Go to the main menu
Skip to content
Go to bottom
REFERENCE LINKING PLATFORM OF KOREA S&T JOURNALS
> Journal Vol & Issue
Journal of the Korea Institute of Information Security and Cryptology
Journal Basic Information
Journal DOI :
Korea Institutes of Information Security and Cryptology
Editor in Chief :
Volume & Issues
Volume 18, Issue 6B - Dec 2008
Volume 18, Issue 6A - Dec 2008
Volume 18, Issue 5 - Oct 2008
Volume 18, Issue 4 - Aug 2008
Volume 18, Issue 3 - Jun 2008
Volume 18, Issue 2 - Apr 2008
Volume 18, Issue 1 - Feb 2008
Selecting the target year
Improved Group Key Exchange Scheme Secure Against Session-State Reveal Attacks
Kim, Ki-Tak ; Kwon, Jeong-Ok ; Hong, Do-Won ; Lee, Dong-Hoon ;
Journal of the Korea Institute of Information Security and Cryptology, volume 18, issue 3, 2008, Pages 3~8
Ephemeral data are easily revealed if state specific information is stored in insecure memory or a random number generator is corrupted. In this letter, we show that Nam et al.'s group key agreement scheme, which is an improvement of Bresson et al.'s scheme, is not secure against session-state reveal attacks. We then propose an improvement to fix the security flaw.
TinyECCK : Efficient Implementation of Elliptic Curve Cryptosystem over GF
on 8-bit Micaz Mote
Seo, Seog-Chung ; Han, Dong-Guk ; Hong, Seok-Hie ;
Journal of the Korea Institute of Information Security and Cryptology, volume 18, issue 3, 2008, Pages 9~21
In this paper, we revisit a generally accepted opinion: implementing Elliptic Curve Cryptosystem (ECC) over GF
on sensor motes using small word size is not appropriate because partial XOR multiplication over GF
is not efficiently supported by current low-powered microprocessors. Although there are some implementations over GF
on sensor motes, their performances are not satisfactory enough due to the redundant memory accesses that result in inefficient field multiplication and reduction. Therefore, we propose some techniques for reducing unnecessary memory access instructions. With the proposed strategies, the running time of field multiplication and reduction over GF
can be decreased by 21.1% and 24.7%, respectively. These savings noticeably decrease execution times spent in Elliptic Curve Digital Signature Algorithm (ECDSA) operations (Signing and verification) by around
High-Speed Implementations of Block Ciphers on Graphics Processing Units Using CUDA Library
Yeom, Yong-Jin ; Cho, Yong-Kuk ;
Journal of the Korea Institute of Information Security and Cryptology, volume 18, issue 3, 2008, Pages 23~32
The computing power of graphics processing units(GPU) has already surpassed that of CPU and the gap between their powers is getting wider. Thus, research on GPGPU which applies GPU to general purpose becomes popular and shows great success especially in the field of parallel data processing. Since the implementation of cryptographic algorithm using GPU was started by Cook et at. in 2005, improved results using graphic libraries such as OpenGL and DirectX have been published. In this paper, we present skills and results of implementing block ciphers using CUDA library announced by NVIDIA in 2007. Also, we discuss a general method converting source codes of block ciphers on CPU to those on GPU. On NVIDIA 8800GTX GPU, the resulting speeds of block cipher AES, ARIA, and DES are 4.5Gbps, 7.0Gbps, and 2.8Gbps, respectively which are faster than the those on CPU.
Efficient Finite Field Arithmetic Architectures for Pairing Based Cryptosystems
Chang, Nam-Su ; Kim, Tae-Hyun ; Kim, Chang-Han ; Han, Dong-Guk ; Kim, Ho-Won ;
Journal of the Korea Institute of Information Security and Cryptology, volume 18, issue 3, 2008, Pages 33~44
The efficiency of pairing based cryptosystems depends on the computation of pairings. pairings is defined over finite fileds GF
by trinomials due to efficiency. The hardware architectures for pairings have been widely studied. This paper proposes new adder and multiplier for GF(3) which are more efficient than previous results. Furthermore, this paper proposes a new unified adder-subtractor for GF
based on the proposed adder and multiplier. Finally, this paper proposes new multiplier for GF
. The proposed MSB-first bit-serial multiplier for GF
reduces the time delay by approximately 30 % and the size of register by half than previous LSB-first multipliers. The proposed multiplier can be applied to all finite fields defined by trinomials.
