• Journal of Communications and Networks
• /
• v.18 no.3
• /
• pp.273-287
• /
• 2016

White-box cryptography presented by Chow et al. is an obfuscation technique for protecting secret keys in software implementations even if an adversary has full access to the implementation of the encryption algorithm and full control over its execution platforms. Despite its practical importance, progress has not been substantial. In fact, it is repeated that as a proposal for a white-box implementation is reported, an attack of lower complexity is soon announced. This is mainly because most cryptanalytic methods target specific implementations, and there is no general attack tool for white-box cryptography. In this paper, we present an analytic toolbox on white-box implementations of the Chow et al.'s style using lookup tables. According to our toolbox, for a substitution-linear transformation cipher on n bits with S-boxes on m bits, the complexity for recovering the $$O\((3n/max(m_Q,m))2^{3max(m_Q,m)}+2min\{(n/m)L^{m+3}2^{2m},\;(n/m)L^32^{3m}+n{\log}L{\cdot}2^{L/2}\}\)$$, where $m_Q$ is the input size of nonlinear encodings,$m_A$ is the minimized block size of linear encodings, and $L=lcm(m_A,m_Q)$. As a result, a white-box implementation in the Chow et al.'s framework has complexity at most $O\(min\{(2^{2m}/m)n^{m+4},\;n{\log}n{\cdot}2^{n/2}\}\)$ which is much less than $2^n$. To overcome this, we introduce an idea that obfuscates two advanced encryption standard (AES)-128 ciphers at once with input/output encoding on 256 bits. To reduce storage, we use a sparse unsplit input encoding. As a result, our white-box AES implementation has up to 110-bit security against our toolbox, close to that of the original cipher. More generally, we may consider a white-box implementation of the t parallel encryption of AES to increase security.

• The KIPS Transactions:PartC
• /
• v.14C no.5
• /
• pp.411-416
• /
• 2007

The General security method of wireless network provides a confidentiality of communication contents based on the cryptographic stability against a malicious host. However, this method exposes the logical and physical addresses of both sender and receiver, so transmission volume and identification of both may be exposed although concealing that content. Covered address scheme that this paper proposes generates an address to which knapsack problem using super increasing sequence is applied, and replaces the addresses of sender and receiver with addresses from super increasing sequence. Also, proposed method changes frequently secret addresses, so a malicious user cannot watch a target system or try to attack the specific host. Proposed method also changes continuously a host address that attacker takes aim at. Accordingly, an attacker who tries to use DDoS attack cannot decide the specific target system.

• The KIPS Transactions:PartC
• /
• v.16C no.2
• /
• pp.257-266
• /
• 2009

Now a days, as increased the use of mobile units like a laptop computer and PDA, the demand for high speed internet service is increasing. On the other hand, PKMv2 which is provided from IEEE 802.16e cannot support fully on the security of high speed internet service. This paper proposes light-weight mutual authentication protocol which solved security problem of PKMv2 related to integrity of mobile node for transmission of safe high speed data of mobile node operating in mobile WiMAX environment. Proposed mutual authentication protocol increases the efficiency as the user in network can move in network safely without additional procedure of authentication between subscriber and base station after user's initial authentication. Also, the proposed mutual authentication protocol is safe from the security attack (the man-in-the-middle attack and reply attack) between subscriber and base station by generating a key adopt to PRF() function using random number and secret value in order to secure certification.

• The KIPS Transactions:PartC
• /
• v.19C no.1
• /
• pp.9-18
• /
• 2012

In 2010, Pedro et al. proposed RFID distance bounding protocol based on WSBC cryptographic puzzle. This paper points out that Pedro et al.'s protocol not only is vulnerable to tag privacy invasion attack and location tracking attack because an attacker can easily obtain the secret key(ID) of a legal tag from the intercepted messages between the reader and the tag, but also requires heavy computation by performing symmetric key operations of the resource limited passive tag and many communication rounds between the reader and the tag. Moreover, to resolve the security weakness and the computation/communication efficiency problems, this paper also present a new RFID distance bounding protocol based on WSBC cryptographic puzzle that can provide strong security and high efficiency. As a result, the proposed protocol not only provides computational and communicational efficiency because it requires secure one-way hash function for the passive tag and it reduces communication rounds, but also provides strong security because both tag and reader use secure one-way hash function to protect their exchanging messages.

• Journal of Technology Innovation
• /
• v.17 no.2
• /
• pp.159-186
• /
• 2009

The innovation activity is an important factor for sustained growth in nations and firms. Particularly, the problem of appropriation of results of the innovative activity is very important for innovators since it enables them to enjoy the profits generated by their innovations. This study is intended to empirically analyse relative preference of patent and secrecy that is affected by characteristics of innovators and results of innovation using data from '2005: The Korean Innovation Survey' and Ordered Logit method. As a result of this study, the preference for a specific mechanism is clearly revealed in product innovation rather than process innovation. Also, in most research, questions results of analysis are equal to the previous studies and the nature of appropriation methods. However, the result of a research question based on sources of information is very different from previous researches. This study utilized more recent data than previous studies. This result reflects that existing patterns have been changed during recent period.

