Go to the main menu
Skip to content
Go to bottom
REFERENCE LINKING PLATFORM OF KOREA S&T JOURNALS
> Journal Vol & Issue
Journal of the Korea Institute of Information Security and Cryptology
Journal Basic Information
Journal DOI :
Korea Institutes of Information Security and Cryptology
Editor in Chief :
Volume & Issues
Volume 18, Issue 6B - Dec 2008
Volume 18, Issue 6A - Dec 2008
Volume 18, Issue 5 - Oct 2008
Volume 18, Issue 4 - Aug 2008
Volume 18, Issue 3 - Jun 2008
Volume 18, Issue 2 - Apr 2008
Volume 18, Issue 1 - Feb 2008
Selecting the target year
Efficient Bit-Parallel Multiplier for Binary Field Defind by Equally-Spaced Irreducible Polynomials
Lee, Ok-Suk ; Chang, Nam-Su ; Kim, Chang-Han ; Hong, Seok-Hie ;
Journal of the Korea Institute of Information Security and Cryptology, volume 18, issue 2, 2008, Pages 3~10
The choice of basis for representation of element in
affects the efficiency of a multiplier. Among them, a multiplier using redundant representation efficiently supports trade-off between the area complexity and the time complexity since it can quickly carry out modular reduction. So time of a previous multiplier using redundant representation is faster than time of multiplier using others basis. But, the weakness of one has a upper space complexity compared to multiplier using others basis. In this paper, we propose a new efficient multiplier with consideration that polynomial exponentiation operations are frequently used in cryptographic hardwares. The proposed multiplier is suitable fer left-to-right exponentiation environment and provides efficiency between time and area complexity. And so, it has both time delay of
and area complexity of (2m-1)(m+s). As a result, the proposed multiplier reduces
compared to the previous multiplier using equally-spaced polynomials in area complexity. In addition, it reduces
in the time complexity.(
:Time delay of one AND gate,
:Time delay of one XOR gate, m:Degree of equally spaced irreducible polynomial, s:spacing factor)
Smart card based three party key exchange protocol without server's aid
Kim, Yong-Hun ; Youn, Taek-Young ; Park, Young-Ho ;
Journal of the Korea Institute of Information Security and Cryptology, volume 18, issue 2, 2008, Pages 11~20
Three-party key exchange protocol is a cryptographic protocol which permits two clients share a common session key using different passwords by the help of a trusted server. In a three-party key exchange protocol, an user remember only one password which shared with a trusted server for establish a common key with another user. The trusted server should participate in an execution of the protocol between two clients. This impose heavy burden on the server when many users want to establish a session key using the protocol. In this paper, we propose a three-party key exchange protocol based on a smart card which reduce the computational complexity and communication overhead for the trusted server. In our protocol, the server does not participate in an key exchange procedure between two clients.
A Study on UICC(Universal IC Card)-based Authentication Mechanism using OTP
Kang, Soo-Young ; Lee, Im-Yeong ;
Journal of the Korea Institute of Information Security and Cryptology, volume 18, issue 2, 2008, Pages 21~31
Ubiquitous environment is constructed by development of an IT technology, offer environment of many service changed to mobile environment. Also, existed service offered at fixed position like home or company, but according to development of mobile device. user require service as moving. Wibro can offer as user moving using mobile device. As requirement should be included authentication, in case of authentication between UICC and AAA authentication server is offered in Wibro, service is available. However, when UICC requires initial authentication to AAA authentication server, identification information of UICC expose as plaintext, so privacy infringement of mobile device occurs. Therefore, identification information of terminal generate randomly using OTP(One-Time Password) that generated in mobile terminal, and we proposed mechanism of privacy protection. Also, we proposed mechanism that offer secure service to user as offer authentication from OTP framework, and offer OTP combination authentication detailedly.
Fast Algorithm for Polynomial Reconstruction of Fuzzy Fingerprint Vault
Choi, Woo-Yong ; Lee, Sung-Ju ; Chung, Yong-Wha ; Moon, Ki-Young ;
Journal of the Korea Institute of Information Security and Cryptology, volume 18, issue 2, 2008, Pages 33~38
Biometric based authentication can provide strong security guarantee about the identity of users. However, security of biometric data is particularly important as compromise of the data will be permanent. Cancelable biometrics stores a non - invertible transformed version of the biometric data. Thus, even if the storage is compromised, the biometric data remains safe. Cancelable biometrics also provide a higher level of privacy by allowing many templates for the same biometric data and hence non-linkability of user's data stored in different databases. In this paper, we proposed the fast polynomial reconstruction algorithm for fuzzy fingerprint vault. The proposed method needs (k+1) real points to reconstruct the polynomial of degree (k-1). It enhances the speed, however, by
times according to the degree of polynomial compared with the exhaust search.
