Go to the main menu
Skip to content
Go to bottom
REFERENCE LINKING PLATFORM OF KOREA S&T JOURNALS
> Journal Vol & Issue
Journal of the Korea Institute of Information Security and Cryptology
Journal Basic Information
Journal DOI :
Korea Institutes of Information Security and Cryptology
Editor in Chief :
Volume & Issues
Volume 21, Issue 6 - Dec 2011
Volume 21, Issue 5 - Oct 2011
Volume 21, Issue 4 - Aug 2011
Volume 21, Issue 3 - Jun 2011
Volume 21, Issue 2 - Apr 2011
Volume 21, Issue 1 - Feb 2011
Selecting the target year
Faster MapToPoint over
for Pairing-based Cryptosystems
Park, Young-Ho ; Cho, Young-In ; Chang, Nam-Su ;
Journal of the Korea Institute of Information Security and Cryptology, volume 21, issue 6, 2011, Pages 3~12
A hashing function that maps arbitrary messages directly onto curve points (MapToPoint) has non-negligible complexity in pairing-based cryptosystems. Unlike elliptic curve cryptosystems, pairing-based cryptosystems require the hashing function in ternary fields. Barreto et al. observed that it is more advantageous to hash the message to an ordinate instead of an abscissa. So, they significantly improved the hashing function by using a matrix with coefficients of the abscissa. In this paper, we improve the method of Barreto et al. by reducing the matrix. Our method requires only 44% memory of the previous result. Moreover we can hash a message onto a curve point 2~3 times faster than Barreto's Method.
Implementation and Verification of the Image Encryption Scheme for Industrial Digital Image Security
Hong, Young-Sik ; Chung, Jang-Young ;
Journal of the Korea Institute of Information Security and Cryptology, volume 21, issue 6, 2011, Pages 13~20
Nowadays, digital-images are widely used at Web, industrial and medical applications. There have been many studies on online and Web copyright. But there are a few studies on industrial digital-image. In this paper, we propose the image encryption scheme for digital image in the industrial film. We implement and verify the proposed digital image encryption scheme for prevention of industrial secrets and intellectual property right outflow.
Reduced RSU-dependency Authentication Protocol to Enhance Vehicle Privacy in VANET
Rhim, Won-Woo ; Kim, Jong-Sik ; Kim, Sang-Jin ; Oh, Hee-Kuck ;
Journal of the Korea Institute of Information Security and Cryptology, volume 21, issue 6, 2011, Pages 21~34
VANET offers variety of services to allow safe and comfortable driving through V2V and V2I communications in transportation systems. To use these services, safe and reliable V2V and V2I communications must be guaranteed. In this regards, many RSU-based studies have been carried out to meet certain issues such as: efficiency of frequent communication between RSU and vehicles, security of stored information in RSU, and invasion on vehicle's privacy. In this paper, a scheme is proposed to reduce the dependency on RSU and to enhance the vehicle privacy by using signature-based authentication protocol. The proposed protocol is more efficient than existing protocol with group signature, and satisfies all the requirements of VANET.
Truncated Differential Cryptanalysis on PP-1/64-128
Hong, Yong-Pyo ; Lee, Yus-Sop ; Jeong, Ki-Tae ; Sung, Jae-Chul ; Hong, Seok-Hie ;
Journal of the Korea Institute of Information Security and Cryptology, volume 21, issue 6, 2011, Pages 35~44
The PP-1/64-128 block cipher support variety data block and secret key size. Also, it is suitable for hardware implementation and can much easier to apply Concurrent Error Detection(CED) for cryptographic chips compared to other block ciphers, because it has same encryption and decryption process. In this paper, we proposed truncated differential cryptanalysis of PP-1/64-128. the attack on PP-1/64-128 block cipher requires
bytes memory spaces and
PP-1/64-128 encryption to retrieve secret key. This is the best result of currently known PP-1/64-128 differential cryptanalysis.
Recovery Techniques for Deleted Email Items in Email Client
Jeong, Cho-Rong ; Lee, Keun-Gi ; Lee, Sang-Jin ;
Journal of the Korea Institute of Information Security and Cryptology, volume 21, issue 6, 2011, Pages 45~54
Corporations use e-mail as their primary method for internal communication and business processes. By their nature, the e-mails are in general used for major business processes that contain large amounts of business information. When there is a critical event, such as Technology leakage, an e-mail message can become important evidence. However, as there is a high likelihood that a suspect will intentionally erase an e-mail message, the ability to recover deleted e-mail is very important. This pater analyzes the deleted e-mail item structure in files of various e-mail clients, and explains the possibility and methods of recovery.
Digital Forensic Methodology of IaaS Cloud Computing Service
Jeong, Il-Hoon ; Oh, Jung-Hoon ; Park, Jung-Heum ; Lee, Sang-Jin ;
Journal of the Korea Institute of Information Security and Cryptology, volume 21, issue 6, 2011, Pages 55~65
Recently, use of cloud computing service is dramatically increasing due to wired and wireless communications network diffusion in a field of high performance Internet technique. Cloud computing is a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction. In a view of digital forensic investigation, it is difficult to obtain data from cloud computing service environments. therefore, this paper suggests analysis method of AWS(Amazon Web Service) and Rackspace which take most part in cloud computing service where IaaS formats presented for data acquisition in order to get an evidence.
