Go to the main menu
Skip to content
Go to bottom
REFERENCE LINKING PLATFORM OF KOREA S&T JOURNALS
> Journal Vol & Issue
Journal of the Korea Institute of Information Security and Cryptology
Journal Basic Information
Journal DOI :
Korea Institutes of Information Security and Cryptology
Editor in Chief :
Volume & Issues
Volume 18, Issue 6B - Dec 2008
Volume 18, Issue 6A - Dec 2008
Volume 18, Issue 5 - Oct 2008
Volume 18, Issue 4 - Aug 2008
Volume 18, Issue 3 - Jun 2008
Volume 18, Issue 2 - Apr 2008
Volume 18, Issue 1 - Feb 2008
Selecting the target year
Efficient Computation of Square Roots in Finite Fields
Han, Dong-Guk ; Choi, Doo-Ho ; Kim, Ho-Won ; Lim, Jong-In ;
Journal of the Korea Institute of Information Security and Cryptology, volume 18, issue 6A, 2008, Pages 3~15
In this paper we study exponentiation in finite fields
(k is odd) with very special exponents such as they occur in algorithms for computing square roots. Our algorithmic approach improves the corresponding exponentiation independent of the characteristic of
. To the best of our knowledge, it is the first major improvement to the Tonelli-Shanks algorithm, for example, the number of multiplications can be reduced to at least 60% on average when
(mod 16). Several numerical examples are given that show the speed-up of the proposed methods.
DPA-Resistant Logic Gates and Secure Designs of SEED and SHA-1
Baek, Yoo-Jin ;
Journal of the Korea Institute of Information Security and Cryptology, volume 18, issue 6A, 2008, Pages 17~25
The differential power attack (DPA) is a very powerful side-channel attack tool against various cryptosystems and the masking method is known to be one of its algorithmic countermeasures. But it is non-trivial to apply the masking method to non-linear functions, especially, to arithmetic adders. This paper proposes simple and efficient masking methods applicable to arithmetic adders. For this purpose, we use the fact that every combinational logic circuit (including the adders) can be decomposed into basic logic gates (AND, OR, NAND, NOR, XOR, XNOR, NOT) and try to devise efficient masking circuits for these basic gates. The resulting circuits are then applied to the arithmetic adders to get their masking algorithm. As applications, we applied the proposed masking methods to SEED and SHA-1 in hardware.
Certificateless Strong Designated Verifier Signature Scheme
Koo, Young-Ju ; Chen, Ji-Young ; Choi, Kyu-Young ; Lee, Dong-Hoon ;
Journal of the Korea Institute of Information Security and Cryptology, volume 18, issue 6A, 2008, Pages 27~37
In the traditional signature techniques, anyone can verify the signed message. It may cause a problem since a receiver of the signature can transfer the conviction of signature to a third party. In 1996, Jakobsson introduced a designate verifier signature(DVS) which is allowed to verify only specific verifier. DVS is the solution of conflict between authenticity and privacy because it provides message authentication without non-repudiation property. In this paper based on the notion of certificateless, we suggest a certificateless strong designated verifier signature scheme including the notion of strong which provides privacy of the signer. We suggest a scheme which is first trial to propose a certificateless strong designated verifier signature scheme including the notion of strong and non-delegatability, although it is not more efficient than previous one.
Design of an Efficient AES-ARIA Processor using Resource Sharing Technique
Koo, Bon-Seok ; Ryu, Gwon-Ho ; Chang, Tae-Joo ; Lee, Sang-Jin ;
Journal of the Korea Institute of Information Security and Cryptology, volume 18, issue 6A, 2008, Pages 39~49
AEA and ARIA are next generation standard block cipher of US and Korea, respectively, and these algorithms are used in various fields including smart cards, electronic passport, and etc. This paper addresses the first efficient unified hardware architecture of AES and ARIA, and shows the implementation results with 0.25um CMOS library. We designed shared S-boxes based on composite filed arithmetic for both algorithms, and also extracted common terms of the permutation matrices of both algorithms. With the
CMOS technology, our processor occupies 19,056 gate counts which is 32% decreased size from discrete implementations, and it uses 11 clock cycles and 16 cycles for AES and ARIA encryption, which shows 720 and 1,047 Mbps, respectively.