Performance Enhancement of Differential Power Analysis Attack with Signal Companding Methods
Ryoo, Jeong-Choon ; Han, Dong-Guk ; Kim, Sung-Kyoung ; Kim, Hee-Seok ; Kim, Tae-Hyun ; Lee, Sang-Jin ;
Journal of the Korea Institute of Information Security and Cryptology, volume 18, issue 2, 2008, Pages 39~47
Among previous Side Channel Analysis (SCA) methods, Differential Power Analysis (DPA) based on the statistical characteristics of collected signals has been known as an efficient attack for uncovering secret key of cryptosystems. However, the attack performance of this method is affected very much by the temporal misalignment and noise of collected side channel signals. In this paper, we propose a new method to surmount the noise problem in DPA. The performance of the proposed method is then evaluated while analyzing the power consumption signals of Micro-controller chips during a DES operation. Its performance is then compared to that of the original DPA in the time and frequency domains. When we compare the experimental results with respect to the needed number of traces to uncover the secret key, our proposed method shows the performance enhancement 33% in the time domain and 50% in the frequency domain.
Analysis of Access Authorization Conflict for Partial Information Hiding of RDF Web Document
Kim, Jae-Hoon ; Park, Seog ;
Journal of the Korea Institute of Information Security and Cryptology, volume 18, issue 2, 2008, Pages 49~63
RDF is the base ontology model which is used in Semantic Web defined by W3C. OWL expands the RDF base model by providing various vocabularies for defining much more ontology relationships. Recently Jain and Farkas have suggested an RDF access control model based on RDF triple. Their research point is to introduce an authorization conflict problem by RDF inference which must be considered in RDF ontology data. Due to the problem, we cannot adopt XML access control model for RDF, although RDF is represented by XML. However, Jain and Farkas did not define the authorization propagation over the RDF upper/lower ontology concepts when an RDF authorization is specified. The reason why the authorization specification should be defined clearly is that finally, the authorizatin conflict is the problem between the authorization propagation in specifying an authorization and the authorization propagation in inferencing authorizations. In this article, first we define an RDF access authorization specification based on RDF triple in detail. Next, based on the definition, we analyze the authoriztion conflict problem by RDF inference in detail. Next, we briefly introduce a method which can quickly find an authorization conflict by using graph labeling techniques. This method is especially related with the subsumption relationship based inference. Finally, we present a comparison analysis with Jain and Farkas' study, and some experimental results showing the efficiency of the suggested conflict detection method.
Design and Implementation of the Cdma2000 EV-DO security layer supporting Hardware using FPGA
Kwon, Hwan-Woo ; Lee, Ki-Man ; Yang, Jong-Won ; Seo, Chang-Ho ; Ha, Kyung-Ju ;
Journal of the Korea Institute of Information Security and Cryptology, volume 18, issue 2, 2008, Pages 65~73
Security layer of the Cdma2000 1x EV-DO is currently completing standard (C.S0024-A v2.0). Accordingly, a hardware security devices, that allows to implementation requirement of the security layer described in standard document, is required to apply security function about data transferred between AT and AN of then Cdma2000 1x EV-DO environment. This paper represents design of hardware device providing EV-DO security with simulation of the security layer protocol via the FPGA platform. The SHA-1 hash algorithm for certification and service of packet data, and the AES, SEED, ARIA algorithms for data encryption are equip in this device. And paper represents implementation of hardware that applies optionally certification and encryption function after executing key-switch using key-switching algorithm.
A Countermeasure Resistant to Fault Attacks on CRT-RSA using Fault Infective Method
Ha, Jae-Cheol ; Park, Jea-Hoon ; Moon, Sang-Jae ;
Journal of the Korea Institute of Information Security and Cryptology, volume 18, issue 2, 2008, Pages 75~84
Recently, the straightforward CRT-RSA was shown to be broken by fault attacks through many experimental results. In this paper, we analyze the fault attacks against CRT-RSA and their countermeasures, and then propose a new fault infective method resistant to the various fault attacks on CRT-RSA. In our CRT-RSA algorithm, if an error is injected in exponentiation with modulo p or q, then the error is spreaded by fault infective computation in CRT recombination operation. Our countermeasure doesn't have extra error detection procedure based on decision tests and doesn't use public parameter such as e. Also, the computational cost is effective compared to the previous secure countermeasures.
