Go to the main menu
Skip to content
Go to bottom
REFERENCE LINKING PLATFORM OF KOREA S&T JOURNALS
> Journal Vol & Issue
Journal of the Korea Institute of Information Security and Cryptology
Journal Basic Information
Journal DOI :
Korea Institutes of Information Security and Cryptology
Editor in Chief :
Volume & Issues
Volume 13, Issue 6 - Dec 2003
Volume 13, Issue 5 - Oct 2003
Volume 13, Issue 4 - Aug 2003
Volume 13, Issue 3 - Jun 2003
Volume 13, Issue 2 - Apr 2003
Volume 13, Issue 1 - Feb 2003
Selecting the target year
Scalable Hierarchical Group Key Establishment using Diffie-Hallman Key Exchange
Journal of the Korea Institute of Information Security and Cryptology, volume 13, issue 5, 2003, Pages 3~15
The secure group communication enables the members, which belong to the same group, to communicate each other in a secure and secret manner. To do so, it is the most important that a group key is securely distributed among them and also group membership is efficiently managed. In detail, the generation, the distribution and the refreshment of a group key would be highly regarded in terms of low communication and computation complexity. In this paper, we show you a new protocol to generate a group key which will be safely shared within a group, utilizing the 2-party Diffie-Hellman key exchange protocol and the complete binary tree. Our protocol has less complexity of computation per group member by substituting many parts of exponentiation computations for multiplications. Consequently, each group member needs constant computations of exponentiation and multiplication regardless of the group size in the protocol and then it has less complexity of the computation than that of any other protocols.
Automation-considered SVO Logic for Verifying Authentication and Key Distribution Protocols
Journal of the Korea Institute of Information Security and Cryptology, volume 13, issue 5, 2003, Pages 17~37
This paper presents the ASVO (Automation-considered SVO) Logic that can be used for verifying authentication and key distribution protocols. The ASVO logic was designed for automatic verification, in a way to modify the SVO logic, one of the most famous authentication logics. The ASVO logic is syntactically and semantically sound, and requires relatively simple verification steps. Also we implemented the Isabelle/ASVO system which supports semi-automated verification, by using the Isabelle/Isar system.
Efficient Re-Establishment Mechanism of Diameter Security Association lost in MIP Application
Journal of the Korea Institute of Information Security and Cryptology, volume 13, issue 5, 2003, Pages 39~48
AAA(Authentication, Authorization, Accounting) protocol is a framework that propose functions of AAA on multiple networks and platforms. AAA protocol is extending from previous RADIUS protocol to Diameter protocol. There are some Diameter applications for variety purpose. Diameter CMS Application makes Diameter messages more secure by using PKI. Diameter CMS Application establish DSA(Diameter Security Association) for end to end security. However the Application has some problems to establish DSA(Diameter Security Association), which can make Diameter system unstable. If one system lose DSA information for some system error - for example, reboot -, the secure communication between two nodes may not be possible. At the application such as MIP, even user registration can't be done. In this paper, we propose a mechannism for DSA re-establishment, and also show the result of the implementation.
Watermarking Technique Using Exchanging Wavelet Coefficients
Journal of the Korea Institute of Information Security and Cryptology, volume 13, issue 5, 2003, Pages 49~56
In this paper, we propose an efficient blind watermarking algorithm using wavelet transform. The proposed algorithm inserts watermark into the high frequency subbands that were transformed by 1-level wavelet transform of original image. Watermark insertion is achieved by exchanging each of the corresponding coefficients in the HL, LH, and HH, subbands according to the inserted watermark value. And watermark is extracted by the relation of wavelet coefficients without original image. Experimental results demonstrate that watermarked image has a good quality in terms of imperceptibility and is robust against various attacks.
An Evaluation Method for Security Policy Model Based on Common Criteria
Journal of the Korea Institute of Information Security and Cryptology, volume 13, issue 5, 2003, Pages 57~67
Security Policy Model is a structured representation using informal, semiformal or formal method of security policy to be enforced by TOE. It provides TOE to get an assurance to mitigate security flaws resulted from inconsistency between security functional requirements and functional specifications. Therefore, Security Policy Model has been required under an hish evaluation assurance level on an evaluation criteria such as ISO/IEC 15408(Common Criteria, CC). In this paper, we present an evaluation method for security policy model based on assurance requirements for security policy model in Common Criteria through an analysis of concepts, related researches and assurance requirements for security policy model.
