Go to the main menu
Skip to content
Go to bottom
REFERENCE LINKING PLATFORM OF KOREA S&T JOURNALS
> Journal Vol & Issue
Journal of the Korea Institute of Information Security and Cryptology
Journal Basic Information
Journal DOI :
Korea Institutes of Information Security and Cryptology
Editor in Chief :
Volume & Issues
Volume 13, Issue 6 - Dec 2003
Volume 13, Issue 5 - Oct 2003
Volume 13, Issue 4 - Aug 2003
Volume 13, Issue 3 - Jun 2003
Volume 13, Issue 2 - Apr 2003
Volume 13, Issue 1 - Feb 2003
Selecting the target year
ID-based Proxy Signature Scheme from the Bilinear Map
Journal of the Korea Institute of Information Security and Cryptology, volume 13, issue 2, 2003, Pages 3~11
Proxy signatures are signature schemes in which an original signer delegates her signing capability to a proxy entity, who signs a message on behalf of the original signer. In this paper we propose the ID-based proxy signature schemes using a bilinear map. In the previous R-based proxy signature scheme, the proxy signer can misuse the right of the signing capacity and the public key directory is required. However, by inserting the warrant information such as the identity of the proxy signer and the limit of the signing capacity to the proxy signature, our scheme can prevent the misuse of the proxy key pair by the proxy signer and does not require a public key certificate. Furthermore, our scheme dose not need a secure channel to deliver the warrant. Consequently, the proposed scheme is more efficient and useful than the previous proxy signature schemes.
Design of a Secure Web-mail System based on End-to-End
Journal of the Korea Institute of Information Security and Cryptology, volume 13, issue 2, 2003, Pages 13~29
Web-mail system is worthy of note as a next generation e-mail system for its mobility and easiness. But many web-mail system does not have any kind of security mechanism. Even if web-mail system provides security services, its degree of strength is too low. Using these web-mail systems, the e-mail is tabbed, modified or forged by attacker easily. To solve these problems, we design and implement secure web-mail system based on the international e-mail security standard S/MIME in this thesis. This secure web-mail system is composed of server system and client system The server system performs basic mail functions - sending/receiving the mails, storing the mails, and management of user information, etc. And the client system performs cryptographic functions - encryption/decryption of the mails, digital signing and validation, etc. Because client system performs cryptographic functions this secure web-mail system gives its reliability and safety, and provides end-to-end security between mail users. Also, this secure web-mail system increase system efficiency by minimize server load.
Link-State Routing Security Mechanism based on Double Hash Chain
Journal of the Korea Institute of Information Security and Cryptology, volume 13, issue 2, 2003, Pages 31~40
The current security issue for the Internet is focused on the security for user data. On the other hand, the research on the security for routing protocols is not so active, considering the importance of its role for the harmonious and accurate operation of the Internet. In this paper, we investigate the security problems of the link-state routing protocol which has been employed in the Internet, and suggest a new authentication mechanism for routing messages which complements and extends the previous ones. For this purpose, a concept of dual hash chains is newly introduced, which is provably secure, and we explain how to provide both the integrity and source authentication service for routing messages based on the session hash chains.
User Revocation Scheme for Reducing the Computational Overheads in Multicast Environment
Journal of the Korea Institute of Information Security and Cryptology, volume 13, issue 2, 2003, Pages 41~47
Revocation scheme is a re-keying scheme for dynamically changing group in multicast environment. In this paper, we propose two variants of the previously proposed revocation scheme, on the purpose of reducing the amount of computations group members should perform. Also proposed is a method of allowing unlimited number of member revocations.
A New Universally Verifiable and Receipt-free Electronic Voting Scheme Using Only One-way Untappable Channels
Journal of the Korea Institute of Information Security and Cryptology, volume 13, issue 2, 2003, Pages 49~61
Electronic voting schemes must provide universal verifiability and receipt-freeness, as well as basic properties such as privacy, eligibility, to make the election fair and transparent. But it is difficult to provide both universal verifiability and receipt-freeness because they are mutually contradictory in their objective. To date, most electronic voting schemes provide only one of these properties and those few that provide both properties are not practical due to heavy computational load. In this paper, we present an efficient electronic voting scheme that provides both properties. The proposed scheme uses a trusted third party called HR(Honest Randomizer) and requires only one-way untappable channels from HRs to voters. Among the schemes that assume only one-way untappable channel this scheme requires the least amount of computation. Among the schemes that provide both properties, this scheme uses the weakest physical assumption. We also discuss the security of the system and compare our scheme with other related schemes.
Jointly Unsigncryptable Signcryption Schemes
Journal of the Korea Institute of Information Security and Cryptology, volume 13, issue 2, 2003, Pages 63~68
Signcryption has been proposed to provide authentication md confidentiality of a message efficiently. In the existing schemes, any recipient can unsigncrypt the signcrypted message alone. In this paper, we propose a (t,n)-threshold signcryption scheme in which at least t recipients must participate in an unsigncryption process.
