Go to the main menu
Skip to content
Go to bottom
REFERENCE LINKING PLATFORM OF KOREA S&T JOURNALS
> Journal Vol & Issue
Journal of the Korea Institute of Information Security and Cryptology
Journal Basic Information
Journal DOI :
Korea Institutes of Information Security and Cryptology
Editor in Chief :
Volume & Issues
Volume 13, Issue 6 - Dec 2003
Volume 13, Issue 5 - Oct 2003
Volume 13, Issue 4 - Aug 2003
Volume 13, Issue 3 - Jun 2003
Volume 13, Issue 2 - Apr 2003
Volume 13, Issue 1 - Feb 2003
Selecting the target year
Secure Steganography Using a Block Cipher
Journal of the Korea Institute of Information Security and Cryptology, volume 13, issue 3, 2003, Pages 1~15
defined the security of steganography theoretically at first, then
also discussed it on the different aspects. Unfortunately, because many steganographic systems couldnt overcome the statistical gap between a stego-cover and a pure cover, the secure steganography hasn' been evaluated yet. By the effectivel steganalysis algorithm, statistical test which was suggested by Westfel
, the attacker Wendy could select the stego-covers out of suspicious covers. Our newly developed algorithm which minimizes the changes of a pure cover by using the block cipher withstands a statistical test and has a similar embedding capacity in comparison with a simple LSB substitution steganography.
A Study on Analysis and Development of Education Program in Information Security Major
Journal of the Korea Institute of Information Security and Cryptology, volume 13, issue 3, 2003, Pages 17~26
Recently, as the internet is widespread rapidly among the public, people can use a variety of useful information services through the internet. Accordingly, the protection of information supplied by computer networks 5 has become a matter of primary concern on the whole world. To accede to the realistic demands, it has been worked out some countermeasures to cultivate the experts in information security by the government and many educational facilities. Already the government authority has carried out the each kinds of concerning projects under the framed a policy, Five-Year Development Plan for Information Security Technology. Also, many domestic universities perceives such an international trend, and so they frame their plans to train for the experts in this field, including to found a department with respect to the information security. They are ready to execute their tangible works, such as establishment of educational goal, development of teaching materials, planning curriculum, construction of laboratories and ensuring instructors. Moreover, such universities lead to their students who want to be information security experts to get the fundamental knowledge to lay the foundation for acquiring the information security technology in their bachelor course. In this note, we survey and analyze the curricula of newly-established or member-extended departments with respect to information security fields of some leading universities in the inside and outside of the country, and in conclusion, we propose the effective model of curriculum and educational goal to train the students for the information security experts.
Design of Serial-Parallel Multiplier for GF(
Journal of the Korea Institute of Information Security and Cryptology, volume 13, issue 3, 2003, Pages 27~34
Recently, an efficient hardware development for a cryptosystem is concerned. The efficiency of a multiplier for GF(
)is directly related to the efficiency of some cryptosystem. This paper, considering the trade-off between time complexity andsize complexity, proposes a new multiplier architecture having n[n/2] AND gates and n([n/2]+1)- $
_n$ = XOR gates, where $
_n$=1 if n is even, $
_n$=0 otherwise. This size complexity is less than that of existing
AND gates and
-1 XOR gates. While a new multiplier is a serial-parallel multiplier to output a result of multiplication of two elements of GF(
) after 2 clock cycles, the suggested multiplier is more suitable for some cryptographic device having space limitations.
A Random M-ary Method-Based Countermeasure against Power Analysis Attacks on ECC
Journal of the Korea Institute of Information Security and Cryptology, volume 13, issue 3, 2003, Pages 35~43
The randomization of scalar multiplication in ECC is one of the fundamental concepts in defense methods against side-channel attacks. This paper proposes a countermeasure against simple and differential power analysis attacks through randomizing the transformed m-ary method based on a random m-ary receding algorithm. The proposed method requires an additional computational load compared to the standard m-ary method, yet the power consumption is independent of the secret key. Accordingly, since computational tracks using random window width can resist against SPA and DPA, the proposed countermeasure can improve the security for smart cards.
