Go to the main menu
Skip to content
Go to bottom
REFERENCE LINKING PLATFORM OF KOREA S&T JOURNALS
> Journal Vol & Issue
Journal of the Korea Institute of Information Security and Cryptology
Journal Basic Information
Journal DOI :
Korea Institutes of Information Security and Cryptology
Editor in Chief :
Volume & Issues
Volume 15, Issue 6 - Dec 2005
Volume 15, Issue 5 - Oct 2005
Volume 15, Issue 4 - Aug 2005
Volume 15, Issue 3 - Jun 2005
Volume 15, Issue 2 - Apr 2005
Volume 15, Issue 1 - Feb 2005
Selecting the target year
Video Watermarking Scheme with Adaptive Embedding in 3D-DCT domain
Park Hyun ; Han Ji-Seok ; Moon Young-Shik ;
Journal of the Korea Institute of Information Security and Cryptology, volume 15, issue 3, 2005, Pages 3~12
This paper introduces a 3D perceptual model based on JND(Just Noticeable Difference) and proposes a video watermarking scheme which is perceptual approach of adaptive embedding in 3D-DCT domain. Videos are composed of consecutive frames with many similar adjacent frames. If a watermark is embedded in the period of similar frames with little motion, it can be easily noticed by human eyes. Therefore, for the transparency the watermark should be embedded into some places where motions exist and for the robustness its magnitude needs to be adjusted properly. For the transparency and the robustness, watermark based on 3D perceptual model is utilized. That is. the sensitivities from the 3D-DCT quantization are derived based on 3D perceptual model, and the sensitivities of the regions having more local motion than global motion are adjusted. Then the watermark is embedded into visually significant coefficients in proportion to the strength of motion in 3D-DCT domain. Experimental results show that the proposed scheme improves the robustness to MPEG compression and temporal attacks by about
, compared to the existing 3D-DCT based method. In terms of PSNR, the proposed method is similar to the existing method, but JND guarantees the transparency of watermark.
A Role-Based Access Control Model ensuring Confidentiality and Integrity
Byun Chang-Woo ; Park Seog ;
Journal of the Korea Institute of Information Security and Cryptology, volume 15, issue 3, 2005, Pages 13~29
An important characteristic of role-based access control model(RBAC) is that by itself it is policy neutral. This means RBAC articulates security policy without embodying particular security policy. Because of this reason, there are several researches to configure RBAC to enforce traditional mandatory access control(MAC) policy and discretionary access control(DAC) policy. Specifically, to simulate MAC using RBAC several researches configure a few RBAC components(user, role, role-hierarchy, user-role assignment and session) for keeping no-read-up rule and no-write-down rule ensuring one-direction information flow from low security level to high security level. We show these researches does not ensure confidentiality. In addition, we show the fact that these researches overlook violation of integrity due to some constraints of keeping confidentiality. In this paper we propose a RBAC model satisfying both confidentiality and integrity. We reexamine a few RBAC components and constructs additional constraints.
Asymmetric Temporal Privilege Management on Untrusted Storage Server
Kim, Euh-Mi ; Yoon, Hyo-Jin ; Cheon, Jung-Hee ;
Journal of the Korea Institute of Information Security and Cryptology, volume 15, issue 3, 2005, Pages 31~42
We consider a network storage model whose administrator can not be fully trusted. In this model, we assume that all data stored are encrypted for data confidentiality and one owner distributes the decryption key for each time period to users. In this paper, we propose three privilege management schemes. In the first scheme, called Temporal Privilege Management (TPM), we use a symmetric encryption based on one-way function chains for key encapsulation. In the second scheme, called Asymmetric Temporal Privilege Management (ATPM), anyone can encrypt the data using the public key of owner, but only privileged users can decrypt the encrypted data. Finally, we present a scheme to restrict writers' privilege using ID-based signatures in ATPM. In our schemes, the privilege managements are based on the time and the addition of users is efficient. Specially, applying TPM and ATPM, we can solve the back-issue problem.
An Efficient MIPv4 Registration Protocol With Minimal Overheads Of AAA
Kang Hyun-Sun ; Park Chang-Seop ;
Journal of the Korea Institute of Information Security and Cryptology, volume 15, issue 3, 2005, Pages 43~52
MIPv4 supports node mobility, manages MN's binding list and provides seamless communication through registration protocol. Since the registration protocol usually operating in the wireless environment involves authenticating MNs, it is a general approach to introduce the AAA infrastructure as key distribution center for the purpose of authentication. In this paper, we propose an efficient registration protocol with lightweight AAA based on domain key. Proposed protocol also withstands various replay attacks, and provides non-repudiation service for the accounts of the usage of the network service.
A study on Kerberos Authentication mechanism
Kim Cheol-hyun ; Lee Yon-Sik ;
Journal of the Korea Institute of Information Security and Cryptology, volume 15, issue 3, 2005, Pages 53~64
In this paper, proposes Kerberos certification mechanism that improve certification service of PKINIT base that announce in IETF CAT Working Croup. Also proposed Authentication Mechanism for reusability of Ticket that after Ticket's Lifetime is ended, message exchange that Local Client receives Remote Server's service. Since my suggestion to regional services are not described in Kerberos, authentication between regions can be performed via PKINIT(Public Key Cryptography for Initial Authentication) presented by IETF(Internet Engineering Task Force) CAT working group. The new protocol is better than the authentication mechanism proposed by IETF CAT Working group in terms of communication complexity and mechanism according to simplified Ticket issue processing.