Providing Payment Atomicity Using Verifiable Encryption
Journal of the Korea Institute of Information Security and Cryptology, volume 13, issue 2, 2003, Pages 69~80
Verifiable encryption is an encryption technique with which one can verify what has been encrypted even if one can not decrypt the ciphertext. This technique can be used in fair exchange to convince the counterpart of his or her receiving an item by presenting an encrypted form in advance. In this paper, a method that can guarantee the payment atomicity is proposed by applying verifiable encryption to an electronic cash system based on the representation problem. With the new method, the process of dispute settlement is improved in the fact that the trusted third party do not have to interact with the bank to resolve disputes. This method is also flexible in a sense that clients and shops can request for dispute settlement regardless of any deadline constraint. However, additional proof is necessary to apply verifiable encryption during payment. We discuss the security and the atomicity of our method, and compare ours with others
Implementation of Hybrid Smartcard Using Multi Encryption Method
Journal of the Korea Institute of Information Security and Cryptology, volume 13, issue 2, 2003, Pages 81~89
With the rapid development of information and communication technology, online dissemination increases rapidly. So, It becomes more important to protect information. Recently the authentication system using public key infrastructure (PKI) is being utilized as an information protection infrastructure for electronic business transactions. And the smartcard system makes the most use of such an infrastructure. But because the certification based on the current PKI provides oかy basic user certification information, the use has to be limited in various application services that need the identification and authorization information as well as face-to-face information of the user. In order to protect a system from various kinds backings and related treats, we have proposed angular and private key multiplexing for prevention of smartcard forgery and alteration based on a photopolymer cryptosystem. When smartcard becomes prone to forgery and alteration, we should be able to verify it. Also, our parer proposes a new authentication system using multi authentication based on PKI. The smartcard has an excellent advantage in security and moving.
A new discrete logarithm problem with public parameter key-size reduction
Journal of the Korea Institute of Information Security and Cryptology, volume 13, issue 2, 2003, Pages 91~98
We introduce a new public key system based on the discrete logarithm Problem(DLP) in a quotient group of finite fields. This system achieves savings not only in communication overhead by reducing public key size and transfer data by half but also in computational costs by performing efficient exponentiation. In particular, this system takes about 50% speed-up, compared to DSA which has the same security.
Anomaly Detection Scheme Using Data Mining Methods
Journal of the Korea Institute of Information Security and Cryptology, volume 13, issue 2, 2003, Pages 99~106
Intrusions pose a serious security risk in a network environment. For detecting the intrusion effectively, many researches have developed data mining framework for constructing intrusion detection modules. Traditional anomaly detection techniques focus on detecting anomalies in new data after training on normal data. To detect anomalous behavior, Precise normal Pattern is necessary. This training data is typically expensive to produce. For this, the understanding of the characteristics of data on network is inevitable. In this paper, we propose to use clustering and association rules as the basis for guiding anomaly detection. For applying entropy to filter noisy data, we present a technique for detecting anomalies without training on normal data. We present dynamic transaction for generating more effectively detection patterns.
Efficient mutual authentication and key distribution protocol for cdma2000 packet data service
Journal of the Korea Institute of Information Security and Cryptology, volume 13, issue 2, 2003, Pages 107~114
In this paper, we propose an efficient mutual authentication and key distribution protocol for cdma2000 packet data service which uses Mobile U access method with DIAMETER AAA(Authentication, Authorization and Accounting) infrastructure. The proposed scheme provides an efficient mutual authentication between MN(Mobile Node) and AAAH(home AAA server), and a secure session-key distribution among Mobile If entities. The proposed protocol improves the efficiency of DIAMETER AAA and satisfies the security requirements for authentication and key distribution protocol. Also, the key distributed by the proposed scheme can be used to generate keys for packet data security over 1xEV-DO wireless interface, in order to avoid a session hijacking attack for 1xEV-DO packet data service.
SAD : Web Session Anomaly Detection based on Bayesian Estimation
Journal of the Korea Institute of Information Security and Cryptology, volume 13, issue 2, 2003, Pages 115~125
As Web services are generally open for external uses and not filtered by Firewall, these result in attacker's target. Web attacks which exploit vulnerable web-applications and malicious users' requests cause economical and social problems. In this paper, we are modelling general web service usages based on user-web-session and detect anomal usages with Bayesian estimation method. Finally we propose SAD(Session Anomaly Detection) for detection unknown web attacks. To evaluate SAD, we made an experiment on attack simulation with web vulnerability scanner, whisker. The results show that the detection rate of SAD is over 90%, which is influenced by several features such as size of window or training set, detection filter method and web topology.
A Fast Method for Computing Multiplcative Inverses in GF(2
) Using Normal Bases
Journal of the Korea Institute of Information Security and Cryptology, volume 13, issue 2, 2003, Pages 127~132
Cryptosystems have received very much attention in recent years as importance of information security is increased. Most of Cryptosystems are defined over finite or Galois fields GF(
) . In particular, the finite field GF(
) is mainly used in public-key cryptosystems. These cryptosystems are constructed over finite field arithmetics, such as addition, subtraction, multiplication, and multiplicative inversion defined over GF(
) . Hence, to implement these cryptosystems efficiently, it is important to carry out these operations defined over GF(
) fast. Among these operations, since multiplicative inversion is much more time-consuming than other operations, it has become the object of lots of investigation. Recently, many methods for computing multiplicative inverses at hi호 speed has been proposed. These methods are based on format's theorem, and reduce the number of required multiplication using normal bases over GF(
) . The method proposed by Itoh and Tsujii among these methods reduced the required number of times of multiplication to O( log m) Also, some methods which improved the Itoh and Tsujii's method were proposed, but these methods have some problems such as complicated decomposition processes. In practical applications, m is frequently selected as a power of 2. In this parer, we propose a fast method for computing multiplicative inverses in GF(
) , where m = (
) . Our method requires fewer ultiplications than the Itoh and Tsujii's method, and the decomposition process is simpler than other proposed methods.