Go to the main menu
Skip to content
Go to bottom
REFERENCE LINKING PLATFORM OF KOREA S&T JOURNALS
> Journal Vol & Issue
Journal of the Korea Institute of Information Security and Cryptology
Journal Basic Information
Journal DOI :
Korea Institutes of Information Security and Cryptology
Editor in Chief :
Volume & Issues
Volume 11, Issue 6 - Dec 2001
Volume 11, Issue 5 - Oct 2001
Volume 11, Issue 4 - Aug 2001
Volume 11, Issue 3 - Jun 2001
Volume 11, Issue 2 - Apr 2001
Volume 11, Issue 1 - Feb 2001
Selecting the target year
The design and Implementation of Web Security System using the Cookies
Journal of the Korea Institute of Information Security and Cryptology, volume 11, issue 4, 2001, Pages 3~14
A Web server makes use of the HTTP(Hyper Text Transfer Protocol) to communicate with a client. The HTTP is a stateless protocol; the server does not maintain any state information for ongoing interactions with the client. Therefore, the HTTP inevitably requires additional overhead as repeating data key-in to user for continuing communications. This overhead in Web environment can be resolved by the cookie technologies. However, the cookie is usually unsecured due to the clear-text to transfer on the network and to store in the file. That is, information in the cookie is easy to exposure, copy, and even change. In this paper, we propose a secure cookie mechanism appropriate to Web environment, and then present a design and implement of secure Web system based on the scheme. The Web system can be used to any web environment. It also provides some security services, such as confidentiality, authentication, integrity.
A Study on Security Threat Elements Analysis and Security Architecture in Satellite Communication Network
Journal of the Korea Institute of Information Security and Cryptology, volume 11, issue 4, 2001, Pages 15~31
In this paper we classify security threat elements of satellite communication into four parts; Level-0(satellite propagation signal), Level-1(satellite control data), Level-2(satellite application data) and ground network security level according to the personality and data of the satellite communication network. And we analyze each security levels. Using analyzed security threat elements, we divide security requirements into signal security level and information security level separately. And then above the existent signal security level countermeasure, we establish the countermeasure on the basis of information security policy such as satellite network security policy, satellite system security policy and satellite data security policy in information security level. In this paper we propose secure satellite communication network through the countermeasure based on information security policy.
Implementation of Secure Linux OS based on Kernel
Journal of the Korea Institute of Information Security and Cryptology, volume 11, issue 4, 2001, Pages 33~43
This paper presents a secure Linux OS in which multi-level security functions are implemented at the kernel level. Current security efforts such as firewall or intrusion detection system provided in application-space without security features of the secure OS suffer from many vulnerabilities. However the development of the secure OS in Korea lies in just an initial state, and NSA has implemented a prototype of the secure Linux but published just some parts of the technologies. Thus our commercialized secure Linux OS with multi-level security kernel functions meets the minimum requirements for TCSEC B1 level as well kernel-mode encryption, real-time audit trail with DB, and restricted use of root privileges.
A Shadowing Mechanism supporting Automatic Extension of Security Scheme
Journal of the Korea Institute of Information Security and Cryptology, volume 11, issue 4, 2001, Pages 45~54
It is necessary to control security management consistently and respond to an intrusion automatically in order to use the network securely in the single administrative domain. This paper presents a Shadowing Mechanism supporting a dynamic extension of security scheme and proposes an ARTEMIS(Advanced Realtime Emergency Management and Intruder Identification System), which is designed and implemented based on the suggested technique. It is possible for security management system developed on the basis of the Shadowing Mechanism to make all network components working under the same security scheme. It enhances the accuracy of intrusion tracing and automatic response through dynamic extension of space and time for security management.
Security of OFB mode and 3GPP f8 encryption mode
Journal of the Korea Institute of Information Security and Cryptology, volume 11, issue 4, 2001, Pages 55~66
In this paper, we analyze the security of OFB encryption mode which is one of the basic modes of operation for the block cipher and the security of 3GPP f8 encryption mode used to provide the data confidentiality over a radio access link of W-CDMA IMT-2000. We provide the lower bound and the upper bound on security of both modes in random function model and random permutation model, respectively, by means of the left-or-right security notion, and prove the security of both modes using a pseudorandom function and a pseudorandom permutation, respectively.
An analysis on the S-boxes of block ciphers in 3GPP
Journal of the Korea Institute of Information Security and Cryptology, volume 11, issue 4, 2001, Pages 67~75
3GPP proposed f8 and f9 algorithms based on the block cipher KASUMI to provide the data confidentiality and integrity over a radio access link for IMT-2000(W-CDMA). Also 3GPP proposed Milenage algorithm based on the block cipher Rijndael to provide an example set for 3GPP authentication and key generation functions. In order to analyze the security of 3GPP algorithms, we must go ahead an analysis of security of KASUMI and Rijndael. Since S-box is an important point of security of block cipher, in this paper we analyze the S-boxes of KASUMI and Rijndael and compare the S-boxes of KASUMI with the S-box of Rijndael. Although KASUMI S9-box is bad for AC and SAC, we find that AC of KASUMI FI function containing S7-box and S9-box is equal to AC of Rijndael S-box and SAC of KASUMI FI function is better than SAC of Rijndael S-box.
Group Key Management using (2,4)-Tree
Journal of the Korea Institute of Information Security and Cryptology, volume 11, issue 4, 2001, Pages 77~89
Recently, with the explosive growth of communication technologies, group oriented services such as teleconference and multi-player game are increasing. Access control to information is handled by secret communications with group keys shared among members, and efficient updating of group keys is vital to such secret communications of large and dynamic groups. In this paper, we employ (2,4)-tree as a key tree, which is one of height balanced trees, to reduce the number of key updates caused by join or leave of members. Especially, we use CBT(Core Based Tree) to gather network configurations of group members and reflect this information to key tree structure to update group keys efficiently when splitting or merging of subgroups occurs by network failure or recovery.