Go to the main menu
Skip to content
Go to bottom
REFERENCE LINKING PLATFORM OF KOREA S&T JOURNALS
> Journal Vol & Issue
Journal of the Korea Institute of Information Security and Cryptology
Journal Basic Information
Journal DOI :
Korea Institutes of Information Security and Cryptology
Editor in Chief :
Volume & Issues
Volume 14, Issue 6 - Dec 2004
Volume 14, Issue 5 - Oct 2004
Volume 14, Issue 4 - Aug 2004
Volume 14, Issue 3 - Jun 2004
Volume 14, Issue 2 - Feb 2004
Volume 14, Issue 1 - Feb 2004
Selecting the target year
A Study on the Secure Storage Device for Protecting Cryptographic Keys in Untrusted DRM Client Systems
Journal of the Korea Institute of Information Security and Cryptology, volume 14, issue 2, 2004, Pages 3~13
DRM is the ability to brand digital contents with features that ensure copy Protection and affect the way in which digital contents are played back. DRM is a technology that enables the secure distribution, promotion and sale of digital contents on the Internet. The DRM Client System that operates on the untrusted user environments has to meet the requirements of the contents owner, including copyright and contents protection. After the DRM Client System is installed on the untrusted user environments, it verifies and plays digital contents. With these procedures it cuties out user authentication, contents decryption, and license management. During these procedures, the sensitive data, including authentication information, decryption data and license data, must be secured against any illegal access from users. The goal of this thesis is to introduce the implementation of Secure Storage Device which can protect user's authentication key, cryptographic key, and license data in safe where the DRM Client System is running.
Security Analysis of ElGamal-Type Signature Scheme Using Integer Decomposition
Journal of the Korea Institute of Information Security and Cryptology, volume 14, issue 2, 2004, Pages 15~22
For an ElGamal-type signature scheme using a generate g of order q, it has been well-known that the message nonce should be chosen randomly in the interval (0, q-1) for each message to be signed. In (2), H. Kuwakado and H. Tanaka proposed a polynomial time algorithm that gives the private key of the signer if two signatures with message nonces 0＜
Ο(equation omitted) are available. Recently, R. Gallant, R. Lambert, and S. Vanstone suggested a method to improve the efficiency of elliptic curve crytosystem using integer decomposition. In this paper, by applying the integer decomposition method to the algorithm proposed by Kuwakado and Tanaka, we extend the algorithm to work in the case when ｜
Ο(equation mitted) and improve the efficiency and completeness of the algorithm.
A study on the Filtering of Spam E-mail using n-Gram indexing and Support Vector Machine
Journal of the Korea Institute of Information Security and Cryptology, volume 14, issue 2, 2004, Pages 23~33
Because of a rapid growth of internet environment, it is also fast increasing to exchange message using e-mail. But, despite the convenience of e-mail, it is rising a currently bi9 issue to waste their time and cost due to the spam mail in an individual or enterprise. Many kinds of solutions have been studied to solve harmful effects of spam mail. Such typical methods are as follows; pattern matching using the keyword with representative method and method using the probability like Naive Bayesian. In this paper, we propose a classification method of spam mails from normal mails using Support Vector Machine, which has excellent performance in pattern classification problems, to compensate for the problems of existing research. Especially, the proposed method practices efficiently a teaming procedure with a word dictionary including a generated index by the n-Gram. In the conclusion, we verified the proposed method through the accuracy comparison of spm mail separation between an existing research and proposed scheme.
Self-Reputation System in P2P Networks
Journal of the Korea Institute of Information Security and Cryptology, volume 14, issue 2, 2004, Pages 35~47
Though P2P network systems are widely used, not so much research has been done on security issues. One of the serious problem in P2P network is the authentication problem. To resolve this problem, we introduce a new concept, a "self-reputation system" in which a user manages her own reputation. We define self-reputation systems by presenting several requirements. We also give one instance of self-reputation system. The proposed instance satisfies the requirement including the prevention of erasing and the platform independence.ependence.
Authenticated quantum key distribution protocol
Journal of the Korea Institute of Information Security and Cryptology, volume 14, issue 2, 2004, Pages 49~55
We propose a new authenticated quantum key distribution protocol. Using Greenberger-Home-Zeilinger(GHZ) state, the users of our protocol can authenticate each other and share a secret key. In our protocol, the shared key is not revealed to the honest arbitrator, which Provides the additional secrecy. Our Protocol not only guarantees secrecy as the other quantum key distribution protocols, but also the users authenticates each other. In practice, our new protocol can be easily implemented because it only uses basic quantum operations.
