Go to the main menu
Skip to content
Go to bottom
REFERENCE LINKING PLATFORM OF KOREA S&T JOURNALS
> Journal Vol & Issue
Journal of the Korea Institute of Information Security and Cryptology
Journal Basic Information
Journal DOI :
Korea Institutes of Information Security and Cryptology
Editor in Chief :
Volume & Issues
Volume 20, Issue 6 - Dec 2010
Volume 20, Issue 5 - Oct 2010
Volume 20, Issue 4 - Aug 2010
Volume 20, Issue 3 - Jun 2010
Volume 20, Issue 2 - Apr 2010
Volume 20, Issue 1 - Feb 2010
Selecting the target year
Cryptanalysis on Two Recent Group Signature Schemes
Ha, Deng-Ke ; Kim, Ki-Tae ; Nyang, Dae-Hun ; Lee, Kyung-Hee ;
Journal of the Korea Institute of Information Security and Cryptology, volume 20, issue 5, 2010, Pages 3~10
Unlinkability and traceability are basic security requirements of a group signature scheme. In this paper, we analyze two recent group signature schemes, Lee et al.'s scheme and Zhu et al.'s scheme. We show that Lee et al,'s scheme does not work correctly. Further, it fails to meet unlinkability, that is, anyone who intercepts or receives group signatures are able to check if they are from the same signer. We also show that Zhu et al.'s scheme is unable to satisfy traceability, that is, a malicious group member can generate valid group signatures that cannot be opened. Moreover, once becoming group member, the malicious group member will never be revoked from group. Besides, Zhu et al.'s scheme fails to satisfy forward security, a requirement claimed by authors.
Low Space Complexity Bit-Parallel Shifted Polynomial Basis Multipliers using Irreducible Trinomials
Chang, Nam-Su ; Kim, Chang-Han ;
Journal of the Korea Institute of Information Security and Cryptology, volume 20, issue 5, 2010, Pages 11~22
Recently, Fan and Dai introduced a Shifted Polynomial Basis and construct a non-pipeline bit-parallel multiplier for
. As the name implies, the SPB is obtained by multiplying the polynomial basis 1,
. Therefore, it is easy to transform the elements PB and SPB representations. After, based on the Modified Shifted Polynomial Basis(MSPB), SPB bit-parallel Mastrovito type I and type II multipliers for all irreducible trinomials are presented. In this paper, we present a bit-parallel architecture to multiply in SPB. This multiplier have a space complexity efficient than all previously presented architecture when n
2k. The proposed multiplier has more efficient space complexity than the best-result when 1
(n+1)/3. Also, when (n+2)/3
k < n/2 the proposed multiplier has more efficient space complexity than the best-result except for some cases.
Identity-Based Online/Offline Signcryption Without Random Oracles
Park, Seung-Hwan ; Kim, Ki-Tak ; Koo, Woo-Kwon ; Lee, Dong-Hoon ;
Journal of the Korea Institute of Information Security and Cryptology, volume 20, issue 5, 2010, Pages 23~36
Signcryption is a cryptographic primitive which offers authentication and confidentiality simultaneously with a cost lower than signing and encrypting the message independently. We propose a new cryptographic notion called Identity-based online/offline signcryption. The notion of online/offline scheme can be divided into two phases, the first phase is performed offline prior to the arrival of a message to be signed or encrypted and the second phase is performed online phase after knowing the message and the public key of recipient. The Online phase does not require any heavy computations such as pairings or exponents. It is particularly suitable for power-constrained devices such as smart cards. In this paper, we propose ID-based signcryption scheme and ID-based online/offline signcryption scheme where the confidentiality and authenticity are simultaneously required to enable a secure and trustable communication environment. To our best knowledge, this is the first ID-based online/offline signcryption scheme that can be proven secure in the standard model.
