• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.4
• /
• pp.661-671
• /
• 2022

Due to the COVID-19 pandemic, remote working, e-learning, e-teaching and online collaboration have widely spread and become popular. Accordingly, the usage of IPsec VPN for security reasons has also dramatically increased. With the spread of VPN, VPN vulunerabilities are becoming an important target of attack for attackers, and many studies have been conducted on this. IKE v2 analysis is an essential process not only for developing and building IPsec VPN systems but also for security analysis. Network packet analysis tools such as Wireshark and Tcpdump are used for IKE v2 analysis. Wireshark is one of the most famous and widely-used network protocol analyzers and supports IKE v2 analysis. However Wireshark has many limitations, such as requiring system administrator privileges for IKE v2 analysis. In this paper, we describe Wireshark's limitations in detatil and propose a new analysis method. The proposed analysis method can analyze all encrypted IKE v2 messages in real time from the session key exchange In addition, the proposed analysis method is expected to be used for dynamic testing such as fuzzing as packet manipulation.

• KIPS Transactions on Computer and Communication Systems
• /
• v.12 no.6
• /
• pp.197-208
• /
• 2023

In the coming future, anyone using the Internet will have more than one NFT. Unlike FT, NFT can specify the owner, and tracking management is easier than FT. Even in the 2022 survey, WPA2 is the most widely used wireless protocol worldwide to date. As it is a protocol that came out in 2006, it is a protocol with various vulnerabilities at this time. In order to use WPA2-EAP or WPA3 (2018), which were released to compensate for the vulnerabilities of WPA2, additional equipment upgrades are required for STA (station) and AP (access point, router), which are connected devices. The use of expensive router equipment solves the security part, but it is economically inefficient to be introduced in Small Office Home Office (SOHO). This paper uses NFT as a means of authentication and uses the existing WPA2 as it is without equipment upgrade, defend crack tools of WPA2 that have been widely used so far and compared to the existing WPA2, it was shown that it was not difficult to actually use them in SOHO.

• The Journal of the Convergence on Culture Technology
• /
• v.9 no.2
• /
• pp.483-491
• /
• 2023

Due to the spread of mobile devices, the use of mobile electronic notification services is increasing. For the mobile electronic notification service, the connecting information is required to identify the owner of the mobile device and the recipient of the notification. The connecting information is an online resident registration number, and safe management is essential. Therefore, in this paper, the processing flow, interconnecting standard, and management plan are proposed when a mobile electronic notification requesting agency requests the identity verification agency to convert the resident registration number of the recipient of the electronic notification to connecting information. In the proposed method, it is suggested that a safe mobile electronic notification service is possible by defining the process of collective conversion of connecting information between private organizations and personal identity proofing agency, information transmission and reception methods, and interworking standards.

• The Transactions of the Korea Information Processing Society
• /
• v.5 no.4
• /
• pp.975-983
• /
• 1998

In these days, information communication systems are based on both open distributed computing technologies and object-oriented techniques like inheritance, encapsulation and object reuse to support various system configuration and application. As information systems are interconnected through unsecure networks, the need for the secure information exchange is more critical than before. In this paper, we have designed and implemented a transparent CORBA-basce Security infrastructure with authentication, security context association, access control and security information management to support a secure applications in distributed object environment. SESAME Ver. 4 was adopted as an external security service to manage user privilege attributes and to distribute keys for data encryption, decryption and integrity. Using filter and transformer with an interface to Object Request Broker, it provides a transparent security service to applications. The filter objects are special classes that allow additional parameters to be inserted into messages before they are sent and removed just after they are received. The transformer objects are special classes that allow direct access to the byte stream of every messages for encryption and decryption before it is sent and just after it is received. This study is to implement the access control interceptor(ACI) and the secure invocation interceptor(SII) of secure ORB defined in CORBA using filter and transformer.

