• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.13 no.5
• /
• pp.2718-2731
• /
• 2019

Conjunctive keyword search encryption is an important technique for protecting sensitive data that is outsourced to cloud servers. However, the process of searching outsourced data may facilitate the leakage of sensitive data. Thus, an efficient data search approach with high security is critical. To solve this problem, an efficient conjunctive keyword search scheme based on ciphertext-policy attribute-based encryption is proposed for cloud storage environment. This paper proposes an efficient mechanism for removing the secure channel and resisting off-line keyword-guessing attacks. The storage overhead and the computational complexity are regardless of the number of keywords. This scheme is proved adaptively secure based on the decisional bilinear Diffie-Hellman assumption in the standard model. Finally, the results of theoretical analysis and experimental simulation show that the proposed scheme has advantages in security, storage overhead and efficiency, and it is more suitable for practical applications.

• East Asian Economic Review
• /
• v.22 no.4
• /
• pp.507-529
• /
• 2018

This paper evaluates the whole impact of quantitative easing on inflation in Korea implemented by the central banks in four major advanced economies, the U.S., Euro Area, U.K. and Japan. According to the analysis employing a VAR-X model with the security holdings of those central banks an exogenous variable, quantitative easing is estimated to exert downward pressures on inflation in Korea. Considering the impulse responses of Korean macroeconomic variables to a quantitative easing shock, the spillover effect is transmitted through exchange rate channel while trade channel turns out to be ineffective. In an additional analysis assessing the impact of each quantitative easing program of the central banks, only those of the Fed and European Central Bank are estimated to be significant. The empirical results prove to be robust even if using long-term interest rates as an alternative indicator of quantitative easing.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.2
• /
• pp.287-297
• /
• 2019

When cryptographic algorithms are implemented to provide countermeasures against the side-channel analysis, designers frequently employ the combined countermeasures between the first-order masking scheme and hiding schemes. Their combination can be enough to offer security and efficiency. However, if dummy operations can be distinguished from real operations, an attacker can extract the secret key with lower complexity than the intended attack complexity by the designer inserting the dummy operations. In this paper, we categorize types of variables used in a dummy operation when C language is employed. Then, we present the novel vulnerability that can distinguish dummy operations for all cases where the hiding schemes are applied using different types of variables. Moreover, the countermeasure is provided to prevent the novel vulnerability.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.2
• /
• pp.39-47
• /
• 2008

Among previous Side Channel Analysis (SCA) methods, Differential Power Analysis (DPA) based on the statistical characteristics of collected signals has been known as an efficient attack for uncovering secret key of cryptosystems. However, the attack performance of this method is affected very much by the temporal misalignment and noise of collected side channel signals. In this paper, we propose a new method to surmount the noise problem in DPA. The performance of the proposed method is then evaluated while analyzing the power consumption signals of Micro-controller chips during a DES operation. Its performance is then compared to that of the original DPA in the time and frequency domains. When we compare the experimental results with respect to the needed number of traces to uncover the secret key, our proposed method shows the performance enhancement 33% in the time domain and 50% in the frequency domain.

• Proceedings of the Korean Society of Computer Information Conference
• /
• 2012.07a
• /
• pp.389-392
• /
• 2012

스마트폰의 USIM은 사용자가 별도로 인증정보를 입력할 필요가 없는 매우 편리한 인증 방법을 제공한다. 그러나 USIM에 저장된 정보가 외부로 유출될 경우 공격자가 손쉽게 정당한 사용자로 위장할 수 있는 문제점이 있다. 특히 USIM은 스마트카드에서 실행되는 어플리케이션이므로 기존에 스마트카드에 적용되었던 부채널 분석 공격 기법들이 USIM에도 적용 가능할 것으로 예상된다. 이에 본 논문에서는 스마트폰 USIM에 대한 부채널 분석 공격 가능성에 대해서 분석하고 스마트폰 USIM에 적용될 수 있는 부채널 분석 환경을 제안한다.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2014.10a
• /
• pp.390-393
• /
• 2014

The importance of this emerging information security and u-Korea or ubiquitous IT era, and the information security is more important. Especially, the small core device password encryption algorithm is an important part of the secure side channel attack cryptographic algorithms. However, it can provide high level of security, an adversary can attack small core device through implementation of cryptographic algorithms. In this paper describes for the Power Analysis attack and analyze the experimental environment.