Design of an Operator Architecture for Finite Fields in Constrained Environments
Jung, Seok-Won ;
Journal of the Korea Institute of Information Security and Cryptology, volume 18, issue 3, 2008, Pages 45~50
The choice of an irreducible polynomial and the representation of elements have influence on the efficiency of operators for finite fields. This paper suggests two serial multiplier for the extention field GF
where p is odd prime. A serial multiplier using an irreducible binomial consists of (2n+5) resisters, 2 MUXs, 2 multipliers of GF(p), and 1 adder of GF(p). It obtains the mulitplication result after
clock cycles. A serial multiplier using an AOP consists of (2n+5) resisters, 1 MUX, 1 multiplier of CF(p), and 1 adder of GF(p). It obtains the mulitplication result after
+3n+2 clock cycles.
The Security Problem Analysis for Reversibility of Transformed Biometric Information Data on Eigenvector-based face Authentication
Kim, Koon-Soon ; Kang, Jeon-Il ; Nyang, Dae-Hun ; Lee, Kyung-Hee ;
Journal of the Korea Institute of Information Security and Cryptology, volume 18, issue 3, 2008, Pages 51~59
The biometrics has been researched as a means for authenticating user's identity. Among the biometrics schemes for face recognition, the eigenvector-based schemes, which use eigenvector made from training data for transforming test data to abstracted data, are widely adopted. From those schemes, however, it is hard to expect cancelable feature, which is a general concept for security in the biometrics. In this paper, we point out the security problem that is the recovery of valuable face information from the abstracted face data and consider a possible attack scenario by showing our experiment results.
Quality Assessment of Fingerprint Images and Correlation with Recognition Performance
Shin, Yong-Nyuo ; Sung, Won-Je ; Jung, Soon-Won ;
Journal of the Korea Institute of Information Security and Cryptology, volume 18, issue 3, 2008, Pages 61~68
In this paper, we propose a new method to assess fingerprint image quality. In the proposed method, analysis of local variance of image's gray values, local orientation, minutiae density, size and position is applied. Especially by using position information of inputted fingerprint images, partial fingerprint images are filtered and recognition performance is improved. In the experimental results, quality threshold value for improving performance can be decided by analysis of correlation between image quality and recognition rate.
A High-speed Masking Method to protect ARIA against Side Channel Analysis
Kim, Hee-Seok ; Kim, Tae-Hyun ; Ryoo, Jeong-Choon ; Han, Dong-Guk ; Hong, Seok-Hie ;
Journal of the Korea Institute of Information Security and Cryptology, volume 18, issue 3, 2008, Pages 69~77
In the recent years, power attacks were widely investigated, and so various countermeasures have been proposed. In the case of block ciphers, masking methods that blind the intermediate results in the algorithm computations(encryption, decryption, and key-schedule) are well-known. Applications of masking methods are able to vary in different block ciphers, therefore suitable masking methods about each ciphers have been researched. Existed methods of ARIA have many revisions of mask value. And because existed masking methods pay no regard for key schedule, secret information can be exposed. In the case of ARIA, this problem is more serious than different block ciphers. Therefore we proposes an efficient masking scheme of ARIA including the key-schedule. Our method reduces time-complexity of ARIA encryption, and solve table-size problem of the general ARIA masking scheme from 256*8 byte to 256*6 byte.
A Multiple Pattern Matching Scheme to Improve Rule Application Performance
Lee, Jae-Kook ; Kim, Hyong-Shik ;
Journal of the Korea Institute of Information Security and Cryptology, volume 18, issue 3, 2008, Pages 79~88
On the internet, the NIDS(Network Intrusion Detection System) has been widely deployed to protect the internal network. The NIDS builds a set of rules with analysis results on illegal packets and filters them using the rules, thus protecting the internal system. The number of rules is ever increasing as the attacks are becoming more widespread and well organized these days. As a result, the performance degradation has been found severe in the rule application fer the NIDS. In this paper, we propose a multiple pattern matching scheme to improve rule application performance. Then we compare our algorithm with Wu-Mantel algorithm which is known to do high performance multi-pattern matching.
Analysis of an Intrinsic Vulnerability on Keyboard Security
Yim, Kang-Bin ; Bae, Kwang-Jin ;
Journal of the Korea Institute of Information Security and Cryptology, volume 18, issue 3, 2008, Pages 89~95
This paper analyzes the intrinsic vulnerability problems of the authentication system for Internet commerce based on the ID and password strings gathered from the computer keyboard. Through the found vulnerability, it is easy to sniff user passwords as well as any other keyboard inputs even when each of the existing keyboard protection softwares is running. We propose several countermeasures against the possible attacks to the vulnerability at both points of the hardware and the software concerns. The more secure environment for Internet commerce is highly required by implementing the proposed countermeasures.
Mutual Authentication Scheme of Mobile Routers Using Temporary Certificate in MANEMO
Roh, Hyo-Sun ; Jung, Sou-Hwan ;
Journal of the Korea Institute of Information Security and Cryptology, volume 18, issue 3, 2008, Pages 97~107
This paper proposes a mutual authentication scheme for mobile router in MANEMO. The NEMO used AAA server in order to authenticate mobile router in nested mobile network. So, this scheme has some problem that increases authentication message overhead and authentication time. The proposed scheme uses temporary certificate that signed by an access router's private key. The temporary certificate authenticates a mobile router when the mobile router entered a MANET domain. The proposed scheme reduces authentication message overhead and authentication time than the scheme to use AAA server when authenticating the mobile router.
