• 한국정보전자통신기술학회논문지
• /
• 제3권2호
• /
• pp.64-69
• /
• 2010

본 논문에서는 EC-DH를 이용한 안전한 키 분배와 처리속도가 개선된 64byte 블록 암호화 알고리즘인 ABC(Advanced Block Cipher) 알고리즘을 설계하였다. ABC 알고리즘은 별도의 S-Box, IP-Box 등을 사용하지 않고 데이터 교환키를 이용해 원본 데이터의 위치를 교환하는 방식을 사용함으로써 기본적인 메모리 점유율을 줄였다. 또한, 고정된 암 복호화 키가 아닌 유동적인 암 복호화 키를 사용해 대칭키의 유출에 대비하였다. 따라서, 본 논문에서 제안한 ABC 알고리즘은 모바일 뱅킹 및 낮은 메모리 환경에 적합한 암호화 알고리즘이라 할 수 있다.

• 정보보호학회논문지
• /
• 제10권4호
• /
• pp.33-46
• /
• 2000

IPsec은 인터넷으로 연결된 컴퓨터 사이의 통신을 보호하기 위한 프로토콜로서 많은 가상 사설망 (VPN, Virtual Private Network)은 IPsec 프로토콜을 사용한다. IKE 프로토콜은 1Psec에서 키 교환을 위해 사용하는 프로토콜이다. 정형화된 분석 방법이 컴퓨터 공학 분야에서 많이 사용되고 있으며, 정형화된 분석 방법을 통하여 시스템의 안전성을 높일 수 있다. 본 연구에서는 IPsec의 키 교환 방식인 IKE 프로토콜을 정형화된 방법으로 분석하여 그 안전성을 파악하였다. 분석 결과에 의하면 전자 서명을 통하여 인증을 수행하는 IKE와 공유키를 이용하여 인증을 수행하는 IKE는 안전하게 키 교환을 할 수 있다. 그러나 공개키를 사용하여 인증하는 경우와 변경된 공개키를 사용하여 인증하는 경우에는 상대방의 공개키에 대한 확신이 필요하며 인증서를 사용함이 안전하다.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제6권11호
• /
• pp.2956-2979
• /
• 2012

Along with the development of Information Technology, online transactions through Internet have become more popular for the reasons of convenience and efficiency. In order to provide secure and reliable online transactions, an effective electronic payment protocol is crucial. In this paper, we propose a novel electronic payment protocol for digital product transactions with an offline arbiter to achieve fair exchange, automated dispute resolution, customer anonymity, and customer unlinkability. In our protocol a product token is adopted to eliminate the need of key management for digital product decryption in the offline arbiter. In addition, Elliptic Curve Cryptography (ECC)-based self-certified public key is utilized to further reduce computing overheads. According to our analysis, the efficiency of our protocol can be greatly increased in comparison with previous literatures.

• International Journal of Computer Science & Network Security
• /
• 제22권4호
• /
• pp.33-38
• /
• 2022

The main purpose of the study is to determine the key aspects of the mechanisms of state management of the exchange of information about cyberattacks, cyber incidents, and information security incidents. The methodology includes a set of theoretical methods. Modern government, on the one hand, must take into account the emergence of such a new weapon as cyber, which can break various information systems, can be used in hybrid wars, influence political events, pose a threat to the national security of any state. As a result of the study, key elements of the mechanisms of state management of the exchange of information about cyberattacks, cyber incidents, and information security incidents were identified.

• East Asian Economic Review
• /
• 제20권4호
• /
• pp.469-491
• /
• 2016

In this paper, we estimate the exchange rate exposure, indicating the effect of exchange rate movements on firm values, for a sample of 1,400 firms in seven East Asian countries. The exposure estimates based on various exchange rate variables, return horizons and a control variable are compared. A key result from our analysis is that the long term effect of exchange rate movements on firm values is greater than the short term effect. And we find very similar results from using other exchange rate variables such as the U.S. dollar exchange rate, etc. Second, we add exchange rate volatility as a control variable and find that the extent of exposure is not much changed. Third, we examine the changes in exposure to exchange rate volatility with an increase in return horizon. Consequently the ratio of firms with significant exposures increases with the return horizons. Interestingly, the increase of exposure with the return horizons is faster for exposure to volatility than for exposure to exchange rate itself. Taken as a whole, our findings suggest that the socalled "exposure puzzle" may be a matter of the methodology used to measure exposure.

