• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.11 no.3
• /
• pp.53-62
• /
• 2001

In this paper, we study the security of key recovery enhanced key exchange protocol. We present a subliminal channel of self-escrowed Diffie-Hellman key exchange protocol proposed by P. Paillier and M. Yung in ICISC\`99, and also we present a method to prevent such a subliminal channel. In addition, we review and analyze the weakness of the modified key recovery enhanced key exchange Protocol proposed by C. Kim and p. Lee in PKC 2001.

• Proceedings of the Korea Contents Association Conference
• /
• 2006.11a
• /
• pp.622-625
• /
• 2006

The basic observation of the present paper is that cryptographic solutions that have been proposed so far completely ignore the communication context. IPSec is a security protocol suite that provides encryption and authentication services for IP messages at the network layer of the Internet. We propose example to provide key recovery capability by adding key recovery information to an IP datagram. It is possible to take advantage of the communication environment in order to design key recovery protocols that are better suited and more efficient.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.11 no.4
• /
• pp.1260-1265
• /
• 2010

IPSec is the security protocol that do encryption and authentication service to IP messages on network layer of the internet. This paper presents the key recovery mechanism that is applied to IKEv2 of IPSec for mobile communication environments. It results to have compatibility with IPSec and IKEv2, reduce network overhead, and perform key recovery without depending on key escrew agencies or authorized party.

• The Journal of the Korea Contents Association
• /
• v.6 no.6
• /
• pp.56-63
• /
• 2006

Key recovery has been the subject of a lot of discussion, of much controversy and of extensive research. Key recovery, however, might be needed at a corporate level, as a form of key management. The basic observation of the present paper is that cryptographic solutions that have been proposed so far completely ignore the communication context. IPSec is a security protocol suite that provides encryption and authentication services for IP messages at the network layer of the Internet. We propose example to provide key recovery capability by adding key recovery information to an IP datagram. It is possible to take advantage of the communication environment in order to design key recovery protocols that are better suited and more efficient.

• Proceedings of the Korean Information Science Society Conference
• /
• 2002.04a
• /
• pp.766-768
• /
• 2002

암호 사용이 증가하는 현 시점에서 키 복구 기능은 PKI(Public Key Infructure)의 부가 서비스로써 제공되어야 한다. 그러나 현재 제안된 키 복구 시스템들은 PKI에서 이용하기에는 부적절한 면을 많이 가지고 있다. 본 논문에서는 공개키 기반 구조에서 인증서를 발행하는 일련의 순서를 따라 진행하면서 키 복구를 지원하는 시스템을 제안한다. 제안된 시스템에서 사용자의 공개키는 인증기관에 의해서 생성되고, 사용자의 비밀키는 자신이 안전하게 생성하게 된다. 인증기관은 사용자의 비밀키를 모르면서 사용자의 인증서를 발행하게 된다.

• Annual Conference of KIPS
• /
• 2000.10b
• /
• pp.1601-1604
• /
• 2000

서버 역할을 하는 컴퓨터의 네트워크 에러 발생시 그 에러가 일시적이라 할지라도 치명적인 문제를 발생시킨다. 문제를 극복할 수 있으려면 네트워크 에러를 검출하고 서버가 서비스하고 있던 내용을 다른 서버에서 대신 수행할 수 있도록 해야 한다. 본 논문에서는 이런 형태의 문제점을 극복할 수 있는 에러 검출 및 서비스 복구 시스템을 제안한다. 그리고, 네트워크상의 다수 노드들을 어떤 형태로 구성할 것인가에 대해서 기술하고 전체 노드의 에러 현황을 모니터링 할 수 있는 방법을 제시한다. 그리고 모니터링을 통해 문제가 생긴 노드들의 네트워크 에러 발생시 에러 검출(error detection) 및 복구(recovery) 방법에 대해서 기술한다.