Design of Wireless LAM Authentication Mechanism for Fast Handoff Service based on PKI
Journal of the Korea Institute of Information Security and Cryptology, volume 13, issue 3, 2003, Pages 45~55
Wireless LAM has the advantage of extension, flexibility and easiness of installation and maintenance. However, due to the characteristics of wireless media, it is vulnerable to security attacks. PKI(Public Key Infrastructure) is estimated to be a good solution offering security function to wireless LAM including global roaming. It offers high security functions as authentication confidentiality and digital signature while it generates big overheads such as CRL search and certificate verification. The overheads can not be avoided during the initial authentication. However, when we consider the case of handoff, it can be minimized through the fast handoff. In this paper, we design a fast handoff authentication mechanism based on PKI in the wireless LAM and analyze the performance of the scheme.
A Fast Scalar Multiplication to Resist again t Power Attacks by Folding the Scalar in Half
Journal of the Korea Institute of Information Security and Cryptology, volume 13, issue 3, 2003, Pages 57~64
Recently, it has been shown that cryptographic devices such as smart cards are vulnerable to power attacks. In this paper, by mixing the randomization concept and the folding in half for secret scalar integer on ECCs, we propose an efficient and fast scalar multiplication algorithm to resist against simple power analysis(SPA) and differential power analysis(DPA) attacks. Our proposed algorithm as a countermeasure against SPA and DPA is estimated as a 33% speedup compared to the binary scalar multiplication.
A Scalar Multiplication Method and its Hardware with resistance to SPA(Simple Power Analysis)
Journal of the Korea Institute of Information Security and Cryptology, volume 13, issue 3, 2003, Pages 65~70
In this paper, we propose a scalar multiplication method and its hardware architecture which is resistant to SPA while its computation speed is faster than Colon's. There were SPA-resistant scalar multiplication method which has performance problem. Due to this reason, the research about an efficient SPA-resistant scalar multiplication is one of important topics. The proposed architecture resists to SPA and is faster than Colon's method under the assumption that Colon's and the proposed method use same fmite field arithmetic units(multiplier and inverter). With n-bit scalar multiple, the computation cycle of the proposed is 2n·(Inversion cycle)+3(Aultiplication cycle).
Implementation of Real-time Wireless Remote Control System Based on Public Key Infrastructure
Journal of the Korea Institute of Information Security and Cryptology, volume 13, issue 3, 2003, Pages 71~79
Existing web-based system management software solutions show some limitations in time and space. Moreover, hey possess such as shortcomings unreliable error message announcements and difficulties with real-time assistance supports and emergency measures. In order to solve these deficiencies, Wireless Remote Control System(W-RCS) was designed and implemented. W-RCS is able to manage and monitor remote systems by using mobile communication devices for instantaneous control. The implementation of W-RCS leads to these security problems as well as solutions to aforementioned issues with existing web-based system management software solutions. Therefore, this paper has focused on the security matters related to W-RCS. The security functions based on public key infrastructure include mobile device user authentication and target system access control. The W-RCS allows real-time user authentication, increases the flexibility of resource administrators and mobile device non, and provides not only uninterrupted services, but also safe mobile office environments.
The host-based Intrusion Detection System with Audit Correlation
Journal of the Korea Institute of Information Security and Cryptology, volume 13, issue 3, 2003, Pages 81~90
The presence of the intrusion is judged by intrusion detection system based on the audit log and the Performance of this system depends on how correctly and effectively it has been described about the intrusion pattern with audit log. In this paper, the relativity concerning intrusion is demonstrated among the information those are ‘System call, Network packet and Syslog’ and the related pattern of the state-transition-based method and those rule-based pattern is identified. By applying this correlation to them, the accuracy rate of detection was able to be improved. Especially, the availability of detection with correlation pattern through Covert Channel detection test has been substantiated.
