Go to the main menu
Skip to content
Go to bottom
REFERENCE LINKING PLATFORM OF KOREA S&T JOURNALS
> Journal Vol & Issue
Journal of the Korea Institute of Information Security and Cryptology
Journal Basic Information
Journal DOI :
Korea Institutes of Information Security and Cryptology
Editor in Chief :
Volume & Issues
Volume 21, Issue 6 - Dec 2011
Volume 21, Issue 5 - Oct 2011
Volume 21, Issue 4 - Aug 2011
Volume 21, Issue 3 - Jun 2011
Volume 21, Issue 2 - Apr 2011
Volume 21, Issue 1 - Feb 2011
Selecting the target year
Public Key Encryption with Keyword Search for Restricted Testability
Eom, Ji-Eun ; Rhee, Hyun-Sook ; Lee, Dong-Hoon ;
Journal of the Korea Institute of Information Security and Cryptology, volume 21, issue 4, 2011, Pages 3~10
To provide efficient keyword search on encrypted data, a public key encryption with keyword search (PEKS) was proposed by Boneh et al. A sender encrypts an e-mail and keywords with receiver's public key, respectively and uploads them on a server. Then a receiver generates a trapdoor of w with his secret key to search an e-mail related with some keyword w. However, Byun et al. showed that PEKS and some related schemes are not secure against keyword guessing attacks. In this paper, we propose a public key encryption with keyword search for restricted testability (PEKS-RT) scheme and show that our scheme is secure against keyword guessing attacks.
A Study on Anonymous Authorization based on Short Group Signatures
Shin, Soo-Yeon ; Kwon, Tae-Kyoung ;
Journal of the Korea Institute of Information Security and Cryptology, volume 21, issue 4, 2011, Pages 11~26
The existing anonymous authentication schemes based on group signatures for protecting privacy do not provide anonymous authorization which is required in the practical environments. In this paper, we propose an anonymous authentication and authorization scheme that enables a service provider both to authenticate anonymously its users and to provide different service according to their authorization. In the proposed scheme, a user's real identity, anonymity and authorization are managed distinctly through the separation of group manager's capabilities and an authorization authority. It is also possible for the proposed scheme to apply various access control models.
Statistical Analysis of High-Order Power Analysis
Kim, Min-Su ; Kim, Hee-Seok ; Hong, Seok-Hie ;
Journal of the Korea Institute of Information Security and Cryptology, volume 21, issue 4, 2011, Pages 27~37
dth-order power analysis can safely be defended by dth-order masking method. However, as the degree of applied masking method increases, it can significantly decrease effectiveness of cryptosystem. The existing statistical analysis on high-order power analysis contains only analysis on second power analysis. However, this means absent of safety standards when crypto engineers apply 3rd or more order masking. this absent of standards can lead to insignificant usage of masking method which can significantly decrease effectiveness of cryptosystem. In this dissertation, we have generalize statistical values on high-order power analysis to establish these standards. In other words, we have generalized the value of a correlation coefficient when calculation of high-order power analysis methods are performed. That is to say, it can greatly be used to indicate a degrees that can be applied on further usage of masking method.
A Study on Building an Optimized Defense System According to the Application of Integrated Security Policy Algorithm
Seo, Woo-Seok ; Jun, Moon-Seog ;
Journal of the Korea Institute of Information Security and Cryptology, volume 21, issue 4, 2011, Pages 39~46
This study is conducted to examine the optimal integrated security policy based on network in case of attacks by implementing unique security policies of various network security equipments as an algorithm within one system. To this end, the policies conduct the experiment to implement the optimal security system through the process of mutually integrating the unique defense policy of Firewall, VPN(Virtual Private Network), IDS(Intrusion Detection System), and IPS(Intrusion Prevention System). In addition, this study is meaningful in that it designs integrated mechanism for rapid detection of system load caused by establishment of the security policy and rapid and efficient defense and secures basic network infrastructure implementation.
Novel Anomaly Detection Method for Proactive Prevention from a Mobile E-finance Accident with User"s Input Pattern Analysis
Seo, Ho-Jin ; Kim, Huy-Kang ;
Journal of the Korea Institute of Information Security and Cryptology, volume 21, issue 4, 2011, Pages 47~60
With the increase in the use of mobile banking service, mobile banking has become an attractive target to attackers. Even though many security measures are applied to the current mobile banking service, some threats such as physical theft or penetration to a mobile device from remote side are still remained as unsolved. With aiming to fill this void, we propose a novel approach to prevent e-financial incidents by analyzing mobile device user's input patterns. This approach helps us to distinguish between original user's usage and attacker's usage through analyzing personal input patterns such as input time-interval, finger pressure level on the touch screen. Our proposed method shows high accuracy, and is effective to prevent the e-finance incidents proactively.
