• Korean Journal of Optics and Photonics
• /
• v.17 no.1
• /
• pp.47-53
• /
• 2006

The Integrated Ballistics Identification Systems (IBIS) is widely used for bullet and casing signature identification. The IBIS obtains a pair of ballistic signatures from two bullets (or casings) using optical microscopy, and estimates a correlation score which can represent the degree of signature match. However, this method largely depends on lighting and surface conditions because optical image contrast is primarily a function of test surface's slope, shadowing, multiple reflections, optical properties, and illumination direction. Moreover, it can be affected with surface height variation. To overcome these problems and improve the identification system, we used well known surface topographic techniques, such as confocal microscopy and white-light scanning interferometry. The measuring instruments were calibrated by a NIST step height standard and verified by a NIST sinusoidal profile roughness standard and a commercial roughness standard. We also suggest a new analysis method for the ballistic identification. In this method, the maximum cross-correlation function CCFmax is used to quantify the degree of signature match. If the compared signatures were exactly the same, CCFmax would be $100\%$.

• Proceedings of the Polymer Society of Korea Conference
• /
• 2006.10a
• /
• pp.110-111
• /
• 2006

Most applications of polymers involve blends and mixtures of components including solvents, surfactants, copolymers, fillers, organic or inorganic functional additives, and various processing aids. These components provide unique properties of polymeric materials even beyond those tailored into the basic chemical structures. In addition, skillful processing extends the properties for even greater applications. The perennial challenge of polymer science is to understand and exploit the structure-processing-property interplay relationship. We are developing and demonstrating combinatorial methods and high throughput analysis as tools to provide this fundamental understanding.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.6
• /
• pp.1449-1461
• /
• 2018

As the number of software vulnerabilities grows year by year, attacks on software are also taking place a lot. As a result, the security administrator must identify and patch vulnerabilities in the software. However, it is important to prioritize the patches because patches for all vulnerabilities are realistically hard. In this paper, we propose a scoring system that expands the scale of risk assessment metric by taking into consideration attack patterns or weaknesses cause vulnerabilities with the vulnerability information provided by the NIST(National Institute of Standards and Technology). The proposed scoring system is expanded based on the CWSS and uses only public vulnerability information to utilize easily for any company. In this paper, we applied the automated scoring system to software vulnerabilities, and showed the expanded metrics with consideration for influence of attack pattern and weakness are meaningful.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.1
• /
• pp.33-43
• /
• 2023

The National Institute of Standards and Technology (NIST), which is working on the Post-Quantum Cryptography (PQC) standardization project, announced four algorithms that have been finalized for standardization. In this paper, we demonstrate through experiments that private keys can be exposed by Correlation Power Analysis (CPA) and Differential Deep Learning Analysis (DDLA) attacks on polynomial coefficient-wise multiplication algorithms that operate in the process of generating signatures using CRYSTALS-Dilithium algorithm. As a result of the experiment on ARM-Cortex-M4, we succeeded in recovering the private key coefficient using CPA or DDLA attacks. In particular, when StandardScaler preprocessing and continuous wavelet transform applied power traces were used in the DDLA attack, the minimum number of power traces required for attacks is reduced and the Normalized Maximum Margines (NMM) value increased by about 3 times. Conseqently, the proposed methods significantly improves the attack performance.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.2
• /
• pp.151-164
• /
• 2023

Recently, the development of quantum computers means a great threat to existing public key system based on discrete algebra problems or factorization problems. Accordingly, NIST is currently in the process of contesting and screening PQC(Post Quantum Cryptography) that can be implemented in both the computing environment and the upcoming quantum computing environment. Among them, SIKE is the only Isogeny-based cipher and has the advantage of a shorter public key compared to other PQC with the same safety. However, like conventional cryptographic algorithms, all quantum-resistant ciphers must be safe for existing cryptanlysis. In this paper, we studied power analysis-based cryptographic analysis techniques for SIKE, and notably we analyzed SIKE through wavelet transformation and deep learning-based clustering power analysis. As a result, the analysis success rate was close to 100% even in SIKE with applied masking response techniques that defend the accuracy of existing clustering power analysis techniques to around 50%, and it was confirmed that was the strongest attack on SIKE.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.1
• /
• pp.41-51
• /
• 2018

