• (The)Study of the Eastern Classic
• /
• no.41
• /
• pp.385-406
• /
• 2010

Lee Byeong-hun was introduced to Hanjuhak when he was taught by Myeonwoo Gwak Jong-seok. It is assumed that Hanjuhak circles had a certain influence on formation of his ideas in that they had liberal tendency at that time. Lee Byeong-hun accepted Geummungyonghak developed by Gang Yu-wee of China and participated in Confucian Science Movement while excluding Confucianism. After he accepted western civilization and the ideas of Gang Yu-wee, no traces of Hanjuhak was found in his writing, but it is assumed that Hanjuhak might work as a nutritious element for his ideas. He thought that religious nature of Confucianism could be revived only when he left Neo-confucianism which changed Confucianism into a philosophy by insisting reason instead of God. So, he respected Confucius as a religious founder and left such concepts as reason and respect which were considered important in Neo-confucianism and valued disposition and faith in "Jungyong", a doctrine of the Mean. He considered Confucianism as religious and joined in religious practices such as praying and reciting scriptures. He insisted that filial piety indicates a filial son of the Heaven when interpreting the following passage: Shun (Chinese leader) is a filial duty, which is assumed that he was influenced by Christianity. He respected Confucius as the only religious founder and God as the God to make Confucianism a religion. It is believed that he considered only Confucius as a founder instead of traditional Confucian sages as religion such as Buddhism and Christianity has one founder. God he thought is related with the God in Christianity and furthermore accepted reincarnation of Buddhism which is contrary to Confucian ideas. According to "Gyeongseol" by Lee Byeong-hun, it was believed that he was engaged in religion based on a faith that Confucianism is a religion rather than he pursued Confucianism as a religion to find out a way of its survival.

• (The)Study of the Eastern Classic
• /
• no.67
• /
• pp.105-128
• /
• 2017

The purpose of the present study is to explore the significance of the Commentaries on Pavilions (樓亭記) from the Sancheong-gun area. To achieve this purpose, the study analyzes the works handed down in Sancheong-eup, Chahwang-myeon, Obu-myeon, and Geumseo-myeon, focusing on the two characteristic themes: the discipline and enlightenment of heart and mind (in Chapter 2) and the succession of integrity and the tradition of ancestor worship (in Chapter 3). The first characteristic theme "the discipline and enlightenment of heart and mind" is explicated in Chapter 2 by reviewing the Commentary on Hwanajeong Pavilion (Hwanajeonggi) written for the namesake building located in Sancheong-ri, Sancheong-eup, and the Commentary on Gyeongjeonjae Pavilion (Gyeongjeonjaegi) in Maechon-ri, Geumseo-myeon. The second theme "the succession of integrity and the tradition of ancestor worship" is examined in Chapter 3 based on the Commentary on Sulgojeongsa Pavilion (Sulgojeongsagi) from Jangwi-ri, Chahwang-myeon, and the Commentary on Maeranjeong Pavilion (Maeranjeonggi) from Yangchon-ri, Obu-myeon.

• (The)Study of the Eastern Classic
• /
• no.34
• /
• pp.133-165
• /
• 2009

'Travelogue to Shenyang(瀋陽日記)' is a documentary literature that Seon Yak-hae (宣若海) who was a military official of Joseon(朝鮮) Dynasty, described matters happened in Shenyang when he visited there as an envoy during early 17th century when Qing(淸) Dynasty and Ming(明) Dynasty coexisted and had diplomatic conflict with Joseon Dynasty. This documentary literature is included in the data collection of China that gathers important historical data of China and has been published and delivered in China, but it hasn't caught attention in Korean academic society. There's another 'Travelogue to Shenyang' which is known in the academic society that is a record of eight years of hostage period of Crown Prince Sohyeon and his group in Shenyang. However, this 'Travelogue to Shenyangl' of Seon Yak-hae is a record of Joseon and other countries' status at that time as well as the Joseon intellectual's activities while visiting Shenyang before the outbreak of the Manchurian Invasion (to Korea) in 1636. Seon Yak-hae who wrote this 'Travelogue to Shenyang' recorded his successful works as an envoy with proud, and showed a unique appearance as a military official and intellect who wanted to observe political and military status of Qing Dynasty secretly and report to his country. Since he was an intellect who had military background, he responded bravely when dealing with diplomatic problem and collected data strategically. He also had the ability as an intellectual official, so he wrote realistic articles and also wrote some poems to express his honest feelings in this peculia Travelogue. Therefore, this ' Travelogue to Shenyang' has both values as a historic records that showed diplomatic status of Joseon in the 17th century and literature records that showed unique spirit to record as an intellect who also had military mind.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.19 no.1
• /
• pp.63-70
• /
• 2009

Recently, in the security token based authentication system, there is an increasing trend of using fingerprint for the token holder verification, instead of passwords. However, the security of the fingerprint data is particularly important as the possible compromise of the data will be permanent. In this paper, we propose an approach for secure fingerprint verification by distributing both the secret and the computation based on the fuzzy vault(a cryptographic construct which has been proposed for crypto-biometric systems). That is, a user fingerprint template which is applied to the fuzzy vault is divided into two parts, and each part is stored into a security token and a server, respectively. At distributing the fingerprint template, we consider both the security level and the verification accuracy. Then, the geometric hashing technique is applied to solve the fingerprint alignment problem, and this computation is also distributed over the combination of the security token and the server in the form of the challenge-response. Finally, the polynomial can be reconstructed from the accumulated real points from both the security token and the server. Based on the experimental results, we confirm that our proposed approach can perform the fuzzy vault-based fingerprint verification more securely on a combination of a security token and a server without significant degradation of the verification accuracy.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.19 no.3
• /
• pp.119-131
• /
• 2009

