• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.14 no.1
• /
• pp.71-77
• /
• 2004

It was proved that Hen is an algebraic ,elation of degree [n(l+1]/2] for an (n, 1)-combine. which consists of n LFSRs and l memory bits. For the summation generator with $2^k$ LFSRs which uses k memory bits, we show that there is a non-trivial relation of degree at most $2^k$ using k+1 consecutive outputs. In general, for the summation generator with n LFSRs, we can construct a non-trivial algebraic relation of degree at most 2$^{{2^{[${log}_2$}n]}}$ using [${log}_2$＋1 consecutive outputs.

• Journal of Korean Society of Water and Wastewater
• /
• v.33 no.5
• /
• pp.329-339
• /
• 2019

Recently, the advancement of information and communication technology(ICT) is expanding the connectivity through Internet of Things(IoT), and the media of connection is also expanding from wire/cable transmission to broadband wireless communication, which has significantly improved mobility. This hyperconnectivity has become a key element of the fourth industrial revolution, whereas the supervisory control network of purification plants in korea is operated as a communication network separated from the outside, thereby lagging in terms of connectivity. This is considered the best way to ensure security, and thus there is hardly any consideration of establishing alternatives to operate an efficient and stable communication network. Moreover, security for management of a commercialized communication network and network management solution may be accompanied by immense costs, making it more difficult to make new attempts. Therefore, to improve the conditions for the current supervisory control network of purification plants, this study developed a industrial security L2 switch that supports modbus TCP(Transmission Control Protocol) communication and encryption function of the transmission section. As a result, the communication security performance improved significantly, and the cost for implementing the network management system using Historical Trend and information of HMI(Human Machine Interface) could be reduced by approximately KRW 200 million. The results of this study may be applied to systems for gas, electricity and social safety nets that are infrastructure communication networks that are similar to purification plants.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.20 no.5
• /
• pp.972-978
• /
• 2016

MACsec is a cryptographic function that operates on Layer 2, the international standard defined in the IEEE 802.1AE. As industries such as IoT(Internet of Things) devices are receiving attention recently are connected to the network and Internet traffic is increasing rapidly, and is exposed to the risk of a variety of Internet attacks. Traditional network security technologies were often made in Layer 3, such as IPsec. However, to be increased as rapidly as the current traffic situation is complicated, and became interested in the security function of protecting the entire traffic instead of for a specific application or protocol. It appeared as these technologies is technology MACsec technology to protect all traffic in Layer 2. In this paper, we propose a Layer 2 security technology adapter MACsec MACsec a technology that allows you to simply and easily add them to the existing Layer 2 networks.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.8 no.1
• /
• pp.65-70
• /
• 1998

K. Nyberg and L.R. Knudsen showed a prototype of a DES-like cipher$^{[1]}$ which has a provable security against differential cryptanalysis. But in the last year, at FSE'97 T. Jakobsen ane L.R.Knudsen broked it by using higher order differential attack and interpolation attack$^{[2]}$ . Furthermore the cipher was just a theoretically proposed one to demonstrate how to construct a cipher which is procably secure against differential cryptanalysis$^{[3]}$ and it was suspected to have a large complexity for its implementation.Inthis paper the two improved results for the dfficidnt hardware and software implementation.

• Proceedings of the Korean Information Science Society Conference
• /
• 2002.10e
• /
• pp.127-129
• /
• 2002

NP Forum에서는 다양한 밴더의 네트워크 프로세서와 스위치 패브릭간에 물리적 인터페이스를 제공하기 위해 CSIX-L1(Common Switch Interface-Level 1 )인터페이스를 표준화하였다. IBM 네트워크 프로세서는 MPLS 및 VPN, VLAN, Security, Ipv6와 같은 다양한 어플리케이션과 TBI. SMII CMII. POS bus등 다양한 가입자 인터페이스를 지원하며, L2 기 반에서 2.5Gbps 이상의 패킷 처리를 수행하기 때문에 많은 시스템에 사용된다. 그러나 IBM네트워크 프로세서는 스위치 인터페이스로 DASL인터페이스를 사용한다. 따라서 DASL인 터페이스와 CSIX-L1 인터페이스를 정합하기 위해서는 IBM UDASL칩을 이용해 DASL인 터페이스를 UTOPIA-L3인터페이스로 변환해야 하며, 이것을 다시 CSIX-L1인터페이스로 변환해야 한다. 따라서 본 논문에서는 UTOPIA-L3인터페이스 패킷과 CSIX-L1인터페이스 프레임을 상호 변환하는 모듈을 설계하였으며, 32비트 데이터 버스와 최대 125MHz로클록을 사용해 최대 4Gbps의 패킷처리를 제공하도록 구현하였다. 또한 스위치 패브릭의 특정 포트에서 과잉 트래픽 전달로 인해 발생할 수 있는 블로킹을 방지하기 위해 네트워크 프로세서에게 3개의 Priority／최대 64개 포트수의 VOQ(Virtual Output Queue)를 제공하는 기법에 대해서 기술한다.

