Go to the main menu
Skip to content
Go to bottom
REFERENCE LINKING PLATFORM OF KOREA S&T JOURNALS
> Journal Vol & Issue
Journal of the Korea Institute of Information Security and Cryptology
Journal Basic Information
Journal DOI :
Korea Institutes of Information Security and Cryptology
Editor in Chief :
Volume & Issues
Volume 7, Issue 4 - Dec 1997
Volume 7, Issue 3 - Sep 1997
Volume 7, Issue 2 - Jun 1997
Volume 7, Issue 1 - Mar 1997
Selecting the target year
Managing the Heterogeneous File System for Anti-Virus
Kim, Kyung-Su ; Han, Seung-Jo ; Kim, Pan-Koo ;
Journal of the Korea Institute of Information Security and Cryptology, volume 7, issue 3, 1997, Pages 3~10
Computer viruses are increasing in number and are continually intellectualized as well. To cope with this problem, anti-virus tools such as a scanner and the monitoring program have been developed. But it is not guaranteed that these softwares will work in safety under MS-DOS' control. If the virus is run first, it can avoid the monitoring of anti-virus software or even can attack the anti-virus software. Therefore, anti-virus programs should be run before the system is infected. This paper presents a new PC starting mechanism which allows the PC system to start from a clean state after booting. For this mechanism, we build a new disk file system different from DOS' file system, and manage the two file systems heterogeneously. Our system is strong against boot viruses and recovers from infections automatically.
Binary Sequence Generator with a Large Number of Output Sequences
Journal of the Korea Institute of Information Security and Cryptology, volume 7, issue 3, 1997, Pages 11~22
The number of output sequence was proposed as a characteristic of binary sequence generators for cryptographic application, but in general most of binary sequence generators have single number of output sequence. In this paper, we propose two types of binary sequence generators with a large number of output sequences. The first one is a Switched-Tap LFSR (STLFSR) and it applies to the generalized nonlinear function and the Geffe's generator as example. The other is a generalized memory sequence generator(GMEM-BSG) which is an improved version of the Golic's memory sequence generator (MEM-BSG) with a large number of output sequences, and its period, linear complexity, and the number of output sequence are derived.
Zkimi : Integrated Security Analysis Tool for UNIX Systems
Journal of the Korea Institute of Information Security and Cryptology, volume 7, issue 3, 1997, Pages 23~40
There are a lot of security tools for the investigation and improvement of UNIX systems. However, most of them fail to provide a consistent and usable user interface. In addition, they concentrate on a specific aspect of a system, not the whole one. For the overall management, system administrators cannot help using several uncomfortable tools. This paper introduces an integrated security analysis tool, named "Zkimi", which provides a convenient user interface and investigates the various aspects of UNIX systems such as account security, system security, network security, and file system integrity. The Zkimi supports user-friendly WWW based interface, so administrators can examine the various aspects of system more easily. We tried the tool for a system of a moderate size, and were confirmed that the tool is very efficient for investigating various security aspects of a system. a system.
Analysis and Enhancement of Zhou-Gollmann's Non-repudiation Protocol
Journal of the Korea Institute of Information Security and Cryptology, volume 7, issue 3, 1997, Pages 41~52
In this paper, we analyze two claws of Zhou-Gollmann's protocol. The protocol divide the message into a key K and a ciphertext C. The ciphertext C is delivered to the recipient, but the key K is submitted to the TTP, after the message originator receive the recipient's receipt for the ciphertext. TTP puts the key in the directory which is accesaible to the public. So, the recipient's obtaining the message dependson whether the originator submits the key or not. We will show that the originator. which is in such an advantageous position, could make the protocol be unfair and present how to improve the protocol. On the other hand, Zhou-Gollmann's protocol doesn't provide the secrecy of the message, since the key K is published. This means that, to send a secret message, additional mechanism is required. In this paper, we will present an improvement of Zhou-Gollmann's protocol to keep the message secret. The key distribution of the proposed protocol is based on the Diffie-Hellman's one.
