect the medical IoT sensors themselves and the patient medical data they collect from various security threats. Medical IoT sensors attached to the patient's body must be protected from security threats, such as being controlled by unauthorized persons or transmitting erroneous medical data. In IoMT authentication, it is necessary to be sensitive to the following attack techniques. (1) The offline password guessing attack easily predicts a healthcare administrator's password offline and allows for easy access to the healthcare worker's account. (2) Privileged-insider attacks executed through impersonation are an easy way for an attacker to gain access to a healthcare administrator's environment. Recently, previous research proposed a lightweight and anonymity preserving user authentication scheme for IoT-based healthcare. However, this scheme was vulnerable to offline password guessing, impersonation, and privileged insider attacks. These attacks expose not only the patients' medical data such as blood pressure, pulse, and body temperature but also the patients' registration number, phone number, and guardian. To overcome these weaknesses, in the present study we propose an improved lightweight user authentication scheme for the Internet of Medical Things (IoMT). In our scheme, the hash function and XOR operation are used for operation in low-spec healthcare IoT sensor. The automatic cryptographic protocol tool ProVerif confirmed the security of the proposed scheme. Finally, we show that the proposed scheme is more secure than other protocols and that it has 266.48% better performance than schemes that have been previously described in other studies. [ABSTRACT FROM AUTHOR]

Published

2023

5. Security Improvement on Biometric Based Authentication Scheme for Wireless Sensor Networks Using Fuzzy Extraction.

Author

Choi, Younsung, Lee, Youngsook, and Won, Dongho

Subjects

*WIRELESS sensor networks, *BIOMETRIC identification, *DATA security, *CRYPTOGRAPHY, *FUZZY systems

Abstract

Wireless sensor networks are used to monitor physical or environmental conditions. However, authenticating a user or sensor in wireless sensor networks is more difficult than in traditional networks owing to sensor network characteristics such as unreliable communication networks, resource limitation, and unattended operation. As a result, various authentication schemes have been proposed to provide secure and efficient communication. He et al. suggested a robust biometrics-based user authentication scheme, but Yoon and Kim indicated that their scheme had several security vulnerabilities. The latter then proposed an advanced biometrics-based user authentication scheme; in this paper, we analyze this advanced scheme and perform a cryptanalysis. Our analysis shows that Yoon and Kim’s scheme has various security weaknesses such as a biometric recognition error, a user verification problem, lack of anonymity and perfect forward secrecy, session key exposure by the gateway node, vulnerability to denial of service attacks, and a revocation problem. Therefore, we suggest countermeasures that can be implemented to solve these problems and then propose a security-enhanced biometrics-based user authentication scheme using fuzzy extraction that conforms to the proposed countermeasures. Finally, we conduct a security analysis for the proposed biometrics-based user authentication scheme. [ABSTRACT FROM AUTHOR]

Published

2016

6. Anonymous Authentication Scheme for Intercommunication in the Internet of Things Environments.

Author

Chung, Youngseok, Choi, Seokjin, and Won, Dongho

Subjects

*COMPUTER access control, *INTERCOMMUNICATION systems, *INTERNET of things, *INTERNET security, *INTERNET users, *TELECOMMUNICATION channels

Abstract

Authentication and privacy protection are important security mechanisms for keeping things safe in the Internet of Things environments. In particular, an anonymous authentication scheme is a privacy preserving authentication technique which provides both authentication and privacy preservation. An authentication scheme with anonymity in mobility networks was proposed recently. However, it was proven that it failed to provide anonymity against passive adversaries and malicious users and security against known session key attacks and side channel attacks. We propose an anonymous authentication scheme for intercommunication between the things in the Internet of Things environments. The proposed scheme provides not only anonymity and security, but also untraceability for the thing. Moreover, we only use low cost functions, such as hash functions and exclusive-OR operations in consideration of limited computing power of the thing. [ABSTRACT FROM AUTHOR]

