Go to the main menu
Skip to content
Go to bottom
REFERENCE LINKING PLATFORM OF KOREA S&T JOURNALS
> Journal Vol & Issue
Journal of the Korea Institute of Information Security and Cryptology
Journal Basic Information
Journal DOI :
Korea Institutes of Information Security and Cryptology
Editor in Chief :
Volume & Issues
Volume 20, Issue 6 - Dec 2010
Volume 20, Issue 5 - Oct 2010
Volume 20, Issue 4 - Aug 2010
Volume 20, Issue 3 - Jun 2010
Volume 20, Issue 2 - Apr 2010
Volume 20, Issue 1 - Feb 2010
Selecting the target year
Preimage Attacks on Reduced Steps of ARIRANG, HAS-160, and PKC98-Hash
Hong, Deuk-Jo ; Koo, Bon-Wook ; Kim, Woo-Hwan ; Kwon, Dae-Sung ;
Journal of the Korea Institute of Information Security and Cryptology, volume 20, issue 2, 2010, Pages 3~14
In this paper, we present the preimage attacks on step-reduced ARIRANG, HAS-160, and PKC98-Hash. We applied Aoki and Sasaki's chunk serach method which they have used in the attack on SHA-0 and SHA-1. Our attacks find the preimages of 35-step ARIRANG, 65-step HAS-160, and 80-step PKC98-Hash. Our results are the best preimage attacks for ARIRANG and HAS-160, and the first preimage attack for PKC98-Hash faster than exhaustive search.
Hardware Implementation of the Fuzzy Fingerprint Vault System
Lim, Sung-Jin ; Chae, Seung-Hoon ; Pan, Sung-Bum ;
Journal of the Korea Institute of Information Security and Cryptology, volume 20, issue 2, 2010, Pages 15~21
The user authentication using fingerprint information not only provides the convenience but also high security. However, the fingerprint information for user authentication can cause serious problems when it has been compromised. It cannot change like passwords, because the user only has ten fingers on two hands. Recently, there is an increasing research of the fuzzy fingerprint vault system to protect fingerprint information. The research on the problem of fingerprint alignment using geometric hashing technique carried out. This paper proposes the hardware architecture fuzzy fingerprint vault system based on geometric hashing. The proposed architecture consists of software and hardware module. The hardware module has charge of matching between enrollment hash table and verification hash table. Based on the experimental results, the execution time of the proposed system with 36 real minutiae is 0.2 second when 100 chaff minutiae, 0.53 second when 400 chaff minutiae.
Specification-based Intrusion Detection System for the Initial Authentication Phase of WiBro
Lee, Yun-Ho ; Lee, Soo-Jin ;
Journal of the Korea Institute of Information Security and Cryptology, volume 20, issue 2, 2010, Pages 23~32
WiBro(Wireless Broadband), the service based on IEEE 802.16e(mobile WiMAX) standard, is a wireless broadband Internet technology being developed by the domestic telecommunication industry. In this paper, we analyze security vulnerabilities of WiBro focusing on initial authentication phase and propose a specification-based intrusion detection system that can detect those vulnerabilities. We first derive a specification from the normally operational process of the initial authentication based on PKMv2 EAP-AKA and formalize the derived specification as a state transition diagram. Proposed system executes the intrusion detection based on those specification and state transition diagram. In this paper, to verify the detection capability of proposed system, we construct a test bed network and execute scenario-based test.
Countermeasure for Physical Attack in RSA-CRT using Double Exponentiation Algorithm and Fault Infective Method
Gil, Kwang-Eun ; Oh, Do-Hwan ; Baek, Yi-Roo ; Ha, Jae-Cheol ;
Journal of the Korea Institute of Information Security and Cryptology, volume 20, issue 2, 2010, Pages 33~41
Many experimental results shows that RSA-CRT algorithm can be broken by fault analysis attacks. We analyzed the previous fault attacks and their countermeasures on RSA-CRT algorithm and found an weakness of the countermeasure proposed by Abid and Wang. Based on these analyses, we propose a new countermeasure which uses both double exponentiation and fault infective computation method. The proposed method efficiently computes a fault verification information using double exponentiation. And, it is designed to resist simple power analysis attack and (N-1) attack.
