• KIPS Transactions on Computer and Communication Systems
• /
• v.4 no.2
• /
• pp.73-80
• /
• 2015

In the various application environments on the internet, we use verified cipher algorithm to protect personal information. Even so, if an application method isn't proper, the information you want to keep can be intercepted. One of the representative examples of it is a PADDING ORACLE ATTACK. This thesis studied about STRP, MIKEY, CMS, IPSec, TLS, IPTV, an application environment which apply CBC operational mode based on block cipher and CBC padding method, and about whether we can attack against the Padding Oracle Attack as well as the vulnerable points.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.5
• /
• pp.863-874
• /
• 2021

Distributed key generation (DKG) with trustless setup is a cryptographic protocol that distributes Shamir secret shares of a private key to participants while keeping the actual private key hidden to the participants. Also, by extending it to a threshold signature protocol, digital signatures can be generated without construction of private keys. This paper proposes a recovery protocol maintaining trustless setup assumptions, in particular to the useful (1,3) share structure. The proposed protocol meets same levels of security requirements with DKG in terms of correctness and secrecy. The protocol can also enable delegation and revocation of digital sign rights for blockchain-based asset management.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.14 no.3
• /
• pp.107-115
• /
• 2004

SHACAL-2 is a 256 bit block cipher with various key sizes based on the hash function SHA-2. Recently, it was recommended as one of the NESSIE selections. UP to now, no security flaws have been found in SHACAL-2. In this paper, we discuss the security of SHACAL-2 against an impossible differential attack. We propose two types of 14 round impossible characteristics and using them we attack 30 round SHACAL-2 with 512 bit 18y. This attack requires 744 chosen plaintexs and has time complexity of 2$^{495.1}$ 30 round SHACAL-2 encryptions.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2021.05a
• /
• pp.171-174
• /
• 2021

최근 사물인터넷(IoT) 환경에서 다양한 장비의 인터넷 통신이 가능하여 이에 적절한 경량 블록 암호 알고리즘에 대한 연구가 활발히 진행되고 있다. ICISC 2020에서 새로 발표된 국산 경량 블록 암호 알고리즘인 PIPO는 새로운 경량 S-Box를 조합한 unbalanced-Bridge 구조로 효율적인 비트슬라이싱 구현을 제공한다. IoT 환경에 PIPO가 적용되기 위해서는 부채널 분석에 대한 안전성이 보장되어야 한다. 따라서 본 논문에서는 PIPO가 1차 CPA 공격에 취약함을 확인한다. 그리고 부채널 공격에 대응하기 위해 1차 마스킹 기법을 제안한다. 제안한 마스킹 기법은 1차 CPA 공격에 안전하였으며, 마스킹 적용 전보다 -375%의 성능을 보였다. 그리고 기존 기법보다 1287% 속도가 빨라진 것을 확인하였다.

• The Journal of the Korea Contents Association
• /
• v.19 no.12
• /
• pp.18-27
• /
• 2019

Through the technology of the 4th industrial revolution, agricultural machinery is becoming increasingly intelligent, and the machine is replacing the role of farmer manpower as a whole. However, safety accidents caused by careless use of agricultural machines and theft accidents due to the difficulty of keeping them are increasing every year. Because agricultural machines do not manage the history of events and accidents unlike automobiles, they are often used for crime. There is also no way to cope with the issues if there happens issues on agricultural machines. In this paper, we propose the system based on block chain which can manage the history of the agricultural machinery by registering the chassis number at the same time when purchasing the agricultural machinery. Since this system contains the history of accident and repair information about the owner's agricultural machinery, it is possible to trace back even if a theft occurs. The proposed system also allows buyers to secure transactions by providing reliable data through inquiry of this system when trading in the secondary market in the future.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• v.9 no.2
• /
• pp.545-548
• /
• 2005

Recently, the computing environment of P2P come out to solve the excessive load of the server in the computing environment of the client/server. Currently, operated computing environment of P2P is mainly spreading out P2P system of read name or anonymity base about a publisher, sender and receiver of the file. But, to the current file protection there is three problem. The first problem is to a host become attack target. The second is to received file loose attack of Brute Force. The third is to define target of attack of DOS. To solve the this problem. it divide file into block unit. Each block is safely scattered peers. This paper propose the distribution P2P system of file division. Both proposing system solve the this problem and promote efficiency of file application.

• Journal of the Korea Society of Computer and Information
• /
• v.26 no.6
• /
• pp.97-105
• /
• 2021

In this paper, we propose BCON, a service that allows individuals to store personal contents safely, and reliably guarantee their ownership of contents, certifying their identities with DIDs(Decentralized identifiers). DID technology, which supports decentralized identification service based on a blockchain that cannot forgery or alter data, allows users to selectively provide their information, controlling personal information and reinforcing their sovereignty over their identity. BCON stores information about the content specified by a user on the blockchain and Authenticates the user's identity based on DID technology. It also provides functions for the user to safely upload and download the user's content to a distributed database. BCON consists of the content service verifier, the content storage service, the content management contract, and the user application, administrating rhe DID registry for Authority management.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.16 no.1
• /
• pp.79-85
• /
• 2006

This attack requires an oracle which on receipt of a ciphertext, decrypts it and replies to the sender whether the padding is VALID or INVALID. In this paper we extend these attacks to other kinds of modes of operation for block ciphers. Specifically, we apply the padding oracle attacks to multiple modes of operation with various padding schemes. As a results of this paper, 12 out of total 36 double modes and 22 out of total 216 triple modes are vulnerable to the padding oracle attacks. It means that the 12 double modes and the 22 triple modes exposed to these types of attacks do not offer the better security than single modes.

• KIPS Transactions on Computer and Communication Systems
• /
• v.10 no.1
• /
• pp.1-6
• /
• 2021

Recently, incidents such as proxy surgery (unlicensed medical practice) have been reported in the media that threaten the safety of patients. Alternatives such as the introduction of operating room surveillance camera devices to prevent proxy surgery are emerging, but there are practical difficulties in implementing them due to strong opposition from the medical community. However, the social credibility of doctors is falling as incidents such as proxy surgery occur frequently. In this paper, we propose a medical staff identification system combining Beacon and iris recognition. The system adds reliability by operating on the blockchain network. The system performs primary identification by performing user authentication through iris recognition and proves that the medical staff is in the operating room through beacons. It also ensures patient trust in the surgeon by receiving beacon signals in the background and performing iris authentication at random intervals to prevent medical staff from leaving the operating room after only performing initial certification.

• Journal of Korean Society of Disaster and Security
• /
• v.16 no.1
• /
• pp.91-103
• /
• 2023

This study aims to investigate the dynamic fracture characteristics of rocks and rock-like materials subjected to the Nonex Rock Cracker (NRC), a vapor pressure crushing agent that produces vapor pressure by instantaneously vaporizing a liquid mixture crystallized through the thermite reaction. Furthermore, the study seeks to develop an analytical technique for predicting the fracture pattern. A dynamic fracture test was performed on a PMMA block, an artificial brittle material, using the NRC. High-speed cameras and dynamic pressure gauges were employed to capture the moment of vapor pressure generation and measure the vapor pressure-time history, respectively. The 2-dimensional Dynamic Fracture Process Analysis (2D DFPA) was used to simulate the fracture process caused by the vapor pressure, with the applied pressure determined based on the vapor pressure-time history. The proposed analytical method was used to examine various fracture patterns with respect to granite material and high-performance explosives.