Go to the main menu
Skip to content
Go to bottom
REFERENCE LINKING PLATFORM OF KOREA S&T JOURNALS
> Journal Vol & Issue
Journal of the Korea Institute of Information Security and Cryptology
Journal Basic Information
Journal DOI :
Korea Institutes of Information Security and Cryptology
Editor in Chief :
Volume & Issues
Volume 12, Issue 6 - Dec 2002
Volume 12, Issue 5 - Oct 2002
Volume 12, Issue 4 - Aug 2002
Volume 12, Issue 3 - Jun 2002
Volume 12, Issue 2 - Apr 2002
Volume 12, Issue 1 - Feb 2002
Selecting the target year
Performance Improvement of Cert-Validation of Certification based on FM Subcarrier Broadcasting
Journal of the Korea Institute of Information Security and Cryptology, volume 12, issue 3, 2002, Pages 3~13
There are cases that revoke the certification because of disclosure of private key, deprivation of qualification and the expiration of a term of validity on PKI. So, a user has to confirm the public key whether valid or invalid in the certification. There are many methods such as CRL, Delta-CRL, OCSP for the cert-validation of certification. But these methods have many problems, which cause overload traffic on network and the CRL server because of realtime processing for cert-validation of certification. In this paper we proposed cert-validation of certification improvement method based on FM Subcarrier Broadcasting, which solved problems that are data integrity by different time between transmission and receiving for CRL, and overload traffic on network and the CRL server the realtime management.
A Technique for Detecting Malicious Java Applet Using Java-Methods Substitution
Journal of the Korea Institute of Information Security and Cryptology, volume 12, issue 3, 2002, Pages 15~22
Java applet, executed in user's web browsers which is via proxy server on web sever, can approach client files or resources, so it is necessary to secure against malicious java applet. Currently, the previous security countermeasures against malicious java applet use two ways: one is making a filter system to detect malicious java applet hewn in proxy, the other is that establishes another security java virtual machine. However, the first one can not detect unknown malicious java applet, and the other one nay increase loads, because it decides whether there is malicious or not after implementing java applet on proxy server. In this paper, after inserting monitoring function to java applet on proxy server using java-methods substitution and transfer it to user to detect malicious java applet, we propose a technique for detecting malicious java applet that can detect the unknown malicious java applet with reducing loads
IC Card Security System for CEPS in Internet
Journal of the Korea Institute of Information Security and Cryptology, volume 12, issue 3, 2002, Pages 23~37
As the world-wide use of the Internet increases rapidly due to development of computer network the Electronic Commerce for business by treating it is growing as compared to the traditional one for the information exchange in the academic and research areas. The Electronic Payment System used for EC includes the Payment Broker System and the Electronic Purse System. And usually Electronic Purse System operates with IC cards. Saving the money in IC card has a high portability and security. Therefore, the Electronic purse System based on IC card is recently issued in the EC. In this paper, we design and implement of a IC card security system for Common Electronic Purse Specifications in Internet. CEPS is a Electronic Purse System proposed VISA, and conform EMV(Europay Mastercard VISA) security structure. With our system, users easily use Electronic Purse System with only Web browser and IC card. Original EMV paid no regard to using in the Internet. But our system, conforming to CEPS and EMV, is easily used in the Internet.
A New framework for IP Traceback : Inference of Logical Topology by Measuring Packet Losses
Journal of the Korea Institute of Information Security and Cryptology, volume 12, issue 3, 2002, Pages 39~47
This paper deals with study of a new framework for the traceback of distributed DoS(Denial of Service) attacks in the Internet, in which many sources flood "spoofed" IP packets towards a single victim. In our scheme, the destination host traces those anonymous packets' losses, and infers the logical end-to-end paths back towards the sources. This method is based on the fact that there is a strong correlation between packet losses when those packets traverse along a same route, and the simulation results show high probabilities of detecting the topology under a certain condition. Compared with previous approaches, our scheme has a number of distinct features: It can be performed in realtime or non-realtime, without any supports of routers or ISPs. Our results may be applied to the inference of physical topology and to support previous approaches.pproaches.
Authentication and Key Agreement Protocol based on NTRU in the Mobile Communication
Journal of the Korea Institute of Information Security and Cryptology, volume 12, issue 3, 2002, Pages 49~59
As the electronic commerce increases rapidly in the mobile communication, security issues become more important. A suitable authentication and key agreement for the mobile communication environment is a essential condition. Some protocols based on the public key cryptosystem such as Diffie-Hellman, EIGamal etc. were adapted in the mobile communication. But these protocols that are based on the difficult mathematical problem in the algebra, are so slow and have long key-length. Therefore, these have many limitation to apply to the mobile communication. In this paper, we propose an authentication and key agreement protocol based on NTRU to overcome the restriction of the mobile communication environment such as limited sources. low computational fewer, and narrow bandwidth. The proposed protocol is faster than other protocols based on ECC, because of addition and shift operation with small numbers in the truncated polynomial ring. And it is as secure as other existent mathematical problem because it is based on finding the Shortest or Closest Vector Problem(SVP/CVP).
