• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.19 no.5
• /
• pp.143-149
• /
• 2009

The hash function ARIRANG is one of the 1st round SHA-3 candidates. In this paper, we present preimage attacks on ARIRANG with step-reduced compression functions. Our attack finds a preimage of the 33-step OFF(Original FeedForward1) variants of ARIRANG, and a preimage of the 31-step MFF(Middle FeedForward1) variants of ARIRANG. Its time complexity is about $2^{241}$ for ARIRANG-256 and $2^{481}$ for ARIRANG-512, respectively.

• The KIPS Transactions:PartC
• /
• v.16C no.3
• /
• pp.325-334
• /
• 2009

This paper demonstrates that an attacker can impersonate a random RFID tag and then perform the spoofing attack in the previous RFID authentication protocol. To resolve such a security problem, we also propose a new secure and efficient RFID mutual authentication protocol. The proposed RFID mutual authentication protocol is not only to resolve many security problems with the existing RFID authentication mechanism and the vulnerability against spoofing attack, but also to guarantee reliable authentication time as reducing computational overhead performing by tag. As a result, the proposed RFID mutual authentication protocol provides stronger security including the forward secrecy and more efficiency.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.19 no.3
• /
• pp.61-72
• /
• 2009

To guarantee security between the tag and back-end server and implementation efficiency in low power tag, we propose two typed mutual authentication protocols in RFID system. One is static-ID authentication scheme which is well suitable in distributed server environments. The other is dynamic-ID scheme which is additively satisfied forward security. In proposed scheme, it does not need any random number generator in tag and requires only one(maximally three) hash operation(s) in tag or server to authenticate each other. Furthermore, we implement the proposed schemes in RFID smart card system and verify its normal operations.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.20 no.5
• /
• pp.3-10
• /
• 2010

Unlinkability and traceability are basic security requirements of a group signature scheme. In this paper, we analyze two recent group signature schemes, Lee et al.'s scheme and Zhu et al.'s scheme. We show that Lee et al,'s scheme does not work correctly. Further, it fails to meet unlinkability, that is, anyone who intercepts or receives group signatures are able to check if they are from the same signer. We also show that Zhu et al.'s scheme is unable to satisfy traceability, that is, a malicious group member can generate valid group signatures that cannot be opened. Moreover, once becoming group member, the malicious group member will never be revoked from group. Besides, Zhu et al.'s scheme fails to satisfy forward security, a requirement claimed by authors.

• Convergence Security Journal
• /
• v.22 no.4
• /
• pp.179-188
• /
• 2022

Password authentication schemes (PAS) are the most common mechanisms used to ensure secure communication in open networks. Mathematical-based cryptographic authentication schemes such as factorization and discrete logarithms have been proposed and provided strong security features, but they have the disadvantage of high computational and message transmission costs required to construct passwords. Fairuz et al. therefore argued for an improved cryptographic authentication scheme based on two difficult fixed issues related to session key consent using the smart card scheme. However, in this paper, we have made clear through security analysis that Fairuz et al.'s protocol has security holes for Privileged Insider Attack, Lack of Perfect Forward Secrecy, Lack of User Anonymity, DoS Attack, Off-line Password Guessing Attack.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.12 no.4
• /
• pp.1553-1571
• /
• 2018

Currently, many of schemes for smart grid data aggregation are based on a one-level gateway (GW) topology. Since the data aggregation granularity in this topology is too single, the control center (CC) is unable to obtain more fine-grained data aggregation results for better monitoring smart grid. To improve this issue, Shen et al. propose an efficient privacy-preserving cube-data aggregation scheme in which the system model consists of two-level GW. However, a risk exists in their scheme that attacker could forge the signature by using leaked signing keys. In this paper, we propose a secure and fine-grained electricity consumption aggregation scheme for smart grid, which employs the homomorphic encryption to implement privacy-preserving aggregation of users' electricity consumption in the two-level GW smart grid. In our scheme, CC can achieve a flexible electricity regulation by obtaining data aggregation results of various granularities. In addition, our scheme uses the forward-secure signature with backward-secure detection (FSBD) technique to ensure the forward-backward secrecy of the signing keys. Security analysis and experimental results demonstrate that the proposed scheme can achieve forward-backward security of user's electricity consumption signature. Compared with related schemes, our scheme is more secure and efficient.