Broadcast Authentication Protocol Based on XOR Chain for Data-Loss Tolerant and Gigh-Efficiency
Yeo, Don-Gu ; Jang, Jae-Hoon ; Choi, Hyun-Woo ; Youm, Heung-Youl ;
Journal of the Korea Institute of Information Security and Cryptology, volume 20, issue 2, 2010, Pages 43~55
broadcast authentication protocol have been developed by many researchers for providing authenticated broadcasting message between receiver and sender in sensor networks. Those cause authentication delay Tree-based
 solves the problem of authentication delay. But, it has new problems from Merkel hash tree certificate structure. Such as an increase in quantity of data transmission and computation according to the number of sender or parameter of
 has an advantages, such as a fixed computation cost by altered Low-level Merkel has tree to hash chain. However, it only use the sequential values of Hash chain to authenticate
parameters. So, It can't ensure the success of authentication in lossy sensor network. This paper is to propose the improved method for Tree-based
by using XOR-based chain. The proposed scheme provide advantages such as a fixed computation cost with
and a message loss-tolerant with Tree-based
RFID Mutual Authentication Protocol Providing Improved Privacy and Resynchronization
Kim, Young-Jae ; Jeon, Dong-Ho ; Kwon, Hye-Jin ; Kim, Soon-Ja ;
Journal of the Korea Institute of Information Security and Cryptology, volume 20, issue 2, 2010, Pages 57~72
Hash based RFID protocols proposed by Ha and M.Burmester is a scheme that tag's ID is updated using hash function to provide forward secrecy after session end. But this protocols have a problem both privacy and efficiency. This paper analyze a problem for privacy to apply a privacy game model proposed by Vaudenay. we analyze the cause that these scheme is difficult with tag's cheap implementation and efficient resynchronization. To solve these problems, we proposed a new hash based mutual authentication protocol which apply only two protocol's advantages. this protocols is based of resynchronization algorithm for Ha et al.'s protocol and added a new simple counter to record the numner of continuous desynchronization between tag and reader secret informations. this counter is more simple than cyclic counter proposed by M. Burmester's protocol. Also, we prove that proposal protocol improve a privacy against a privacy attack which is executed for Ha and M. Burmester's protocols.
A Secure RFID Search Protocol Protecting Mobile Reader's Privacy Without On-line Server
Lim, Ji-Wwan ; Oh, Hee-Kuck ; Kim, Sang-Jin ;
Journal of the Korea Institute of Information Security and Cryptology, volume 20, issue 2, 2010, Pages 73~90
Recently, Tan et al. introduced a serverless search protocol in which a mobile reader maintains a tag authentication list and authenticates a tag using the list without connecting authentication server. A serverless RFID system is different from general RFID systems which use on-line server models. In the serverless RFID system, since the mobility of a personalized reader must be considered, we have to protect not only the privacy of a tag but also the privacy of a mobile reader. In this paper, we define new security requirements for serverless RFID search system and propose a secure serverless RFID search system. In our system, since tag authentication information maintained by a reader is updated in every session, we can provide the backward untraceability of a mobile reader. Also we use an encrypted timestamp to block a replay attack which is major weakness of search protocols. In addition, we define a new adversary model to analyze a serverless RFID search system and prove the security of our proposed system using the model.
