Go to the main menu
Skip to content
Go to bottom
REFERENCE LINKING PLATFORM OF KOREA S&T JOURNALS
> Journal Vol & Issue
Journal of the Korea Institute of Information Security and Cryptology
Journal Basic Information
Journal DOI :
Korea Institutes of Information Security and Cryptology
Editor in Chief :
Volume & Issues
Volume 15, Issue 6 - Dec 2005
Volume 15, Issue 5 - Oct 2005
Volume 15, Issue 4 - Aug 2005
Volume 15, Issue 3 - Jun 2005
Volume 15, Issue 2 - Apr 2005
Volume 15, Issue 1 - Feb 2005
Selecting the target year
The Study of technique to find and prove vulnerabilities in ActiveX Control
Sohn, Ki-Wook ; Kim, Su-Yong ;
Journal of the Korea Institute of Information Security and Cryptology, volume 15, issue 6, 2005, Pages 3~12
To provide visitors with the various services, Many web sites distribute many ActiveX controls to them because ActiveX controls can overcome limits of HTML documents and script languages. However, PC can become dangerous if it has unsecure ActiveX controls, because they can be executed in HTML documents. Nevertheless, many web sites provide visitors with ActiveX controls whose security are not verified. Therefore, the verification is needed by third party to remove vulnerabilities in ActiveX controls. In this paper, we introduce the process and the technique to fad vulnerabilities. The existing proof codes are not valid because ActiveX controls are different from normal application and domestic environments are different from foreign environments. In this paper, we introduce the technique to prove vulnerabilities in ActiveX control.
A Source-Level Discovery Methodology for Vulnerabilities of Linux Kernel Variables
Ko Kwangsun ; Kang Yong-hyeog ; Eom Young Ik ; Kim Jaekwang ;
Journal of the Korea Institute of Information Security and Cryptology, volume 15, issue 6, 2005, Pages 13~25
In these days, there are various uses of Linux such as small embedded systems, routers, and huge servers, because Linux gives several advantages to system developers by allowing to use the open source code of the Linux kernel. On the other hand, the open source nature of the Linux kernel gives a bad influence on system security. If someone wants to exploit Linux-based systems, the attacker can easily do it by finding vulnerabilities of their Linux kernel sources. There are many kinds of existing methods for lading source-level vulnerabilities of softwares, but they are not suitable for finding source-level vulnerabilities of the Linux kernel which has an enormous amount of source code. In this paper, we propose the Onion mechanism as a methodology of finding source-level vulnerabilities of Linux kernel variables. The Onion mechanism is made up of two steps. The Int step is to select variables that may be vulnerable by using pattern matching mechanism and the second step is to inspect vulnerability of each selected variable by constructing and analyzing the system call trees. We also evaluate our proposed methodology by applying it to two well-known source-level vulnerabilities.
A Study on Scalable Federated ID Interoperability Method in Mobile Network Environments
Kim, Bae-Hyun ; Ryoo, In-Tae ;
Journal of the Korea Institute of Information Security and Cryptology, volume 15, issue 6, 2005, Pages 27~35
While the current world wide network offers an incredibly rich base of information, it causes network management problem because users should have many independent IDs and passwords for accessing different sewers located in many places. In order to solve this problem users have employed single circle of trust(COT) ID management system, but it is still not sufficient for clearing the problem because the coming ubiquitous network computing environment will be integrated and complex networks combined with wired and wireless network devices. The purpose of this paper is to describe the employment and evaluation of federated ID interoperability method for solving the problem. The use of the proposed model can be a solution for solving network management problem in the age of mobile computing environment as well as wired network computing environment.
