• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.4
• /
• pp.749-757
• /
• 2015

As the smart era, the use of smart devices is increasing. Smart devices are widely used to provide a human convenience, but there is a risk that information is exposed. The smart devices to prevent this problem includes the encryption algorithm. Among them, The hash function is an encryption algorithm that is used essentially to carry out the algorithm, such as data integrity, authentication, signature. As the issue raised in the collision resistance of SHA-1 has recently been causing a safety problem, and SHA-1 hash function based on the current standard of SHA-2 would also be a problem in the near future safety. Accordingly, NIST selected KECCAK algorithm as SHA-3, it has become necessary to implement this in various environments for this algorithm. In this paper, implementation of KECCAK algorithm. And SHA-2 On The ARM-11 processor, and compare performance.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.12 no.4
• /
• pp.55-66
• /
• 2002

HAVAL is a dedicated hash function of the MD family which was proposed by Zheng et al.. HAVAL compresses a message of arbitrary length into a hash value of 128, 160, 192, 224, or 256 bits. HAVAL has a parameter that controls the number of passes a message block of 1024 bits is processed. A message block can be processed in 3,4, or 5 passes. When a message block is processed in three passes, we call such a case 3-pass HAVAL. So, there are three kinds of HAVAL: 3-pass HAVAL, 4-pass HAVAL, and 5-pass HAVAL. In this paper, we study the security of reduced versions of 3-pass HAVAL. We propose a method for finding the collisions for the first two passes of 3-pass HAVAL and for the last two passes of 3-pass HAVAL. This approach of reducing the number of passes is similar to the initial attacks on MD4. We represent the first two passes of 3-pass HAVAL as HAVAL-12 and the last two passes of 3-pass HAVAL as HAVAL-23.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.14 no.1
• /
• pp.101-111
• /
• 2004

Preneel, Govaerts, and Vandewalle considered the 64 basic ways to construct a collision resistant hash function from a block cipher. They regarded 12 of these 64 schemes as secure, though no proofs or formal claims were given. Black, Rogaway, and Shrimpton presented a more proof-centric look at the schemes from PGV. They proved that, in the black box model of block cipher, 12 of 64 compression functions are CRHFs and 20 of 64 extended hash functions are CRHFs. In this paper, we present 64 schemes of block-cipher-based universal one way hash functions using the main idea of PGV and analyze these schemes in the black box model. We will show that 30 of 64 compression function families UOWHF and 42 of 64 extended hash function families are UOWHF. One of the important results is that, in this black box model, we don't need the mask keys for the security of UOWHF in contrast with the results in general security model of UOWHF. Our results also support the assertion that building an efficient and secure UOWHF is easier than building an efficient and secure CRHF.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.5
• /
• pp.1059-1070
• /
• 2018

The block cipher Zorro is designed to reduce the implementation cost for side-channel countermeasure. It has a structure similar to AES, but the number of S-Boxes used is small. However, since the master key is used as the round key, it can be vulnerable to related key attacks. In this paper, we show key recovery attacks on Zorro using related-key differential characteristics. In addition, the related key differential characteristics are fatal when Zorro is used as the base block cipher of the hash function. In this paper, we describe how these characteristics can be linked to collision attacks in the PGV models.

• Proceedings of the Korean Society of Broadcast Engineers Conference
• /
• 2008.02a
• /
• pp.81-84
• /
• 2008

김재겸은 2005년 한국 멀티미디어 학회 논문지에 새로운 이차원 셀룰라 오토마타 설계 방법을 소개하고 이 설계 방법으로 구성된 이차원 셀룰라 오토마타를 이용한 해쉬함수를 제안하였다. 본 논문에서는 이 해쉬함수에 대한 첫 번째 분석 결과를 소개한다. 이 해쉬함수는 8 라운드로 구성되고 한 라운드는 두 개의 비선형 연산 부분을 포함하고 있으며, 메시지는 두 비선형 연산 부분에 모두 사용된다. 메시지 차분이 비선형 연산 부분을 거친 뒤 사라질 확률은 $2^{-14}$이다. 따라서 1 라운드 후 약 $2^{-28}$의 확률로 이 해쉬함수의 충돌쌍을 찾을 수 있다. 본 논문의 분석 결과를 통하여 이 해쉬함수는 매우 취약함을 알 수 있다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2008.05a
• /
• pp.1120-1123
• /
• 2008

단방향 암호화 함수인 해쉬 함수는 2005년 Wang의 새로운 공격법이 발표되면서 안전성에 대한 문제점이 조금씩 드러나기 시작하고 있다. Wang의 새로운 차분 공격법은 현재 가장 널리 사용하고 있는 해쉬 알고리즘인 SHA-1을 이론적으로 $2^{69}$의 계산으로 충돌을 찾을 수 있다고 하였다. 본 논문에서는 차분 공격이 이루어지는 방법과 Wang의 차분 공격이 지니는 두 가지 특성에 대해서 연구하였고, MDx계열의 해쉬 함수의 안전성에 대한 기존의 제시된 해결책과 다른, 한 블록의 모든 워드 값을 변형 처리한 방식을 제안한다.