Construction of UOWHF: New Parallel Domain Extender with Optimal Key Size
Wonil Lee ; Donghoon Chang ;
Journal of the Korea Institute of Information Security and Cryptology, volume 14, issue 2, 2004, Pages 57~68
We present a new parallel algorithm for extending the domain of a UOWHF. Our algorithm is based on non-complete l-ary tree and has the same optimal key length expansion as Shoup's which has the most efficient key length expansion known so far. Using the recent result , we can also prove that the key length expansion of this algorithm and Shoup's sequential algorithm are the minimum possible for any algorithms in a large class of "natural" domain extending algorithms. But its prallelizability performance is less efficient than complete tree based constructions. However if l is getting larger then the parallelizability of the construction is also getting near to that of complete tree based constructions.tructions.
Efficient Threshold Schnorr's Signature Scheme
Journal of the Korea Institute of Information Security and Cryptology, volume 14, issue 2, 2004, Pages 69~74
Threshold digital signature is very useful for networks that have no infrastructure such as ad hoc network Up to date, research on threshold digital signature is mainly focused on RSA and DSA. Though Schnorr's digital signature scheme is very efficient in terms of both computation and communication. its hard structure using interactive proof prevents conversion to threshold version. This paper proposes an efficient threshold signature. scheme based on the Schnorr's signature. It has a desirable property of scalability and reduces runtime costs by precomputation.
A Characteristic of Nonlinear Filter Models based on LFSMs
Journal of the Korea Institute of Information Security and Cryptology, volume 14, issue 2, 2004, Pages 75~83
We present a realization of an LFSM that utilizes an LFSR. This is based on a well-known fact from linear algebra. This structure is used to show that a previous attempt at using a cellular automata in place of an LFSR in constructing a stream cipher did not necessarily increase its security. We also give a general method for checking whether or not a nonlinear filter generator based on an LFSM allows reduction to one that is based on an LFSR and which is vulnerable to Anderson information leakage.
A Study on activation and improvement of the Government PKI
Journal of the Korea Institute of Information Security and Cryptology, volume 14, issue 2, 2004, Pages 85~100
Study and analysis on the digital certification of the world today, and census on how digital signature is being used or considered for the government will be used to sum of what can be the difficulties and Problems in operating digital signature certifications for the government administrations at this research, and of course the answers to these problems will be provided too. This research suggests practical ideas on how to interoperate between Government PKI (GPKI: Administrational Digital Certification for the Government) and National PKI (NPKI: Digital Certification for General Public ＆Business), how to make use of Standard Security APIs, how to manage (e.g. issue, reissue, update, revoke) digital certificate, how to improve technical side of security and reliability, and how to improve political issues on public education for information security. Digital certification will become more popular and widely used in government administrations in the future. Therefore, census and research on demands md satisfactions of digital certification for public and government will be regularly performed. Of course, continuous maintenances and improvement in this field will be necessary to obtain firmer way of information security.
Design and Implementation of Quantitative Risk Analysis System for ISP Network
Journal of the Korea Institute of Information Security and Cryptology, volume 14, issue 2, 2004, Pages 101~111
Risk analysis process, which identifies vulnerabilities and threat causes of network assets and evaluates expected loss when some of network assets are damaged, is essential for diagnosing ISP network security levels and response planning. However, most existing risk analysis systems provide only methodological analysis procedures, and they can not reflect continually changing vulnerabilities and threats information of individual network system on real time. For this reason, this paper suggests new system design methodology which shows a scheme to collects and analyzes data from network intrusion detection system and vulnerability analysis system and estimate quantitative risk levels. Additionally, experimental performance of proposed system is shown.
An Evaluation Method on Intrusion Detection System using Fuzzy Integrals
Journal of the Korea Institute of Information Security and Cryptology, volume 14, issue 2, 2004, Pages 113~121
In a result that the types of intrusion detection are getting diverse in accordance with rapid internet sprawl, many intrusion detection systems have been developed. In this paper, we will propose a novel evaluation on the evaluation criteria for the intrusion detection systems using Fuzzy integrals