• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.14 no.4
• /
• pp.123-134
• /
• 2004

In this paper a high speed architecture of the RC4 stream cipher is proposed and its FPGA implementation is presented. Compared to the conventional RC4 designs which have long initialization operation or use double or triple S-arrays to reduce latency delay due to S-array initialization phase, the proposed architecture for RC4 stream cipher eliminates the S-array initialization operation using 256-bit valid entry scheme and supports 40/128-bit key lengths with efficient modular arithmetic hardware. The proposed RC4 stream cipher is implemented using Xilinx XCV1000E-6H240C FPGA device. The designed RC4 stream cipher has about a throughput of 106 Mbits/sec at 40 MHz clock and thus can be applicable to WEP processor and RC4 key search processor.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.15 no.5
• /
• pp.59-71
• /
• 2005

A RFID (Radio Frequency Identification) system receives attention as the technology which can realize the ubiquitous computing environment. However, the feature of the RFID tags may bring about new threats to the security and privacy of individuals. Recently, Juels proposed the minimalist cryptography for very low-cost RFID tags, which is secure. but only under the impractical assumption such that an adversary is allowed to eavesdrop only the pre-defined number of sessions. In this paper, we propose a scheme to protect privacy for very low-cost RFID systems. The proposed protocol uses only bit-wise operations without my costly cryptographic function such as hashing, encryption which is secure which is secure against an adversary who is allowed to eavesdrop transmitted message in every session any impractical assumption. The proposed scheme also is more efficient since our scheme requires less datas as well as few number of computations than Juels's scheme.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.16 no.2
• /
• pp.95-103
• /
• 2006

IPv6 is a new version of the Internet protocol, designed as the successor to IPv4. Among the changes from IPv4 to IPv6, we focused on the stateless address auto-configuration mechanism. The address auto-configuration mechanism is used by nodes in an IPv6 network to learn the local topology. The current specifications suggest that IPsec AH may be used to secure the mechanism, but there is no security association during address auto-configuration process because it has no initial IP address. As there are so many suity threats, SEND protocol was designed to counter these threats. In this paper we analyzed the security problems in NDP and SEND protocol. So we proposed the Modified NDP mechanism using PKC and AC in order to solve these problems.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.16 no.2
• /
• pp.55-70
• /
• 2006

In this paper, we propose a new access control security architecture for supporting flexibility in Secure Operating Systems. By adding virtual access control system layer to the proposed security architecture, various access control models such as MAC, DAC, and RBAC can be applied to Secure Operating Systems easily. The proposed security architecture is designed to overcome the problem of Linux system's base access control system. A policy manager can compose various security models flexibly and apply them to Operating Systems dynamically. Also, the proposed architecture is composed of 3 modules such as access control enforcement, access control decision, and security control. And access control models are abstracted to hierarchy structure by virtual access control system. And, we present the notation of policy conflict and its resolution method by applying various access control model.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.15 no.6
• /
• pp.27-35
• /
• 2005

While the current world wide network offers an incredibly rich base of information, it causes network management problem because users should have many independent IDs and passwords for accessing different sewers located in many places. In order to solve this problem users have employed single circle of trust(COT) ID management system, but it is still not sufficient for clearing the problem because the coming ubiquitous network computing environment will be integrated and complex networks combined with wired and wireless network devices. The purpose of this paper is to describe the employment and evaluation of federated ID interoperability method for solving the problem. The use of the proposed model can be a solution for solving network management problem in the age of mobile computing environment as well as wired network computing environment.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.17 no.2
• /
• pp.115-123
• /
• 2007

In cryptographic devices like a smart-card whose computing ability and memory are limited, cryptographic algorithms should be performed efficiently. Scalar multiplication is very important operation in Elliptic Curve Cryptosystems, and so must be constructed in safety against side channel attack(SCA). But several countermeasures proposed against SCA are exposed weaknesses by new un-dreamed analysis. 'Double-and-add always scalar multiplication' algorithm adding dummy operation being known to secure against SPA is exposed weakness by Doubling Attack. But Doubling Attack cannot apply to sABS receding proposed by Hedabou, that is another countermeasure against SPA. Our paper proposes new strengthened Doubling Attacks that can break sABS receding SPA-countermeasure and a detailed method of our attacks through experimental result.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.5
• /
• pp.149-160
• /
• 2011

Technique based on the notions of anonymity is one of several ways to achieve the goal of privacy and it transforms the original data into the micro data by some group based methods. The first notion of group based method is ${\kappa}$-anonymity, and it is enhanced by the notions of ${\ell}$-diversity and t-closeness. Since there is the natural tradeoff between privacy and data utility, the development of practical anonymization algorithms is not a simple work and there is still no noticeable algorithm which achieves some combined anonymity conditions. In this paper, we provides a comparative analysis of previous anonymity and accuracy measures. Moreover we propose an algorithm to achieve ${\ell}$-diversity by the block merging method from a micro-data achieving ${\kappa}$-anonymity.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.3
• /
• pp.131-141
• /
• 2011

OMA(Open Mobile Alliance) is one of the most active group about DRM technology in mobile device field. OMA announced an OMA-DRM v 2.1 standardization in 2007. After then OMA announced OMA-SRM(Secure Removable Media) and SCE(Secure Contents Exchanges) that are the extension of OMA-DRM v2.1. In SCE, a user can form user domain to share contents and rights. So the user can share contents and rights with not only the the OMA-DRM v2.1 but also home devices like mobile phones, personal computers and audios. In this paper, we analyze a sharing technology of OMA-DRM and SCE, and then propose key distribution method using proxy re-encryption and smart card to use shared contents and rights.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.2
• /
• pp.249-258
• /
• 2012

Cyber attacks expose sensitive information and cause fatal damage in both the public and the private sectors. Therefore, MKE (Ministry of Knowledge Economy) Cyber Security Center was founded on July 25, 2008, to perform three major roles. First, it detects and analyzes cyber attacks for the both sectors. Second, its ISAC (Information Sharing & Analysis Center) service analyzes and evaluates the vulnerability of the communication and network infrastructure to security threats, including control systems. Third, it provides CERT/CC (Computer Emergency Response Team Coordination Center) service to prevent and to respond to computer security incidents. This study focuses on the MKE Cyber Security Center's service analysis, which is playing an increasingly larger role in the both sectors. Based on this analysis, after grasping the response services activity and pointing out the problems, this study suggests improvements to the MKE Cyber Security Center.

• KIPS Transactions on Computer and Communication Systems
• /
• v.10 no.2
• /
• pp.53-58
• /
• 2021

In this paper, an alternative finite memory structure(FMS) smoothing filter is developed for discrete-time state-space model with a control input. To obtain the FMS smoothing filter, unbiasedness will be required beforehand in addition to a performance criteria of minimum variance. The FMS smoothing filter is obtained by directly solving an optimization problem with the unbiasedness constraint using only finite measurements and inputs on the most recent window. The proposed FMS smoothing filter is shown to have intrinsic good properties such as deadbeat and time-invariance. In addition, the proposed FMS smoothing filter is shown to be equivalent to existing FMS filters according to the delay length between the measurement and the availability of its estimate. Finally, to verify intrinsic robustness of the proposed FMS smoothing filter, computer simulations are performed for a temporary model uncertainty. Simulation results show that the proposed FMS smoothing filter can be better than the standard FMS filter and Kalman filter.