Secure Electronic Trading System for Online Game-Items
Journal of the Korea Institute of Information Security and Cryptology, volume 13, issue 3, 2003, Pages 91~99
In this paper, we analyze the current trading systems and suggest two secure electronic trading systems that make a fair exchange for online game items. The system is made up for the weak points in the current item trading system. In the proposed system, a game server issues a certificate each item on the user's request. On the one hand, this certificate is used to recover the item when the system error is occured. On the other hand, the user may exchange it with another item or cyber money. The proposed system supports private and reliable trading. Further, the trading can be completed only by online processing.
Tree-based Group Key Agreement Protocol using Pairing
Journal of the Korea Institute of Information Security and Cryptology, volume 13, issue 3, 2003, Pages 101~110
Secure and reliable group communication is an increasingly active research area prompted by the growing popularity of many types of group-oriented and collaborative applications. The central challenge is secure and efficient group key management. While centralized methods are often appropriate for key distribution in large multicast-style groups, many collaborative group settings require distributed key agreement techniques. Most of prior group key agreement protocols have been focused on reducing the computational costs. One exception is STR protocol that optimizes communicational cost. On the other hand, it requires O(n) number of modular exponentiations. In this paper, we propose a new group key agreement protocol that modifies STR protocol by utilizing pairing based cryptography. The resulting protocol reduces computational cost of STR protocol while preserving the communication cost.
Proxy Signatures based on XTR Cryptosystem
Journal of the Korea Institute of Information Security and Cryptology, volume 13, issue 3, 2003, Pages 111~117
The XTR public key system has advantage of short key length and fast computing speed. So, the XTR is used usefully in complicated operation. In this paper, we propose a new algorithm of double exponentiation operation and a proxy signature protocol based on the XTR. The double exponentiation operation should be executed to apply XTR for the proxy signature protocol. But this algorithm is inappropriate, because two secret key has to be blown in existent operation algorithm. New algorithm enable double exponentiation operation with proxy signer's secret key and public information. And the XTR is used to generation and verification of proxy at proxy signature protocol. Therefore proxy signature based on the XTR has basic advantage of the XTR. These advantage can be used in internet as well as mobile.
Impossible Differential Cryptanalysis for Block Cipher Structures
Journal of the Korea Institute of Information Security and Cryptology, volume 13, issue 3, 2003, Pages 119~127
Impossible differential cryptanalysis(IDC) introduced by Biham et.
uses impossible differential characteristics. There-fore, a security of a block cipher against IDC is measured by impossible differential characteristics. In this paper, we pro-vide a wildly applicable method to find various impossible differential characteristics of block cipher structures not using the specified form of a round function. Using this method, we can find various impossible differential characteristics for Nyberg's generalized Feistel network and a generalized RC6-like structure. Throughout the paper, we assume round functions used in block cipher structures are bijective.ctive.
More Efficient Hierarchical ID-based Cryptosystem
Journal of the Korea Institute of Information Security and Cryptology, volume 13, issue 3, 2003, Pages 129~134
Hierarchical ID-based Cryptography proposed by C. Gentry and A. Silverberg has the problem that the length of the ciphertext is proportional to the depth of the recipient in the hierarchy. In this paper, we propose the new methods to shorten the length of the ciphertext by using HlDS(Hierarchical ID-based Signature).
An Aggregate Detection of Event Correlation using Fuzzy Control
Journal of the Korea Institute of Information Security and Cryptology, volume 13, issue 3, 2003, Pages 135~144
An intrusion detection system shows different result over overall detection area according to its detection characteristics of inner detection algorithms or techniques. To expand detection areas, we requires an integrated detection which can be archived both by deploying a few detection systems which detect different detection areas and by combining their results. In addition to expand detection areas, we need to decrease the workload of security managers by false alarms and improve the correctness by minimizing false alerts which happen during the process of integration. In this paper, a method for aggregation detection use fuzzy inference to integrate a vague detection results which imply the characteristics of detection systems. Their analyzed detection characteristics are expressed as fuzzy membership functions and fuzzy rule bases which are applied through the process of fuzzy control. And, it integrate a vague decision results and minimize the number of false alerts by reflecting the characteristics of detection systems. Also it does minimize inference objects by applying thresholds decided through several experiments.