High Speed AES Implementation on 64 bits Processors
Jung, Chang-Ho ; Park, Il-Hwan ;
Journal of the Korea Institute of Information Security and Cryptology, volume 18, issue 6A, 2008, Pages 51~61
This paper suggests a new way to implement high speed AES on Intel Core2 processors and AMD Athlon64 processors, which are used all over the world today. First, Core2 Processors of EM64T architecture's memory-access-instruction processing efficiency are lower than calculus-instruction processing efficiency. So, previous AES implementation techniques, which had a high rate of memory-access-instruction, could cause memory-bottleneck. To improve this problem we present the partial round key techniques that reduce the rate of memory-access-instruction. The result in Intel Core2Duo 3.0 Ghz Processors show 185 cycles/block and 2.0 Gbps's throughputs in ECB mode. This is 35 cycles/block faster than bernstein software, which is known for being the fastest way. On the other side, in AMD64 processors of AMD64 architecture, by removing bottlenecks that occur in decoding processing we could improve the speed, with the result that the Athlon64 processor reached 170 cycles/block. The result that we present is the same performance of Matsui's unpublished software.
Efficient Mutual Authentication Protocol Suitable to Passive RFID System
Won, Tae-Youn ; Chun, Ji-Young ; Park, Choon-Sik ; Lee, Dong-Hoon ;
Journal of the Korea Institute of Information Security and Cryptology, volume 18, issue 6A, 2008, Pages 63~73
RFID(Radio Frequency IDentification) system is an automated identification system that basically consists of tags and readers and Back-End-Databases. Tags and Readers communicate with each other by RF signal. As a reader can identify many tags in contactless manner using RF signal, RFID system is expected to do a new technology to replace a bar-code system in supply-chain management and payment system and access control and medical record and so on. However, RFID system creates new threats to the security of systems and privacy of individuals, Because tags and readers communicate with each other in insecure channel using RF signal. So many people are trying to study various manners to solve these problems against attacks, But they are difficult to apply to RFID system based on EPCglobal UHF Class-1 Generation-2 tags. Recently, Chien and Chen proposed a mutual Authentication protocol for RFID conforming to EPCglobal UHF Class-1 Generation-2 tags. we discover vulnerabilities of security and inefficiency about their protocol. Therefore, We analyze vulnerabilities of their protocol and propose an efficient mutual authentication protocol that improves security and efficiency.
A User Authentication Method between Domains Using Privilege Certificates
Gi, Jun-Woong ; Kim, Ji-Hong ; Kim, Chang-Kyu ;
Journal of the Korea Institute of Information Security and Cryptology, volume 18, issue 6A, 2008, Pages 75~83
In this paper, we design a user authentication method between domains when mobile node moves in AAA server based MIPv6 environment. Several papers proposed the user authentication method executing at AAA server in home domain via AAA server in visiting domain. In this paper we proposed the user authentication method using privilege certificates between domains.
A Study on the Performance Improvement in SEcure Neighbor Discovery (SEND) Protocol
Park, Jin-Ho ; Im, Eul-Gyu ;
Journal of the Korea Institute of Information Security and Cryptology, volume 18, issue 6A, 2008, Pages 85~96
Neighbor Discovery(ND) protocol is used to exchange an information of the neighboring nodes on the same link in the IPv6 protocol environment. For protecting the ND protocol, firstly utilizing Authentication Header(AH) of the IPsec protocol was proposed. But the method has some problems-uses of key exchange protocol is not available and it is hard to distribute manual keys. And then secondly the SEcure Neighbor Discovery(SEND) protocol which protects all of the ND message with digital signature was proposed. However, the digital signature technology on the basis of public key cryptography system is commonly known as requiring high cost, therefore it is expected that there is performance degradation in terms of the availability. In the paper, to improve performance of the SEND protocol, we proposed a modified CGA(Cryptographically Generated Address) which is made by additionally adding MAC(Media Access Control) address to the input of the hash function. Also, we proposed cache mechanism. We compared performance of the methods by experimentation.