Published

2015

7. MES-FPMIPv6: MIH-Enabled and enhanced secure Fast Proxy Mobile IPv6 handover protocol for 5G networks*^.

Author

Degefa, Fikadu, Ryu, Jihyeon, Kim, Hyoungshick, and Won, Dongho

Subjects

*INTERNET protocol version 6, *INTERNET protocols, *INTERNET protocol address, *MOBILITY management (Mobile radio), *5G networks, *INTERNET security, *SOCIAL networks

Abstract

Fast Proxy Mobile IPv6 (FPMIPv6) is an extension of the PMIPv6 mobility management deployed as part of the next-generation internet protocol. It allows location-independent routing of IP datagrams, based on local mobility to IPv6 hosts without involvement of stations in the IP address signaling. A mobile node keeps its IP address constant as it moves from link to link, which avoids signaling overhead and latency associated with changing IP address. Even though local mobility requirements hold, it entails security threats such as Mobile Node, Mobile Access Gateway, as well as Local Mobility Anchor impersonation that go beyond those already exist in IPv6. As mobile station keeps moving across different serving networks, its IP remains constant during handover, and location privacy may not also be preserved. Moreover, homogeneous network dependence of PMIPv6 is one of the gaps, which FPMIPv6 could not mitigate. FPMIPv6 does not support heterogeneous network handover, for which numerous researchers have proposed Media Independent Handover (MIH) enabled FPMIPv6 schemes to allow fast handover among heterogeneous networks, but in the absence of security solutions. As a comprehensive solution, we propose a new handover authentication scheme and a key agreement protocol for the 'MIH-enabled Network Only FPMIPv6' model. As one of the basic requirements, mobility management should minimize signaling overhead, handover delay and power consumption of the mobile node. The proposed scheme improves wireless link overhead (mobile node overhead) by 6-86% as cell radius, wireless failure probability and number of hop vary. The security of the proposed scheme has also been analyzed under BAN logic and Automated Validation of Internet Security Protocols and Applications (AVISPA) tool and its performance has numerically been evaluated through a pre-determined performance matrix and found to be effective and preferably applicable compared with other schemes. [ABSTRACT FROM AUTHOR]

Published

2022

8. A mechanical approach to derive identity-based protocols from Diffie–Hellman-based protocols.

Author

Choo, Kim-Kwang Raymond, Nam, Junghyun, and Won, Dongho

Subjects

*COMPUTER network protocols, *MATHEMATICAL proofs, *NUMERICAL calculations, *COMPUTER security, *IDENTITIES (Mathematics)

Abstract

We describe a mechanical approach to derive identity-based (ID-based) protocols from existing Diffie–Hellman-based ones. As case studies, we present the ID-based versions of the Unified Model protocol, UMP-ID, Blake-Wilson et al. (1997)’s protocol, BJM-ID, and Krawczyk (2005)’s HMQV protocol, HMQV-ID. We describe the calculations required to be modified in existing proofs. We conclude with a comparative security and efficiency of the three proposed ID-based protocols (relative to other similar published protocols) and demonstrate that our proposed ID-based protocols are computationally efficient. [ABSTRACT FROM AUTHOR]

Published

2014

9. Enhancement of two-factor authenticated key exchange protocols in public wireless LANs

Author

Lee, Yunho, Kim, Seungjoo, and Won, Dongho

Subjects

*AUTHENTICATION (Law), *PUBLIC key cryptography, *COMPUTER network protocols, *MESSAGE theory (Communication), *COMPUTER security, *WIRELESS LANs, *COMPUTER passwords, *CLIENT characteristics

Abstract

Abstract: In 2008, Juang and Wu proposed two authenticated key exchange protocols by improving Park and Park’s two-factor authenticated key exchange protocol in public wireless LANs. They pointed out that Park’s protocol was vulnerable to the dictionary attack on the identity protection. The improved protocols requires fewer exchanged messages and provided more secure protection for the client’s identity. In this paper, we propose two protocols require less exchanged messages than Juang’s protocols. In addition to this advantage, we point out that the identity protection of Juang’s protocol is computationally inefficient for the server and efficient identity protection is proposed in the second proposed protocol. [Copyright &y& Elsevier]