• Broadcasting and Media Magazine
• /
• v.10 no.1
• /
• pp.99-112
• /
• 2005

Christian Metz, the precursor of cine-semiology, considered cinema as a language in the sense that it is a set of messages grounded in a given matter of expression, and a signifying practice characterized by specific codifications. According to Metz, film forms a structured network produced by the interweaving of cinematic codes, within which cinematic subcodes represent specific usages of the particular code. For Metz, cinematic language is a totality of cinematic codes and subcodes, and history of the cinema is the trace of the competition, incorporations and exclusions of the subcodes. He also suggested a filmic text is not just a list of codes in effect, but a process of constant displacement and deformation of codes. Following Metz' textual analysis methodology, I investigated the formal configuration of Hayao Miyazaki‘s animation, Spirited Away. It is interesting to trace the interweaving of cinematic codes in Spirited Away, i.e. codes of lighting, color, movement, and auteurism, across the animation. I focused on the first scene at the bridge to Yubaba's bathhouse, analyzing each cinematic code and its subcode applied. The first bridge scene is carefully constructed to stand out the confrontation of Chihiro (with Haku) and the bathhouse. The bathhouse is not just a building, it represents the powerful witch, Yubaba, yet to appear on the scene, and functions as an antipode to Chihiro. In each shot, every subcode within the codes of framing, direction, angle, color, lighting and movement is used to maximize the contrast between the dominant bathhouse and the feeble 10-year-old girl. In Spirited Away, the subcodes within each cinematic ode are constantly competing and displacing each other to augment the antithesis between the characters and develop the narrative. As Metz's argument that film constitutes a quasi-linguistic practice as a pluricodic medium, Spirited Away communicates with the spectators with the combination and displacement of these cinematic codes and subcodes.

• 한국지구과학회:학술대회논문집
• /
• 2010.04a
• /
• pp.110-110
• /
• 2010

2009년 7월 23일-24일 양일간의 APEC MTF 컨퍼런스는 APEC 회원 경제가 아시아-태평양지역에서 광업부문의 지속가능한 발전의 주제를 토의할 기회를 제공했다. 본 컨퍼런스는 APEC의 광업부문의 지속가능한 발전이라는 프로젝트의 중요 부분이며 컨퍼런스의 활발한 참여는 프로젝트의 성공을 증진시켰다. 지속가능한 발전에 대한 안건이 수년간 APEC의 핵심부분이었으며, 특히 광업장관(MRM)회의에 상정되어 왔다. 2004년 6월 칠레 안토파가스타의 제1차 회의에서, 광업장관들은 APEC 지역에서 광업 및 금속산업의 지속가능한 발전은 부를 창출하고, 환경사업을 창출하며, 사회적으로 책임있는 발전을 도모하며 사회를 위한 향상된 가치를 만들어낸다는데 동의했다. 초기의 action item들 중에서 지속가능한 발전에 있어서 광물 및 금속의 기여를 규명하는 것도 있었다. 광업에 있어서 지속가능한 발전에 대한 안건의 토의는 2005년 10월 한국의 경주 제2차 APEC MRM 회의에서 속계되었다. 관련된 action task는 채광 후 토지운영 뿐만 아니라 에너지 효율기술, 광업 오염 통제 기술과 같은 환경친화적인 채광기술에 대한 정보교환 및 협조를 독려하는 것이었다. 2007년 호주 퍼스의 제3차 회의에서 APEC MRM 회의는 특히 지구화의 시대에 APEC 지역 광물자원의 지속가능한 발전에 대한 긴밀한 지역적 협조에 대한 필요성을 인지하고 있다. 장관들은 역시 광업부문에서 지속가능한 발전에 대한 APEC 위상을 정립하기 위한 작업을 주도하기로 했으며 APEC 경제의 공통관심사를 UNCSD에 반영키 위한 자료제공을 하기로 결정했다. APEC 광업분야의 지속 가능한 개발에 관한 APEC MTF회의는 호주, 캐나다, 칠레, 중국, 인도네시아, 일본, 말레이시아, 파푸아 뉴기니, 페루, 필리핀, 한국, 러시아, 싱가포르, 타이완, 태국, 미국, 베트남에서 자신들의 지속 가능한 개발을 위한 활동에 관한 발표나 의견을 제시하였다. 세계 은행이나 AIM에서도 발표를 하였다. 중요한 소주제들은 다음과 같다. $\cdot$ APEC MTF가 APEC 광업분야의 지속 가능한 발전을 추구하는데 있어 적절한 포럼이라는 것 $\cdot$ 기업들이 사회적 책임(CSR)을 성실히 이행할 필요가 있다는 것 $\cdot$ 수자원과 인적자원의 부족을 다룰 필요가 있다는 것 $\cdot$ 적절한 광산 복구가 필요하다는 것이다. 한국은 "광업분야의 지속가능한 발전을 위한 환경과 광업간의 균형"이라는 프로젝트 아이디어를 제안했다. 인도네시아와 말레이시아는 한국측 프로젝트 수행의 중요성을 강조했다. 러시아 연방은 "광업에 있어 투자 활성화"라는 프로젝트 아이디어를 제안했다. 이 관점에서 MTF는 APEC 투자전문가 그룹과의 협력을 지지했으며 이 포럼간 활동을 활성화시키기 위하여 APEC 사무국에 요청했다. 이 프로젝트는 세계 광업분야의 투자를 증진시키는 최적관행 분석에 따라 제안될 것이고 수행될 것이다. 말레이시아는 광업 및 광업 산업의 지속가능한 발전지시자를 위한 역량구축 프로젝트를 제안했다. 태국은 말레이시아의 제안을 지지했으며 공동프로젝트를 제안했다.