Improving Research Information Security in Academic Institutes through the Analysis of Security Awareness and Activities
Park, Il-Hyung ; Kim, Seong-Woo ; Seo, Seung-Woo ;
Journal of the Korea Institute of Information Security and Cryptology, volume 20, issue 2, 2010, Pages 91~108
Universities are one of leading R&D institutes, however, their scarce security investment allows research information to leak outside. This paper proposes methods for improving security level of academic institutes to protect research information by analyzing security awareness and activities. To do that, we verified the current status of information security and awareness level by analyzing the survey which was conducted for a member of Seoul National University. As a result of statistical analysis using correlation, analysis of variance, multi regression and so on, we concluded that it is essential to improve security awareness, activities, professor's security level and management process for research labs. Thus, we suggest the following methods, security awareness and knowledge development through education, security management for research labs through provision, introduction of data protection softwares and physical control of visitors which are to be adopted to improve security level.
Considering System Throughput to Evaluate Information Security Investment Portfolios
Yang, Won-Seok ; Kim, Tae-Sung ; Park, Hyun-Min ;
Journal of the Korea Institute of Information Security and Cryptology, volume 20, issue 2, 2010, Pages 109~116
We consider an information system where its throughput deteriorates due to security threats and evaluate information security investment portfolios. We assume that organizations adopt information security countermeasures (or portfolios consisted of countermeasures) to lessen the damage resulted from the productivity (or throughput) deterioration. A probability model is used to derive the system throughput and the average number of repairs according to the occurrence rate of security threats. Considering the revenue from throughput, the repair cost, and the investment for the security system, the net present value for each portfolio is derived. Organizations can compare information security investment portfolios and select the optimal portfolio.
Comparison of The ISMS Difference for Private and Public Sector
Kim, Ji-Sook ; Lee, Soo-Yeun ; Lim, Jong-In ;
Journal of the Korea Institute of Information Security and Cryptology, volume 20, issue 2, 2010, Pages 117~129
To support the establishment of Information Security Management System, the private sector and the public sector have taken some measures. In the private sector, KISA(Korea Internet & Security Agency) has certified ISMS system based on "The Act on Communication Network Use Promotion and Information Security etc.". In the public sector, No authentication system has been established. Instead, NIS(National Intelligence Service) has enforced 'Information Security Management Condition Evaluation' based on "Electronic Government Act". This article compared ISMS control parts of the private sector with that of the public sector and analyzed the non-enforcement parts of ISMS implementing two sectors for years. Based on this, I would like to consider the method of establishment for efficient ISMS.
A Shortened Common Criteria Evaluation Schedule using Project Management Techniques
Park, Soon-Tai ; Lee, Hyung-Hyo ; Noh, Bong-Nam ;
Journal of the Korea Institute of Information Security and Cryptology, volume 20, issue 2, 2010, Pages 131~144
IT developed countries since the late 1980s are used to develop IT security evaluation criteria to ensure safety and reliability of information protection products. Currently a variety of products used for the evaluation based on CC and it takes a long period of product evaluation is required to reduce the developers and users. In this paper refer to the published standard evaluation schedule for the EAL4 calculation model offers a trial period. In addition, based on this commitment by adjusting the number of evaluaters to evaluate the applicant in the evaluation period to minimize the position offers.
A Convergence Technology of IPTV-RFID against Clone Attack
Jeong, Yoon-Su ; Kim, Yong-Tae ; Park, Gil-Cheol ; Lee, Sang-Ho ;
Journal of the Korea Institute of Information Security and Cryptology, volume 20, issue 2, 2010, Pages 145~156
Now a days, the development of TV and internet like communicational technique makes IPTV service which combines internet with multimedia contents increase. But when a user gets service in specific place, the certification process and user's ID check in IPTV service is complicate so that there occurs communicational difficulty like increasing illegal users and service delay etc. This paper proposes communication security mechanism to prevent Clone attack which happens in wireless section by efficiently extracting illegal user. The proposed mechanism performs key distribution procedure, inter certification procedure, and key initiation procedure by putting security agent in RFID-USB for RFID tags users use to perform plug-and-plug function. Also, the proposed mechanism updates the hased token value by its ID and the random number which RFID-USB creates whenever a user accesses in the area of RFID-USB so that it protects reply attack and man-in-the-middle attack which happen often in the area of wireless section.