Published

2010

10. Lightweight user authentication scheme for roaming service in GLOMONET with privacy preserving.

Author

Kang, Dongwoo, Lee, Hakjun, Lee, Youngsook, and Won, Dongho

Subjects

*PRIVACY, *HOME computer networks, *INFORMATION technology

Abstract

With the development of information technology and the Internet, users can conveniently use roaming services without time and space restrictions. This roaming service is initiated by establishing a session key between a home node, which exists in a home network, and a mobile node, which exists in a foreign network. However, in the process of verifying a legitimate user and establishing a session key, various security threats and privacy exposure issues can arise. This study demonstrates that the authentication scheme for the roaming service proposed in the existing Global Mobility Network (GLOMONET) environment has several vulnerabilities and, hence, is impractical. In addition, the scheme does not satisfy the privacy of the session key or user's identity or password. Accordingly, we propose a new lightweight authentication scheme to compensate for these vulnerabilities and secure a high level of privacy, such as non-traceability. In addition, formal and informal analyses are conducted to examine the safety of the proposed scheme. Based on the results of our analyses, we prove that the proposed scheme is highly secure and applicable to the actual GLOMONET environment. [ABSTRACT FROM AUTHOR]

Published

2021

11. A security weakness in Abdalla et al.’s generic construction of a group key exchange protocol

Author

Nam, Junghyun, Paik, Juryon, and Won, Dongho

Subjects

*COMPUTER network protocols, *CRYPTOGRAPHY, *INFORMATION science, *SIGNS & symbols, *COMPUTER users, *MATHEMATICAL symmetry, *COMPILERS (Computer programs), *MECHANICAL efficiency, *GROUP theory

Abstract

Abstract: In TCC ’07, Abdalla et al. presented a protocol compiler that transforms any authenticated 2-party key exchange protocol into an authenticated group key exchange (GKE) protocol. Abdalla et al.’s compiler is certainly elegant in its genericness, symmetry, simplicity and efficiency. However, this compiler is not as secure as claimed. Under a reasonable assumption, the GKE protocol constructed by the compiler (from a 2-party protocol) fails to achieve implicit key authentication. We here reveal this security problem with the compiler and show how to address it. [Copyright &y& Elsevier]

Published

2011

12. An improved anonymous authentication scheme for roaming in ubiquitous networks.

Author

Lee, Hakjun, Lee, Donghoon, Moon, Jongho, Jung, Jaewook, Kang, Dongwoo, Kim, Hyoungshick, and Won, Dongho

Subjects

*SIGNALING (Psychology), *INFORMATION services, *COMMUNICATION of technical information, *DIGITAL sociology, *UBIQUITOUS computing

Abstract

With the evolution of communication technology and the exponential increase of mobile devices, the ubiquitous networking allows people to use our data and computing resources anytime and everywhere. However, numerous security concerns and complicated requirements arise as these ubiquitous networks are deployed throughout people’s lives. To meet the challenge, the user authentication schemes in ubiquitous networks should ensure the essential security properties for the preservation of the privacy with low computational cost. In 2017, Chaudhry et al. proposed a password-based authentication scheme for the roaming in ubiquitous networks to enhance the security. Unfortunately, we found that their scheme remains insecure in its protection of the user privacy. In this paper, we prove that Chaudhry et al.’s scheme is vulnerable to the stolen-mobile device and user impersonation attacks, and its drawbacks comprise the absence of the incorrect login-input detection, the incorrectness of the password change phase, and the absence of the revocation provision. Moreover, we suggest a possible way to fix the security flaw in Chaudhry et al’s scheme by using the biometric-based authentication for which the bio-hash is applied in the implementation of a three-factor authentication. We prove the security of the proposed scheme with the random oracle model and formally verify its security properties using a tool named ProVerif, and analyze it in terms of the computational and communication cost. The analysis result shows that the proposed scheme is suitable for resource-constrained ubiquitous environments. [ABSTRACT FROM AUTHOR]

Published

2018

13. Security analysis and enhanced user authentication in proxy mobile IPv6 networks.

Author

Kang, Dongwoo, Jung, Jaewook, Lee, Donghoon, Kim, Hyoungshick, and Won, Dongho

Subjects

*INTERNET protocol version 6, *CRYPTOGRAPHY, *COMPUTER passwords, *ANONYMITY, *INFORMATION science