A ZS Synchronization Algorithm for the Security of T1 Carrier System
Journal of the Korea Institute of Information Security and Cryptology, volume 7, issue 3, 1997, Pages 53~64
When we apply a synchronous stream cipher to the T1 carrier system, it can occur long consecutive 0's(or 1's) sequences in the received data. In this case, it is difficult to recover receiver clock and violates a communication protocol. This paper proposes block detection and serial detection method which suppress 0's sequences of more than k(
2) of the stream ciphertext in the T1 carrier system. These ZS methods keep security level and solve problems of stream synchronization.
A Robust DES-like cryptographic algorithm against Differential Cryptanalysis
Journal of the Korea Institute of Information Security and Cryptology, volume 7, issue 3, 1997, Pages 65~78
Due to the cryptographic functional structure including the S-box, DES is not robust against differential cryptoanalysis (DC). Therefore, to increase the security against DC, we have to redesign the S-box or modify DES algorithm to decrease the probability for the N-1 round characteristics. However, it has been shown that a new design for the S-box is not secure enough. Rather, if will be more reliable to devise a modified cryptographic algorithm. In this paper, we propose a modified DES algorithm to decrease the probability of N-1 round characteristics to be robust against DC. According to our comparative study, the proposed algorithm is shown to be more robust against the DC than DES.
Development of a Formal Access Control Model in CORBA Security using the Z Language
Journal of the Korea Institute of Information Security and Cryptology, volume 7, issue 3, 1997, Pages 79~94
OMG (Object Management Group) published a security service specification, called CORBA (Common Object Request Broker Architecture) security reference model because the integration of security and object-oriented techniques was critical for successful deployment of distributed object systems. The CORBA security reference model treats access control as an implementation independent semantic concept but has incomplete semantics of the access control function. Because of such imcompleteness it is difficult for the system administrator and the CORBA security implementor to have the same understanding for the meaning of access control in the CORBA security. We propose a formal model for access control the CORBA security using the formal description language, which is called Z language based on typed set theory. The proposed model provides concrete semantics of the access control function to both the system administrator and the implementor.
Interactive Authentications in Distributed Systems
Journal of the Korea Institute of Information Security and Cryptology, volume 7, issue 3, 1997, Pages 95~104
In this paper, we introduce Kerberos and Yaksha of an authentication scheme and propose an effectively interactive authentication scheme which improved on Kerberos and Yaksha with the public key cryptosystem in distributed systems. Also, we compare and analyse a representative Kerberos and Yakaha authentication scheme with it.
An Analysis of the Secret Routing Algorithm for Secure Communications
Yongkeun Bae ; Ilyong Chung ;
Journal of the Korea Institute of Information Security and Cryptology, volume 7, issue 3, 1997, Pages 105~116
Routing security is related to the confidentiality of the route taken by the data transmitted over the network. If the route is detected by the adversary, the probability is higher that the data are lost or the data can be intercepted by the adversary. Therefore, the route must be protected. To accomplish this, we select an intermediate node secretly and transmit the data using this intermediate node, instead of sending the data to the destination node using the shortest path. Furthermore, if we use a number of secret routes from the starting node to the destination node, data security is much stronger since we can transmit partial data rather than the entire data along a secret route. In this paper, the routing algorithm for multiple secret paths on MRNS(Mixed Radix Number System) Network, which requires O(1) for the time complexity where is the number of links on a node, is presented employing the HCLS(Hamiltonian Circuit Latin Square) and is analyzed in terms of entropy.
A Design of MHS Access Control Policy for Preventing Cascade Vulnerability
Journal of the Korea Institute of Information Security and Cryptology, volume 7, issue 3, 1997, Pages 117~128
When computer systems with mandatory access control mechanism are interconnected each other for enforcing the MHS(Message Handling System) security on the multilevel secure distributed network environment, illegal information flow may occurs due to the unexpected cascade vulnerability problem. In this paper, new MHS security policy and security property functions are proposed for preventing the cascade vulnerability.