Go to the main menu
Skip to content
Go to bottom
REFERENCE LINKING PLATFORM OF KOREA S&T JOURNALS
> Journal Vol & Issue
Journal of the Korea Institute of Information Security and Cryptology
Journal Basic Information
Journal DOI :
Korea Institutes of Information Security and Cryptology
Editor in Chief :
Volume & Issues
Volume 12, Issue 6 - Dec 2002
Volume 12, Issue 5 - Oct 2002
Volume 12, Issue 4 - Aug 2002
Volume 12, Issue 3 - Jun 2002
Volume 12, Issue 2 - Apr 2002
Volume 12, Issue 1 - Feb 2002
Selecting the target year
Measure of the loss resulting from the threat in the University
Journal of the Korea Institute of Information Security and Cryptology, volume 12, issue 4, 2002, Pages 3~14
In this paper we classify the possible threat and introduce the method that measures the loss resulted from the threat in the university. This is the method that the amount of the loss minimized in the case of the same quality in damage as establish a economical prediction model. The method of measuring the loss is as follows. First, asset should be clearly identified and valued. Second, threats which may result in harm to asset should be classified. Third, vulnerabilities which is weaknesses associated with asset should be analyzed. Fourth, measure the value of the loss. we explain the valued method by the example.
Development on the Operating Technique for Delta CRL
Journal of the Korea Institute of Information Security and Cryptology, volume 12, issue 4, 2002, Pages 15~27
The purpose of this paper is to present both the specification of delta-CRL and the polices for delta CRL in order to solve the problem involved in issuing and maintaining the certificate revocation lists for the mobile communication network. If the user request to revoke the certificate issued by certification authority, the certification should be revoked and listed up in the certificate revocation list. In general, the certificate revocation list is issued regularly. Therefore PKI application should download the CRL and prove the validity of CRL. The traffic size of the exchanged traffic should be reduced for the mobile communication environment. The result if this paper can be used for the mobile communication various environments to reduce the size of CRL.
An Aggregate Detection Method for Improved Sensitivity using Correlation of Heterogeneous Intrusion Detection Sensors
Journal of the Korea Institute of Information Security and Cryptology, volume 12, issue 4, 2002, Pages 29~39
In general, the intrusion detection method of anomalous behaviors has high false alarm rate which contains false-positive and false-negative. To increase the sensitivity of intrusion detection, we propose a method of aggregate detection to reduce false alarm rate by using correlation between misuse activity detection sensors and anomalous ones. For each normal behavior and anomalous one, we produce the reflection rate between the result from one sensor and another in off-line. Then, we apply this rate to the result of real-time detection to reduce false alarm rate.
A RBAC Model Considering the Characteristics of the Adhocracy Organization
Journal of the Korea Institute of Information Security and Cryptology, volume 12, issue 4, 2002, Pages 41~53
Role Based Access Control (RBAC), which is a method, using role as an access control, has been popular with users and it is recognized as an effective method to replace the Discretionary Access Control and the Mandatory Access Control However, the existing Role Based Access Control Models have only been limited to the bureaucracy organization in which a distinctive hierarchy system was used, incorporating a stable structure and a standardized work system. Only in some parts, some access control models have been used, which supports 'Team' concept, such as Team Based Access Control Model. However, it did not incorporate the characteristics of the adhocracy organization, which is similar to the company's task force team, whose characteristics are organic, temporary, no standardized operation procedures, and many frequent changes. In this study, we have discussed the characteristics of the adhocracy organization which is different from the existing bureaucracy organization, and we have also discussed the problems related to when the existing access control models are used as the access control model for the adhocracy organization due to its characteristics. In addition, based on the problems, we have suggested an improved role based access control model for the adhocracy organization, and have come up with the solutions when any problems occur in the access control system.