Abstract

The Proxy Mobile IPv6 (PMIPv6) is a network-based mobility management protocol that allows a Mobile Node(MN) connected to the PMIPv6 domain to move from one network to another without changing the assigned IPv6 address. The user authentication procedure in this protocol is not standardized, but many smartcard based authentication schemes have been proposed. Recently, Alizadeh et al. proposed an authentication scheme for the PMIPv6. However, it could allow an attacker to derive an encryption key that must be securely shared between MN and the Mobile Access Gate(MAG). As a result, outsider adversary can derive MN’s identity, password and session key. In this paper, we analyze Alizadeh et al.’s scheme regarding security and propose an enhanced authentication scheme that uses a dynamic identity to satisfy anonymity. Furthermore, we use BAN logic to show that our scheme can successfully generate and communicate with the inter-entity session key. [ABSTRACT FROM AUTHOR]

Published

2017

14. Security enhanced multi-factor biometric authentication scheme using bio-hash function.

Author

Choi, Younsung, Lee, Youngsook, Moon, Jongho, and Won, Dongho

Subjects

*BIOMETRIC identification, *WIRELESS communications, *DATA protection, *DATA security, *TELECOMMUNICATION

Abstract

With the rapid development of personal information and wireless communication technology, user authentication schemes have been crucial to ensure that wireless communications are secure. As such, various authentication schemes with multi-factor authentication have been proposed to improve the security of electronic communications. Multi-factor authentication involves the use of passwords, smart cards, and various biometrics to provide users with the utmost privacy and data protection. Cao and Ge analyzed various authentication schemes and found that Younghwa An’s scheme was susceptible to a replay attack where an adversary masquerades as a legal server and a user masquerading attack where user anonymity is not provided, allowing an adversary to execute a password change process by intercepting the user’s ID during login. Cao and Ge improved upon Younghwa An’s scheme, but various security problems remained. This study demonstrates that Cao and Ge’s scheme is susceptible to a biometric recognition error, slow wrong password detection, off-line password attack, user impersonation attack, ID guessing attack, a DoS attack, and that their scheme cannot provide session key agreement. Then, to address all weaknesses identified in Cao and Ge’s scheme, this study proposes a security enhanced multi-factor biometric authentication scheme and provides a security analysis and formal analysis using Burrows-Abadi-Needham logic. Finally, the efficiency analysis reveals that the proposed scheme can protect against several possible types of attacks with only a slightly high computational cost. [ABSTRACT FROM AUTHOR]

Published

2017

15. An Improved and Secure Anonymous Biometric-Based User Authentication with Key Agreement Scheme for the Integrated EPR Information System.

Author

Jung, Jaewook, Kang, Dongwoo, Lee, Donghoon, and Won, Dongho

Subjects

*INFORMATION storage & retrieval systems, *BIOMETRIC identification, *MEDICAL records, *MEDICAL care, *MEDICAL communication

Abstract

Nowadays, many hospitals and medical institutes employ an authentication protocol within electronic patient records (EPR) services in order to provide protected electronic transactions in e-medicine systems. In order to establish efficient and robust health care services, numerous studies have been carried out on authentication protocols. Recently, Li et al. proposed a user authenticated key agreement scheme according to EPR information systems, arguing that their scheme is able to resist various types of attacks and preserve diverse security properties. However, this scheme possesses critical vulnerabilities. First, the scheme cannot prevent off-line password guessing attacks and server spoofing attack, and cannot preserve user identity. Second, there is no password verification process with the failure to identify the correct password at the beginning of the login phase. Third, the mechanism of password change is incompetent, in that it induces inefficient communication in communicating with the server to change a user password. Therefore, we suggest an upgraded version of the user authenticated key agreement scheme that provides enhanced security. Our security and performance analysis shows that compared to other related schemes, our scheme not only improves the security level, but also ensures efficiency. [ABSTRACT FROM AUTHOR]

