• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2011.05a
• /
• pp.660-663
• /
• 2011

The file security function, which this paper suggests, restricts the access of an unauthorized users by using password algorithm and saving file. Saved files that are encrypted are read by decrypting them with decryption algorithm. These features are user interface to design the program for user friendly. The security function implements both file encryption and decryption programs and tests whether the experiment works or not. In addition, when a decryption is progressed and the settings of between decryption and encryption are different each other, the security function also checks the possibility of decryption. We can enhance the security on important files stored in Windows servers or personal computers by developing this program.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.34 no.1
• /
• pp.61-70
• /
• 2024

As users use various services along with the rapid increase in Internet services, it may be difficult to manage accounts. To solve these difficulties, various password management applications are emerging. From a forensic point of view, password management applications can provide clues to obtain criminal evidence. The purpose of this paper is to acquire the data stored by the user in the password management application. To this end, we propose a better way to decrypt the encrypted data through reverse engineering, evaluate the security of the application to be analyzed, and safely store the data.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.1
• /
• pp.17-27
• /
• 2020

Many users are using password managers in order to conveniently manage several usernames and passwords needed to access the web sites. The password manager encrypts and stores several passwords on the server, and the user accesses the server to receive the password information. Thus, if an attacker can sniff a message between the password manager and the server and decrypt the message content, or if an attacker can steal the computer's memory and decrypt the message content, then all the passwords will be exposed to the attacker. In this paper, we analyze the client-server communications and encryption process of password mangers and show there is a serious vulnerability in memory attack.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.17 no.3
• /
• pp.612-618
• /
• 2013

The file security function, which this paper suggests, restricts the access of an unauthorized users by using password algorithm and saving file. Saved files that are encrypted are read by decrypting them with decryption algorithm. These features are user interface to design the program for user friendly. The security function implements both file encryption and decryption programs and tests whether the experiment works or not. In addition, when a decryption is progressed and the settings of between decryption and encryption are different each other, the security function also checks the possibility of decryption. We can enhance the security on important files stored in Windows servers or personal computers by developing this program.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.5
• /
• pp.1047-1057
• /
• 2018

As the number of services offered on the Internet exponentially increases, password managers are increasing popular applications that store several passwords in an encrypted database (or password vault). Browser-integrated password managers or locally-installed password managers store the password vault on the user's device. Although a web-based password manager stores the password vault on the cloud server, a user can store the master password used to sign in the cloud server on her device. An attacker that steals a user's encrypted vault stored in the victim's device can make an offline attack and, if successful, all the passwords in the vault will be exposed to the attacker. This paper investigates the vulnerability of the password vault stored in the device and develops attack programs to verify the vulnerability of the password vault.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.3
• /
• pp.511-525
• /
• 2023

As awareness of personal data protection increases, various Full Disk Encryption (FDE)-based applications are being developed that real-time encryption or use virtual drive volumes to protect data on user's PC. FDE-based applications encrypt and protect the volume containing user's data. However, as disk encryption technology advances, some users are abusing FDE-based applications to encrypt evidence associated with criminal activities, which makes difficulties in digital forensic investigations. Thus, it is necessary to analyze the encryption process used in FDE-based applications and decrypt the encrypted data. In this paper, we analyze Cryptomator and Norton Ghost, which provide volume encryption and backup functions. We analyze the encrypted data structure and encryption process to classify the main data of each application and identify the encryption algorithm used for data decryption. The encryption algorithms of these applications are recently emergin gor customized encryption algorithms which are analyzed to decrypt data. User password is essential to generate a data encryption key used for decryption, and a password acquisition method is suggested using the function of each application. This supplemented the limitations of password investigation, and identifies user data by decrypting encrypted data based on the acquired password.

• Journal of the Korea Society of Computer and Information
• /
• v.17 no.1
• /
• pp.171-181
• /
• 2012

This paper defines the AES password algorithm used as a symmetric-key-based password algorithm, and proposes the design of parallel password algorithm to utilize the resources of multi-core processor as much as possible. The proposed parallel password algorithm was confirmed for parallel execution of password computation by allocating the password algorithm according to the number of cores, and about 30% of performance increase compared to AES password algorithm. The encryption/decryption performance of the password algorithm was confirmed through binary comparative analysis tool, which confirmed that the binary results were the same for AES password algorithm and proposed parallel password algorithm, and the decrypted binary were also the same. The parallel password algorithm for multi-core environment proposed in this paper can be applied to authentication/payment of financial service in PC, laptop, server, and mobile environment, and can be utilized in the area that required high-speed encryption operation of large-sized data.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.25 no.4B
• /
• pp.700-707
• /
• 2000

In this paper, we address vulnerabilities of legacy VOD system and implement secure-VOD system to protect security holes of it. Our secure-VOD system provide user authentication using one-time password, message authentication and encryption/decryption for video server information. To improve security of existing fixed password system, our secure-VOD system use one-time password. Also, our secure-VOD system provides integrity for video server information by generating and verifying message authentication code using HMAC-HAS 160 algorithm. Finally, our secure-VOD system uses RC5 encryption algorithm to guarantee confidentiality for video server information.

• KIPS Transactions on Computer and Communication Systems
• /
• v.12 no.2
• /
• pp.69-76
• /
• 2023

Hundreds of thousands of passwords are lost or forgotten every year, making the necessary information unavailable to legitimate owners or authorized law enforcement personnel. In order to recover such a password, a tool for password cracking is required. Using GPUs instead of CPUs for password cracking can quickly process the large amount of computation required during the recovery process. This paper optimizes on GPUs using CUDA, with a focus on decryption of the currently most popular PDF 1.4-1.6 version. Techniques such as eliminating unnecessary operations of the MD5 algorithm, implementing 32-bit word integration of the RC4 algorithm, and using shared memory were used. In addition, autotune techniques were used to search for the number of blocks and threads that affect performance improvement. As a result, we showed throughput of 31,460 kp/s (kilo passwords per second) and 66,351 kp/s at block size 65,536, thread size 96 in RTX 3060, RTX 3090 environments, and improved throughput by 22.5% and 15.2%, respectively, compared to the cracking tool hashcat that achieves the highest throughput.

• Journal of the Korea Computer Industry Society
• /
• v.9 no.2
• /
• pp.93-98
• /
• 2008

In this study, analyzed principle about stream cipher that is formed to Cellular Automata foundation. Cellular Automata can embody complicated and various principle with simple identifying marks that is State, Neighborhood, Transition Rules originally. Cellular Automata is hinting that can handle encipherment smoothly using transition rule. Create binary pad (key stream) by Cellular Automata's transition rule 30 applications in treatise that see therefore, and experimented ability of encryption and decryption because using stream cipher of symmetric key encryption way of password classification.