The world's widely used key exchange protocols are open cryptographic communication protocols, such as TLS/SSL, whereas in the financial field in Korea, key exchange protocols developed by industrial classification group have been used that are based on PKI(Public Key Infrastructure) which is suitable for the financial environments of Korea. However, the key exchange protocols are not only vulnerable to client impersonation attacks and known-key attacks, but also do not provide forward secrecy. Especially, an attacker with the private keys of the financial security server can easily get an old session-key that can decrypt the encrypted messages between the clients and the server. The exposure of the server's private keys by internal management problems, etc, results in a huge problem, such as exposure of a lot of private information and financial information of clients. In this paper, we analyze the weaknesses of the cryptographic communication protocols in use in Korea. We then propose two key exchange protocols which reduce the replacement cost of protocols and are also secure against client impersonation attacks and session-key and private key reveal attacks. The forward secrecy of the second protocol is reduced to the HDH(Hash Diffie-Hellman) problem.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.13 no.4
• /
• pp.63-70
• /
• 2003

In the modern electronic world, the authentication of a person is an important task in many areas of online-transactions. Using biometrics to authenticate a person's identity has several advantages over the present practices of Personal Identification Numbers(PINs) and passwords. To gain maximum security in the verification system using biometrics, the computation of the verification as well as the store of the biometric pattern has to be taken place in the security token(smart card, USB token). However, there is an open issue of integrating biometrics into the security token because of its limited resources(memory space, processing power). In this paper, we describe our implementation of the USB security token system having 206MHz StrongARM CPU, 16MBytes flash memory, and 1MBytes RAM. Also, we evaluate the performance of a light-weighted In-gerprint verification algorithm that can be executed in the restricted environments. Based on experimental results, we confirmed that the RAM requirement of the proposed algorithm was about 6.8 KBytes and the Equal Error Rate(EER) was 1.7%.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.16 no.6
• /
• pp.63-71
• /
• 2006

In this paper, we propose a secure solution for user authentication by using fingerprint verification on the sensor-client-server model, even with the client that is not necessarily trusted by the sensor holder or the server. To protect possible attacks launched at the untrusted client, our solution makes the fingerprint sensor validate the result computed by the client for the feature extraction. However, the validation should be simple so that the resource-constrained fingerprint sensor can validate it in real-time. To solve this problem, we separate the feature extraction into binarization and minutiae extraction, and assign the time-consuming binarization to the client. After receiving the result of binarization from the client, the sensor conducts a simple validation to check the result, performs the minutiae extraction with the received binary image from the client, and then sends the extracted minutiae to the server. Based on the experimental results, the proposed solution for fingerprint verification can be performed on the sensor-client-server model securely and in real-time with the aid of an untrusted client.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.5
• /
• pp.71-82
• /
• 2011

The RFID system provides undeniable advantages so that it is used for various application. However recent RFID system is vulnerable to some attacks as eavesdropping, replay attack, message hijacking, and tag tampering, because the messages are transmitted through the wireless channel and the tags are cheap. Above attacks cause the tag and reader impersonation, denial of service by invalidating tag, and the location tracking concerning bearer of tags, A lot of RFID authentication protocol bas been proposed to solve the vulnerability. Since Weis, Sanna, Rivest, and Engel, proposed the bash-based RFID authentication protocol, many researchers have improved hash-based authentication protocol and recent bash-based authentication protocols provide security and desirable privacy. However, it remains open problem to reduce the tag identification time as long as privacy and security are still guaranteed. Here we propose a new protocol in which the tags generate the message depending on the state of previous communitions between tag and reader. In consequence, our protocol allows a server to identify a tag in a reasonable amount of time while ensuring security and privacy, To be specific, we reduced the time for the server to identify a tag when the last session finished abnormally by at least 50% compared with other bash-based schemes that ensure levels of security and privacy similar to ours.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.3
• /
• pp.117-130
• /
• 2011

In a situation where worldwide free trade between countries has expanded recently, our country is being rapidly pushed FTA agreements with the financial developed countries such as United States, EU. According to the agreement, the user information of foreign financial companies in Korea is expected to be transfered overseas. In this paper, we need to define the scope and the definition about the transfer of information and analyze the relating domestic and foreign laws preparing for Cross Border Financial Information Transfer. Also, we review the expected issues about the transfer of information divided into institutional and technical sectors and arc presented the policy implication such as differentiation of regulatory information, enactment and amendment of Personal Information Protection Law(Draft) and related regulations, ensuring the safety of financial companies, raise the standard guidelines of the transfer of information. We refers to the needs for policy formulation to differentiate our privacy information from financial information to protect the privacy of users. The proposed countermeasures in this paper is expected to be helpful the measures to prepare for other institutions such as banks and supervisory authorities prepare for the future Cross Border Financial Information Transfer according to PTA.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.3
• /
• pp.585-600
• /
• 2012

Security issues in online games are increasing as the online game industry grows. Real money trading (RMT) by online game users has become a security issue in several countries including Korea because RMT is related to criminal activities such as money laundering or tax evasion. RMT-related activities are done by professional work forces, namely gold-farmers, and many of them employ the automated program, bot, to gain cyber asset in a quick and efficient way. Online game companies try to prevent the activities of gold-farmers using game bots detection algorithm and block their accounts or IP addresses. However, game bot detection algorithm can detect a part of gold-farmer's network and IP address blocking also can be detoured easily by using the virtual private server or IP spoofing. In this paper, we propose a method to detect gold-farmer groups by analyzing their connection patterns to the online game servers, particularly information on their routing and source locations. We verified that the proposed method can reveal gold-farmers' group effectively by analyzing real data from the famous MMORPG.