Go to the main menu
Skip to content
Go to bottom
REFERENCE LINKING PLATFORM OF KOREA S&T JOURNALS
> Journal Vol & Issue
Journal of the Korea Institute of Information Security and Cryptology
Journal Basic Information
Journal DOI :
Korea Institutes of Information Security and Cryptology
Editor in Chief :
Volume & Issues
Volume 22, Issue 6 - Dec 2012
Volume 22, Issue 5 - Oct 2012
Volume 22, Issue 4 - Aug 2012
Volume 22, Issue 3 - Jun 2012
Volume 22, Issue 2 - Apr 2012
Volume 22, Issue 1 - Feb 2012
Selecting the target year
Security Analysis on Digital Signature Function Implemented in Electronic Documents Software
Park, Sunwoo ; Lee, Changbin ; Lee, Kwangwoo ; Kim, Jeeyeon ; Lee, Youngsook ; Won, Dongho ;
Journal of the Korea Institute of Information Security and Cryptology, volume 22, issue 5, 2012, Pages 945~957
Electronic documents have characteristics that detecting whether an electronic document is modified or not is not an easy process. Thus verifying integrity of documents is very important for using electronic documents. To facilitate this process, various electronic document software provide digital signature capabilities on themselves. However, there were not much research on the security of digital signature function of software. Therefore, in this paper, we analyze the security of Adobe PDF, MS Word, Hancom Hangul, digital notary service and digital year-end-settlement service, and propose recommendations for implementation of digital signature funcion.
Study of Local Linkability based on Modified Linear Encryption in Group Signature Schemes
Kang, Jeonil ; Kim, Kitae ; Nyang, DaeHun ; Lee, KyungHee ;
Journal of the Korea Institute of Information Security and Cryptology, volume 22, issue 5, 2012, Pages 959~974
Group signature schemes were made for serving anonymities of signers, but the group signature schemes have been seldomly adapted to the real-world applications because of their low computation and space (i.e. signature length) efficiency, complicated construction, limited user management, and so on. Kang, Hwang, etc. performed the study about the local linkability that is for helping group signature schemes to be adapted more easily to the real world. In this paper, we investigate the nature of local linkability, which did not deal with well in the previous studies, in detail and perform the formal proof for the security of special entities who hold the local linkability.
Exception Management of Well-behaved Users in Group Signature Schemes based on Linear Encryption
Kang, Jeonil ; Nyang, DaeHun ; Lee, KyungHee ;
Journal of the Korea Institute of Information Security and Cryptology, volume 22, issue 5, 2012, Pages 975~985
Open and Judge in group signature schemes can be brought into the management of misbehaving users. Unfortunately, when Open and Judge of a certain group signature are used into another group signature that adopts the same linear encryption, they are not suitable for processing exceptions due to well-behaved users. In this paper, for all group signatures based on the linear encryption, we propose and discuss new Open and Judge that are suitable for processing exceptions due to well-behaved users.
Software integrity verification method in POS system
Cho, Sung-A ; Kim, Sung Hoon ; Lee, Dong Hoon ;
Journal of the Korea Institute of Information Security and Cryptology, volume 22, issue 5, 2012, Pages 987~997
A Point-of-Sales (POS) terminal manages the selling process by a salesperson accessible interface in real time. Using a POS system makes a business and customer management much more efficient. For these reasons, many store install POS terminal and used it. But it has many problem that stealing personal information by hacking and insider corruption. Because POS system stored payment information like that sales information, card valid period, and password. In this paper, I proposed software integrity verification technique in POS system based on White list. This method can prevent accidents that personal information leak by hacking and POS system forge and falsification. This proposed method provides software integrity, so it can prevent inside and outside threats in advance.
Research on Multi-precision Multiplication for Public Key Cryptography over Embedded Devices
Seo, Hwajeong ; Kim, Howon ;
Journal of the Korea Institute of Information Security and Cryptology, volume 22, issue 5, 2012, Pages 999~1007
Multi-precision multiplication over public key cryptography should be considered for performance enhancement due to its computational complexity. Particularly, embedded device is not suitable to execute high complex computation, public key cryptography, because of its limited computational power and capacity. To overcome this flaw, research on multi-precision multiplication with fast computation and small capacity is actively being conducted. In the paper, we explore the cutting-edge technology of multi-precision multiplication for efficient implementation of public key cryptography over sensor network. This survey report will be used for further research on implementation of public key cryptography over sensor network.