Exact Security Analysis of Some Designated Verifier Signature Schemes With Defective Security Proof
Kim, Ki-Tae ; Nyang, Dae-Hun ; Lee, Kyung-Hee ;
Journal of the Korea Institute of Information Security and Cryptology, volume 20, issue 5, 2010, Pages 37~48
Designated verifier signatures allow a signer to prove the validity of a signature to a specifically designated verifier. The designated verifier can be convinced but unable to prove the source of the message to a third party. Unlike conventional digital signatures, designated verifier signatures make it possible for a signer to repudiate his/her signature against anyone except the designated verifier. Recently, two designated verifier signature schemes, Zhang et al.'s scheme and Kang et al.'s scheme, have been shown to be insecure by concrete attacks. In this paper, we find the essential reason that the schemes open attacks while those were given with its security proofs, and show that Huang-Chou scheme and Du-Wen scheme have the same problem. Indeed, the security proofs of all the schemes reflect no message attackers only. Next, we show that Huang-Chou scheme is insecure by presenting universal forgery attack. Finally, we show that Du-Wen scheme is, indeed, secure by completing its defective security proof.
An Efficient DSA Signature Scheme Resistant to the Fault Analysis Attack
Bae, Ki-Seok ; Baek, Yi-Roo ; Moon, Sang-Jae ; Ha, Jae-Cheol ;
Journal of the Korea Institute of Information Security and Cryptology, volume 20, issue 5, 2010, Pages 49~57
The fault cryptanalysis is a physical attack in which the key stored inside of the device can be extracted by occurring some faults when the device performs cryptographic algorithm. Since the international signature standard DSA(Digital Signature Algorithm) was known to be vulnerable to some fault analysis attacks, many researchers have been investigating the countermeasure to prevent these attacks. In this paper we propose a new countermeasure to compute DSA signature that has its immunity in the presence of faults. Since additional computational overhead of our proposal is only an inverse operation in signature process, the proposed DSA scheme can be implemented more efficiently compared to previous countermeasures.
An Architecture of Access Control Model for Preventing Illegal Information Leakage by Insider
Eom, Jung-Ho ; Park, Seon-Ho ; Chung, Tai-M. ;
Journal of the Korea Institute of Information Security and Cryptology, volume 20, issue 5, 2010, Pages 59~67
In the paper, we proposed an IM-ACM(Insider Misuse-Access Control Model) for preventing illegal information leakage by insider who exploits his legal rights in the ubiquitous computing environment. The IM-ACM can monitor whether insider uses data rightly using misuse monitor add to CA-TRBAC(Context Aware-Task Role Based Access Control) which permits access authorization according to user role, context role, task and entity's security attributes. It is difficult to prevent information leakage by insider because of access to legal rights, a wealth of knowledge about the system. The IM-ACM can prevent the information flow between objects which have the different security levels using context role and security attributes and prevent an insider misuse by misuse monitor which comparing an insider actual processing behavior to an insider possible work process pattern drawing on the current defined profile of insider's process.
Security-Enhanced Local Process Execution Scheme in Cloud Computing Environments
Kim, Tae-Hyoung ; Kim, In-Hyuk ; Kim, Jung-Han ; Min, Chang-Woo ; Kim, Jee-Hong ; Eom, Young-Ik ;
Journal of the Korea Institute of Information Security and Cryptology, volume 20, issue 5, 2010, Pages 69~79
In the current cloud environments, the applications are executed on the remote cloud server, and they also utilize computing resources of the remote cloud server such as physical memory and CPU. Therefore, if remote server is exposed to security threat, every applications in remote server can be victim by several security-attacks. Especially, despite many advantages, both individuals and businesses often have trouble to start the cloud services according to the malicious administrator of the cloud server. We propose a security-enhanced local process executing scheme resolving vulnerability of current cloud computing environments. Since secret data is stored in the local, we can protect secret data from security threats of the cloud server. By utilizing computing resource of local computer instead of remote server, high-secure processes can be set free from vulnerability of remote server.
Weaknesses of the new design of wearable token system proposed by Sun et al.
Kim, Jung-Yoon ; Choi, Hyoung-Kee ;
Journal of the Korea Institute of Information Security and Cryptology, volume 20, issue 5, 2010, Pages 81~88
Sun et al. proposed a new design of wearable token system for security of mobile devices, such as a notebook and PDA. In this paper, we show that Sun et al.'s system is vulnerable to off-line password guessing attack and man in the middle attack based on known plain-text attack. We propose an improved scheme which overcomes the weaknesses of Sun et al.'s system. The proposed protocol requires to perform one modular multiplication in the wearable token, which has low computation ability, and modular exponentiation in the mobile devices, which have sufficient computing resources. Our protocol has no security problem, which threatens Sun's system, and known vulnerabilities. That is, the proposed protocol overcomes the security problems of Sun's system with minimal overheads.
