Go to the main menu
Skip to content
Go to bottom
REFERENCE LINKING PLATFORM OF KOREA S&T JOURNALS
> Journal Vol & Issue
Journal of the Korea Institute of Information Security and Cryptology
Journal Basic Information
Journal DOI :
Korea Institutes of Information Security and Cryptology
Editor in Chief :
Volume & Issues
Volume 16, Issue 6 - Dec 2006
Volume 16, Issue 5 - Oct 2006
Volume 16, Issue 4 - Aug 2006
Volume 16, Issue 3 - Jun 2006
Volume 16, Issue 2 - Apr 2006
Volume 16, Issue 1 - Feb 2006
Selecting the target year
Design and implementation of Jini-based secure event service using SPKI/SDSI certificate
Park, Hee-Man ; Kim, In-Su ; Lee, Young-Lok ; Lee, Hyung-Hyo ; Noh, Bong-Nam ;
Journal of the Korea Institute of Information Security and Cryptology, volume 16, issue 5, 2006, Pages 3~13
As computing devices become ubiquitous and increasingly mobile, it becomes obvious that a synchronous and direct peer-to-peer communication model is not sufficient in distributed computing environment. Using an indirect event service instead of other traditional communication model has an advantage of decreasing the coupling of applications in a distributed environment and removing the need for many static dependencies. In this paper, we design and implement the secure event service for providing secure ubiquitous computing environment. The Secure Event Service implemented enables users to perform content-based event retrieval, and supports only eligible event comsumer and event producer can publish and receive events through the secure event service. SPKI/SDSI certificate is used for supporting authentication and authorization in the secure event service. In order to provide a content-based event retrieval, an asynchronous communication between event producers and consumers, and a disconnectedness support for mobile devices, we modify and expand the Javaspace package.
Design and Implementation of an Unused Ports-based Decoy System to Redirect Hackers toward Honeypots
Kim, Ik-Su ; Kim, Myung-Ho ;
Journal of the Korea Institute of Information Security and Cryptology, volume 16, issue 5, 2006, Pages 15~24
Many computer security systems use the signatures of well-known attacks to respond to hackers. For these systems, it is very important to get the accurate signatures of new attacks as soon as possible. For this reason, honeypots and honeypot farms have been actively researched. However, they can only collect a small amount of information because hackers have a strong tendency to directly attack servers of which IP addresses are allocated. In this paper, we propose an unused ports-based decoy system to redirect hackers toward honeypots. This system opens unused ports to lure hackers. All interactions with the unused ports are considered as suspect, because the ports aren't those for real service. Accordingly, every request sent to the unused ports is redirected to a honeypot. Consequently, this system enables honeypots to collect information about hackers attacking real servers other than themselves.
Authenticated Ticket-based Binding Update Protocol for Mobile IPv6 Network
Koo, Jung-Doo ; Kim, Sang-Jin ; Oh, Hee-Kuck ;
Journal of the Korea Institute of Information Security and Cryptology, volume 16, issue 5, 2006, Pages 25~34
Previous binding update protocols for Mobile IPv6 repeats the same protocol each time a mobile node moves to a foreign link Moreover, mobile nodes repeats the same protocol whenever the lifetime of the current binding update expires. To improve the efficiency of binding updates, we Propose a ticket-based binding update protocol for MIPv6. Our protocol minimizes the binding update cost using a ticket issued by the corresponding node. We have analyzed our protocol security against the security requirements of MIPv6 and existing attacks. Furthermore, we have also compared our protocol against previous binding update protocols.
An Implementation and Performance Evaluation of IPsec System engaged IKEv2 Protocol Engine
Kim, Sung-Chan ; Chun, Jun-Ho ; Jun, Moon-Seog ;
Journal of the Korea Institute of Information Security and Cryptology, volume 16, issue 5, 2006, Pages 35~46
The current Internet Key Exchange protocol(IKE) which has been used for key exchange of security system was pointed out the faults of scalability, speed, efficiency and stability. In this research, we tried to resolve those faults, and implemented the newly designed IKEv2 protocol in the IPsec test bed system. In the trend of network expansion, the current Internet Key Exchange protocol has a limitation of network scalability, so we implemented the new Internet Key Exchange protocol as a recommendation of RFC proposal, so as to resolve the fault of the key exchange complexity and the speed of authentication process. We improved the key exchange speed as a result of simplification of complex key exchange phase, and increased efficiency with using the preexistence state value in negotiation phase.
Authentication Protocol Using Hamming Distance for Mobile Ad-hoc Network
Lee, Seok-Lae ; Song, Joo-Seok ;
Journal of the Korea Institute of Information Security and Cryptology, volume 16, issue 5, 2006, Pages 47~57
Mobile Ad-hoc networks have various implementation constraints such as infrastructure-free, no trusted authority, node mobility, and the limited power and small memory of mobile device. And just like wired networks, various security issues such as authentication, confidentiality, integrity, non-repudiation, access control, availability and so on have been arisen in mobile Ad-hoc networks. But we focus on authentication of these security issues because it is quitely affected by the characteristics of networks. In this paper, we propose the authentication protocol that can limit the size of certificate repository as
and assures to make a trusted certificate path from one node to another, adopting the concept of Hamming distance. Particularly, our protocol can construct a trusted certificate path in spite of decreasing or increasing the number of nodes in mobile Ad-hoc network.