Fast Scalar Multiplication Algorithm on Elliptic Curve over Optimal Extension Fields
Chung Byungchun ; Lee Soojin ; Hong Seong-Min ; Yoon Hyunsoo ;
Journal of the Korea Institute of Information Security and Cryptology, volume 15, issue 3, 2005, Pages 65~76
Speeding up scalar multiplication of an elliptic curve point has been a prime approach to efficient implementation of elliptic curve schemes such as EC-DSA and EC-ElGamal. Koblitz introduced a
expansion method using the Frobenius map. Kobayashi et al. extended the
scalar multiplication method to suit Optimal Extension Fields(OEF) by introducing the table reference method. In this paper we propose an efficient scalar multiplication algorithm on elliptic curve over OEF. The proposed
scalar multiplication method uses an optimized batch technique after rearranging the computation sequence of
expansion usually called Horner's rule. The simulation results show that the new method accelerates the scalar multiplication about
over the Kobayashi et al. method and is about three times as fast as some conventional scalar multiplication methods.
An Efficiency Improved ID-based Tripartite Key Agreement Protocol
Park Young-Ho ; Rhee Kyung-Hyune ;
Journal of the Korea Institute of Information Security and Cryptology, volume 15, issue 3, 2005, Pages 77~89
As the ID-based public key cryptosystems become a very active research area, a number of ID-based key agreement protocols have been proposed, but unfortunately many of them were analyzed that there were some security flaws in the protocols. In addition to key agreement protocols, in recent, Liu et al. and Kim et al. proposed the key agreement protocols that multiple session keys are established at once among participated entities. In this paper, we propose an ID-based tripartite key agreement protocol that establishes 8 keys by improving the efficiency of the Liu et al's. Moreover, the proposed protocol can be used in the situation where multiple different private key generators(PKG) are involved. Therefore, because the private key issued by different PKGs belonging to each entity's domain can be used, our proposed scheme is more efficiently applicable to the practical applications.
Characteristic Classification and Correlational Analysis of Source-level Vulnerabilities in Linux Kernel
Ko Kwangsun ; Jang In-Sook ; Kang Yong-hyeog ; Lee Jin-Seok ; Eom Young Ik ;
Journal of the Korea Institute of Information Security and Cryptology, volume 15, issue 3, 2005, Pages 91~101
Although the studies on the analysis and classification of source-level vulnerabilities in operating systems are not direct and positive solutions to the exploits with which the host systems are attacked, It is important in that those studies can give elementary technologies in the development of security mechanisms. But, whereas Linux systems are widely used in Internet and intra-net environments recently, the information on the basic and fundamental vulnerabilities inherent in Linux systems has not been studied enough. In this paper, we propose characteristic classification and correlational analyses on the source-level vulnerabilities in Linux kernel that are opened to the public and listed in the SecurityFocus site for 6 years from 1999 to 2004. This study may contribute to expect the types of attacks, analyze the characteristics of the attacks abusing vulnerabilities, and verify the modules of the kernel that have critical vulnerabilities.
Improved Impossible Differential Attacks on 6-round AES
Kim Jongsung ; Hong Seokhie ; Lee Sangjin ; Eun Hichun ;
Journal of the Korea Institute of Information Security and Cryptology, volume 15, issue 3, 2005, Pages 103~107
Impossible differential attacks on AES have been proposed up to 6-round which requires
chosen plaintexts and
6-round AES encryptions. In this paper, we introduce various 4-round impossible differentials and using them, we propose improved impossible differential attacks on 6-round AES. The current attacks require
chosen plaintexts and
6-round AES encryptions to retrieve 11 bytes of the first and the last round keys.
Security analysis of a threshold proxy signature scheme using a self-certified public key
Park, Je-Hong ; Kang, Bo-Gyeong ; Hahn, Sang-Geun ;
Journal of the Korea Institute of Information Security and Cryptology, volume 15, issue 3, 2005, Pages 109~114
On the research for constructing secure group-oriented proxy signature schemes, there are several proposals of threshold proxy signature schemes which combine the notions of proxy signature with threshold signature. Recently, Hsu and Wu proposed a threshold proxy signature scheme which uses a self-certified public key based on discrete logarithm problem. In this paper, we show that this scheme is vulnerable to original signer's forgery attack. So our attack provides the evidence that this scheme does not satisfy nonrepudiation property.
Related-Key Attacks on Reduced Rounds of SHACAL-2
Kim Jongsung ; Kim Guil ; Lee Sangjin ; Lim Jongin ;
Journal of the Korea Institute of Information Security and Cryptology, volume 15, issue 3, 2005, Pages 115~126
SHACAL-2 is a 256-bit block cipher with up to 512 bits of key length based on the hash function SHA-2. It was submitted to the the NESSIE project and was recommended as one of the NESSIE selections. In this paper, we present two types of related-key attacks called the related-key differential-(non)linear and the related-key rectangle attacks, and we discuss the security of SHACAL-2 against these two types of attacks. Using the related-key differential-nonlinear attack, we can break SHACAL-2 with 512-bit keys up to 35 out of its 64 rounds, and using the related-key rectangle attack, we can break SHACAL-2 with 512-bit keys up to 37 rounds.