A Secure AES Implementation Method Resistant to Fault Injection Attack Using Differential Property Between Input and Output
Park, Jeong-Soo ; Choi, Yong-Je ; Choi, Doo-Ho ; Ha, Jae-Cheol ;
Journal of the Korea Institute of Information Security and Cryptology, volume 22, issue 5, 2012, Pages 1009~1017
The fault injection attack has been developed to extract the secret key which is embedded in a crypto module by injecting errors during the encryption process. Especially, an attacker can find master key of AES using injection of just one byte. In this paper, we proposed a countermeasure resistant to the these fault attacks by checking the differences between input and output. Using computer simulation, we also verified that the proposed AES implementation resistant to fault attack shows better fault detection ratio than previous other methods and has small computational overheads.
A fault attack on elliptic curve scalar multiplication based on Euclidean Addition Chain
Lee, Soo Jeong ; Cho, Sung Min ; Hong, Seokhie ;
Journal of the Korea Institute of Information Security and Cryptology, volume 22, issue 5, 2012, Pages 1019~1025
Fault attacks manipulate the computation of an algorithm and get information about the private key from the erroneous result. It is the most powerful attack for the cryptographic device. Currently, the research on error detection methods and fault attacks have been studied actively. S. Pontarelli et al. introduced an error detection method in 2009. It can detect an error that occurs during Elliptic Curve Scalar Multiplication (ECSM). In this paper, we present a new fault attack. Our attack can avoid the error detection method introduced by S. Pontarelli et al. We inject a bit flip error in the Euclidean Addition Chain (EAC) on the private key in ECSM and retrieve the private key.
An Analysis of the Security Threats and Security Requirements for Electric Vehicle Charging Infrastructure
Kang, Seong-Ku ; Seo, Jung-Taek ;
Journal of the Korea Institute of Information Security and Cryptology, volume 22, issue 5, 2012, Pages 1027~1037
With response to the critical issue of global warming, Smart Grid system has been extensively investigated as next efficient power grid system. Domestically, Korean is trying to expand the usage of Electric Vehicles (EVs) and the charging infrastructure in order to replace the current transportation using fossil fuels holding 20% of overall CO2 emission. The EVs charging infrastructures are combined with IT technologies to build intelligent environments but have considerable number of cyber security issues because of its inherent nature of the technologies. This work not only provides logical architecture of EV charging infrastructures with security threats based on them but also analyses security requirements against security threats in order to overcome the adversarial activities to Smart Grid.
A Study on National Cyber Capability Assessment Methodology
Kang, JungMin ; Hwang, HyunUk ; Lee, JongMoon ; Yun, YoungTae ; Bae, ByungChul ; Jung, SoonYoung ;
Journal of the Korea Institute of Information Security and Cryptology, volume 22, issue 5, 2012, Pages 1039~1055
It is required for us to enhance the national cyber capability as the worldwide countries have been doing effort to strengthen their cyber capabilities. However, we are encountering the difficulty in estimating national cyber capability due to the absence of any cyber capability assessment methodology. This paper presents the national cyber capability assessment methodology which is used for settle up national cyber policy. We also introduce the result of five major nations(US, China, Japan, Russia, Korea)' cyber capability assessment using the proposed methodology. The methodology is developed using open data and includes three areas; base capability, attack capability and defense capability. The assessment result shows the in the order of US, China, Korea, Russia, Japan. As the analysis of that result, in order to enhance the our cyber capability, we recommend that first, cyber budget and human resources for the base capability should be more invested, second, the strategy for attack capability enhancement is strongly required and lastly, the patch ratio and security monitoring level should be upgraded.
A Message Authentication and Key Distribution Mechanism Secure Against CAN bus Attack
Cho, A-Ram ; Jo, Hyo Jin ; Woo, Samuel ; Son, Young Dong ; Lee, Dong Hoon ;
Journal of the Korea Institute of Information Security and Cryptology, volume 22, issue 5, 2012, Pages 1057~1068
According to advance on vehicle technology, many kinds of ECU(Electronic Control Unit) are equipped inside the vehicle. In-vehicle communication among ECUs is performed through CAN(Controller Area Networks). CAN have high reliability. However, it has many vulnerabilities because there is not any security mechanism for CAN. Recently, many papers proposed attacks of in-vehicle communication by using these vulnerabilities. In this paper, we propose an wireless attack model using a mobile radio communication network. We propose a secure authentication mechanism for in-vehicle network communication that assure confidentiality and integrity of data packets and also protect in-vehicle communication from the replay attack.