Case Study for Information System Vulnerability Assessment through Improved OCTAVE Approach
Journal of the Korea Institute of Information Security and Cryptology, volume 13, issue 5, 2003, Pages 69~79
We analyze key business process by using IDEF method in the perspective of business continuity, identify key information assets by using Skandia model, and use Nessus Version 1.4.2 to assess vulnerability about the sever of library information system according to OCTAVE(The Operationally Critical Threat, Asset, and Vulnerability Evaluation) approach. We suggest the vulnerability assessment case for introducing improved OCTAVE method including IDEF method and Skandia model.
Security Verification of Wireless Remote Control System Using CPN
Journal of the Korea Institute of Information Security and Cryptology, volume 13, issue 5, 2003, Pages 81~90
Existing web-based system management software solutions show some limitations in time and space. Moreover, they possess such as shortcomings unreliable error message announcements and difficulties with real-time assistance suppers and emergency measures. In order to solve these deficiencies, Wireless Remote Control System was designed and implemented. Wireless Remote Control System is able to manage and monitor remote systems by using mobile communication devices for instantaneous control. The implementation of Wireless Remote Control System leads to these security Problems as well as solutions to aforementioned issues with existing web-based system management software solutions. Therefore, this paper has focused on the security matters related to Wireless Remote Control System. The designed security functions include mobile device user authentication and target system access control. For security verification of these security functions introduced CPN(Coloured Petri Nets) which is capable of expressing every possible state for each stage. And then in this paper was verified its security through PI(Place Invariant) based on CPN(Coloured Petri Nets). The CPN expression and analysis method of the proposed security function can also be a useful method for analyzing other services in the future.
Efficient Masquerade Detection Based on SVM
Journal of the Korea Institute of Information Security and Cryptology, volume 13, issue 5, 2003, Pages 91~104
A masquerader is someone who pretends to be another user while invading the target user's accounts, directories, or files. The masquerade attack is the most serious computer misuse. Because, in most cases, after securing the other's password, the masquerader enters the computer system. The system such as IDS could not detect or response to the masquerader. The masquerade detection is the effort to find the masquerader automatically. This system will detect the activities of a masquerader by determining that user's activities violate a profile developed for that user with his audit data. From 1988, there are many efforts on this topic, but the success of the offers was limited and the performance was unsatisfactory. In this report we propose efficient masquerade detection system using SVM which create the user profile.
Simple and Efficient Authenticated Key Agreement Protocol
Journal of the Korea Institute of Information Security and Cryptology, volume 13, issue 5, 2003, Pages 105~112
In this raper, we propose two simple and efficient key agreement protocols, called SEKA-H and SEKA-E, which use a pre-shared password between two parties for mutual authentication and agreeing a common session key. The SEKA-H protocol uses a hash function to verify an agreed session key. The SEKA-E Protocol, a variant of SEKA-H, uses an exponentiation operation in the verification phase. They are secure against the man-in-the-middle attack the password guessing attack and the Denning-Sacco attack and provide the perfect forward secrecy. The SEKA-H protocol is very simple in structure and provides good efficiency compared with other well-known protocols. The SEKA-E protocol is also comparable with the previous protocols.
A WTLS Handshake protocol against Active Attack
Journal of the Korea Institute of Information Security and Cryptology, volume 13, issue 5, 2003, Pages 113~127
WTLS as secure protocol of WAP makes TLS that is used in wireless Intemet protocol for TCP security be appropriate for wireless environments. And purpose of WTLS is to provide safe and efficient services. WTLS protocol consists of 4 protocols(Handshake, ChangeCipherSpec, Alert, Application Data etc.). In this papers we analyze properties of Handshake protocol and procedures of establishing master secret in detail. And then we analyze securities against several attacker models with them for a basis. Also we propose new Handshake protocol that is secure against active attacker model and can provide various security services.