Design and Implementation of an E-mail Worm-Virus Filtering System on MS Windows
Choi Jong-Cheon ; Chang Hye-Young ; Cho Seong-Je ;
Journal of the Korea Institute of Information Security and Cryptology, volume 15, issue 6, 2005, Pages 37~47
Recently, the malicious e-mail worm-viruses have been widely spreaded over the Internet. If the recipient opens the e-mail attachment or an e-mail itself that contains the worm-virus, the worm-virus can be activated and then cause a tremendous damage to the system by propagating itself to everyone on the mailing list in the user's e-mail package. In this paper, we have designed and implemented two methods blocking e-mail worm-viruses. In the fist method, each e-mail is transmitted only by sender activity such as the click of
button on a mail client application. In the second one, we insert the two modules into the sender side, where the one module transforms a recipient's address depending on a predefined rule only in time of pushing
button and the other converts the address reversely with the former module whenever an e-mail is sent. The lader method also supports a polymorphism model in order to cope with the new types of e-mail worm-virus attacks. The two methods are designed not to work for the e-mail viruses. There is no additional fraction on the receiver's side of the e-mail system. Experimental results show that the proposed methods can screen the e-mail worm-viruses efficiently with a low overhead.
A Dynamic ID Allocation Protocol for High-Performance RFID Tag
Park Jin-Sung ; Choi Myung-Ryul ;
Journal of the Korea Institute of Information Security and Cryptology, volume 15, issue 6, 2005, Pages 49~58
In this paper, we have proposed a secure dynamic ID allocation protocol using mutual authentication on the RFID tag. Currently, there are many security protocols focused on the low-price RFID tag. The conventional low-price tags have limitation of computing power and rewritability of memory. The proposed secure dynamic ID allocation protocol targets to the high-performance RFID tags which have more powerful performance than conventional low-price tag by allocating dynamic ID to RFID using mutual authentication based on symmetric encryption algorithm. This protocol can be used as a partial solution for ID tracing and forgery.
Distributed Certificate Authority under the GRID-Location Aided Routing Protocol
Lim, Ji-Hyung ; Kang, Jeon-Il ; Koh, Jae-Young ; Han, Kwang-Taek ; Nyang, Dae-Hun ;
Journal of the Korea Institute of Information Security and Cryptology, volume 15, issue 6, 2005, Pages 59~69
Ad hoc network is the network which can be considered without a pre-constructed infrastructure, and a mobile node can join the network freely. However, the participation of the mobile nodes to the ad hoc network brings up much burden of re-computation for new routes, because it leads to losing the connection frequently. And, also, it causes serious security problem to be broadcasted wrong information by the malicious user. Therefore, it needs authentication against the mobile nodes. To make that Possible, we have two methods: single CA and distributed CA. In the case of CA method, the wireless network can be collapsed owing to expose the CA, but still the distributed CA method is a little more safe than previous one because it needs attacks toward a lot of CAs to collapse the network We can consider Secret Share scheme as the method that constructs the distributed CA system, but it is weak when the network size is too large. In this paper, we suggest hierarchical structure for the authentication method to solve this problem, and we will show the results of simulation for this suggestion.
Analysis of Server's Computational Cost for Multicast Batch Rekeying Scheme
Park Chang-Seop ; Lee Gyu-Won ;
Journal of the Korea Institute of Information Security and Cryptology, volume 15, issue 6, 2005, Pages 71~80
In the near future, various aplications on the Internet will be based on the multicast group communication, so that the efficient group key management is essential for managing the frequent group join and leave events. In this paper, we propose several batch rekeying schemes extended from conventional individual rekeying schemes, and analyze the efficiencies of them in terms of both the number of encryption and one-way hash function as well as multicast message size. Considering multiple member leaves, a probabilistic approach is need to compute the average computational amounts for rekeying.
Improvement in efficiency and privacy on BCP public key cryptosystem
Youn Taek-Young ; Park Young-Ho ; Lim Jong In ;
Journal of the Korea Institute of Information Security and Cryptology, volume 15, issue 6, 2005, Pages 81~92
A novel public key cryptosystem that provides a double decryption mechanism is proposed at Asiacrypt '03 by Bresson, Catalano and Pointcheval based on the scheme proposed by Clamor and Shoup at Eurocrypt '02. Previous double decryrtion scheme is designed based on
where n=pq for two primes p,q. In this paper, we propose an efficient public key scheme with double decryption mechanism based on
for two primes p,q. Our scheme is more efficient an the previous schemes. Moreover, we review the previous schemes in a privacy point of view and propose a privacy enhanced double decryption scheme.
