• ETRI Journal
• /
• v.30 no.2
• /
• pp.326-334
• /
• 2008

This paper proposes a method for generating a basis translation matrix between isomorphic extension fields. To generate a basis translation matrix, we need the equality correspondence of a basis between the isomorphic extension fields. Consider an extension field $F_{p^m}$ where p is characteristic. As a brute force method, when $p^m$ is small, we can check the equality correspondence by using the minimal polynomial of a basis element; however, when $p^m$ is large, it becomes too difficult. The proposed methods are based on the fact that Type I and Type II optimal normal bases (ONBs) can be easily identified in each isomorphic extension field. The proposed methods efficiently use Type I and Type II ONBs and can generate a pair of basis translation matrices within 15 ms on Pentium 4 (3.6 GHz) when $mlog_2p$ = 160.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.5 no.11
• /
• pp.2221-2234
• /
• 2011

The fuzzy vault scheme has emerged as a promising solution to user privacy and fingerprint template security problems. Recently, however, the fuzzy vault scheme has been shown to be susceptible to a correlation attack. This paper proposes a novel scheme for one-time templates for fingerprint authentication based on the fuzzy vault scheme. As in one-time passwords, the suggested method changes templates after each completion of authentication, and thus the compromised templates cannot be reused. Furthermore, a huge number of chaff minutiae can be added by expanding the size of the fingerprint image. Therefore, the proposed method can protect a user's fingerprint minutiae against the correlation attack. In our experiments, the proposed approach can improve the security level of a typical approach against brute-force attack by the factor of $10^{34}$.

• ETRI Journal
• /
• v.37 no.5
• /
• pp.1012-1022
• /
• 2015

Conventional cryptographic algorithms are not sufficient to protect secret keys and data in white-box environments, where an attacker has full visibility and control over an executing software code. For this reason, cryptographic algorithms have been redesigned to be resistant to white-box attacks. The first white-box AES (WB-AES) implementation was thought to provide reliable security in that all brute force attacks are infeasible even in white-box environments; however, this proved not to be the case. In particular, Billet and others presented a cryptanalysis of WB-AES with 230 time complexity, and Michiels and others generalized it for all substitution-linear transformation ciphers. Recently, a collision-based cryptanalysis was also reported. In this paper, we revisit Chow and others's first WB-AES implementation and present a conditional re-encoding method for cryptanalysis protection. The experimental results show that there is approximately a 57% increase in the memory requirement and a 20% increase in execution speed.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.5
• /
• pp.781-793
• /
• 2014

A Public Key Infrastructure (PKI) is security standards to manage and use public key cryptosystem. A PKI is used to provide digital signature, authentication, public key encryption functionality on insecure channel, such as E-banking and E-commerce on Internet. A soft-token private key in PKI is leaked easily because it is stored in a file at standardized location. Also it is vulnerable to a brute-force password attack as is protected by password-based encryption. In this paper, we proposed a new method that detects private key compromise and is probabilistically secure against a brute-force password attack though soft-token private key is leaked. The main idea of the proposed method is to use a genuine signature key pair and (n-1) fake signature key pairs to make an attacker difficult to generate a valid signature with probability 1/n even if the attacker found the correct password. The proposed method provides detection and notification functionality when an attacker make an attempt at authentication, and enhances the security of soft-token private key without the additional cost of construction of infrastructure thereby extending the function of the existing PKI and SSL/TLS.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.12 no.12
• /
• pp.6161-6176
• /
• 2018

Pseudorandom numbers are useful in cryptographic operations for using as nonce, initial vector, secret key, etc. Security of the cryptosystem relies on the secret key parameters, so a good pseudorandom number is needed. In this paper, we have proposed a new approach for generation of pseudorandom number. This method uses the three dimensional combinational puzzle Rubik Cube for generation of random numbers. The number of possible combinations of the cube approximates to 43 quintillion. The large possible combination of the cube increases the complexity of brute force attack on the generator. The generator uses cryptographic hash function. Chaotic map is being employed for increasing random behavior. The pseudorandom sequence generated can be used for cryptographic applications. The generated sequences are tested for randomness using NIST Statistical Test Suite and other testing methods. The result of the tests and analysis proves that the generated sequences are random.

• International Journal of Computer Science & Network Security
• /
• v.23 no.3
• /
• pp.161-168
• /
• 2023

It is a common practice to use a password in order to restrict access to information, or in a general sense, to assets. Right selection of the password is necessary for protecting the assets more effectively. Password finding/cracking try outs are performed for deciding which level of protection do used or prospective passwords offer, and password cracking algorithms are generated. These algorithms are becoming more intelligent and succeed in finding more number of passwords in less tries and in a shorter duration. In this study, the performances of possible password finding algorithms are measured, and a hybrid algorithm based on the performances of different password cracking algorithms is generated, and it is demonstrated that the performance of the hybrid algorithm is superior to the base algorithms.

