• Journal of Korea Society of Digital Industry and Information Management
• /
• v.18 no.4
• /
• pp.41-46
• /
• 2022

In the fourth industrial era, when various technologies are fused and combined, new and advanced technologies from other industries are used extensively in the maritime industry field. New security threats are also increasing along with the development of new technologies. In addition, in incorporating convergence technologies into the maritime industry, various problems, such as communication definitions and procedures between technologies and customer-customized delays, occur. In this paper, for the problems mentioned above, research results on the network configuration of safer autonomous vessels by supplementing and fusing existing solutions rather than developing new technologies are proposed. In conclusion, the entire network consists of VDI and presents additional configurations to ensure confidentiality, integrity, and availability, which are the three security elements. According to the composition of such a convergence network, it is intended to help prepare countermeasures to protect internal data from external threats.

• International Journal of Computer Science & Network Security
• /
• v.21 no.11
• /
• pp.363-367
• /
• 2021

This article analyzes the state and development of multimedia technologies in the educational process. The reasons for the emergence of multimedia educational technologies are shown. The definition of the concept of "multimedia education" is given. The advantages and disadvantages of teaching using multimedia technologies are presented. The article, based on multimedia technologies, provides one of the ways to solve the problem of lack of classroom time for the presentation of all educational material in the process of teaching engineering students. The creation and application of educational videos in education is discussed, an example of teaching electrical engineering is given; the requirements for the development of video lessons, their advantages and importance in the educational process are indicated.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.3
• /
• pp.765-774
• /
• 2018

As the IT technology develops, the military information system develops to the current IT environment for efficient operation and rapid communication, and the threat of cyber attack against the advanced weapon system using network technology is increasing simultaneously. In order to prevent and mitigate these problems, the United States has applied the cybersecurity test evaluation system from the beginning to the beginning of weapon system development. However, in Korea, the evaluation process of cyber security test is weak, and there is concern about the damage due to cyber attack. In this paper, we analyze cybersecurity test evaluation status of U.S. and domestic weapon systems and propose a solution to the problem of cybersecurity test evaluation system.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.5
• /
• pp.1121-1130
• /
• 2016

RSA cryptosystem is one of the most widely used public key cryptosystem. The security of RSA cryptosystem is based on hardness of factoring large number and hence there are ongoing attempt to factor RSA modulus. General Number Field Sieve (GNFS) is currently the fastest known method for factoring large numbers so that CADO-NFS - publicly well-known software that was used to factor RSA-704 - is also based on GNFS. However, one disadvantage is that CADO-NFS could not always select the optimal polynomial for given parameters. In this paper, we analyze CADO-NFS's polynomial selection stage. We propose modified polynomial selection using Chinese Remainder Theorem and Euclidean Distance. In this way, we can always select polynomial better than original version of CADO-NFS and expected to use for factoring RSA-1024.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.15 no.3
• /
• pp.115-126
• /
• 2005

SHACAL-2 is a 256-bit block cipher with up to 512 bits of key length based on the hash function SHA-2. It was submitted to the the NESSIE project and was recommended as one of the NESSIE selections. In this paper, we present two types of related-key attacks called the related-key differential-(non)linear and the related-key rectangle attacks, and we discuss the security of SHACAL-2 against these two types of attacks. Using the related-key differential-nonlinear attack, we can break SHACAL-2 with 512-bit keys up to 35 out of its 64 rounds, and using the related-key rectangle attack, we can break SHACAL-2 with 512-bit keys up to 37 rounds.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.16 no.1
• /
• pp.79-85
• /
• 2006

This attack requires an oracle which on receipt of a ciphertext, decrypts it and replies to the sender whether the padding is VALID or INVALID. In this paper we extend these attacks to other kinds of modes of operation for block ciphers. Specifically, we apply the padding oracle attacks to multiple modes of operation with various padding schemes. As a results of this paper, 12 out of total 36 double modes and 22 out of total 216 triple modes are vulnerable to the padding oracle attacks. It means that the 12 double modes and the 22 triple modes exposed to these types of attacks do not offer the better security than single modes.

• Proceedings of the Korean Society of Broadcast Engineers Conference
• /
• 2008.02a
• /
• pp.155-158
• /
• 2008

기술이 발전함에 따라 컴퓨터 범죄는 점차 증가하고 있으며, 용의자는 사건의 증거가 될 수 있는 파일들에 대해 패스워드 기능을 제공하는 응용프로그램을 활용하여 증거물에 대해 의도적인 접근을 막고 있다. 이로 인해 수사관은 암호화된 파일들에 대해 접근이 매우 어려운 상황이며, 해결 방안으로써 패스워드 복구 프로그램이 대안이 될 수 있다. 하지만 대다수의 패스워드 복구 프로그램들은 단순한 전수조사 공격 방식을 지원하거나 국가별 특징을 고려하지 않은 영문용 사전파일을 적용하여 복구하고 있기 때문에, 국내수사 환경에서 패스워드 검색에 한계가 따르고 있다. 따라서 수사관이 암호화된 파일에 대해 효율적으로 검색할 수 있는 방안이 필요하며, 이를 통해 빠른 시간 내에 증거물을 복구할 수 있는 방안이 강구되어야 한다. 본 논문에서는 최근 국내외 사전구축 사례 및 동향을 조사함으로써 효율적인 패스워드 사전 파일을 구축할 수 있는 방안을 제시하며, 이와 함께 용의자의 개인적인 정보를 이용하여 최적화된 사전파일을 생성할 수 있는 방안에 대해 설명한다.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.11 no.7
• /
• pp.3558-3577
• /
• 2017

In 2D-to-3D video conversion process, the virtual left and right view can be generated from 2D video and its corresponding depth map by depth image based rendering (DIBR). The depth map plays an important role in conversion system, so the copyright protection for depth map is necessary. However, the provided virtual views may be distributed illegally and the depth map does not directly expose to viewers. In previous works, the copyright information embedded into the depth map cannot be extracted from virtual views after the DIBR process. In this paper, a new copyright protection scheme for the depth map is proposed, in which the copyright information can be detected from the virtual views even without the depth map. The experimental results have shown that the proposed method has a good robustness against JPEG attacks, filtering and noise.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.6
• /
• pp.1523-1537
• /
• 2018

The AI speaker is a simple operation that provides users with useful functions such as music playback, online search, and so the AI speaker market is growing at a very fast pace. However, AI speakers always wait for the user's voice, which can cause serious problems such as eavesdropping and personal information exposure if exposed to security threats. Therefore, in order to provide overall improved security of all AI speakers, it is necessary to identify potential security threats and analyze them systematically. In this paper, security threat modeling is performed by selecting four products with high market share. Data Flow Diagram, STRIDE and LINDDUN Threat modeling was used to derive a systematic and objective checklist for vulnerability checks. Finally, we proposed a method to improve the security of AI speaker by comparing the vulnerability analysis results and the vulnerability of each product.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.6
• /
• pp.1375-1391
• /
• 2012

Smart grid is a next-generation intelligent power grid that applying ICT to power grid to maximize the energy efficiency ratio. Recently, technologies and standards for smart grid are being developed around the world. Information security which is an essential part of smart grid development has to be managed continuously. Information security management system certification for organizational risk management has been implemented in Korea. Although preparation for information security management system certification which is applicable to smart grid is considered, there are no specific methods. This paper is to propose core and added evaluation criteria for Korean smart grid based on K-ISMS through comparative analysis between ISMS operated in Korea and smart grid information security management system developed in the United States. Added evaluation criteria enable smart grid related business that certified existing ISMS to minimize redundant and unnecessary certification assessment work.