Effective Evaluation of Quality of Protection(QoP) in Wireless Network Environments
Kim, Hyeon-Seung ; Lim, Sun-Hee ; Yun, Seung-Hwan ; Yi, Ok-Yeon ; Lim, Jong-In ;
Journal of the Korea Institute of Information Security and Cryptology, volume 18, issue 6A, 2008, Pages 97~106
Quality of Protection(QoP) provides a standard that can evaluate networks offering protection. Also, QoP estimates stability of the system by quantifying intensity of the security. Security should be established based on the circumstance which applied to appropriate level, and this should chose a security policy which fit to propose of network because it is not always proportioned that between stability of security mechanism which is used at network and performance which has to be supported by system. With evolving wireless networks, a variety of security services are defined for providing secure wireless network services. In this paper, we propose a new QoP model which makes up for weak points of existing QoP model to choose an appropriate security policy for wireless network. Proposed new QoP model use objectively organized HVM by Flow-based Abnormal Traffic Detection Algorithm for constructing Utility function and relative weight for constructing Total reward function.
A New Bot Disinfection Method Based on DNS Sinkhole
Kim, Young-Baek ; Youm, Heung-Youl ;
Journal of the Korea Institute of Information Security and Cryptology, volume 18, issue 6A, 2008, Pages 107~114
The Bot is a kind of worm/virus that can be used to launch the distributed denial-of-service(DDoS) attacks or send massive amount of spam e-mails, etc. A lot of organizations make an effort to counter the Botnet's attacks. In Korea, we use DNS sinkhole system to protect from the Botnet's attack, while in Japan "so called" CCC(Cyber Clean Center) has been developed to protect from the Botnet's attacks. But in case of DNS sinkhole system, there is a problem since it cannot cure the Bot infected PCs themselves and in case of CCC there is a problem since only 30% of users with the Botnet-infected PCs can cooperate to cure themself. In this paper we propose a new method that prevent the Botnet's attacks and cure the Bot-infected PCs at the same time.
Malicious Codes Re-grouping Methods using Fuzzy Clustering based on Native API Frequency
Kwon, O-Chul ; Bae, Seong-Jae ; Cho, Jae-Ik ; Moon, Jung-Sub ;
Journal of the Korea Institute of Information Security and Cryptology, volume 18, issue 6A, 2008, Pages 115~127
The Native API is a system call which can only be accessed with the authentication of the administrator. It can be used to detect a variety of malicious codes which can only be executed with the administrator's authority. Therefore, much research is being done on detection methods using the characteristics of the Native API. Most of these researches are being done by using supervised learning methods of machine learning. However, the classification standards of Anti-Virus companies do not reflect the characteristics of the Native API. As a result the population data used in the supervised learning methods are not accurate. Therefore, more research is needed on the topic of classification standards using the Native API for detection. This paper proposes a method for re-grouping malicious codes using fuzzy clustering methods with the Native API standard. The accuracy of the proposed re-grouping method uses machine learning to compare detection rates with previous classifying methods for evaluation.
An Approach to Detect Spam E-mail with Abnormal Character Composition
Lee, Ho-Sub ; Cho, Jae-Ik ; Jung, Man-Hyun ; Moon, Jong-Sub ;
Journal of the Korea Institute of Information Security and Cryptology, volume 18, issue 6A, 2008, Pages 129~137
As the use of the internet increases, the distribution of spam mail has also vastly increased. The email's main use was for the exchange of information, however, currently it is being more frequently used for advertisement and malware distribution. This is a serious problem because it consumes a large amount of the limited internet resources. Furthermore, an extensive amount of computer, network and human resources are consumed to prevent it. As a result much research is being done to prevent and filter spam. Currently, research is being done on readable sentences which do not use proper grammar. This type of spam can not be classified by previous vocabulary analysis or document classification methods. This paper proposes a method to filter spam by using the subject of the mail and N-GRAM for indexing and Bayesian, SVM algorithms for classification.