Published

2017

16. Can differential privacy practically protect collaborative deep learning inference for IoT?

Author

Ryu, Jihyeon, Zheng, Yifeng, Gao, Yansong, Abuadbba, Alsharif, Kim, Junyaup, Won, Dongho, Nepal, Surya, Kim, Hyoungshick, and Wang, Cong

Abstract

Collaborative inference has recently emerged as an attractive framework for applying deep learning to Internet of Things (IoT) applications by splitting a DNN model into several subpart models among resource-constrained IoT devices and the cloud. However, the reconstruction attack was proposed recently to recover the original input image from intermediate outputs that can be collected from local models in collaborative inference. For addressing such privacy issues, a promising technique is to adopt differential privacy so that the intermediate outputs are protected with a small accuracy loss. In this paper, we provide the first systematic study to reveal insights regarding the effectiveness of differential privacy for collaborative inference against the reconstruction attack. We specifically explore the privacy-accuracy trade-offs for three collaborative inference models with four datasets (SVHN, GTSRB, STL-10, and CIFAR-10). Our experimental analysis demonstrates that differential privacy can practically be applied to collaborative inference when a dataset has small intra-class variations in appearance. With the (empirically) optimized privacy budget parameter in our study, the differential privacy technique incurs accuracy loss of 0.476%, 2.066%, 5.021%, and 12.454% on SVHN, GTSRB, STL-10, and CIFAR-10 datasets, respectively, while thwarting the reconstruction attack. [ABSTRACT FROM AUTHOR]

Published

2022

17. An Improvement of Robust and Efficient Biometrics Based Password Authentication Scheme for Telecare Medicine Information Systems Using Extended Chaotic Maps.

Author

Moon, Jongho, Choi, Younsung, Kim, Jiye, and Won, Dongho

Subjects

*BIOMETRY, *MEDICAL informatics, *TELEMEDICINE, *DATA security

Abstract

Recently, numerous extended chaotic map-based password authentication schemes that employ smart card technology were proposed for Telecare Medical Information Systems (TMISs). In 2015, Lu et al. used Li et al.'s scheme as a basis to propose a password authentication scheme for TMISs that is based on biometrics and smart card technology and employs extended chaotic maps. Lu et al. demonstrated that Li et al.'s scheme comprises some weaknesses such as those regarding a violation of the session-key security, a vulnerability to the user impersonation attack, and a lack of local verification. In this paper, however, we show that Lu et al.'s scheme is still insecure with respect to issues such as a violation of the session-key security, and that it is vulnerable to both the outsider attack and the impersonation attack. To overcome these drawbacks, we retain the useful properties of Lu et al.'s scheme to propose a new password authentication scheme that is based on smart card technology and requires the use of chaotic maps. Then, we show that our proposed scheme is more secure and efficient and supports security properties. [ABSTRACT FROM AUTHOR]

Published

2016

18. An Improvement of Robust Biometrics-Based Authentication and Key Agreement Scheme for Multi-Server Environments Using Smart Cards.

Author

Moon, Jongho, Choi, Younsung, Jung, Jaewook, and Won, Dongho

Subjects

*BIOMETRY, *SMART cards, *COMPUTER access control, *DATA analysis, *COMPUTER research

Abstract

In multi-server environments, user authentication is a very important issue because it provides the authorization that enables users to access their data and services; furthermore, remote user authentication schemes for multi-server environments have solved the problem that has arisen from user’s management of different identities and passwords. For this reason, numerous user authentication schemes that are designed for multi-server environments have been proposed over recent years. In 2015, Lu et al. improved upon Mishra et al.’s scheme, claiming that their remote user authentication scheme is more secure and practical; however, we found that Lu et al.’s scheme is still insecure and incorrect. In this paper, we demonstrate that Lu et al.’s scheme is vulnerable to outsider attack and user impersonation attack, and we propose a new biometrics-based scheme for authentication and key agreement that can be used in multi-server environments; then, we show that our proposed scheme is more secure and supports the required security properties. [ABSTRACT FROM AUTHOR]

Published

2015

19. Efficient and Anonymous Two-Factor User Authentication in Wireless Sensor Networks: Achieving User Anonymity with Lightweight Sensor Computation.