Risk Analysis and Monitoring Model of Urban SCADA Network Infrastructure
Kim, Wan-Jib ; Lee, Kyung-Ho ; Kim, Huy-Kang ; Youm, Heung-Youl ;
Journal of the Korea Institute of Information Security and Cryptology, volume 21, issue 6, 2011, Pages 67~81
In recently years, there are cyber-weapon aim to national infrastructure such as 'stuxnet'. Security experts of the world are paying attention to this phenomenon. The networks which controls traffic, subway, waterworks of the city are safe from threats such as computer virus, malware, because the networks were built on closed-networks. However, it's about time to develop countermeasure for the cyber-weapon. In this paper, we review status-quo of the control systems for metropolitan infrastructure and analyze the risk of industrial control system in SCADA(Supervisory Control And Data Acquisition) network. Finally, we propose a security model for control systems of metropolitan infrastructure.
A study on the vulnerability of OTP implementation by using MITM attack and reverse engineering
Kang, Byung-Tak ; Kim, Huy-Kang ;
Journal of the Korea Institute of Information Security and Cryptology, volume 21, issue 6, 2011, Pages 83~99
OTP (One Time Password) is widely used for protecting accounts on Internet banking, portal services and online game services in Korea. OTP is very strong method for enforcing account security but there are several ways for exploiting vulnerabilities caused by implementation errors. These attacks can work because of the weakness from OTP enabled system's vulnerabilities, not for OTP's algorithm itself. In this paper, we present the known attack scenarios such as MITM (Man-in-the-Middle) attack and various reverse engineering techniques; also, we show the test result of the attacks and countermeasures for these attacks.
Analysis on a Turnover Process of Information Security Professionals
Kim, Tae-Sung ; Kim, Kil-Hwan ;
Journal of the Korea Institute of Information Security and Cryptology, volume 21, issue 6, 2011, Pages 101~108
The turnover rate of information security professionals in Korea is over 10% and turnover into non-information security fields accounts for over 50% of all the turnovers . It is not only important to recruit a new quality workforce, but also to make the current workforce perform satisfactorily, to improve their performance, and eventually to attain information security objectives. This study proposes a Markov chain model for the turnover process of information security professionals and forecasts the job duty composition of information security professionals. The results of this study can be applied to secure the justification of government policies for the promotion of information security professionals.
A Protection Profile for E-Document Issuing System
Lee, Hyun-Jung ; Won, Dong-Ho ;
Journal of the Korea Institute of Information Security and Cryptology, volume 21, issue 6, 2011, Pages 109~117
We can use document issuance services provided by a school, bank, hospital, company, etc. either by visiting those facilities or by simply visiting their Web sites. Services available through the Internet allow us to use the same services as we do by actually going to those facilities at home or office any time. As much as it saves us time and money, there also arises a problem of information being forged on the Internet or on a printed document. There has to be security functions to deal with the problem. This paper intends to think of the possible security threats and draw out the necessary security functions that an on-line document issuance system should have based on the CC v3.1, so that anyone can use it as reference when they evaluate or introduce the system.
Countermeasures and Mobile Terminal Threats to harm the Financial Market Soundness(focusing on the Financial Investment Companies)
Yoo, Kil-Sang ; Park, Tae-Hyoung ; Lim, Jong-In ;
Journal of the Korea Institute of Information Security and Cryptology, volume 21, issue 6, 2011, Pages 119~132
Mobile devices such as smart phones have brought big changes to be called as 'mobile big bang' against which we can't go. Mobile banking service and MTS(Mobile Trading System) are freely available at any time, anywhere and we are able to activate communications between financial company staffs out of the office and take care of business works even remotely by using mobile devices. Mobile devices are approaching as 'smart mobile innovation' to improve an enterprise productivity and competitiveness, but threats which engaged in unfair trading behaviors or unwholesome business works in finance companies are increasing and the customer's information can be leaked out by using the nonpublic official information and mobile devices. Therefore, we have to analyze the potential problems and take the necessary countermeasures with preemptive steps to protect the customer's information and improve the financial trading soundness and fairness. In this paper, we would like to suggest countermeasures and threats against using the financial company's mobile devices focusing on the financial investment companies by 'Capital Market and Financial Investment Business Act'.
Design of Improved Strong Password Authentication Scheme to Secure on Replay Attack
Kim, Jun-Sub ; Kwak, Jin ;
Journal of the Korea Institute of Information Security and Cryptology, volume 21, issue 6, 2011, Pages 133~140
Password-based authentication is the protocol that two entities share a password in advance and use the password as the basic of authentication. Password authentication schemes are divided into weak-password and strong-password authentication scheme. SPAS protocol, one of the strong-password authentication scheme, was proposed for secure against DoS attack. However it has vulnerability of the replay attack. In this paper, we analyze the vulnerability to the replay attack in SPAS protocol. Then we also propose an Improved-Strong Password Authentication Scheme (I-SPAS) with secure against the replay attack.