Privacy Preserving Data Publication of Dynamic Datasets
Lee, Joo-Chang ; Ahn, Sung-Joon ; Won, Dong-Ho ; Kim, Ung-Mo ;
Journal of the Korea Institute of Information Security and Cryptology, volume 18, issue 6A, 2008, Pages 139~149
The amount of personal information collected by organizations and government agencies is continuously increasing. When a data collector publishes personal information for research and other purposes, individuals' sensitive information should not be revealed. On the other hand, published data is also required to provide accurate statistical information for analysis. k-Anonymity and
-diversity models are popular approaches for privacy preserving data publication. However, they are limited to static data release. After a dataset is updated with insertions and deletions, a data collector cannot safely release up-to-date information. Recently, the m-invariance model has been proposed to support re-publication of dynamic datasets. However, the m-invariant generalization can cause high information loss. In addition, if the adversary already obtained sensitive values of some individuals before accessing released information, the m-invariance leads to severe privacy disclosure. In this paper, we propose a novel technique for safely releasing dynamic datasets. The proposed technique offers a simple and effective method for handling inserted and deleted records without generalization. It also gives equivalent degree of privacy preservation to the m-invariance model.
Applied Method to Trusted Digital Content Distribution Architecture
Kim, Hye-Ri ; Hong, Seng-Phil ; Lee, Chul-Soo ;
Journal of the Korea Institute of Information Security and Cryptology, volume 18, issue 6A, 2008, Pages 151~162
As the innovative internet technologies and multimedia are being rapidly developed, digital content is a remarkable new growth industry and supplied by various channel. For example, domestic sales volume in digital contents marked an annual increase of 14.7% since 2003. Against the merits of digital content distribution, Information reengineering aspects are getting more serious issues in these days such as infringement of copyright, flood of inappropriate content, invasion and infringement of privacy, etc. In this paper, we are making a suggestion of the TDCDA-Trusted Digital Content Distribution Architecture in order to solve above problems. TDCDA is provided to how well-define and design the trusted path in digital contents distribution in internet environments using a secure distribution mechanism, digital content integrity and copyright protection. Finally, we also proposed the TDCDA algorithm and applicable guidelines for feasible approach in real computing environment.
A Study on the Admissibility of the Virtual Machine Image File as a Digital Evidence in Server Virtualization Environment
Kim, Dong-Hee ; Baek, Seung-Jo ; Shim, Mi-Na ; Lim, Jong-In ;
Journal of the Korea Institute of Information Security and Cryptology, volume 18, issue 6A, 2008, Pages 163~177
As many companies are considering to use server virtualization technology to reduce cost, the crime rates in virtual server environment are expected to be increasing rapidly. The server virtualization solution has a basic function to produce virtual machine images without using any other disk imaging tools, so that investigating virtual servers are more efficient because the investigator only has to collect the virtual machine image and submit it to the court. However, the virtual machine image has no admissibility to be the legal evidence because of security, authenticity, procedural problems in collecting virtual machine images on virtual servers. In this research, we are going to provide requirements to satisfy security, authenticity and chain of custody conditions for the admissibility of the virtual machine image in server virtualization environment. Additionally, we suggest definite roles and driving plans for related organizations to produce virtual machine image as a admissible evidence.
Cryptanalysis of an Efficient RSA-Based Password-Authenticate Key Exchange Protocol against Dictionary Attack
Youn, Taek-Young ; Park, Young-Ho ; Ryu, Heui-Su ;
Journal of the Korea Institute of Information Security and Cryptology, volume 18, issue 6A, 2008, Pages 179~183
Recently, an efficient password-authenticated key exchange protocol based on RSA has been proposed by Park et al. with formal security proof. In this letter, we analyze their protocol, and show that it is not secure against an active adversary who performs a dictionary attack. Moreover, we analyze the performance of the proposed attack and show that the attack is a threatening attack against the protocol.
A Proposal for Digital Forensic Model for Secure Digital Rights Management
Jang, Ui-Jin ; Jung, Byung-Ok ; Lim, Hyung-Min ; Shin, Yong-Tae ;
Journal of the Korea Institute of Information Security and Cryptology, volume 18, issue 6A, 2008, Pages 185~190
The devices for the digital home in ubiquitous environment aim at providing multimedia services which are not limited to the time and space. However, it does not ensure the fair use of digital contents and causes damage to the contents providers because of indiscriminate distribution of digital contents and the use of illegal contents. DRM system for solving this problems cannot protect the license stored on digital home devices and manage license by redistribution of contents. In this paper, digital forensic model that enables the misuse detection and previous interception of large-scale illegal distribution for contents and license, and also enables the creation and management of digital evidence for legal countermeasure.