Author

Nam, Junghyun, Choo, Kim-Kwang Raymond, Han, Sangchul, Kim, Moonseong, Paik, Juryon, and Won, Dongho

Subjects

*WIRELESS sensor networks, *LIGHTWEIGHT materials, *COMPUTER access control, *SMART cards, *COMPUTER passwords, *COMPUTER users, *DATA transmission systems

Abstract

A smart-card-based user authentication scheme for wireless sensor networks (hereafter referred to as a SCA-WSN scheme) is designed to ensure that only users who possess both a smart card and the corresponding password are allowed to gain access to sensor data and their transmissions. Despite many research efforts in recent years, it remains a challenging task to design an efficient SCA-WSN scheme that achieves user anonymity. The majority of published SCA-WSN schemes use only lightweight cryptographic techniques (rather than public-key cryptographic techniques) for the sake of efficiency, and have been demonstrated to suffer from the inability to provide user anonymity. Some schemes employ elliptic curve cryptography for better security but require sensors with strict resource constraints to perform computationally expensive scalar-point multiplications; despite the increased computational requirements, these schemes do not provide user anonymity. In this paper, we present a new SCA-WSN scheme that not only achieves user anonymity but also is efficient in terms of the computation loads for sensors. Our scheme employs elliptic curve cryptography but restricts its use only to anonymous user-to-gateway authentication, thereby allowing sensors to perform only lightweight cryptographic operations. Our scheme also enjoys provable security in a formal model extended from the widely accepted Bellare-Pointcheval-Rogaway (2000) model to capture the user anonymity property and various SCA-WSN specific attacks (e.g., stolen smart card attacks, node capture attacks, privileged insider attacks, and stolen verifier attacks). [ABSTRACT FROM AUTHOR]

Published

2015

20. A Novel Approach to Analyzing for Detecting Malicious Network Activity Using a Cloud Computing Testbed.

Author

Lee, Junwon, Cho, Jaeik, Seo, Jungtaek, Shon, Taeshik, and Won, Dongho

Subjects

*MALWARE, *COMPUTER networks, *CLOUD computing, *COMPUTER security, *MOBILE communication systems

Abstract

Recent developments have caused the expansion of various cloud computing environments and services. Cloud computing environments have led to research in the areas of data processing, virtual environments, and access control. Information security is the most important research area for these environments security. In this study, we analyzed typical example of network testbeds, which have been used for malicious activity data collection and its subsequent analysis. Further, we propose an effective malicious network application testbed, which is based on a cloud system. We also verified the performance of our new testbed by comparing real malicious activity with the cloud-based testbed results. [ABSTRACT FROM AUTHOR]

Published

2013

21. Towards trustworthy e-voting using paper receipts

Author

Lee, Yunho, Park, Sangjoon, Mambo, Masahiro, Kim, Seungjoo, and Won, Dongho

Subjects

*ELECTRONIC voting, *COMPUTER security, *ELECTRONIC systems, *INFORMATION services, *DATA protection, *SECURITY systems, *INFORMATION retrieval, *VOTING machines

Abstract

Abstract: Current electronic voting systems are not sufficient to satisfy trustworthy elections as they do not provide any proof or confirming evidence of their honesty. This lack of trustworthiness is the main reason why e-voting is not widespread even though e-voting is expected to be more efficient than the current plain paper voting. Many experts believe that the only way to assure voters that their intended votes are casted is to use paper receipts. In this paper, we propose an efficient scheme for issuing receipts to voters in an e-voting environment using the well-known divide-and-choose method. Our scheme requires neither special printers or scanners, nor frequent observations of voting machines. In addition, our scheme is more secure than the previous schemes. [Copyright &y& Elsevier]

Published

2010

22. Time-dependent density functional theory-assisted absolute configuration determination of cis-dihydrodiol metabolite produced from isoflavone by biphenyl dioxygenase

Author

Seo, Jiyoung, Kang, Su-Il, Kim, Mihyang, Won, Dongho, Takahashi, Haruko, Ahn, Joong-Hoon, Chong, Youhoon, Lee, Eunjung, Lim, Yoongho, Kanaly, Robert A., Han, Jaehong, and Hur, Hor-Gil