• 유통과학연구
• /
• 제13권2호
• /
• pp.15-24
• /
• 2015

Purpose - Foreign exchange risk control is in an important component in the international supply chain management. This study shows the importance of the reference period in forecasting future exchange rates with a specific illustration of KIKO currency option contracts, and suggests feasible preventive measures. Research design, data, and methodology - Using monthly Won-Dollar exchange rate data for January 1995~July 2007, I evaluate the statistical characteristics of the exchange rate for two sub-periods; 1) a shorter period after the East Asian financial crisis and 2) a longer period including the financial crisis. The key instrument of analysis is the basic normal distribution theory. Results - The difference in the reference period could lead to an unexpected development in contract implementation and a consequent financial loss. We may avoid foreign exchange loss by using derivatives such as forwards or currency options. Conclusions - We should consider not only level values but also the volatilities of financial variables in making a binding financial contract. Appropriate measures may differ depending on the specific supply chain pattern. We may extend the study with surveys on actual risk measures.

• 자원ㆍ환경경제연구
• /
• 제11권3호
• /
• pp.397-414
• /
• 2002

This paper presents an empirical analysis of exchange rate volatility, petroleum's import price and industrial production on petroleum imports. The GARCH framework is used to measure the exchange rate volatility. One of the most appealing features of the GARCH model is that it captures the volatility clustering phenomenon. We found one long-run relationship between petroleum imports, import price, industrial production, and exchange rate volatility using Johansen's multivariate cointegration methodology. Since there exists a cointegrating vector, therefore, we employ an error correction model to examine the short-run dynamic linkage, finding that the exchange rate volatility performs a key role in the short-run. This paper also apply impulse-response functions to provide the dynamic responses of energy consumption to the exchange rate volatility. The results show that the response of energy consumption to exchange rate volatility declines at the first month and dies out very quickly.

• 한국컴퓨터산업학회논문지
• /
• 제3권5호
• /
• pp.641-652
• /
• 2002

본 논문에서는 IETF CAT Working Group에서 발표한 PKINIT기반의 인증서비스를 향상시킨 Kerberos 인증 메커니즘을 제안한다. PKINIT기반의 X.509, DS/DNS를 적용하여 영역간의 서비스를 제공하는 인증과 키 교환 방식으로 DNS를 통해 외부영역의 위치를 탐색하고 X.509 디렉토리 인증 시스템을 적용, 영역간 인증은 DNS 서버로부터 공개키를 획득하여 다른 영역을 인증하도록 하였다. 영역간 인증과 키 교환은 Kerberos의 관용키 암호방식을 사용하고 세션 연결은 X.509 공개키 방식에 기반을 두고 있다. 효율적인 TGT(티켓승인 티켓) 교환과 티켓의 재사용으로 통신상의 Overload를 감소시키는 효과와 인증절차의 간소화를 가지는 Kerberos 시스템을 설계하였다.

• 한국IT서비스학회지
• /
• 제8권2호
• /
• pp.117-136
• /
• 2009

Over the years a password has been used as a popular authentication method between a client and a server because of its easy-to-memorize property. But, most password-based authentication services have focused on a same password authentication scheme which provides an authentication and key exchange between a client and a server with the same password. With rapid change of communication environments in the fields such as mobile networks, home networking, etc., the end-to-end security allowing users to hold different password is considered as one of main concerns. In this paper, we consider a new authentication service of how each client with different own password is able to authenticate each other, which is a quite new service paradigm among the existing services. This new service can be used in the current or next generation network environment where a mobile user in cell A wants to establish a secure end-to-end channel with users in ceil B, C, and D using only their memorable passwords. This end-to-end security service minimizes the interferences from the operator controlled by network components. To achieve this end-to-end security, we propose an authentication and key exchange service for group users in different realm, and analyze its security in a formal way. We also discuss a generic construction with the existing authentication schemes.

• 한국산학기술학회논문지
• /
• 제7권5호
• /
• pp.879-886
• /
• 2006

본 논문에서는 기존의 무선 PKI에서 개선되어야 할 여러 가지 사항 중에서 인증서 획득시간을 단축하기 위한 새로운 인증구조를 제안하고자 한다. 개인키를 기반으로 하는 현재의 무선 PKI 인증은 확장이 힘들다는 단점이 있다. 또한 전자상거래에서 중요한 부인 봉쇄 서비스를 제공할 수 없다. 이러한 문제점을 해결하기 위하여 Sufatrio, K. Lam[4]는 공개키 기반의 인증방법을 제안하였다. 기존의 키 교환방식에서 키 교환 설정단계가 단순히 이산대수문제에 근거하여 수행되었지만, 본 논문에서는 인증서 획득시간 단축을 위해 상호인증과정과 키 교환 설정단계에서 타원곡선을 적용하였다. Sufatrio, K. Lam[4]의 인증구조와 타원곡선을 적용한 인증구조에서 인증서 획득시간을 실험을 통해 비교 분석한 결과 인증서 획득 시간이 효율적으로 단축되었다.