A detection mechanism for Jump-Oriented Programming at binary level
Kim, Ju-Hyuk ; Lee, Yo-Ram ; Oh, Soo-Hyun ;
Journal of the Korea Institute of Information Security and Cryptology, volume 22, issue 5, 2012, Pages 1069~1078
It is known that memory has been frequently a target threatening the computer system's security while attacks on the system utilizing the memory's weakness are actually increasing. Accordingly, various memory protection mechanisms have been studied on OS while new attack techniques bypassing the protection systems have been developed. Especially, buffer overflow attacks have been developed as attacks of Return to Library or Return-Oriented Programing and recently, a technique bypassing the countermeasure against Return-Oriented Programming proposed. Therefore, this paper is intended to suggest a detection mechanism at binary level by analyzing the procedure and features of Jump-Oriented Programming. In addition, we have implemented the proposed detection mechanism and experimented it may efficiently detect Jump-Oriented Programming attack.
Automated Attack Path Enumeration Method based on System Vulnerabilities Analysis
Kim, Ji Hong ; Kim, Huy Kang ;
Journal of the Korea Institute of Information Security and Cryptology, volume 22, issue 5, 2012, Pages 1079~1090
As the number of information asset and their vulnerabilities are increasing, it becomes more difficult for network security administrators to assess security vulnerability of their system and network. There are several researches for vulnerability analysis based on quantitative approach. However, most of them are based on experts' subjective evaluation or they require a lot of manual input for deriving quantitative assessment results. In this paper, we propose HRMS(Hacking and Response Measurement System) for enumerating attack path using automated vulnerability measurement automatically. HRMS can estimate exploitability of systems or applications based on their known vulnerability assessment metric, and enumerate attack path even though system, network and application's information are not fully given for vulnerability assessment. With this proposed method, system administrators can do proactive security vulnerability assessment.
Analysis on Domestic and Foreign Privacy Information Acts to Suggest Directions for Developing Korean Privacy Information Protection Act
You, Han-Na ; Kim, Hyung-Joo ; Lee, Jae-Sik ; Park, Tae-Sung ; Jun, Moon-Seog ;
Journal of the Korea Institute of Information Security and Cryptology, volume 22, issue 5, 2012, Pages 1091~1102
With a recent rapid increase in infringement on privacy information, a need to protect privacy information is called for more than ever. Keeping pace with such concern and demands of the times, Korea has established and executed "Privacy Information Protection Act" on September 30th, 2011. This regulation was enacted from an individually regulated method to a basic regulation that includes public and private institutions. Also, the regulation includes diverse contents for the sake of protecting privacy information by expanding a range of protection subjects and limiting the process of uniquely identifiable information. In this context, the study has suggested a direction for development on Korea's Privacy information Protection Act by taking a look at the status on privacy information protection acts from home and foreign nations and conducting a comparative analysis between domestic and foreign acts.
E-DRM-based Privacy Protection Technology for Overcoming Technical Limitations of DLP-based Solutions
Choi, Jong-Uk ; Lee, Yong-Jin ; Park, Ju-Mi ;
Journal of the Korea Institute of Information Security and Cryptology, volume 22, issue 5, 2012, Pages 1103~1113
DLP technology has been effectively enforcing privacy protection policy in on-line computing environment. However, with wide spread use of smart devices and promotion of smart-works, it has been pointed out that DLP technology cannot effectively prevent privacy leakage at smart devices and is comparatively weak at APT attack. In this paper, we suggests a hybrid approach, PPS, which integrates E-DRM system with DLP technology, taking advantages of both technologies. The technology basically uses encryption function and access control of E-DRM system, and thus it can effectively prevent leakage of privacy information of customers, even if the documents are in the hands of malicious third parties.