Subjects

*METABOLITES, *ISOFLAVONES, *BIPHENYL compounds, *ESCHERICHIA coli, *PSEUDOMONAS, *BIOTRANSFORMATION (Metabolism), *LIQUID chromatography, *MASS spectrometry

Abstract

Abstract: Escherichia coli cells containing the biphenyl dioxygenase genes bphA1A2A3A4 from Pseudomonas pseudoalcaligenes KF707 were found to biotransform isoflavone and produced a metabolite that was not found in a control experiment. Liquid chromatography/mass spectrometry (LC/MS) and 1H and 13C nuclear magnetic resonance (NMR) analyses indicated that biphenyl dioxygenase induced 2′,3′-cis-dihydroxylation of the B-ring of isoflavone. In a previous report, the same enzyme showed dioxygenase activity toward flavone, producing flavone 2′,3′-cis-dihydrodiol. Due to growing interest in flavone chemistry and the absolute configuration of natural products, time-dependent density functional theory (TD–DFT) calculations were combined with circular dichroism (CD) spectroscopy to determine the absolute configuration of the isoflavone dihydrodiol. By computational methods, the structure of the isoflavone metabolite was determined to be 3-[(5S,6R)-5,6-dihydroxycyclohexa-1,3-dienyl]-4H-chromen-4-one. This structure was confirmed further by the modified Mosher’s method. The same protocol was applied to the flavone metabolite, and the absolute configuration was determined to be 2-[(5S,6R)-5,6-dihydroxycyclohexa-1,3-dienyl]-4H-chromen-4-one. After determination of the absolute configurations of the biotransformation products, we suggest the binding mode of these substrate analogs to the enzyme active site. [Copyright &y& Elsevier]

Published

2010

23. Resource-aware protocols for authenticated group key exchange in integrated wired and wireless networks

Author

Nam, Junghyun, Paik, Juryon, Kim, Ung Mo, and Won, Dongho

Subjects

*COMPUTER networks, *ALGORITHMS, *ALGEBRA, *COMPUTER network protocols

Abstract

Abstract: Protocols for group key exchange are cryptographic algorithms that describe how a group of parties communicating over a public network can come up with a common secret key. Due to their critical role in building secure multicast channels, a number of group key exchange protocols have been proposed over the years in a variety of settings. However despite many impressive achievements, there seems to have been no previous systematic look at the growing problem of key exchange over integrated wired and wireless (IWW) networks which consist of two distinct types of users: users having low-performance mobile devices with some form of battery power and users having high-performance stationary computers with no power constraint. The contribution of the present work is to fill this deficiency by providing a secure and efficient protocol for resource-aware group key exchange over the rapidly expanding IWW networks. By evenly spreading much of the total amount of computation across high power users, our protocol avoids any potential performance bottleneck of the system while keeping the burden on low power users at minimal. Our protocol also achieves provable security against powerful active adversaries under the decisional Diffie–Hellman assumption. We provide a rigorous proof of security for the protocol in a well-defined formal model of communication and adversarial capabilities. [Copyright &y& Elsevier]

Published

2007

24. Security weakness in a three-party pairing-based protocol for password authenticated key exchange

Author

Nam, Junghyun, Lee, Youngsook, Kim, Seungjoo, and Won, Dongho

Subjects

*COMPUTER network protocols, *COMPUTER passwords, *COMMUNICATION, *COMPUTER security

Abstract

Abstract: Authentication and key exchange are fundamental for establishing secure communication channels over public insecure networks. Password-based protocols for authenticated key exchange are designed to work even when user authentication is done via the use of passwords drawn from a small known set of values. Recently, Wen et al. (H.-A. Wen, T.-F. Lee, T. Hwang, Provably secure three-party password-based authenticated key exchange protocol using Weil pairing, IEE Proceedings—Communications 152 (2) (2005) 138–143) proposed a new protocol for password-based authenticated key exchange in the three-party setting, where the clients trying to establish a common secret key do not share a password between themselves but only with a trusted server. Wen et al.’s protocol carries a claimed proof of security in a formal model of communication and adversarial capabilities. However, this work shows that the protocol for three-party key exchange is completely insecure and the claim of provable security is seriously incorrect. We conduct a detailed analysis of flaws in the protocol and its security proof, in the hope that no similar mistakes are made in the future. [Copyright &y& Elsevier]