Access Control of XML Object Using Role Hierarchy and Cryptographic Key Assignment Scheme
Bae Kyoung-Man ; Kim Jong-Hoon ; Ban Yong-Ho ;
Journal of the Korea Institute of Information Security and Cryptology, volume 15, issue 6, 2005, Pages 93~103
As the usage of XML documents increases the requirement of security for XML documents is growing. Especially it is very important to solve the problem of access control to XML object which shares in the environment where various users connect to each others. In this paper, we propose the access control model and mechanism which is combined with role hierarchy in the RBAC and hierarchical key derivation/assign method for the access to XML object. So we implement the access control mechanism by including hierarchical key derivation method. The technique, we proposed, gives not only the benefit in management which RBAC provides in access control to XML objects, but also it ran help derive a lower layer key from the higher layer user's. This feature decrease the number of keys managed in each role hierarchy in comparison with previous methods.
Maximal Algebraic Degree of the Inverse of Linearized Polynomial
Lee, Dong-Hoon ;
Journal of the Korea Institute of Information Security and Cryptology, volume 15, issue 6, 2005, Pages 105~110
The linearized polynomial fan be regarded as a generalization of the identity function so that the inverse of the linearized polynomial is a generalization of e inverse function. Since the inverse function has so many good cryptographic properties, the inverse of the linearized polynomial is also a candidate of good Boolean functions. In particular, a construction method of vector resilient functions with high algebraic degree was proposed at Crypto 2001. But the analysis about the algebraic degree of the inverse of the linearized Polynomial. Hence we correct the inexact result and give the exact maximal algebraic degree.
Period of Streamcipher Edon80
Hong, Jin ; Park, Sang-Woo ;
Journal of the Korea Institute of Information Security and Cryptology, volume 15, issue 6, 2005, Pages 111~117
The period of a recent streamcipher proposal Edon80 is analyzed. The designers of Edon80 had projected a period of
Even though this could indeed be the average keystream Period, we show that for a randomly chosen key-IV pair, there exists a non-dismissible probability that the produced keystream will be of relatively short period. More explicitly, a keystream of period.
may appear with probability
, and one can show the existence of at least one key-lV pair producing a period
A Public Key Encryption Scheme Using Algebraic-Geometry Codes
Lee Jung-Keun ; Kim Jaeheon ; Park Sangwoo ;
Journal of the Korea Institute of Information Security and Cryptology, volume 15, issue 6, 2005, Pages 119~125
We propose a new code-based publick key encryption scheme. It is obtained by modifying the Augot and Finiasz scheme proposed at Eurocrypt 2003. We replace the Reed-Solomon codes with general algebraic-geometry codes and employ Guruswami-Sudan decoding algorithm for decryption. The scheme is secure against Colon's attack or Kiayias and Yung's attack to which the Augot and Finiasz scheme is vulnerable. Considering basic attacks aprlied to the Augot and Finiasz scheme, we claim that the proposed scheme provides similar security levels as the Augot and Finiasz scheme was claimed to provide for given key lengths.
Efficient Password-based Key Exchange Protocol for Two users Registered in a Server
Shin Seong-chul ; Lee Sung-woon ;
Journal of the Korea Institute of Information Security and Cryptology, volume 15, issue 6, 2005, Pages 127~133
This paper presents a password-based key exchange protocol to guarantee secure communications for two users registered in a sever. In this protocol, the server is only responsible for the legality of the users but does not how the session key agreed between them. The protocol can resist the various attacks including server compromise attack and provide the perfect forward secrecy. The proposed protocol is efficient in terms of computation cost because of not employing the sewer's public key.