• Journal of the Korea Society of Computer and Information
• /
• v.25 no.10
• /
• pp.77-86
• /
• 2020

In this paper, we propose a technique for blockchain service replication and recovery using kubernetes(BR2K) that robustly executes blockchain services based on replication and supports systematic recovery in case of the service failure. Blockchain services are being developed and applied in various fields such as administration, finance, and medical systems based on the features of blockchain, such as decentralization, high security, and data integrity. In such areas where service continuity is important, it is necessary to provide robustness for execution of blockchain services, and a recovery plan for service failure is also required. To this end, BR2K provides an execution replication technique that systematically supports the sustainable execution of blockchain application services. Also, it introduces a robust container registry based on the blockchain service registry, systematically supporting the recovery of service failures by using it. In addition, Truffle, a blockchain service development framework, is extended to utilize the Kubernetes container management tool, and BR2K provides a technique for rapidly deploying blockchain services using the extended framwork.

• Proceedings of the Korean Information Science Society Conference
• /
• 2001.04a
• /
• pp.418-420
• /
• 2001

최근 네트워크 보안에 대한 사용이 증가하고 있다. 그러나 암호는 본래 가지고 있는 키 관리의 어려움 때문에 여러 가지 문제가 발생할 수 있다. 이러한 암호의 사용이 야기하는 역기능을 해소하고 순기능을 조장하기 위하여 키 복구 개념이 도입되었다. 이러한 키 복구 방법 중 본 논문에서는 캡슐화 방식들 사용한다. 하지만 이 방식에서의 문제점은 키 협상 부분에서 키 복구에 대한 부분도 협상해야 한다. 그렇기 때문에 복잡한 키 협상 과정이 더욱 복잡해지며 마찬가지 이유로 SPD(Security Policy Database) 역시 복잡해진다. 그리고 키 복구에 대한 정보를 정해진 시간을 주기로 계속 보내야 하기 때문에 네트워크 소스 역시 많이 소비된다. 이러한 점을 해결하고자 본 논문에서는 TOS(Type Of Service)의 4bit를 이용하여 한 번의 키 복구 정보를 보내고, 사용자가 이러한 서비스를 자신이 사용하고 할 경우에만 선택할 수 있도록 함으로써 해결하였다.

• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.39 no.11
• /
• pp.1-11
• /
• 2002

To increase network survivability and to guarantee reliable services in MPLS networks, when failures occur either at any link or node of a working path, traffics on the failed path should be switched to other restoration paths. In this paper, we propose a path restoration method using duplication of working paths for link failure and its associated failure detection method, which utilizes OAM cells when all the duplicated links or nodes of the path failed. We analyze the performance of the proposed restoration method and show that especially the method is very efficient to restore high priority traffics. Also, through simulation we prove that the proposed restoration method is superior in performance to several existing methods suggested so far.

• The Journal of Korea Institute of Information, Electronics, and Communication Technology
• /
• v.12 no.2
• /
• pp.155-161
• /
• 2019

Currently, numerous companies and institutes provide services using the Internet, and establish and operate Information Systems to manage them efficiently and reliably. The Information System implies the possibility of losing the ability to provide normal services due to a disaster or disability. It is preparing for this by utilizing a disaster recovery system. However, existing disaster recovery systems cannot perform normal recovery if files for system recovery are corrupted. In this paper, we proposed a system that can verify the integrity of the system recovery file and proceed with recovery by utilizing hyper-ledger fabric blockchain. The PBFT consensus algorithm is used to generate the blocks and is performed by the leader node of the blockchain network. In the event of failure, verify the integrity of the recovery file by comparing the hash value of the recovery file with the hash value in the blockchain and proceed with recovery. For the evaluation of proposed techniques, a comparative analysis was conducted based on four items: existing system recovery techniques and data consistency, able to data retention, recovery file integrity, and using the proposed technique, the amount of traffic generated was analyzed to determine whether it was actually applicable.