• International Journal of Computer Science & Network Security
• /
• v.23 no.9
• /
• pp.8-16
• /
• 2023

In Japan, high-speed ground transportation service using linear motors at speeds of 500 km/h is scheduled to begin in 2027. To accommodate 5G services in trains, a subcarrier spacing frequency of 30 kHz will be used instead of the typical 15 kHz subcarrier spacing to mitigate Doppler effects in such high-speed transport. Furthermore, to increase the cell size of the 5G mobile system, multiple base station antennas will transmit identical downlink (DL) signals to form an expanded cell size along the train rails. In this situation, the forward and backward antenna signals are Doppler-shifted in opposite directions, respectively, so the receiver in the train may suffer from estimating the exact Channel Transfer Function (CTF) for demodulation. In a previously published paper, we proposed a channel estimator based on Delay and Doppler Profiler (DDP) in a 5G SISO (Single Input Single Output) environment and successfully implemented it in a signal processing simulation system. In this paper, we extend it to 2×2 MIMO (Multiple Input Multiple Output) with spatial multiplexing environment and confirm that the delay and DDP based channel estimator is also effective in 2×2 MIMO environment. Its simulation performance is compared with that of a conventional time-domain linear interpolation estimator. The simulation results show that in a 2×2 MIMO environment, the conventional channel estimator can barely achieve QPSK modulation at speeds below 100 km/h and has poor CNR performance versus SISO. The performance degradation of CNR against DDP SISO is only 6dB to 7dB. And even under severe channel conditions such as 500km/h and 8-path inverse Doppler shift environment, the error rate can be reduced by combining the error with LDPC to reduce the error rate and improve the performance in 2×2 MIMO. QPSK modulation scheme in 2×2 MIMO can be used under severe channel conditions such as 500 km/h and 8-path inverse Doppler shift environment.

• The Journal of Information Systems
• /
• v.22 no.1
• /
• pp.181-200
• /
• 2013

Electronic channel of automobile insurance has emerged as an attractive way of lowering costs and saving time to do the transaction for customers. Electronic channel refers to using web sites to find useful information on insurance products, buy automobile insurance, and ask for services related to the insurance. This study suggests a modified model of the UTAUT and examines the factors influencing intention to use electronic channel in the transaction of automobile insurance. Based on 203 responses from potential automobile insurance buyers, the results showed that performance expectancy, effort expectancy, social influence, service expectancy, and security risk are significantly related to intention to use electronic channel. The results also showed that age as a moderator influences the effects of performance expectancy and effort expectancy on intention to use electronic channel. The study results would improve the understanding of the factors to which managers of insurance companies should pay attention in order to increase their sales through electronic channel.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.5
• /
• pp.1281-1291
• /
• 2015

Compared to the past, people can control end devices via open channel. Although this open channel provides convenience to users, it frequently turns into a security hole. In this paper, we propose a new human-centered security risk analysis method that puts weight on the relationship between end devices. The measure derives from the concept of entropy rate, which is known as the uncertainty per a node in a network. As there are some limitations to use entropy rate as a measure in comparing different size of networks, we divide the entropy rate of a network by the maximum entropy rate of the network. Also, we show how to avoid the violation of irreducible, which is a precondition of the entropy rate of a random walk on a graph.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.19 no.5
• /
• pp.45-57
• /
• 2009

In this paper, we implemented the conference system based on DTLS for saving securely the VoIP, which is served sprightly in the latest, securely and tested (and also analyzed) the system. As VoIP technology development, demand of conference system is increased and the related technologies are growed. But Security protocol to protect conference service is getting late than conference technology. In this paper, we studied based on DTLS protocol that can provide function of signaling, channel security, media channel security and application of group key and apply to VoIP conference system based UDP unchanged. In this paper, we searched suggested security protocols based on DTLS can apply to conference system and implement and apply the protocol to conference system. And we tested (and also alayzed) overhead of encryption and key management mechanism.