• The KIPS Transactions:PartD
• /
• v.15D no.6
• /
• pp.755-766
• /
• 2008

Recently, NAND flash memory is becoming into the spotlight as a next-generation storage device because of its small size, fast speed, low power consumption, and etc. compared to the hard disk. However, due to the distinct characteristics such as erase-before-write architecture, asymmetric operation speed and unit, disk-based systems and applications may result in severe performance degradation when directly implementing them on NAND flash memory. Especially when a B-tree is implemented on NAND flash memory, intensive overwrite operations may be caused by record inserting, deleting, and reorganizing. These may result in severe performance degradation. Although ${\mu}$-tree has been proposed in order to overcome this problem, it suffers from frequent node split and rapid increment of its height. In this paper, we propose Log-Structured B-Tree(LSB-Tree) where the corresponding log node to a leaf node is allocated for update operation and then the modified data in the log node is stored at only one write operation. LSB-tree reduces additional write operations by deferring the change of parent nodes. Also, it reduces the write operation by switching a log node to a new leaf node when inserting the data sequentially by the key order. Finally, we show that LSB-tree yields a better performance on NAND flash memory by comparing it to ${\mu}$-tree through various experiments.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.11 no.5
• /
• pp.17-30
• /
• 2001

In this paper, we implemented a scalar multiplier needed at an elliptic curve cryptosystem over standard basis in $GF(2^{163})$. The scalar multiplier consists of a radix-16 finite field serial multiplier and a finite field inverter with some control logics. The main contribution is to develop a new fast finite field inverter, which made it possible to avoid time consuming iterations of finite field multiplication. We used an algorithmic transformation technique to obtain a data-independent computational structure of the Extended Euclid GCD algorithm. The finite field multiplier and inverter shown in this paper have regular structure so that they can be easily extended to larger word size. Moreover they can achieve 100% throughput using the pipelining. Our new scalar multiplier is synthesized using Hyundai Electronics 0.6$\mu\textrm{m}$ CMOS library, and maximum operating frequency is estimated about 140MHz. The resulting data processing performance is 64Kbps, that is it takes 2.53ms to process a 163-bit data frame. We assure that this performance is enough to be used for digital signature, encryption & decryption and key exchange in real time embedded-processor environments.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.12 no.2
• /
• pp.45-52
• /
• 2002

In this contributions, we propose a new MSB(most significant bit) algorithm based on AOP(All One Polynomial) and two parallel semi-systolic architectures to computes $AB^2$over finite field $GF(2^m)$. The proposed architectures are based on standard basis and use the property of irreducible AOP(All One Polynomial) which is all coefficients of 1. The proposed parallel semi-systolic architecture(PSM) has the critical path of $D_{AND2^+}D_{XOR2}$ per cell and the latency of m+1. The modified parallel semi-systolic architecture(WPSM) has the critical path of $D_{XOR2}$ per cell and has the same latency with PSM. The proposed two architectures, PSM and MPSM, have a low latency and a small hardware complexity compared to the previous architectures. They can be used as a basic architecture for exponentiation, division, and inversion. Since the proposed architectures have regularity, modularity and concurrency, they are suitable for VLSI implementation. They can be used as a basic architecture for algorithms, such as the Diffie-Hellman key exchange scheme, the Digital Signature Algorithm(DSA), and the ElGamal encryption scheme which are needed exponentiation operation. The application of the algorithms can be used cryptosystem implementation based on elliptic curve.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.20 no.4
• /
• pp.41-52
• /
• 2010

Message authentication is an essential security element in vehicular ad-hoc network(VANET). For a secure message authentication, integrity, availability, privacy preserving skill, and also efficiency in various environment should be provided. RAISE scheme has been proposed to provide efficient message authentication in the environment crowded with lots of vehicles and generally considered to be hard to provide efficiency. However, as the number of vehicles communicating in the area increases, the overhead is also incurred in proportion to the number of vehicles so that it still needs to be reduced, and the scheme is vulnerable to some attacks. In this paper, to make up for the vulnerabilities in dense vehicular communication network, we propose a more secure and efficient scheme using a process that RSU(Road Side Unit) transmits the messages of neighbor vehicles at once with Bloom Filter, and timestamp to protect against replay attack. Moreover, by adding a handover function to the scheme, we simplify the authentication process as omitting the unnecessary key-exchange process when a vehicle moves to other area. And we confirm the safety and efficiency of the scheme by simulating the false positive probability and calculating the traffic.