Factor analysis of VoIP Security Checklists using AHP
Yoon, Seokung ; Park, Haeryong ; Yoo, Hyeong Seon ;
Journal of the Korea Institute of Information Security and Cryptology, volume 22, issue 5, 2012, Pages 1115~1122
VoIP service is steadily growing due to the spread of smartphones, enhanced network, and various VoIP applications. But, VoIP has many security vulnerabilities because it is based on IP network. This paper analyzes the important weight of VoIP security checklists for incident prevention and response using AHP. The results of AHP analysis showed that network security, incident response, and access control were the most important in technical, administrative, physical standpoint. This study proposes factor analysis of VoIP security checklist at first time. By doing this, it will be used helpfully when VoIP service providers establish their own security policies and inspect their VoIP environment according to their security policies.
The effects of the operation of an information security management system on the performance of information security
Jang, Sang-Soo ; Lee, Sang-Joon ; Noh, Bong-Nam ;
Journal of the Korea Institute of Information Security and Cryptology, volume 22, issue 5, 2012, Pages 1123~1132
Many domestic organizations are introducing and operating various information security management systems capable of coping with technical, administrative, and legal issues comprehensively and systematically, in order to prevent various infringement incidents such as personal information disclosure and hacking preemptively and actively. However, empirical analyses regarding the extent to which an information security management system contributes to information security performance have not been fully conducted, even though enterprises and organizations are actively introducing such systems in order to achieve their information security objectives as a part of their organizational management activities in line with their respective business, by investing considerable effort and resources in developing and operating these systems. This approach can be used to apply, develop, and operate the information management system actively within an organization. this study focused on analyzing how each specific phase of the information security management system affects information security performance, compared with previous studies, which generally focus on the information security control item in analyzing information security performance. The information security management system was analyzed empirically to determine how the Security PCDA cycling model affects information security performance.
A Study on development of evaluation indicators on the Managed Security Service(MSS)
Lee, Hyundo ; Lee, Sangjin ;
Journal of the Korea Institute of Information Security and Cryptology, volume 22, issue 5, 2012, Pages 1133~1143
Currently, Many Cyber Security Centers(CSC) are established and being operated in our country. But, in the absence of indicators to evaluate activities of the Managed Security Service(MSS), We can't identify the CSC's level of overall job performance. Therefore, we can't derive strengths and weaknesses from the CSC. From these reasons, The purpose of this research is to develop an objective indicator to evaluate activities of the MSS. I studied both international and domestic Information Security Management System(ISMS) as related standards(ISO/IEC 27001, G-ISMS). Moreover, I analysed the NIST Computer Security Incident Handing Guide and the Incident Management Capability Metrics(IMCM) of Carnegie Mellon Software Engineering Institute(SEI). The implications for this analysis and domestic hands-on experience are reflected in the research. So I developed 10 evaluation domains and 62 detail evaluation items. This research will contribute to our understanding the level of the CSC's job performance.
Analysis of Usage Patterns and Security Vulnerabilities in Android Permissions and Broadcast Intent Mechanism
Kim, Young-Dong ; Kim, Ikhwan ; Kim, Taehyoun ;
Journal of the Korea Institute of Information Security and Cryptology, volume 22, issue 5, 2012, Pages 1145~1157
Google Android employs a security model based on application permissions to control accesses to system resources and components of other applications from a potentially malicious program. But, this model has security vulnerabilities due to lack of user comprehension and excessive permission requests by 3rd party applications. Broadcast intent message is widely used as a primary means of communication among internal application components. However, this mechanism has also potential security problems because it has no security policy related with it. In this paper, we first present security breach scenarios caused by inappropriate use of application permissions and broadcast intent messages. We then analyze and compare usage patterns of application permissions and broadcast intent message for popular applications on Android market and malwares, respectively. The analysis results show that there exists a characteristic set for application permissions and broadcast intent receiver that are requested by typical malwares. Based on the results, we propose a scheme to detect applications that are suspected as malicious and notify the result to users at installation time.
Precise control flow protection based on source code
Lee, JongHyup ; Kim, Yong Seung ;
Journal of the Korea Institute of Information Security and Cryptology, volume 22, issue 5, 2012, Pages 1159~1168
Control Flow Integrity(CFI) and Control Flow Locking(CFL) prevent unintended execution of software and provide integrity in control flow. Attackers, however, can still hijack program controls since CFI and CFL does not support fine-granularity, context-sensitive protection. In this paper, we propose a new CFI scheme, Source-code CFI(SCFI), to overcome the problems. SCFI provides context-sensitive locking for control flow. Thus, the proposed approach protects software against the attacks on the previous CFI and CFL schemes and improves safety.