• Journal of Communications and Networks
• /
• v.18 no.3
• /
• pp.273-287
• /
• 2016

White-box cryptography presented by Chow et al. is an obfuscation technique for protecting secret keys in software implementations even if an adversary has full access to the implementation of the encryption algorithm and full control over its execution platforms. Despite its practical importance, progress has not been substantial. In fact, it is repeated that as a proposal for a white-box implementation is reported, an attack of lower complexity is soon announced. This is mainly because most cryptanalytic methods target specific implementations, and there is no general attack tool for white-box cryptography. In this paper, we present an analytic toolbox on white-box implementations of the Chow et al.'s style using lookup tables. According to our toolbox, for a substitution-linear transformation cipher on n bits with S-boxes on m bits, the complexity for recovering the $$O\((3n/max(m_Q,m))2^{3max(m_Q,m)}+2min\{(n/m)L^{m+3}2^{2m},\;(n/m)L^32^{3m}+n{\log}L{\cdot}2^{L/2}\}\)$$, where $m_Q$ is the input size of nonlinear encodings,$m_A$ is the minimized block size of linear encodings, and $L=lcm(m_A,m_Q)$. As a result, a white-box implementation in the Chow et al.'s framework has complexity at most $O\(min\{(2^{2m}/m)n^{m+4},\;n{\log}n{\cdot}2^{n/2}\}\)$ which is much less than $2^n$. To overcome this, we introduce an idea that obfuscates two advanced encryption standard (AES)-128 ciphers at once with input/output encoding on 256 bits. To reduce storage, we use a sparse unsplit input encoding. As a result, our white-box AES implementation has up to 110-bit security against our toolbox, close to that of the original cipher. More generally, we may consider a white-box implementation of the t parallel encryption of AES to increase security.

• International Journal of Internet, Broadcasting and Communication
• /
• v.13 no.3
• /
• pp.42-49
• /
• 2021

As cyber attacks become more intelligent, there is difficulty in detecting advanced attacks in various fields such as industry, defense, and medical care. IPS (Intrusion Prevention System), etc., but the need for centralized integrated management of each security system is increasing. In this paper, we collect big data for intrusion detection and build an intrusion detection platform using deep learning and CNN (Convolutional Neural Networks). In this paper, we design an intelligent big data platform that collects data by observing and analyzing user visit logs and linking with big data. We want to collect big data for intrusion detection and build an intrusion detection platform based on CNN model. In this study, we evaluated the performance of the Intrusion Detection System (IDS) using the KDD99 dataset developed by DARPA in 1998, and the actual attack categories were tested with KDD99's DoS, U2R, and R2L using four probing methods.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.14 no.2
• /
• pp.57-68
• /
• 2004

We present a new parallel algorithm for extending the domain of a UOWHF. Our algorithm is based on non-complete l-ary tree and has the same optimal key length expansion as Shoup's which has the most efficient key length expansion known so far. Using the recent result [8], we can also prove that the key length expansion of this algorithm and Shoup's sequential algorithm are the minimum possible for any algorithms in a large class of "natural" domain extending algorithms. But its prallelizability performance is less efficient than complete tree based constructions. However if l is getting larger then the parallelizability of the construction is also getting near to that of complete tree based constructions.tructions.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.12 no.3
• /
• pp.77-85
• /
• 2002

A Research of binary random sequence generator that uses a linear shift register had been studied since the 1970s. These generators were used in stream cipher. In general, the binary random sequence generator consists of linear shift registers that generate sequences of maximum period and a nonlinear filter function or a nonlinear combination function to generate a sequence of high linear complexity. Therefore, To generate a sequence that have long period as well as high linear complexity becomes an important factor to estimate safety of stream cipher. Usually, the maximum period of the sequence generated by a linear feedback shift register with L resistors is less than or equal to $2^L$-1. In this paper, we propose new binary random sequence generator that consist of L registers and 2 sub-characteristic polynomials. According to an initial state vector, the least period of the sequence generated by the proposed generator is equal to or ions than it of the sequence created by the general linear feedback shift register, and its linear complexity is increased too.

• Journal of the Chungcheong Mathematical Society
• /
• v.21 no.2
• /
• pp.269-278
• /
• 2008

Let ${\partial}D$ be the boundary of the open unit disk D in the complex plane and $L^p({\partial}D)$ the class of all complex, Lebesgue measurable function f for which $\{\frac{1}{2\pi}{\int}_{-\pi}^{\pi}{\mid}f(\theta){\mid}^pd\theta\}^{1/p}<{\infty}$. Let P be the orthogonal projection from $L^p({\partial}D)$ onto ${\cap}_{n<0}$ ker $a_n$. For $f{\in}L^1({\partial}D)$, ${\hat{f}}(z)=\frac{1}{2\pi}{\int}_{-\pi}^{\pi}P_r(t-\theta)f(\theta)d{\theta}$ is the harmonic extension of f. Let ${\hat{P}}$ be the composition of P with the harmonic extension. In this paper, we will show that if $1, then ${\hat{P}}:L^p({\partial}D){\rightarrow}H^p(D)$ is bounded. In particular, we will show that ${\hat{P}}$ is unbounded on $L^{\infty}({\partial}D)$.