• Convergence Security Journal
• /
• v.21 no.1
• /
• pp.55-62
• /
• 2021

Recently, the use of sensor devices is gradually increasing. As various sensor device emerge and the related technologies advance, there has been a dramatic increase in the interest in heterogeneous wireless sensor networks (WSNs). While sensor device provide us many valuable benefits, automatically and remotely supported services offered and accessed remotely through WSNs also exposes us to many different types of security threats. Most security threats were just related to information leakage and the loss of authentication among the involved parties: users, sensors and gateways. An user authentication protocol for wireless sensor networks is designed to restrict access to the sensor data only to user. In 2019, Chen et al. proposed an efficient user authentication protocol. However, Ryu et al. show that it's scheme still unstable and inefficient. It cannot resist offline password guessing attack and session key attack. In this paper, we propose an improved protocol to overcome these security weaknesses by storing secret data in device. In addition, security properties like session-key security, perfect forward secrecy, known-key security and resistance against offline password attacks are implied by our protocol.

• The Korean Journal of Archival Studies
• /
• no.52
• /
• pp.277-313
• /
• 2017

With the enactment of regulations on confidential records management, the management of confidential records has become more important than ever. However, there remains no management method in the field of records management that takes the feature and values of confidential records into consideration. For this, this study processed electronically confidential records managed in a non-electronic environment. In addition, we developed a system that will allow public institutions to manage confidential records independently, that will prevent loss of information because of loss of or damage to the confidential records, and that can be used conveniently in the digital security environment of authorized users to establish a foundation for commercial management. In this study, we analyzed the system configuration requirements according to the international standard for the records management of a confidential records management system and system-related issues such as system design based on the analyzed requirements, system security and encryption, and metadata, the overall process of establishing and outputting secret management records and standard management.

• Journal of the Korean Institute of Traditional Landscape Architecture
• /
• v.29 no.1
• /
• pp.71-89
• /
• 2011

This study was carried out to get the exact information of the physical structures and humanistic landscapes to restore the prototype of the rear garden at Changkyung Palace. In this study, various drawings and historical documents such as Donggwoldo(東闕圖) and Joseonwangzosilok(朝鮮王朝實錄) were analysed. The innate characteristics and identity being inherent of rear garden of Changkyung Palace were tried to match the presence of acting to the specific places. The rear garden at Changkyung Palace was not only the secret garden for the rest of royal family and private life for king and queens but also used as public space for the various ceremonies. At the beginning of building, the rear garden at Changkyung Palace was built for the farming and sericulture of royal family. Since then, various events were held in this place such as archery, military drill and royal plowing and meeting with vassals which were political activities. At the rear garden of Changkyung Palace, Chundangdae(春塘臺), Kwanfunggak(觀豊閣) and Kwandukjung(觀德亭) were the base of specific activities. Also function, use, form, structure, planting and water elements were related organically in these areas.

• International Journal of Computer Science & Network Security
• /
• v.22 no.4
• /
• pp.59-66
• /
• 2022

Students can successfully connect with one another thanks to the introduction of Web 2.0 and the tools and technology linked with it. The fact that rising digital tools are systematically influencing the education system is not a secret. The purpose of the research article efficiently evaluates the influence of incorporation of media in the activities of the scientific library of the higher education institution. The research Methodology is the Concepts, techniques, and procedures to effectively inculcate primary and secondary data to conduct the research effortlessly. It's worth noting that in this case, quantitative primary research was provided in the form of a survey. The researchers have proposed a survey in order to successfully instil a comprehensive view on the "incorporation of media in the operations of the scientific library of higher education institutions." As a result, fifty-one higher education institution principals were asked to attend this session. This is necessary to understand that they are both well-educated and cognizant of the impact of technology innovation on schooling. As a result, the researchers were able to gain a comprehensive view of this situation thanks to this survey. The results effectively showed that most of the participants believe that social media plays a vital role in shaping up higher education and at the same time they believe that the libraries of famous educational institutions must adapt as per the new educational trend so that teachers and students both can tap into its benefit.The practical significance of the result is manoeuvred by the efficient survey analysis and at the same time, peer-reviewed journals have been employed to put forward authentic information. Therefore, efficient insight regarding this topic has been gathered by the researchers.

• Informatization Policy
• /
• v.29 no.4
• /
• pp.67-90
• /
• 2022

The March 2022 presidential election held at the peak of the COVID-19 pandemic drew flak for undermining the principle of universal suffrage by failing to guarantee properly the voting rights of confirmed and quarantined persons. Guaranteeing their voting rights requires thinking about e-voting that can fundamentally overcome the temporal and spatial limitations of current paper voting polling stations. The question is how to deal with the increased possibility of contradicting or violating the principles of equality and direct and secret suffrage due to the expansion of universal suffrage. In order to obtain implications for this, we looked at the case of Estonia, which has been holding 11 national elections without any problems since the introduction of e-voting in 2005. Estonia was successfully building trust in the system, government, and society through the institutionalization and routinization of the overall socio-technical system of e-voting, along with political and constitutional agreements on the principles of elections. Therefore, we should not only consider the possibility of e-voting in terms of technological development and level but also discuss the establishment of trust by mediating conflicts between election principles from a normative point of view to reach a social consensus.