An analysis method for complex attack pattern using the coupling metrics
Kwon, Ye-Jin ; Park, Young-Bom ;
Journal of the Korea Institute of Information Security and Cryptology, volume 22, issue 5, 2012, Pages 1169~1178
Recently, since the most software intensive systems are using internet environment for data exchange, the software security is being treated as a big issue. And, to minimize vulnerability of software system, security ensuring steps which are applying secure coding rules, are introduced in the software development process. But, since actual attacks are using a variety of software vulnerabilities, it is hard to analyze software weakness by monotonic analysis. In this paper, it is tried to against the complex attack on the variety of software vulnerability using the coupling which is one of the important characteristic of software. Furthermore, pre-analysis of the complex attack patterns using a combination of various attack methods, is carried out to predict possible attack patterns in the relationship between software modules. And the complex attack pattern analysis method is proposed based on this result.
An Improvement of the Guideline of Secure Software Development for Korea E-Government
Han, Kyung Sook ; Kim, Taehwan ; Han, Ki Young ; Lim, Jae Myung ; Pyo, Changwoo ;
Journal of the Korea Institute of Information Security and Cryptology, volume 22, issue 5, 2012, Pages 1179~1189
We propose an improvement on the Guideline of Secure Software Development for Korea e-Government that is under revision by the Ministry of Public Administration and Security in 2012. We adopted a rule-oriented organization instead shifting from the current weakness-oriented one. The correspondence between the weakness and coding rules is identified. Also, added is the coverage of diagnostic tools over the rules to facilitate the usage by programmers during coding period When the proposed guideline is applied to secure software development, the weakness would be controlled indirectly by enforcing coding rules. Programmers responsibility would be limited to the compliance of the rules, while the current version implies that it is programmers responsibility to guarantee being free from the weakness, which is hard to achieve at reasonable cost.
Threat Analysis based Software Security Testing for preventing the Attacks to Incapacitate Security Features of Information Security Systems
Kim, Dongjin ; Jeong, Youn-Sik ; Yun, Gwangyeul ; Yoo, Haeyoung ; Cho, Seong-Je ; Kim, Giyoun ; Lee, Jinyoung ; Kim, Hong-Geun ; Lee, Taeseung ; Lim, Jae-Myung ; Won, Dongho ;
Journal of the Korea Institute of Information Security and Cryptology, volume 22, issue 5, 2012, Pages 1191~1204
As attackers try to paralyze information security systems, many researchers have investigated security testing to analyze vulnerabilities of information security products. Penetration testing, a critical step in the development of any secure product, is the practice of testing a computer systems to find vulnerabilities that an attacker could exploit. Security testing like penetration testing includes gathering information about the target before the test, identifying possible entry points, attempting to break in and reporting back the findings. Therefore, to obtain maximum generality, re-usability and efficiency is very useful for efficient security testing and vulnerability hunting activities. In this paper, we propose a threat analysis based software security testing technique for evaluating that the security functionality of target products provides the properties of self-protection and non-bypassability in order to respond to attacks to incapacitate or bypass the security features of the target products. We conduct a security threat analysis to identify vulnerabilities and establish a testing strategy according to software modules and security features/functions of the target products after threat analysis to improve re-usability and efficiency of software security testing. The proposed technique consists of threat analysis and classification, selection of right strategy for security testing, and security testing. We demonstrate our technique can systematically evaluate the strength of security systems by analyzing case studies and performing security tests.
Analyzing Secure Coding Initiatives: An Ecosystem Approach
Kim, Sung Kun ; Lee, Jae-Il ;
Journal of the Korea Institute of Information Security and Cryptology, volume 22, issue 5, 2012, Pages 1205~1216
The Korea government has recently announced that secure coding is going to be required when building e-government systems. As its initial effort to enhance the security level of e-government applications, it should be highly valued. In its implementation, however, there are some problematic areas or issues that are expected and need to be supplemented. In this regards, we attempt to analyze the Secure Coding Initiatives and derive some problems using an ecosystem approach. Furthermore, a set of institutional suggestions are made in an effort to get over the problems.