• Journal of Arbitration Studies
• /
• v.24 no.1
• /
• pp.25-44
• /
• 2014

Conflict between transnational environmental issues and foreign investment in capital-importing states can be commonly found. Actually, several investor-state dispute arbitration cases like Bilcon v. Canada, S.D. Myers v. Canada, and Metalclad v. Mexico concerned environmental matters. States are worried about their measures for securing the environment might be deemed to go against international investment agreements and foreign investors also are anxious because of excessive regulations. Against this backdrop, stakeholders attempt to strike a balance between securing foreign investment and preserving the environment. This article argues that the investment chapter of the Korea-US FTA tries to solve environment-investment collision in investor-state disputes. Before analyzing the provisions of the investment chapter most relevant to environmental issues, this article points out the most typical types of environmental clauses included in international investment agreements. The investment chapter of the Korea-US FTA has provisions which effectively prevent measures from becoming useless when those measures are legitimate measures relevant to environmental matters. This does not mean that the Korea-US FTA completely solves the conflict between environmental issues and the protection of foreign investment, but still it paves the way for a prudent solution which would hash out this thorny problem.

• Journal of Ubiquitous Convergence Technology
• /
• v.2 no.1
• /
• pp.18-26
• /
• 2008

The invariance relation existing in the non-negative matrix factorization (NMF) is used for constructing robust image hashes in this work. The image is first re-scaled to a fixed size. Low-pass filtering is performed on the luminance component of the re-sized image to produce a normalized matrix. Entries in the normalized matrix are pseudo-randomly re-arranged under the control of a secret key to generate a secondary image. Non-negative matrix factorization is then performed on the secondary image. As the relation between most pairs of adjacent entries in the NMF's coefficient matrix is basically invariant to ordinary image processing, a coarse quantization scheme is devised to compress the extracted features contained in the coefficient matrix. The obtained binary elements are used to form the image hash after being scrambled based on another key. Similarity between hashes is measured by the Hamming distance. Experimental results show that the proposed scheme is robust against perceptually acceptable modifications to the image such as Gaussian filtering, moderate noise contamination, JPEG compression, re-scaling, and watermark embedding. Hashes of different images have very low collision probability. Tampering to local image areas can be detected by comparing the Hamming distance with a predetermined threshold, indicating the usefulness of the technique in digital forensics.

• International Journal of Internet, Broadcasting and Communication
• /
• v.13 no.2
• /
• pp.60-66
• /
• 2021

Blockchain is a technology that enables trust-based consensus and verification based on a decentralized network. Distributed ID (DID) is based on a decentralized structure, and users have the right to manage their own ID. Recently, interest in self-sovereign identity authentication is increasing. In this paper, as a method for transparent and safe sovereignty management of data, among data pseudonymization techniques for blockchain use, various methods for data encryption processing are examined. The public key technique (homomorphic encryption) has high flexibility and security because different algorithms are applied to the entire sentence for encryption and decryption. As a result, the computational efficiency decreases. The hash function method (MD5) can maintain flexibility and is higher than the security-related two-way encryption method, but there is a threat of collision. Zero-knowledge proof is based on public key encryption based on a mutual proof method, and complex formulas are applied to processes such as personal identification, key distribution, and digital signature. It requires consensus and verification process, so the operation efficiency is lowered to the level of O (log_eN) ~ O(N²). In this paper, data encryption processing for blockchain DID, based on zero-knowledge proof, was proposed and a one-way encryption method considering data use range and frequency of use was proposed. Based on the content presented in the thesis, it is possible to process corrected zero-knowledge proof and to process data efficiently.

• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.43 no.5 s.347
• /
• pp.137-146
• /
• 2006

IP address lookup has become a major bottleneck of packet forwarding and a critical issue for high-speed networking techniques in routers. In this paper, we propose an efficient high-speed IP address lookup scheme using adaptive multiple hashing and prefix grouping. According to our analysis results based on routing data distributions, we grouped prefix lengths and selected the number of hash functions in each group adaptively. As a result, we can reduce collisions caused by hashing. Accordingly, a forwarding table of our scheme has good memory efficiency, and thus is organized with the proper number of memory modules. Also, the proposed scheme has the fast building and searching mechanisms to develop the forwarding table only during a single memory access.