Á¤º¸Ã³¸®ÇÐȸ ³í¹®Áö ÄÄÇ»ÅÍ ¹× Åë½Å½Ã½ºÅÛ
Current Result Document :
| ÇѱÛÁ¦¸ñ(Korean Title) |
BLE ¹× TCP ±â¹Ý ´ÙÁß µð¹ÙÀ̽º °£ ¾ÈÀüÇÑ ÀÎÁõ¼ º¹»ç ¹æ¹ý |
| ¿µ¹®Á¦¸ñ(English Title) |
Secure Certificates Duplication Method Among Multiple Devices Based on BLE and TCP |
| ÀúÀÚ(Author) |
Á¶¼ºÈ¯
ÇѱâÅÂ
Sung-Hwan Jo
Gi-Tae Han
|
| ¿ø¹®¼ö·Ïó(Citation) |
VOL 07 NO. 02 PP. 0049 ~ 0058 (2018. 02) |
Çѱ۳»¿ë
(Korean Abstract) |
ÀÎÁõ¼´Â »ç¿ëÀÚÀÇ ½Å¿øÈ®ÀÎ ¹× À§⋅º¯Á¶ ¹æÁö, ºÎÀιæÁö µîÀÇ ±â´ÉÀ» ¼öÇàÇÏ¿© »ç¿ëÀÚ¸¦ Áõ¸íÇÒ ¼ö ÀÖ´Â ¼ö´ÜÀÌ µÈ´Ù. ´ëºÎºÐÀÇ »ç¶÷µéÀÌ ÀÎÅͳݹðÅ·À» ÀÌ¿ëÇÑ ¾÷¹«¸¦ ¼öÇàÇÒ ¶§ °øÀÎÀÎÁõ¼¸¦ »ç¿ëÇϸç, ÀÎÅͳݹðÅ· ¿Ü¿¡µµ °¢Á¾ Áõ¸í¼ ¹ß±Þ, ÀüÀÚ °áÁ¦ µî¿¡¼µµ ½Å¿øÀ» ÀÔÁõ ÇÏ´Â ¿ëµµ·Î ¸¹ÀÌ »ç¿ëµÇ°í ÀÖ´Ù. À̶§ ¹ß±Þ¹ÞÀº ÀÎÁõ¼´Â µð½ºÅ© »ó¿¡ ÆÄÀÏ ÇüÅ·ΠÁ¸ÀçÇϸç, ¸¸¾à »õ·Î¿î µð¹ÙÀ̽º¿¡¼ ÀÎÁõ¼¸¦ »ç¿ëÇϱâ À§Çؼ´Â ±âÁ¸ÀÇ µð¹ÙÀ̽º¿¡¼ ¹ß±Þ¹ÞÀº ÀÎÁõ¼¸¦ º¹»çÇØ¾ß »ç¿ëÀÌ °¡´ÉÇÏ´Ù. ÇÏÁö¸¸ ´ëºÎºÐÀÇ ÀÎÁõ¼ º¹»ç ¹æ¹ýÀº 8¢¦16ÀÚ¸®ÀÇ ÀÎÁõ¹øÈ£¸¦ ÀÔ·ÂÇÏ¿© º¹»çÇÏ´Â ¹æ¹ýÀ̸ç, ÀÌ´Â ÀÎÁõ¹øÈ£¸¦ ÀÔ·ÂÇØ¾ß µÇ´Â ¹ø°Å·Î¿òÀÌ ÀÖ°í, º¸¾È¿¡ Ãë¾àÇÏ´Ù´Â ´ÜÁ¡ÀÌ ÀÖ´Ù. ÀÌ·¯ÇÑ ´ÜÁ¡À» ÇØ°á Çϱâ À§ÇØ º» ³í¹®¿¡¼´Â TCP¿Í BLE¸¦ »ç¿ëÇÏ´Â ´ÙÁß Ã¤³Î¿¡¼ÀÇ º¸¾È°È ÀÎÁõ¼ º¹»ç ¹æ¹ýÀ» Á¦¾ÈÇÑ´Ù. Á¦¾ÈÇÏ´Â ¹æ¹ýÀº 1) BLE Advertising data¸¦ ÀÌ¿ëÇÏ¿© »óÈ£°£¿¡ ÀÎÁõ °¡´ÉÇÑ µ¥ÀÌÅ͸¦ °øÀ¯ÇÏ°í, 2) ECC±â¹Ý ÀüÀÚ¼¸í ¾Ë°í¸®ÁòÀ» ÅëÇØ µð¹ÙÀ̽º ÀÎÁõ ÈÄ ´ëĪŰ ¾Ë°í¸®ÁòÀ¸·Î ÀÎÁõ¼¸¦ ¾ÏÈ£ÈÇÏ¿© Àü´ÞÇÑ´Ù. Á¦¾ÈÇÏ´Â ¹æ¹ýÀ» ¸ð¹ÙÀÏ È¯°æ¿¡¼ ±¸ÇöÇÑ °á°ú ±âÁ¸¹æ¹ýÀÇ º¸¾ÈÃë¾à¿µ¿ªÀÎ ½º´ÏÇÎ °ø°Ý¿¡ ´ëÇÑ ¹æ¾î°¡ °¡´ÉÇϸç, ¹«ÀÛÀ§ ´ëÀÔ °ø°ÝÀ» ÅëÇÑ º¹È£È ½Ãµµ ½Ã ±âÁ¸ÀÇ ¹æ¹ýº¸´Ù ¾à 1041¹è Á¤µµÀÇ º¸¾È°µµ¸¦ ³ôÀÏ ¼ö ÀÖÀ½À» º¸¿´´Ù.
|
¿µ¹®³»¿ë
(English Abstract) |
A certificate is a means to certify users by conducting the identification of the users, the prevention of forgery and alteration, and non-repudiation. Most people use an accredited certificate when they perform a task using online banking, and it is often used for the purpose of proving one¡¯s identity in issuing various certificates and making electronic payments in addition to online banking. At this time, the issued certificate exists in a file form on the disk, and it is possible to use the certificate issued in an existing device in a new device only if one copies it from the existing device. However, most certificate duplication methods are a method of duplication, entering an 8-16 digit verification code. This is inconvenient because one should enter the verification code and has a weakness that it is vulnerable to security issues. To solve this weakness, this study proposes a method for enhancing security certificate duplication in a multi-channel using TCP and BLE. The proposed method: 1) shares data can be mutually authenticated, using BLE Advertising data; and 2) encrypts the certificate with a symmetric key algorithm and delivers it after the certification of the device through an ECC-based electronic signature algorithm. As a result of the implementation of the proposed method in a mobile environment, it could defend against sniffing attacks, the area of security vulnerabilities in the existing methods and it was proven that it could increase security strength about 1041 times in an attempt of decoding through the method of substitution of brute force attack existing method.
|
| Å°¿öµå(Keyword) |
BLE
ECC
ÀÎÁõ¼
´ÙÁßä³ÎÀÎÁõ
ÀüÀÚ¼¸í
½º¸¶Æ®µð¹ÙÀ̽º
BLE
ECC
Certification
Digital Signature
Smart Device
|
| ÆÄÀÏ÷ºÎ |
PDF ´Ù¿î·Îµå
|