• Convergence Security Journal
• /
• v.20 no.4
• /
• pp.47-59
• /
• 2020

The Army, which is dreaming of a military leap forward through the fourth industrial revolution, needs to also consider the side effects and adverse functions of the fourth industrial revolution. In particular, this study conducted an analysis of whether it was consistent with the global technological trend of normal 'military security'. This paper focuses on the countermeasures that could result from 4th industrial revolution by utilizing the text-mining technique and social network technique of big data. 1. Active promotion of a convergence program with private, public, militaryand industrial, academic, and solidarity, 2. Information Sharing for International Cooperation and Cooperation in Cyber security, 3. Military Innovation and Military Unsymmetric Cyber security innovation, 4.The Establishment of Military Security Convergence Interface Management System in accordance with the Fourth Industrial Revolution, 5. Cooperation in the transition from technology engineering to social technology, 6. Establishing a military security governance system in the military, 7. Specifying confidential military digital data We look forward to providing useful information so that the results of this study can help develop the military and enhance military confidentiality.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.19 no.3
• /
• pp.119-131
• /
• 2009

The world's widely used key exchange protocols are open cryptographic communication protocols, such as TLS/SSL, whereas in the financial field in Korea, key exchange protocols developed by industrial classification group have been used that are based on PKI(Public Key Infrastructure) which is suitable for the financial environments of Korea. However, the key exchange protocols are not only vulnerable to client impersonation attacks and known-key attacks, but also do not provide forward secrecy. Especially, an attacker with the private keys of the financial security server can easily get an old session-key that can decrypt the encrypted messages between the clients and the server. The exposure of the server's private keys by internal management problems, etc, results in a huge problem, such as exposure of a lot of private information and financial information of clients. In this paper, we analyze the weaknesses of the cryptographic communication protocols in use in Korea. We then propose two key exchange protocols which reduce the replacement cost of protocols and are also secure against client impersonation attacks and session-key and private key reveal attacks. The forward secrecy of the second protocol is reduced to the HDH(Hash Diffie-Hellman) problem.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.14 no.1
• /
• pp.1-19
• /
• 2020

In an underlay cognitive simultaneous wireless information and power transfer (SWIPT) network, communication from secondary user (SU) to secondary destination (SD) is accomplished with decode-and-forward (DF) relays. Multiple energy-constrained relays are assumed to harvest energy from SU via power splitting (PS) protocol and complete SU secure information transmission with beamforming. Hence, physical layer security (PLS) is investigated in cognitive SWIPT network. In order to interfere with eavesdropper and improve relay's energy efficiency, a destination-assisted jamming scheme is proposed. Namely, SD transmits artificial noise (AN) to interfere with eavesdropping, while jamming signal can also provide harvested energy to relays. Beamforming vector and power splitting ratio are jointly optimized with the objective of SU secrecy capacity maximization. We solve this non-convex optimization problem via a general two-stage procedure. Firstly, we obtain the optimal beamforming vector through semi-definite relaxation (SDR) method with a fixed power splitting ratio. Secondly, the best power splitting ratio can be obtained by one-dimensional search. We provide simulation results to verify the proposed solution. Simulation results show that the scheme achieves the maximum SD secrecy rate with appropriate selection of power splitting ratio, and the proposed scheme guarantees security in cognitive SWIPT networks.

• Convergence Security Journal
• /
• v.17 no.1
• /
• pp.3-13
• /
• 2017

As security log plays important roles in various fields, the integrity of log data become more and more important. Especially, the stored log data is an immediate target of the intruder to erase his trace in the system penetrated. Several theoretical schemes to guarantee the forward secure integrity have been proposed, even though they cannot provide the integrity of the log data after the system is penetrated. Authentication tags of these methods are based on the linear-hash chain. In this case, it is difficult to run partial validation and to accelerate generating and validating authentication tags. In this paper, we propose a log authentication mechanism, based on Mekle Tree, which is easy to do partial validation and able to apply multi threading.