Format preserving encryption(FPE) performs encryption with preserving the size and format of plain-text. Therefore, it is possible to minimize the structural change of the database before and after the encryption. For example, when encrypting data such as credit card number or social security number, it is possible to maintain the existing database structure because FPE outputs the same form of cipher-text as plain-text. Currently, the National Institute of Standards and Technology (NIST) recommends FF1 and FF3 as standards for FPE. Recently, in Korea, FEA, which is a very efficient FPE algorithm, has been adopted as the standard of FPE. In this paper, we analyze FEA and measure the performance of FEA by optimizing it in various environments.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.6
• /
• pp.1329-1342
• /
• 2018

Recent advances in quantum computer development have raised the issue of the security of RSA and elliptic curve cryptography, which are widely used. In response, the National Institute of Standards and Technology(NIST) is working on the standardization of public key cryptosystem which is secure in the quantum computing environment. Lattice-based cryptography is a typical post-quantum cryptography(PQC), and various lattice-based cryptographic schemes have been proposed for NIST's PQC standardization contest. Among them, EMBLEM proposed a new multi-bit encryption method which is more intuitive and efficient for encryption and decryption phases than the existing LWE-based encryption schemes. In this paper, we propose a multi-bit encryption scheme with improved efficiency using LWR assumption. In addition, we prove the security of our schemes and analyze the efficiency by comparing with EMBLEM and R.EMBLEM.

• Journal of the Korea Society for Simulation
• /
• v.21 no.3
• /
• pp.17-24
• /
• 2012

This paper suggests Effectiveness Evaluation Methods of DDoS attacks countermeasures model by simulation. According to the security objectives that are suggested by NIST(National Institute of Standards and Technology), It represents a hierarchical Effectiveness Evaluation Model. we calculated the weights of factors that security objectives, security controls, performance indicator through AHP(Analytic Hierarchy Process) analysis. Subsequently, we implemented Arena Simulation Model for the calculation of function points at the performance indicator. The detection and protection algorithm involve methods of critical-level setting, signature and anomaly(statistic) based detection techniques for Network Layer 4, 7 attacks. Proposed Effectiveness Evaluation Model can be diversely used to evaluate effectiveness of countermeasures and techniques for new security threats each organization.

• The Journal of the Acoustical Society of Korea
• /
• v.34 no.2
• /
• pp.171-176
• /
• 2015

We present a speaker verification method by extracting i-vectors based on dominant state information of Hidden Markov Model (HMM) - Universal Background Model (UBM). Ergodic HMM is used for estimating UBM so that various characteristic of individual speaker can be effectively classified. Unlike Gaussian Mixture Model(GMM)-UBM based speaker verification system, the proposed system obtains i-vectors corresponding to each HMM state. Among them, the i-vector for feature is selected by extracting it from the specific state containing dominant state information. Relevant experiments are conducted for validating the proposed system performance using the National Institute of Standards and Technology (NIST) 2008 Speaker Recognition Evaluation (SRE) database. As a result, 12 % improvement is attained in terms of equal error rate.

• The Journal of the Acoustical Society of Korea
• /
• v.35 no.6
• /
• pp.501-509
• /
• 2016

We propose a method to improve the robustness of speaker verification on short test utterances. The accuracy of the state-of-the-art i-vector/probabilistic linear discriminant analysis systems can be degraded when testing utterance durations are short. The proposed method compensates for utterance variations of short test feature vectors using deep neural networks. We design three different types of DNN (Deep Neural Network) structures which are trained with different target output vectors. Each DNN is trained to minimize the discrepancy between the feed-forwarded output of a given short utterance feature and its original long utterance feature. We use short 2-10 s condition of the NIST (National Institute of Standards Technology, U.S.) 2008 SRE (Speaker Recognition Evaluation) corpus to evaluate the method. The experimental results show that the proposed method reduces the minimum detection cost relative to the baseline system.