Go to the main menu
Skip to content
Go to bottom
REFERENCE LINKING PLATFORM OF KOREA S&T JOURNALS
> Journal Vol & Issue
Journal of the Korea Institute of Information Security and Cryptology
Journal Basic Information
Journal DOI :
Korea Institutes of Information Security and Cryptology
Editor in Chief :
Volume & Issues
Volume 15, Issue 6 - Dec 2005
Volume 15, Issue 5 - Oct 2005
Volume 15, Issue 4 - Aug 2005
Volume 15, Issue 3 - Jun 2005
Volume 15, Issue 2 - Apr 2005
Volume 15, Issue 1 - Feb 2005
Selecting the target year
Structure Analysis of ARS Cryptoprocessor based on Network Environment
Yun, Yeon-Sang ; Jo, Kwang-Doo ; Han, Seon-Kyoung ; You, Young-Gap ; Kim, Yong-Dae ;
Journal of the Korea Institute of Information Security and Cryptology, volume 15, issue 5, 2005, Pages 3~11
This paper presents a performance analysis model based on an M/M/1 queue and Poisson distribution of input data traffic. The simulation on a pipelined AES system with processing rate of 10 rounds per clock shows
higher performance than a non-pipelined version consuming 10 clocks per transaction. Physical implementation of pipelined AES with FPGA takes 3.5 times bigger gate counts than the non-pipelined version whereas the pipelined version yields only
performance enhancement. The proposed analysis model can be used to optimize cost-performance of AES hardware designs.
A Study on Scalable Bluetooth Piconet for Secure Ubiquitous
Seo Dae-Hee ; Lee Im-Yeong ;
Journal of the Korea Institute of Information Security and Cryptology, volume 15, issue 5, 2005, Pages 13~24
Due to the changes in the wireless information environment, there has been an increased demand for various types of information. Accordingly, many wireless communication technologies have been studied and developed. In particular, studies on ubiquitous communications are well underway. Lately, the focus has been on the Bluetooth technology due to its applicability in various environments. Applying Bluetooth connectivity to new environments such as ubiquitous or sensor networks requires finding new wars of using it. Thus, this research analyzed the vulnerability on the limited number of slaves in a piconet configuration through the current Bluetooth communication and proposed an expanded Bluetooth piconet formation method, regardless of the number of slaves inside the piconet even if it is not configured in a scatternet. In the proposed method, we applied a security service and resolved the vulnerabilities of the current piconet by configuring an expanded form of the current tree-shaped structure.
A Method to Protect the Information of Tag Using Forced Collision Mechanism in RFID System
Park Ju-Sung ; Kang Jeonil ; Nyang Dae-Hun ;
Journal of the Korea Institute of Information Security and Cryptology, volume 15, issue 5, 2005, Pages 25~33
We propose a method to protect the tag's information from illegal reader in RFID system. In this method, a special tag called ownership tag makes intentionally collisions during singulation. By the forced collision of an ownership tag a reader can obtain the information of ordinary tags. Whereas a reader can not find my information on tag's ID without the ownership tag.
A Study on the Phishing Attack Protection using RUL Spoofing
Min Dong-og ; Shon Tae-shik ; Moon Jong-sub ;
Journal of the Korea Institute of Information Security and Cryptology, volume 15, issue 5, 2005, Pages 35~45
There has recently been an increase of phishing attacks, attacks which lure users into revealing their personal information to an attacker who in turn exploits this information for economic gain. The conventional methods of fooling the user with similarly modified mail or address are constantly evolving and have diversified to include the forgery of mail or domain addresses. Recently the injury incurred by these attacks has greatly increased as attackers exploit the weaknesses found on a few web browsers and used these to conduct phishing attacks based on URL spoofing. Furthermore we are now witnessing the entrance of highly advanced phishing techniques that no longer simply rely on vulnerabilities, but employ ordinary script, HTML, DNS sniffing, and the list goes on. In this paper we first discuss means of investigating and preventing the advanced URL spoofing techniques used in phishing attacks, and then propose a scheme for fundamentally restricting them altogether.
A New Method for Detecting Trapdoors in Smart Cards with Timing and Power Analysis
Lee Jung Youp ; Jun Eun-A ; Jung Seok Won ;
Journal of the Korea Institute of Information Security and Cryptology, volume 15, issue 5, 2005, Pages 47~57
For economic reasons, even though there are some security problems, the commands of re-initializing and writing patch code are widely used in smart cards. The current software tester has difficulty in detecting these trapdoor commands because trapdoors are not published and programmed sophisticatedly. Up to now the effective way to detect them is to completely reveal and analyze the entire code of the COS with applications such as the ITSEC. It is, however, a very time-consuming and expensive processes. We propose the new detecting approach of trapdoors in smart cards using timing and power analysis. With our experiments, this paper shows that the proposed approach is more practical than the current methods.