Object Tracking Framework of Video Surveillance System based on Non-overlapping Multi-camera
Han, Min-Ho ; Park, Su-Wan ; Han, Jong-Wook ;
Journal of the Korea Institute of Information Security and Cryptology, volume 21, issue 6, 2011, Pages 141~152
Growing efforts and interests of security techniques in a diverse surveillance environment, the intelligent surveillance system, which is capable of automatically detecting and tracking target objects in multi-cameras environment, is actively developing in a security community. In this paper, we propose an effective visual surveillance system that is avaliable to track objects continuously in multiple non-overlapped cameras. The proposed object tracking scheme consists of object tracking module and tracking management module, which are based on hand-off scheme and protocol. The object tracking module, runs on IP camera, provides object tracking information generation, object tracking information distribution and similarity comparison function. On the other hand, the tracking management module, runs on video control server, provides realtime object tracking reception, object tracking information retrieval and IP camera control functions. The proposed object tracking scheme allows comprehensive framework that can be used in a diverse range of application, because it doesn't rely on the particular surveillance system or object tracking techniques.
The Analysis of Face Recognition Rate according to Distance and Interpolation using PCA in Surveillance System
Moon, Hae-Min ; Kwak, Keun-Chang ; Pan, Sung-Bum ;
Journal of the Korea Institute of Information Security and Cryptology, volume 21, issue 6, 2011, Pages 153~160
Recently, the use of security surveillance system including CCTV is increasing due to the increase of terrors and crimes. At the same time, interest of face recognition at a distance using surveillance cameras has been increasing. Accordingly, we analyzed the performance of face recognition according to distance using PCA-based face recognition and interpolation. In this paper, we used Nearest, Bilinear, Bicubic, Lanczos3 interpolations to interpolate face image. As a result, we confirmed that existing interpolation have an few effect on performance of PCA-based face recognition and performance of PCA-based face recognition is improved by including face image according to distance in traning data.
Multicore Processor based Parallel SVM for Video Surveillance System
Kim, Hee-Gon ; Lee, Sung-Ju ; Chung, Yong-Wha ; Park, Dai-Hee ; Lee, Han-Sung ;
Journal of the Korea Institute of Information Security and Cryptology, volume 21, issue 6, 2011, Pages 161~169
Recent intelligent video surveillance system asks for development of more advanced technology for analysis and recognition of video data. Especially, machine learning algorithm such as Support Vector Machine (SVM) is used in order to recognize objects in video. Because SVM training demands massive amount of computation, parallel processing technique is necessary to reduce the execution time effectively. In this paper, we propose a parallel processing method of SVM training with a multi-core processor. The results of parallel SVM on a 4-core processor show that our proposed method can reduce the execution time of the sequential training by a factor of 2.5.
Loitering Behavior Detection Using Shadow Removal and Chromaticity Histogram Matching
Park, Eun-Soo ; Lee, Hyung-Ho ; Yun, Myoung-Kyu ; Kim, Min-Gyu ; Kwak, Jong-Hoon ; Kim, Hak-Il ;
Journal of the Korea Institute of Information Security and Cryptology, volume 21, issue 6, 2011, Pages 171~181
Proposed in this paper is the intelligent video surveillance system to effectively detect multiple loitering objects even that disappear from the out of camera's field of view and later return to a target zone. After the background and foreground are segmented using Gaussian mixture model and shadows are removed, the objects returning to the target zone is recognized using the chromaticity histogram and the duration of loitering is preserved. For more accurate measurement of the loitering behavior, the camera calibration is also applied to map the image plane to the real-world ground. Hence, the loitering behavior can be detected by considering the time duration of the object's existence in the real-world space. The experiment was performed using loitering video and all of the loitering behaviors are accurately detected.
Abnormal Crowd Behavior Detection via H.264 Compression and SVDD in Video Surveillance System
Oh, Seung-Geun ; Lee, Jong-Uk ; Chung, Yongw-Ha ; Park, Dai-Hee ;
Journal of the Korea Institute of Information Security and Cryptology, volume 21, issue 6, 2011, Pages 183~190
In this paper, we propose a prototype system for abnormal sound detection and identification which detects and recognizes the abnormal situations by means of analyzing audio information coming in real time from CCTV cameras under surveillance environment. The proposed system is composed of two layers: The first layer is an one-class support vector machine, i.e., support vector data description (SVDD) that performs rapid detection of abnormal situations and alerts to the manager. The second layer classifies the detected abnormal sound into predefined class such as 'gun', 'scream', 'siren', 'crash', 'bomb' via a sparse representation classifier (SRC) to cope with emergency situations. The proposed system is designed in a hierarchical manner via a mixture of SVDD and SRC, which has desired characteristics as follows: 1) By fast detecting abnormal sound using SVDD trained with only normal sound, it does not perform the unnecessary classification for normal sound. 2) It ensures a reliable system performance via a SRC that has been successfully applied in the field of face recognition. 3) With the intrinsic incremental learning capability of SRC, it can actively adapt itself to the change of a sound database. The experimental results with the qualitative analysis illustrate the efficiency of the proposed method.