Dual Signature Scheme to provide efficient message decryption
Journal of the Korea Institute of Information Security and Cryptology, volume 13, issue 5, 2003, Pages 129~136
A representative payment broker system is SET and one of its signature shcemes is a dual digital signature scheme. A dual digital signature scheme expose neither user's payment information(credit card number etc.) to merchandiser, nor user's order information to bank So it keeps user's Privacy safe. The digital signature scheme like this is being necessary as E-commerce is revitalized. But a dual digital signature of SET is not appropriate for wireless environments because it needs so many computations and communications. In this paper, we propose a signcryption scheme that generates a polynomial using a payment information for merchandiser and an order information for bank in order to reduce communications. We analyze the problem of existing signcryption schemes and dual digital signature schemes. Also we analyze the security properties of the proposed scheme.
Stream Cipher Algorithm using the Modified S-box
Journal of the Korea Institute of Information Security and Cryptology, volume 13, issue 5, 2003, Pages 137~145
Nowadays, people can communicate with each other on any time at my place by development of wireless communications. But, the openness of mobile communications Poses serious security threats and the security is necessary on mobile communications to support the secure communication channel. The most commonly method is stream cipher for mobile communications. Generally, this stream cipher is implemented by LFSR(Linear Feedback Shift Register). On this paper proposes the modified mechanism of the S box is usually used in block cipher to advance security og the stream cipher and this mechanism is the modified three one in consideration og the randomness. Generally, S box that is function with nonlinear property makes data more strong by attack. The randomness test of the proposed algorithm is used Ent Pseudorandom Number Sequence Test Program and by the test result it proves that it has better randomness and serial correlation value than the based stream cipher on respective test.
A New Forward-Secure Signature Scheme based on GDH groups
Journal of the Korea Institute of Information Security and Cryptology, volume 13, issue 5, 2003, Pages 147~157
We often use cryptographic systems on small devices such as mobile phones, smart cards and so on. But such devices are delicate against the tlreat of key exposure of secret keys. To reduce the damage caused by exposure of secret keys stored on such devices, the concept of forward security is introduced. In this Paper, we present a new forward secure signature scheme based on Gap Diffie-Hellman groups. Our scheme achieves security against chosen-message attacks under the computational Diffie-Hellman assumption in the random oracle model.
On a construction of resilient functions using a hyperelliptic curve with genus 2
Journal of the Korea Institute of Information Security and Cryptology, volume 13, issue 5, 2003, Pages 159~168
In , J. H. Cheon and S. T Chee proposed a method to generate boolean functions with good properties using a poly-nomials of degree 3 over a finite field
. In this paper, we propose a method generating resilient functions with high nonlinearity from polynomials of degree 5 over a finite field $F_
Randomization of Elliptic Curve Secret Key to Efficiently Resist Power Analysis
Journal of the Korea Institute of Information Security and Cryptology, volume 13, issue 5, 2003, Pages 169~177
We establish the security requirements and derive a generic condition of elliptic curve scalar multiplication to resist against DPA and Goubin’s attack. Also we show that if a scalar multiplication algorithm satisfies our generic condition, then both attacks are infeasible. Showing that the randomized signed scalar multiplication using Ha-Moon's receding algorithm satisfies the generic condition, we recommend the randomized signed scalar multiplication using Ha-Moon's receding algorithm to be protective against both attacks. Also we newly design a random recoding method to Prevent two attacks. Finally, in efficiency comparison, it is shown that the recommended method is a bit faster than Izu-Takagi’s method which uses Montgomery-ladder without computing y-coordinate combined with randomized projective coordinates and base point blinding or isogeny method. Moreover. Izu-Takagi’s method uses additional storage, but it is not the case of ours.
Design of an Efficient Bit-Parallel Multiplier using Trinomials
Journal of the Korea Institute of Information Security and Cryptology, volume 13, issue 5, 2003, Pages 179~187
Recently efficient implementation of finite field operation has received a lot of attention. Among the GF(
) arithmetic operations, multiplication process is the most basic and a critical operation that determines speed-up hardware. We propose a hardware architecture using Mastrovito method to reduce processing time. Existing Mastrovito multipliers using the special generating trinomial p(
-1 XOR gates and
AND gates. The proposed multiplier needs
AND gates and
-3n)/2 XOR gates that depend on the intermediate term xn. Time complexity of existing multipliers is
+( (m-2)/(m-n) +1+ log
and that of proposed method is
(m-1)＋ n/2 ) )
. The proposed architecture is efficient for the extension degree m suggested as standards: SEC2, ANSI X9.63. In average, XOR space complexity is increased to 1.18% but time complexity is reduced 9.036%.