A Code Block Cipher Method to Protect Application Programs From Reverse Engineering
Jung, Dong-Woo ; Kim, Hyong-Shik ; Park, Joong-Gil ;
Journal of the Korea Institute of Information Security and Cryptology, volume 18, issue 2, 2008, Pages 85~96
One of the typical methods to prevent tampering and reverse engineering on executable codes is to encrypt them. This paper proposes a code block cipher method based on key chaining to encrypt the code. The block cipher by key chaining has been known to be inadequate for encrypting the code with control transfer, even though the key chaining has advantage of hiding the keys in blocks and making the individual keys different from block to block. This paper proposes a block transformation and duplication method to apply the block cipher by key chaining to the executable codes with control transfer instructions, and shows the idea works with the MIPS instruction set.
Selection of Detection Measures for Malicious Codes using Naive Estimator
Mun, Gil-Jong ; Kim, Yong-Min ;
Journal of the Korea Institute of Information Security and Cryptology, volume 18, issue 2, 2008, Pages 97~105
The various mutations of the malicious codes are fast generated on the network. Also the behaviors of them become intelligent and the damage becomes larger step by step. In this paper, we suggest the method to select the useful measures for the detection of the codes. The method has the advantage of shortening the detection time by using header data without payloads and uses connection data that are composed of TCP/IP packets, and much information of each connection makes use of the measures. A naive estimator is applied to the probability distribution that are calculated by the histogram estimator to select the specific measures among 80 measures for the useful detection. The useful measures are then selected by using relative entropy. This method solves the problem that is to misclassify the measure values. We present the usefulness of the proposed method through the result of the detection experiment using the detection patterns based on the selected measures.
Authentication Mechanism for Secure Binding Update and Fast Handover in the Generalized Hierarchical MIPv6
Park, Chang-Seop ; Kang, Hyun-Sun ;
Journal of the Korea Institute of Information Security and Cryptology, volume 18, issue 2, 2008, Pages 107~115
In this paper, a secure and efficient binding update protocol as well as a handover protocol are proposed in the generalized hierarchical MIPv6 environment. Contrary to the conventional hierarchical MIPv6 environment where a foreign network is a small-scaled MAP domain, a large-scaled MAP domain consisting of several MAPs which are connected hierarchically is considered in the proposed protocol for the mechanism to support fast and secure mobility. It is also analyzed the security of the proposed protocol under the various attack scenarios.
Efficient Authentication Protocol for Low-Cost RFID System
Kim, Jin-Ho ; Seo, Jae-Woo ; Lee, Pil-Joong ;
Journal of the Korea Institute of Information Security and Cryptology, volume 18, issue 2, 2008, Pages 117~128
Compared with the existing bar code system, RFID system has lots of advantages such as it identifies automatically massive objects. We might anticipate RFID technology will be a substitution for an optical bar code system in the near future. However, their feature that uses radio waves may cause various security problems. Many kinds of solutions have been researched to overcome these security problems. In this paper, we analyze the previous proposed protocols. And then, we categorize RFID authentication into two types according to the synchronization requirement between a Back-end Database and a Tag. In addition, we introduce the previous proposed approaches to tag search problem in RFID authentication. And we propose an efficient method which provides fast tag search by using membership test algorithm, a Bloom filter.
Improved Bayesian Filtering mechanism to reduce the false positives by training both Sending and Receiving e-mails
Kim, Doo-Hwan ; You, Jong-Duck ; Jung, Sou-Hwan ;
Journal of the Korea Institute of Information Security and Cryptology, volume 18, issue 2, 2008, Pages 129~137
In this paper, we propose an improved Bayesian Filtering mechanism to reduce the False Positives that occurs in the existing Bayesian Filtering mechanism. In the existing Bayesian Filtering mechanism, the same Bayesian Filtering DB trained at the e-mail server is applied to each e-mail user. Also, the training method using receiving e-mails only could not provide the high quality of ham DB. Due to these problems, the existing Bayesian Filtering mechanism can produce the False Positives which misclassify the ham e-mails into the spam e-mails. In the proposed mechanism, the sending e-mails of the user are treated as the high quality of ham information, and are trained to the Bayesian ham DB automatically. In addition, by providing a different Bayesian DB to each e-mail user respectively, more efficient e-mail filtering service is possible. Our experiments show the improvement of filtering accuracy by 3.13%, compared to the existing Bayesian Filtering mechanism.
Vulnerability and Security Requirement Analysis on Security Token and Protection Profile Development based on Common Criteria Version 3.1
Kwak, Jin ; Hong, Soon-Won ; Yi, Wan-Suck ;
Journal of the Korea Institute of Information Security and Cryptology, volume 18, issue 2, 2008, Pages 139~150
Recently, financial institutes and industrial companies are adopted to security token such as OTP, smart card, and USB authentication token and so on for secure system management and user authentication. However, some research institutes have been introduced security weaknesses and problems in security tokens. Therefore, in this paper, we analyses of security functions and security requirements in security token performed by analyses of standardization documents, trends, security problems, attack methods for security tokens. Finally, we propose a CC v.3.1 based security token protection profile.