DoS attack prevention using methods for reduction of memory usage in 802.11i 4-Way Handshake
Kim, Jung-Yoon ; Kim, In-Hwan ; Choi, Hyoung-Kee ;
Journal of the Korea Institute of Information Security and Cryptology, volume 20, issue 5, 2010, Pages 89~98
Wireless LAN (WLAN) is type of wireless service that has higher data transmission than current cellular networks. The usage is continually increasing. There are a lot of vulnerabilities in wireless network, due to the properties of the wireless environment, regardless of its popularity. IEEE announced the 802.11i security standard to solve these problems. The vulnerable point of messages used in the process of key distribution for 802.11i makes the target node attacked lose memory through continuous messages and blocks the legitimate WLAN service. In this paper, we proposed new schemes to solve this problem and compared our proposals with the current process. The proposed protocol eliminates the memory exhaustion problem on the client side by using methods for reduction of memory usage.
Light-weight Defense Mechanisms for application layer DDoS Attacks in the Web Services
Lee, Tai-Jin ; Im, Chae-Su ; Im, Chae-Tae ; Jung, Hyun-Chul ;
Journal of the Korea Institute of Information Security and Cryptology, volume 20, issue 5, 2010, Pages 99~110
Recently, network based DDoS attacks have been changed into application layer DDoS attacks which are targeted at the web services. Specially, an attacker makes zombie PCs generate small traffic and its traffic pattern has been similar to the normal user's pattern. So, existing HTTP PPS based Threshold cannot defend the DDoS attacks effectively. In this paper, we displayed all the GET Flooding attack types and propose three DDoS attack defense mechanisms which are simple and very powerful. Proposed mechanisms can defend all the existing GET Flooding DDoS attacks and be deployed in the real environment immediately with little resource consumption.
A Wireless Network Structure and AKA(Authentication and Key Agreement) Protocol of Advanced Metering Infrastructure on the Smart Grid based on Binary CDMA
Jeon, Jae-Woo ; Lim, Sun-Hee ; Yi, Ok-Yeon ;
Journal of the Korea Institute of Information Security and Cryptology, volume 20, issue 5, 2010, Pages 111~124
AMI (Advanced Metering Infrastructure) is a core infrastructure of Smart Grid, and is promoting in various country. Wireless network is considered for cost savings and operational efficiencies in AMI. But various security problems are expected in wireless networks of AMI, so we should solve these problems. In this paper, we suggest a wireless network of AMI by using Binary CDMA and security countermeasures of AMI wireless network. Proposed security architecture is using BSIM (Binary Subscriber Identity Module) to perform user authentication and key agreement for the encryption and decryption over radio network to reduce security threats.
A Method for Tracing Internet Usage in Multi-use Web browser Environment and Non-English Speaking Countries
Lee, Seung-Bong ; Lee, Sang-Jin ;
Journal of the Korea Institute of Information Security and Cryptology, volume 20, issue 5, 2010, Pages 125~132
Web browser is essential application for using internet. If suspect use a web browser for crime, evidence related crime is stored in log file. Therefore, we obtain the useful information related crime as investigating web browser log file. In this paper, we look at the related work and tools for web browser log file. And we introduce analysis methodology of web browser log file focus on the digital forensics. In addition, we apply to our tool at real case.
Combining Feature Fusion and Decision Fusion in Multimodal Biometric Authentication
Lee, Kyung-Hee ;
Journal of the Korea Institute of Information Security and Cryptology, volume 20, issue 5, 2010, Pages 133~138
We present a new multimodal biometric authentication method, which performs both feature-level fusion and decision-level fusion. After generating support vector machines for new features made by integrating face and voice features, the final decision for authentication is made by integrating decisions of face SVM classifier, voice SVM classifier and integrated features SVM clssifier. We justify our proposal by comparing our method with traditional one by experiments with XM2VTS multimodal database. The experiments show that our multilevel fusion algorithm gives higher recognition rate than the existing schemes.