Abstract: A method and system for lightweight key distribution in a wireless network comprises calculating a second intermediate value using a first intermediate value which corresponds to respective partial keys included in a key pool; generating an encryption key using the second intermediate value and encrypting a partial key corresponding to a key index in common with a new node with the encryption key; and sending a key part which contains the encrypted partial key and the second intermediate value. Therefore, if a new node joins the wireless network, the key set can be allocated to the new node using its ID while the key sets allocated to the existing nodes of the network are retained.

Abstract: A broadcast encryption (BE) for acquiring an encryption key which is used to decrypt a session key by a node receiving services, with less computation overhead. A plurality of subgroups, each consisting of at least one of a plurality of nodes, are generated, and layers are formed according to a number of nodes which form the subgroup. Prime numbers are assigned to the subgroups not to overlap one another, and a subgroup at an upper layer is connected with a subgroup, which includes nodes forming the subgroup of the upper layer, at a lower layer. A prime number assigned to a subgroup at an upper layer, a prime number assigned to an unconnected subgroup at the same layer, and a prime number assigned to a subgroup at a lower layer, are re-assigned to each subgroup, and an encryption key which is generated from the re-assigned prime numbers is assigned to the each group.

Abstract: A method of securely storing and authenticating biometric data against attacks of a third party includes encoding input biometric data, and applying a one-way function to the encoded biometric data. A first exclusive OR operation is performed to the result of the one-way function and a selected secret key. The result of the first exclusive OR operation is encoded, and a second exclusive OR operation is performed to the encoded result of the first exclusive OR operation and the encoded biometric data. The result of the second exclusive OR operation is stored. In the same manner, the biometric data is authenticated. Accordingly, the biometric data can be securely stored against the attacks of a third party by processing and storing the biometric data according to a predetermined procedure.

Abstract: A seed value making method and device for a PRNG (Pseudo Random Number Generator) are provided. The seed value making method includes the steps of: accumulating in memory units of a First Data Pool data from various external sources, analyzing the data to determine a source type, computing entropy estimations for each of the external sources basing on the source type as determined, and generating a seed value by using the entropy estimations and the data accumulated in the memory units of the First Data Pool. Accordingly, in generating a seed value, dynamic estimation of random sources rate, and classification of sources on slow and fast ones, and reliable and unreliable ones, can be provided, and also, seed values can be made with taking in account rate and reliability of the sources.

Abstract: A method of managing a key of a user for a broadcast encryption. The method includes forming a tree comprising m hierarchies by repeating a process of setting a ith level comprising groups into which at least one node is grouped in a unit of ni, and setting a i+1th level comprising the groups of the ith level that are re-grouped in a unit of ni+1 until i is from “1” to “m”. The method further includes mapping users on at least one node of the tree and message providers on the mth hierarchy, going down from the mth hierarchy to the first hierarchy to map key encryption keys with respect to the i+1th level connected to the ith level, and transmitting the message using the key encryption keys.

Abstract: A method of reducing the number of security keys allocated to each node of a wireless network, and of reducing the number of security keys that are required by the wireless network. N nodes are grouped into a first and a second groups, each group comprising N/2 nodes without nodes being shared. The first group is grouped such that at least two nodes are included and at least one node is different, and first security keys are allocated to the first group nodes without any security keys being shared among the groups. (N/2) groups are grouped to include a security key arrangement of (B/2) number of security keys of B number of second security keys, and the second security keys of each group are allocated to each node of the first group. Here, the security key arrangement of each group differs from that of the others.

Abstract: A method of securely storing and authenticating biometric data against attacks of a third party includes encoding input biometric data, and applying a one-way function to the encoded biometric data. A first exclusive OR operation is performed to the result of the one-way function and a selected secret key. The result of the first exclusive OR operation is encoded, and a second exclusive OR operation is performed to the encoded result of the first exclusive OR operation and the encoded biometric data. The result of the second exclusive OR operation is stored. In the same manner, the biometric data is authenticated. Accordingly, the biometric data can be securely stored against the attacks of a third party by processing and storing the biometric data according to a predetermined procedure.

Abstract: The method of distributed key control on the basis of the preliminary key distribution scheme, which method including, besides others, the steps of: forming a unique identifier of mesh-network node; recording the unique identifier into a local memory of the mesh-network node; forming an incidence matrix of the KEDYS scheme and an incidence matrix of trivial scheme; generating long-term private keys and recording them together with the corresponding column of the incidence matrix into the local memory of the mesh-network node and also into the local memory of controlling node of distributed center for controlling keys; recording the formed key block of the trivial scheme and a broadcasting key into the local memory of the controlling node of the distributed center for controlling keys; generating a start value of hash-chain and calculating its final value; recording an authenticator into the local memory of the mesh-network node; recording the start value of the hash-chain into the local memory of the controll