• Journal of Digital Contents Society
• /
• v.18 no.8
• /
• pp.1593-1601
• /
• 2017

In a big data platform, association rule mining applications could bring some benefits. For instance, in a agricultural big data platform, the association rule mining application could recommend specific products for farmers to grow, which could increase income. The key process of the association rule mining is the frequent itemsets mining, which finds sets of products accompanying together frequently. Former researches about this issue, e.g. Apriori, are not satisfying enough because huge possible sets can cause memory to be overloaded. In order to deal with it, SON algorithm has been proposed, which divides the considered set into many smaller ones and handles them sequently. But in a single machine, SON algorithm cause heavy time consuming. In this paper, we present a method to find association rules in our Hadoop based big data platform, by parallelling SON algorithm. The entire process of association rule mining including pre-processing, SON algorithm based frequent itemset mining, and association rule finding is implemented on Hadoop based big data platform. Through the experiment with real dataset, it is conformed that the proposed method outperforms a brute force method.

• Journal of the Korea Society of Computer and Information
• /
• v.22 no.9
• /
• pp.65-71
• /
• 2017

This paper proposes a smart phone authentication method based on user's behavior and habit that is an authentication method against shoulder surfing attack and brute force attack. As smart phones evolve not only storage of personal data but also a key means of financial services, the importance of personal information security in smart phones is growing. When user authentication of smart phone, pattern authentication method is simple to use and memorize, but it is prone to leak and vulnerable to attack. Using the features of the smart phone pattern method of the user, the pressure applied when touching the touch pad with the finger, the size of the area touching the finger, and the time of completing the pattern are used as feature vectors and applied to user authentication security. First, a smart phone user models and stores three parameter values as prototypes for each section of the pattern. Then, when a new authentication request is made, the feature vector of the input pattern is obtained and compared with the stored model to decide whether to approve the access to the smart phone. The experimental results confirm that the proposed technique shows a robust authentication security using subjective data of smart phone user based on habits and behaviors.

• Journal of KIISE:Databases
• /
• v.28 no.2
• /
• pp.253-265
• /
• 2001

본 논문은 이동 컴퓨팅 환경에서 연속 부분 질의의 효과적인 처리를 위한 캐시 관리 방안을 제안한다. 연속 부분 부합 질의란 질의의 결과가 클라이언트의 메모리에 일관성을 유지하면서 지속되는 부분 부합 질의이다. 기존의 이동 환경을 위한 캐시 관리 기법은 레코드 식별자를 기반으로 하는 방법들이다. 하지만, 부분 부합 질의는 데이터의 내용을 기반으로 탐색하는 질의이기 때문에 이러한 레코드 식별자를 기반으로 하는 방법들은 캐시 관리를 효율적으로 할 수 없다. 제안하는 캐시 관리 방안에서는, 이동 클라이언트의 캐시 상태를 프레디킷(predicate)으로 기술하고, 서버가 캐시 관리를 위해 클라이언트에게 방송하는 캐시 무효화 정보, 즉 Cache Invalidation Reports(CIR)을 프레디킷으로 구성한다. 이러한 프레디킷 표현을 사용하여, 일련의 캐시 관리 기법-억지 방법(the brute-force method), 빼기 방법(the subtraction method), 교차 방법(the intersection method)-들을 제안한다. 그리고, 제안하는 방법의 계산 복잡도를 계산한다.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.7 no.3
• /
• pp.85-95
• /
• 2011

Smart phones, greatly expanding in the recent mobile market, are equipped with various features compared to existing feature phones and provide the conveniences to in several ways. The camera, one of the features of a smartphone, creates the digital contents, such photos and videos, and plays a role for the media which transmits information, such as video calls and bar code reader. QR-Code recognition is also one of the camera features. It contains a variety of information in two-dimensional bar code type in matrix format, and makes it possible to obtain the information by using smart phones. This paper analyzes the method of QR-Code recognition, password method-the existing user-authentication technique, smart card, biometrics and voice recognition and so on and thenn designs a new user-authentication technique. The proposed user-authentication technique is the technique in which QR-Code, which can be simply granted is read by smart phones and transmitted to a server, for authentication. It has the advantages in view that it will simply the process of authentication and conteract the disadvantages, such as brute force attack, man-inthe-middle attack, and keyboard hacking, which may occur in other authentication techniques.