Privacy-Enhanced Subject Identification method Embedded in X.509 Certificate
Lee, Jae-Il ; Park, Jong-Wook ; Kim, Seung-Joo ; Song, Joo-Seok ;
Journal of the Korea Institute of Information Security and Cryptology, volume 16, issue 5, 2006, Pages 59~66
A Certification Authority issues X.509 public key certificates to bind a public key to a subject. The subject is specified through one or more subject names in the 'subject' or 'subjectAltName' fields of a certificate. In reality, however, there are individuals that have the same or similar names. This ambiguity can be resolved by including a 'permanent identifier' in all certificates issued to the same subject, which is unique across multiple CAs. But, a person's unique identifier is regarded as a sensitive personal data. Such an identifier cannot simply be included as part of the subject field, since its disclosure may lead to misuse. We present a new method for secure and accurate user authentication through the PEPSI included in the standard certificate extension of a X.509 certificate. The PEPSI can be served not only for user authentication but also for the user anonymity without divulging personal information.
Low-cost AES Implementation for RFID tags
Koo, Bon-Seok ; Ryu, Gwon-Ho ; Yang, Sang-Woon ; Chang, Tae-Joo ; Lee, Sang-Jin ;
Journal of the Korea Institute of Information Security and Cryptology, volume 16, issue 5, 2006, Pages 67~77
Radio Frequency IDentification (RFID) will soon become an important technology in various industries. Therefore, security mechanisms for Rm systems are emerging crucial problems in RFID systems. In order to guarantee privacy and security, it is desirable to encrypt the transferred data with a strong crypto algorithm. In this paper, we present the ultra-light weight Advanced Encryption Standard (AES) processor which is suitable for RFID tags. The AES processor requires only 3,992 logic gates and is capable of both 128-bit encryption and decryption. The processor takes 446 clock cycles for encryption of a 128-bit data and 607 clock cycles for decryption. Therefore, it shows 55% improved result in encryption and 40% in decryption from previous cases.
Comparison of Users' Perception of Information Security Elements on Computer Virus Between Large and Small-and-Medium Companies
Kim, Jong-Ki ; Jeon, Jin-Hwan ;
Journal of the Korea Institute of Information Security and Cryptology, volume 16, issue 5, 2006, Pages 79~92
Computer virus is one of the most common information security problems in the information age. This study investigates the difference of users' perception of security elements between large companies and small-and-medium companies on the subject of computer virus. Based on t-test, no significant difference is found in users' perception on security threat and security risk While users satisfy with the level of security policy, there is a significant difference on the level of security policy recognition between the two sizes of companies. Moreover, there are significant differences on information assets, security vulnerability and security effectiveness, which implies difference in the users' perception on importance of assets, exposure to threats and computer virus prevention efforts between large and small-and-medium companies.
Extending the OMA DRM Framework for Supporting an Active Content
Kim, Hoo-Jong ; Jung, Eun-Su ; Lim, Jae-Bong ;
Journal of the Korea Institute of Information Security and Cryptology, volume 16, issue 5, 2006, Pages 93~106
With the rapid growth of the wireless Internet communication, a new generation of mobile devices have made possible the broad distribution of mobile digital contents, such as image, music, video, games and applications over the wireless Internet. Mobile devices are rapidly becoming the major means to extend communication channels without copy Protection, usage rule controlling and authentication. As a result, mobile digital contents may be illegally altered, copied and distributed among unauthorized mobile devices. In this paper, we take a look at Open Mobile Alliance (OMA) DRM v2.0 in general, its purpose and function. The OMA is uniquely the focal point for development of an open standard for mobile DRM. Next we introduces features for an active content and illustrates the difference between an active content and an inactive content. Enabling fast rendering of an active content, we propose an OMA-based DRM framework. This framework include the following: 1) Extending DCF Header for supporting an selective encryption, 2) Content encryption key management, 3) Rendering API for an active content. Experimental results show that the proposed framework is able to render an active content fast enough to satisfy Quality of Experience. %is framework has been proposed for a mobile device environment, but it is also applicable to other devices, such as portable media players, set-top boxes, or personal computer.
Known-plaintext attack of the Domingo-Feller's first privacy homomorphism scheme
Lee, Moon-Sung ; Hahn, Sang-Geun ;
Journal of the Korea Institute of Information Security and Cryptology, volume 16, issue 5, 2006, Pages 107~111
We analyze Domingo-Feller's first privacy homomorphism scheme with known-plaintext attack As a result, it is possible to get the secret key if we blow two known plaintext-ciphertext pairs when modulus n is public, and three or more pairs are sufficient when modulus n is secret.
Private Pseudonym Retrieval with Controlled Traceability
Nyang, Dae-Hun ; Lee, Kyung-Hee ;
Journal of the Korea Institute of Information Security and Cryptology, volume 16, issue 5, 2006, Pages 113~118
Pseudonyms must be maintained anonymously even to the organization that issues the pseudonyms, but when some event occurs that policy defines the real identity for the pseudonym must be able to be traced. We propose a private pseudonym retrieval protocol with controlled traceability using m-out-of-n oblivious transfer and cut-and-choose technique.
Face Recognition Method using Individual Eigenfaces Space
Lee, Kyung-Hee ;
Journal of the Korea Institute of Information Security and Cryptology, volume 16, issue 5, 2006, Pages 119~123
We present a new face recognition method, which selects eigenfaces by our algorithm instead of the existing eigenfaces selection method that chooses eigenfaces by the value of corresponding eigenvalues. We justify our method by comparing our method with traditional one by experiments with YALE, ORL database. By using our algorithm in selecting the eigenfaces, we obtain higher recognition rate than the existing schemes.