The Proposal of Security Evaluation Criteria for PKI Systems in Korea
Journal of the Korea Institute of Information Security and Cryptology, volume 12, issue 3, 2002, Pages 61~76
To ensure PKI systems' reliability, the security for PKI systems evaluation is required. But, unfortunately, the systematic security evaluation and certification of PKI systems is insufficient. In Korea, Firewall and intrusion detection system's security evaluation and certification has been enforced, but research of PKI systems’ evaluation is insufficient. This paper provides a PKI system evaluation criteria. This paper specifies a 7 level of the functional and assurance security requirements for a PKI system. And this PKI system evaluation criteria provides a compatibility with CC(Common Criteria) and KISES(Korea Information Security Evaluation Systems).
A Study on a Binary Random Sequence Generator with Two Characteristic Polynomials
Journal of the Korea Institute of Information Security and Cryptology, volume 12, issue 3, 2002, Pages 77~85
A Research of binary random sequence generator that uses a linear shift register had been studied since the 1970s. These generators were used in stream cipher. In general, the binary random sequence generator consists of linear shift registers that generate sequences of maximum period and a nonlinear filter function or a nonlinear combination function to generate a sequence of high linear complexity. Therefore, To generate a sequence that have long period as well as high linear complexity becomes an important factor to estimate safety of stream cipher. Usually, the maximum period of the sequence generated by a linear feedback shift register with L resistors is less than or equal to
-1. In this paper, we propose new binary random sequence generator that consist of L registers and 2 sub-characteristic polynomials. According to an initial state vector, the least period of the sequence generated by the proposed generator is equal to or ions than it of the sequence created by the general linear feedback shift register, and its linear complexity is increased too.
Cellular Automata based on VLSI architecture over GF(
Journal of the Korea Institute of Information Security and Cryptology, volume 12, issue 3, 2002, Pages 87~94
This study presents an MSB(Most Significant Bit) Int multiplier using cellular automata, along with a new MSB first multiplication algorithm over GF(
). The proposed architecture has the advantage of high regularity and a reduced latency based on combining the characteristics of a PBCA(Periodic Boundary Cellular Automata) and with the property of irreducible AOP(All One Polynomial). The proposed multiplier can be used in the effectual hardware design of exponentiation architecture for public-key cryptosystem.
Extended Interactive Hashing Protocol
Journal of the Korea Institute of Information Security and Cryptology, volume 12, issue 3, 2002, Pages 95~102
Interactive hashing is a protocol introduced by Naor, Ostrovsk Venkatesan,
with t-1 round complexity and
- 1 bits communication complexity for given t bits string. In this paper, we propose more efficiently extended interactive hashing protocol with t/m- 1 round complexity and
/m - m bits communication complexity than NOVY protocol when m is a divisor of t, and prove the security of this.
A Study on the Security analysis and Applications of Standard Key agreement protocols based on Elliptic curve cryptosystem
Journal of the Korea Institute of Information Security and Cryptology, volume 12, issue 3, 2002, Pages 103~118
To provide the privacy of transmitted message over network the use of cryptographic system is increasing gradually. Because the security and reliability of the cryptographic system is totally rely on the key, the key management is the most important part of the cryptographic system. Although there are a lot of security products providing encryption, the security of the key exchange protocols used in the product are not mostly proved yet. Therefore, we have to study properties and operation of key agreement protocols based on elliptic curve in ANSI X9.63. furthermore, we analyze the security of their protocols under passive and active attacker models and propose the most suitable application field taking the feature of the protocols into account.
A Identity Escrow mechanism supporting key recovery
Journal of the Korea Institute of Information Security and Cryptology, volume 12, issue 3, 2002, Pages 119~128
In case certification between user and service provider is achieved, problem that user's identity is revealed is occurring by social issue, so it was presented identity escrow scheme to solve these problem. In identity escrow scheme, the issuer who have correct user's identity transmits securely anonymity authentication information to user, and user achieves authentication phase with service provider keeping oneself anonymity using this. In this paper, we present requirement for security and trusty of identity escrow scheme and propose new mechanism that can security this. Also, propose method that service provider can deliver securely contents to user and propose mechanism that improve that support ky recovery at encryption communication that using secret key that it was generated by key agreement between users.
Network based Intrusion Detection System using Adaptive Resonance Theory 2
Journal of the Korea Institute of Information Security and Cryptology, volume 12, issue 3, 2002, Pages 129~139
As internet expands, the possibility of attack through the network is increasing. So we need the technology which can detect the attack to the system or the network spontaneously. The purpose of this paper proposes the system to detect intrusion automatically using the Adaptive Resonance Theory2(ART2) which is one of artificial neural network The parameters of the system was tunned by ART2 algorithm using a lot of normal packets and various attack packets which were intentionally generated by attack tools. The results were compared and analyzed with conventional methods.