Performance Evaluation of VoIP Security Protocols
Shin, Young-Chan ; Kim, Kyu-Young ; Kim, Min-Young ; Kim, Joong-Man ; Won, Yoo-Jae ; Ryou, Jae-Cheol ;
Journal of the Korea Institute of Information Security and Cryptology, volume 18, issue 3, 2008, Pages 109~120
VoIP utilizes the Internet for the services, and therefore it is vulnerable to intrusions and attacks. Because provided services deal with information related to privacy of users, it requires high level security including authentication and the confidentiality/integrity of signaling messages and media streams. However, when such a protocol is implemented in a VoIP phone, the implementation can have limitations due to the limited resources. The present study purposed to implement VoIP security protocols and to evaluate their performance in terms of connection quality and voice quality by applying them to SIP proxy and UA (User Agent). In the result of performance evaluation, the application of the security protocols did not lower voice quality, but connection quality was high in the DTLS based security protocol. As the protocol was applicable to signaling and media paths based on DTLS, we found that it can be a solution for the limited resources of VoIP phone.
A Study for Rule Integration in Vulnerability Assessment and Intrusion Detection using Meaning Based Vulnerability Identification Method
Kim, Hyung-Jong ; Jung, Tae-In ;
Journal of the Korea Institute of Information Security and Cryptology, volume 18, issue 3, 2008, Pages 121~129
This paper presents vulnerability identification method based on meaning which is making use of the concept of atomic vulnerability. Also, we are making use of decomposition and specialization processes which were used in DEVS/SES to get identifiers. This vulnerability representation method is useful for managing and removing vulnerability in organized way. It is helpful to make a relation between vulnerability assessing and intrusion detection rules in lower level. The relation enables security manager to response more quickly and conveniently. Especially, this paper shows a mapping between Nessus plugins and Snort rules using meaning based vulnerability identification method and lists usages based on three goals that security officer keeps in mind about vulnerability. The contribution of this work is in suggestion of meaning based vulnerability identification method and showing the cases of its usage for the rule integration of vulnerability assessment and intrusion detection.
An Empirical Study on Factors Affecting the Maturity of Information Security Policy
Choi, Myeong-Gil ; Hwang, Won-Joo ; Kim, Myoung-Soo ;
Journal of the Korea Institute of Information Security and Cryptology, volume 18, issue 3, 2008, Pages 131~142
Enterprises accomplish their missions through obtaining and managing information. The unintended disclose of enterprises' sensitive information causes serious damage to enterprises, resulting in disruptive management. For effective security of enterprises, information security management systems and information security policy owing clear goals should be firmly established. This study analyzes factors influencing maturity of information security policy and gives important hints to execute information security policy.
Information Hiding and Detection in MS Office 2007 file
Park, Bo-Ra ; Park, Jung-Heum ; Lee, Sang-Jin ;
Journal of the Korea Institute of Information Security and Cryptology, volume 18, issue 3, 2008, Pages 143~154
Information hiding is a very important technology recently. Having this technology can be a competitive power for secure communication. In this paper, it will be showed that hiding data in MS Office 2007 file is possible. Considering Microsoft (MS) Office 2007 file format is based on Open XML format, the feature of Open XML format makes it possible to hide data in MS Office 2007 file. In Open XML format, unknown XML files and their relationships can be defined by user. These parts and relationships are used to hide data in MS Office 2007 file. Considering unknown parts and unknown relationships are not in normal MS Office 2007 file, the hidden data can be detected by confirming of unknown parts and unknown relationships.
Digital Video Watermarking Using Frame Division And 3D Wavelet Transform
Kim, Kwang-Il ; Cui, Jizhe ; Kim, Jong-Weon ; Choi, Jong-Uk ;
Journal of the Korea Institute of Information Security and Cryptology, volume 18, issue 3, 2008, Pages 155~162
In this paper we proposed a video watermarking algorithm based on a three dimension discrete wavelet transform (3D DWT) and direct spread spectrum (DSS). In the proposed method, the information watermark is embedded into followed frames, after sync watermark is embedded into the first frame. Input frames are divided into sub frames which are located odd row and even row. The sub frames are arranged as 3D frames, and transformed into 3D wavelet domain. In this domain the watermark is embedded using DSS. Existing video watermarking using 3D DWT is non-blind method but, proposed algorithm uses blind method. The experimental results show that the proposed algorithm is robust against frame cropping, noise addition, compression, etc. acquiring BER of 10% or below and sustains level of 40dB or above on the average.