Efficient authenticate protocol for very Low-Cost RFID
Choi Eun Young ; Choi Dong Hee ; Lim Jong In ; Lee Dong Hoon ;
Journal of the Korea Institute of Information Security and Cryptology, volume 15, issue 5, 2005, Pages 59~71
A RFID (Radio Frequency Identification) system receives attention as the technology which can realize the ubiquitous computing environment. However, the feature of the RFID tags may bring about new threats to the security and privacy of individuals. Recently, Juels proposed the minimalist cryptography for very low-cost RFID tags, which is secure. but only under the impractical assumption such that an adversary is allowed to eavesdrop only the pre-defined number of sessions. In this paper, we propose a scheme to protect privacy for very low-cost RFID systems. The proposed protocol uses only bit-wise operations without my costly cryptographic function such as hashing, encryption which is secure which is secure against an adversary who is allowed to eavesdrop transmitted message in every session any impractical assumption. The proposed scheme also is more efficient since our scheme requires less datas as well as few number of computations than Juels's scheme.
Password Authenticated Joux's Key Exchange Protocol
Lee Sang-gon ; Hitcock Yvonne ; Park Young-ho ; Moon Sang-jae ;
Journal of the Korea Institute of Information Security and Cryptology, volume 15, issue 5, 2005, Pages 73~92
Joux's tripartite key agreement protocol is one of the most prominent developments in the area of key agreement. Although certificate-based and ID-based authentication schemes have been proposed to provide authentication for Joux's protocol, no provably secure password-based one round tripartite key agreement protocol has been proposed yet. We propose a secure one round password-based tripartite key agreement protocol that builds on Joux's protocol and adapts PAK-EC scheme for password-based authentication, and present a proof of its security.
A RST Resistant Logo Embedding Technique Using Block DCT and Image Normalization
Choi Yoon-Hee ; Choi Tae-Sun ;
Journal of the Korea Institute of Information Security and Cryptology, volume 15, issue 5, 2005, Pages 93~103
In this paper, we propose a RST resistant robust logo embedding technique for multimedia copyright protection Geometric manipulations are challenging attacks in that they do not introduce the quality degradation very much but make the detection process very complex and difficult. Watermark embedding in the normalized image directly suffers from smoothing effect due to the interpolation during the image normalization. This can be avoided by estimating the transform parameters using an image normalization technique, instead of embedding in the normalized image. Conventional RST resistant schemes that use full frame transform suffer from the absence of effective perceptual masking methods. Thus, we adopt
block DCT and calculate masking using a spatio-frequency localization of the
block DCT coefficients. Simulation results show that the proposed algorithm is robust against various signal processing techniques, compression and geometrical manipulations.
Responsibility and Credit: New Members of the Authentication Family?
Park, Dong-Gook ;
Journal of the Korea Institute of Information Security and Cryptology, volume 15, issue 5, 2005, Pages 105~114
There are several goals or properties which authentication protocols may have; some of them are key freshness, far-end aliveness, key confirmation, etc. Most of them have extensively been discussed and studied so far in the literature. 'Responsibility' and 'credit', which were first raised by Abadi as additional goals, received quite an exceptional treatment; there were little response from researchers about these new goals. It is surprising to see that these two properties have slipped through any investigation, successfully achieving the positions as the goals for authentication protocols. In this paper, we investigate these two new properties and their relations to authentication protocols, and answers to the question: what brings us credit and responsibility.
MIPv6 Binding Update Protocol Secure Against both Redirect and DoS Attacks
Kang Hyun-Sun ; Park Chang-Seop ;
Journal of the Korea Institute of Information Security and Cryptology, volume 15, issue 5, 2005, Pages 115~124
We propose a new binding update(BU) protocol between mobile node(CN) and correspondent node(CN) for the purpose of preventing redirect attacks and DoS attacks observed from the existing BU protocols and enhancing the efficiency of the BU protocol. Home agent plays a role of both authentication server validating BU message and session key distribution center for MN and CN. Also propose the stateless Diffie-Hellman key agreement based on cryptographically generated address (CGA). Suity of our proposed Protocol is analyzed and compared with other protocols. The proposed protocol is more efficient than previous schemes in terms of the number of message flows and computation overhead and is secure against both redirect and DoS attacks.