Research on Malicious code hidden website detection method through WhiteList-based Malicious code Behavior Analysis
Ha, Jung-Woo ; Kim, Huy-Kang ; Lim, Jong-In ;
Journal of the Korea Institute of Information Security and Cryptology, volume 21, issue 4, 2011, Pages 61~75
Recently, there is significant increasing of massive attacks, which try to infect PCs that visit websites containing pre-implanted malicious code. When visiting the websites, these hidden malicious codes can gain monetary profit or can send various cyber attacks such as BOTNET for DDoS attacks, personal information theft and, etc. Also, this kind of malicious activities is continuously increasing, and their evasion techniques become professional and intellectual. So far, the current signature-based detection to detect websites, which contain malicious codes has a limitation to prevent internet users from being exposed to malicious codes. Since, it is impossible to detect with only blacklist when an attacker changes the string in the malicious codes proactively. In this paper, we propose a novel approach that can detect unknown malicious code, which is not well detected by a signature-based detection. Our method can detect new malicious codes even though the codes' signatures are not in the pattern database of Anti-Virus program. Moreover, our method can overcome various obfuscation techniques such as the frequent change of the included redirection URL in the malicious codes. Finally, we confirm that our proposed system shows better detection performance rather than MC-Finder, which adopts pattern matching, Google's crawling based malware site detection, and McAfee.
Promising Fields for Promoting Workforce in Knowledge Information Security Sector: A Case of KISA Employment-Contract Master Program
Jun, Hyo-Jung ; Kim, Tae-Sung ;
Journal of the Korea Institute of Information Security and Cryptology, volume 21, issue 4, 2011, Pages 77~87
As information services have been widely used in various environments, the knowledge information security sector plays a significant role in development and management of products and services, information privacy management, risk management and safety, etc. Thus, the process of acquiring knowledge information security professionals is getting more attention for promoting the stable and long-term development of the knowledge information security sector. This study identifies and analyzes the promising fields for the KISA Employment-Contract Master Program and suggests promotion strategies for knowledge information security professionals. By surveying participants and would-be participants, and interviewing experts, it is analyzed that 'mobile security' and 'convergence security' are the two most important fields to be included in the program.
Research on Mac OS X Physical Memory Analysis
Lee, Kyeong-Sik ; Lee, Sang-Jin ;
Journal of the Korea Institute of Information Security and Cryptology, volume 21, issue 4, 2011, Pages 89~100
Physical memory analysis has been an issue on a field of live forensic analysis in digital forensics until now. It is very useful to make the result of analysis more reliable, because record of user behavior and data can be founded on physical memory although process is hided. But most memory analysis focuses on windows based system. Because the diversity of target system to be analyzed rises up, it is very important to analyze physical memory based on other OS, not Windows. Mac OS X, has second market share in Operating System, is operated by loading kernel image to physical memory area. In this paper, We propose a methodology for physical memory analysis on Mac OS X using symbol information in kernel image, and acquire a process information, mounted device information, kernel information, kernel extensions(eg. KEXT) and system call entry for detecting system call hooking. In additional to the methodology, we prove that physical memory analysis is very useful though experimental study.
A Study on System Tracing User Activities in the Windows Operating System
Jung, Chang-Sung ; Kim, Young-Chan ;
Journal of the Korea Institute of Information Security and Cryptology, volume 21, issue 4, 2011, Pages 101~114
As it seems like critical information leakages have been increasing due to industrial espionage and malicious internal users, the importance of introducing audit and log security technology is growing every now and then. In this paper, we suggest the session logging system for the company's internal control to meet the SOX legislation level, by monitoring and analyzing users behaviors connecting to the business-critical Operating System. The system proposed in this paper aims to monitor the user's illegal activities in the Operating System, and to present the clear evidence of purpose of those activities by detailed logs. For this purpose, we modified Operating System by adding multiple services suggested in this paper. These services utilize interfaces provided by the existing Operating System and add functions to control access and get logs. The system saves and manages session logs of users or administrators connected to the server with centralized log storage. And the system supports session log searching and lookup features required by SOX legislation for the company's internal controls with the level of computer forensics and logging technology.