On the Security of reduced versions of 3-pass HAVAL
Journal of the Korea Institute of Information Security and Cryptology, volume 12, issue 4, 2002, Pages 55~66
HAVAL is a dedicated hash function of the MD family which was proposed by Zheng et al.. HAVAL compresses a message of arbitrary length into a hash value of 128, 160, 192, 224, or 256 bits. HAVAL has a parameter that controls the number of passes a message block of 1024 bits is processed. A message block can be processed in 3,4, or 5 passes. When a message block is processed in three passes, we call such a case 3-pass HAVAL. So, there are three kinds of HAVAL: 3-pass HAVAL, 4-pass HAVAL, and 5-pass HAVAL. In this paper, we study the security of reduced versions of 3-pass HAVAL. We propose a method for finding the collisions for the first two passes of 3-pass HAVAL and for the last two passes of 3-pass HAVAL. This approach of reducing the number of passes is similar to the initial attacks on MD4. We represent the first two passes of 3-pass HAVAL as HAVAL-12 and the last two passes of 3-pass HAVAL as HAVAL-23.
Design of a Strong Authentication Mechanism using Public-Key based on Kerberos
Journal of the Korea Institute of Information Security and Cryptology, volume 12, issue 4, 2002, Pages 67~76
Kerberos is designed to provide strong authentication between client and application servers which are working in distributed network environment by using symmetric-key cryptography, and supposed to trust other systems of the realm. In this paper, we design an efficient and strong authentication mechanism by introducing the public/private-key to Kerberos. In the mechanism to make a system more secure, the value of the session key is changed everytime using MAC(message authentication code) algorithm with the long-term key for user-authentication and a random number exchanged through the public key. Also, we employ a mutual authentication method, which is used on challenge-response mechanism based on digital signatures, to improve trust between realms, and present a way of reducing the number of keys by simplifying authentication steps.
Impossible Differential Cryptanalysis of Reduced Round XTEA and TEA
Journal of the Korea Institute of Information Security and Cryptology, volume 12, issue 4, 2002, Pages 77~85
We present the impossible differential cryptanalysis of the block cipher XTEA and TEA. The core of the design principle of these block ciphers is an easy implementation and a simplicity. But this simplicity dose not offer a large diffusion property. Our impossible differential cryptanalysis of reduced-round versions of XTEA and TEA is based on this fact. We will show how to construct a 12-round impossible characteristic of XTEA. We can then derive 128-bit user key of the 14-round XTEA with
chosen plaintexts and
encryption times using the 12-round impossible characteristic. In addition, we will show how to construct a 10-round impossible characteristic or TEA. Then we can derive 128-bit user key or the 11-round TEA with
chosen plaintexts and
encryption times using the 10-round impossible characteristic.
The Secure Chip for Software Illegal Copy Protection
Journal of the Korea Institute of Information Security and Cryptology, volume 12, issue 4, 2002, Pages 87~98
Software has been developed very fast as information has become important value. Illegal software copy has been the main problem of developing software business. Recently used protecting lock system for software copy has not guaranteed perfectly from easily cracked-defense system. This paper, therefore, proposes 96-bit block cipher with 112-bit length to replace a DES(Data Encryption Standard) algorithm. Security chip by ASIC(Application Specific Integrated Circuit) security module is presented for software copy protection. Then, an auto block protecting algorithm is designed for the security chip. Finally, controlling driver and library are built for the security chip.
Improved Elliptic Scalar Multiplication Algorithms Secure Against Side-Channel Attacks
Journal of the Korea Institute of Information Security and Cryptology, volume 12, issue 4, 2002, Pages 99~114
Improved algorithms for elliptic scalar multiplication secure against side-channel attacks, such as timing and power analysis, are presented and analyzed. We first point out some potential security flaws often overlooked in most previous algorithms and then present a simple
1-signed encoding scheme that can be used to enhance the security and performance of existing algorithms. More specifically, we propose concrete signed binary and window algorithms based on the proposed
1-signed encoding and analyze their security and performance. The proposed algorithms are shown to be more robust and efficient than previous algorithms.
Efficient Multi-Exponentiation and Its Application
Journal of the Korea Institute of Information Security and Cryptology, volume 12, issue 4, 2002, Pages 115~126
This paper deals with efficient algorithms for computing a product of n distinct powers in a group(called multi-exponentiation). Four different algorithms are presented and analyzed, each of which has its own range of n for best performance. Using the best performing algorithm for n ranging from 2 to several thousands, one can achieve 2 to 4 times speed-up compared to the baseline binary algorithm and 2 to 10 times speed-up compared to individual exponentiation.