Published

2007

25. A Secure and Lightweight Three-Factor-Based Authentication Scheme for Smart Healthcare Systems †.

Author

Ryu, Jihyeon, Kang, Dongwoo, Lee, Hakjun, Kim, Hyoungshick, and Won, Dongho

Subjects

*INTERNET of things, *TELEMEDICINE, *MEDICAL care, *PATIENT monitoring, *NEAR field communication

Abstract

Internet of Things (IoT) technology has recently been integrated with various healthcare devices to monitor patients' health status and share it with their healthcare practitioners. Since healthcare data often contain personal and sensitive information, healthcare systems must provide a secure user authentication scheme. Recently, Adavoudi-Jolfaei et al. and Sharma and Kalra proposed a lightweight protocol using hash function encryption only for user authentication on wireless sensor systems. In this paper, we found some weaknesses in target schemes. We propose a novel three-factor lightweight user authentication scheme that addresses these weaknesses and verifies the security of the proposed scheme using a formal verification tool called ProVerif. In addition, our proposed scheme outperforms other proposed symmetric encryption-based schemes or elliptic curve-based schemes. [ABSTRACT FROM AUTHOR]

Published

2020

26. A three-factor anonymous user authentication scheme for Internet of Things environments.

Author

Lee, Hakjun, Kang, Dongwoo, Ryu, Jihyeon, Won, Dongho, Kim, Hyoungshick, and Lee, Youngsook

Subjects

*COMPUTER access control, *INTERNET of things, *5G networks, *SOCIAL networks, *KEY agreement protocols (Computer network protocols)

Abstract

To accelerate the deployment of fifth-generation (5G) cellular networks, millions of devices are being connected to massive Internet of Things (IoT) networks. However, advances in the scale of connectivity on 5G networks may increase the attack surface of these devices, thereby increasing the number of attack opportunities. To address the potential security risks in IoT systems, one feasible security practice involves the development of secure and efficient user authentication schemes. In 2017, Dhillon and Kalra proposed a three-factor user authentication scheme for IoT. We noted that their scheme suffers from several security weaknesses. In this study, we specifically demonstrate that the scheme proposed by Dhillon and Kalra (1) is not secured from a stolen mobile device attack; (2) does not prevent a user impersonation attack; (3) does not provide a session key agreement; (4) does not have a contingency plan (e.g., a revocation phase) for situations where a user's private key is compromised, or a mobile device is stolen or lost. We propose an improved three-factor user authentication scheme to resolve these security issues. Furthermore, we demonstrate that the proposed scheme provides desirable attributes for IoT environments and that its computation and communication costs are suitable for extremely low-cost IoT devices. [ABSTRACT FROM AUTHOR]

Published

2020

27. Secure and Efficient Three-Factor Protocol for Wireless Sensor Networks.

Author

Ryu, Jihyeon, Lee, Hakjun, Kim, Hyoungshick, and Won, Dongho

Subjects

*WIRELESS sensor networks, *MEDICAL care, *COMPUTER access control, *COMPUTER security, *DATA security

Abstract

Wireless sensor networks are widely used in many applications such as environmental monitoring, health care, smart grid and surveillance. Many security protocols have been proposed and intensively studied due to the inherent nature of wireless networks. In particular, Wu et al. proposed a promising authentication scheme which is sufficiently robust against various attacks. However, according to our analysis, Wu et al.'s scheme has two serious security weaknesses against malicious outsiders. First, their scheme can lead to user impersonation attacks. Second, user anonymity is not preserved in their scheme. In this paper, we present these vulnerabilities of Wu et al.'s scheme in detail. We also propose a new scheme to complement their weaknesses. We improve and speed up the vulnerability of the Wu et al. scheme. Security analysis is analyzed by Proverif and informal analysis is performed for various attacks. [ABSTRACT FROM AUTHOR]

Published

2018