e-Passport Security Technology using Biometric Information Watermarking
Lee, Yong-Joon ;
Journal of the Korea Institute of Information Security and Cryptology, volume 21, issue 4, 2011, Pages 115~124
There has been significant research in security technology such as e-passport standards, as e-passports have been introduced internationally. E-passports combine the latest security technologies such as smart card, public key infrastructure, and biometric recognition, so that these technologies can prevent unauthorized copies and counterfeits. Biometric information stored in e-passports is the most sensitive personal information, and it is expected to bring the highest risk of damages in case of its forgery or duplication. The present e-passport standards cannot handle security features that verify whether its biometric information is copied or not. In this paper, we propose an e-passport security technology in which biometric watermarking is used to prevent the copy of biometric information in the e-passport. The proposed method, biometric watermarking, embeds the invisible date of acquisition into the original data during the e-passport issuing process so that the human visual system cannot perceive its invisibly watermarked information. Then the biometric sample, having its unauthorized copy, is retrieved at the moment of reading the e-passport from the issuing database. The previous e-passport security technology placed an emphasis on both access control readers and anti-cloning chip features, and it is expected that the proposed feature, copy protection of biometric information, will be demanded as the cases of biometric recognition to verify personal identity information has increased.
A Study on the Implementation of outdoor type Virtual Private Network Gateway for Smart Grid
Park, Jun-Young ; Kim, Huy-Kang ;
Journal of the Korea Institute of Information Security and Cryptology, volume 21, issue 4, 2011, Pages 125~136
The vulnerabilities existed in Korean electricity control systems is unexposed because it is being operated in a closed network with superior security. The threat will become greater once the closed network develops into a smart grid environment with superior intelligence. Security will have a greater impact once each household will be connected to the power plant via the smart meter. This research focuses on stable data transfer in harsh external environment and whole-nation coverage network, and suggested standardized and optimized Virtual Private Network (VPN) Gateway architecture to support Power Line Communication (PLC). The functionality and stability of the prototype has been verified with field tests. For implementation of outdoor type VPN device for smart grid, we adopted PLC low voltage remote-meter-net for data communication. Also, IPSec type tunneling and ARIA algorithm based encryption of data collected by PLC low voltage remote meter is transmitted.
STB Virtualization based Enhanced IPTV User Authentication System
Go, Woong ; Kwak, Jin ;
Journal of the Korea Institute of Information Security and Cryptology, volume 21, issue 4, 2011, Pages 137~147
Because of the convergence between Internet and broadcast communication, users are able to use multimedia contents anytime. In addition, with the change of existing one-way service to two-way service, the provider can offer efficient and useful broadcast communication. However, As multimedia contents is provided by STB, it can validate only end-node STB. Thus, this method is limiting possibilities of individual service. Also, providers' STB are different, so problem of compatibility is emerging as an issue. Therefore, in this paper we proposed STB virtualization based enhanced IPTV user authentication system to improve individual authentication and compatibility of services.
Hash chain based Group Key Management Mechanism for Smart Grid Environments
Eun, Sun-Ki ; Oh, Soo-Hyun ;
Journal of the Korea Institute of Information Security and Cryptology, volume 21, issue 4, 2011, Pages 149~160
Smart Grid is the next-generation intelligent power grid that maximizes energy efficiency with the convergence of IT technologies and the existing power grid. It enables consumers to check power rates in real time for active power consumption. It also enables suppliers to measure their expected power generation load, which stabilizes the operation of the power system. However, there are high possibility that various kinds of security threats such as data exposure, data theft, and privacy invasion may occur in interactive communication with intelligent devices. Therefore, to establish a secure environment for responding to such security threat with the smart grid, the key management technique, which is the core of the development of a security mechanism, is required. Using a hash chain, this paper suggests a group key management mechanism that is efficiently applicable to the smart grid environment with its hierarchical structure, and analyzes the security and efficiency of the suggested group key management mechanism.
CRL Distribution Method based on the T-DMB Data Service for Vehicular Networks
Kim, Hyun-Gon ;
Journal of the Korea Institute of Information Security and Cryptology, volume 21, issue 4, 2011, Pages 161~169
There is a consensus in the field of vehicular network security that public key cryptography should be used to secure communications. A certificate revocation list (CRL) should be distributed quickly to all the vehicles in the network to protect them from malicious users and malfunctioning equipment as well as to increase the overall security and safety of vehicular networks. Thus, a major challenge in vehicular networks is how to efficiently distribute CRLs. This paper proposes a CRL distribution method aided by terrestrial digital multimedia broadcasting (T-DMB). By using T-DMB data broadcasting channels as alternative communication channels, the proposed method can broaden the network coverage, achieve real-time delivery, and enhance transmission reliability. Even if roadside units are not deployed or only sparsely deployed, vehicles can obtain recent CRLs from the T-DMB infrastructure. A new transport protocol expert group (TPEG) CRL application was also designed for the purpose of broadcasting CRLs over the T-DMB infrastructure.