• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.1
• /
• pp.13-31
• /
• 2023

Korean Government-PKI (GPKI) is a public-key infrastructure which provides authentication and security functions for information system used by central government, local governments, and public institutions of the Republic of Korea to provide their own administrative and public services. The current cryptosystem of GPKI was established in the early 2000s, and more than ten years have passed since the last improvement in 2010. Over the past decade or so, the information security, including cryptography, has undergone many changes and will continue to face many changes. Therefore, for the sustainable security of GPKI, it is necessary to review the security of the cryptosystem at this point. In this paper, we analyze the current status and the security of technologies and standards used in the system. We identify cryptographic algorithms with degraded security, international standards which are obsoleted or updated, and cryptographic parameters that should be revised for the high security level. And based on this, we make several suggestions on the reorganization of cryptographic algorithms and related technologies for the security enhancement of GPKI.

• Convergence Security Journal
• /
• v.24 no.2
• /
• pp.123-132
• /
• 2024

In the era of the Internet of Things, 7 billion diverse devices have been interconnected worldwide. Ensuring information security across these varied devices is crucial in this hyper-connected age. To achieve essential security functions such as confidentiality, integrity, and authentication, it is imperative to implement true random number generators (TRNGs). Therefore, this study proposes a method to rapidly characterize the randomness of TRNGs. While there are international standards for formally characterizing the randomness of TRNGs, adhering to these standards often requires significant time and resources. This study aims to help TRNG developers enhance efficiency in both time and cost by characterizing rough randomness and unpredictability. Firstly, we propose applying auto-correlation and cross-correlation metrics for analog signals. Secondly, we suggest adopting joint entropy and mutual information metrics for digital signals.

• The KIPS Transactions:PartA
• /
• v.16A no.6
• /
• pp.453-462
• /
• 2009

Studies on software plagiarism detection, prevention and judgement have become widespread due to the growing of interest and importance for the protection and authentication of software intellectual property. Many previous studies focused on comparing all pairs of submitted codes by using attribute counting, token pattern, program parse tree, and similarity measuring algorithm. It is important to provide a clear-cut model for distinguishing plagiarism and collaboration. This paper proposes a source code clustering algorithm using a probability model on extreme value distribution. First, we propose an asymmetric distance measure pdist($P_a$, $P_b$) to measure the similarity of $P_a$ and $P_b$ Then, we construct the Plagiarism Direction Graph (PDG) for a given program set using pdist($P_a$, $P_b$) as edge weights. And, we transform the PDG into a Gumbel Distance Graph (GDG) model, since we found that the pdist($P_a$, $P_b$) score distribution is similar to a well-known Gumbel distribution. Second, we newly define pseudo-plagiarism which is a sort of virtual plagiarism forced by a very strong functional requirement in the specification. We conducted experiments with 18 groups of programs (more than 700 source codes) collected from the ICPC (International Collegiate Programming Contest) and KOI (Korean Olympiad for Informatics) programming contests. The experiments showed that most plagiarized codes could be detected with high sensitivity and that our algorithm successfully separated real plagiarism from pseudo plagiarism.

• Journal of the Institute of Electronics and Information Engineers
• /
• v.51 no.6
• /
• pp.276-281
• /
• 2014

Necessities of a traffic means work a car in the modern society human to an usability of a life is enjoying. On the other hand, the damage by traffic accident increment the human quotient worked as we were in proportion to the vehicle which increased. Passing an examination moves necessarily on an obstacle to suddenly appear at the fronts if a car travels and the vehicles which stopped suddenly. Dynamic passing an examination about an obstacle turn on Vehicle Emergency Lamp to by hand when is unhurried, and can turn off, but to appear urgently dynamic passing an examination in time human is instinctive, but cannot inform an emergency to a back vehicle, and a rear-end collision occurs. A car we synthesize a speed of a vehicle, and this unit analyzes as we use GPS, and to drive runs Vehicle Emergency Lamp to automatic in the situations that shall turn on emergencies etc. If a speed of a vehicle continuously slows down in too high-speed driving or low-speed driving, or we are stopped, Vehicle Emergency Lamp is always turned on. It was built if we rise again as clearing itself from risk, and a speed of a vehicle judges, and we turn off Vehicle Emergency Lamp to automatic. It runs till rear-end collision sensor operates, and by hand reset does Vehicle Emergency Lamp a driving vehicle collides from behind to a back vehicle or when a driving vehicle was overthrown. It is shortened very much to the chain rear-end collision traffic accident that is a traffic accident of large size if we use this unit. And we did authentication through the experiment which a driver was helpful to unnecessary operation and a relaxed safe driving during drivings.

• Journal of Arbitration Studies
• /
• v.15 no.2
• /
• pp.225-261
• /
• 2005

Under Article IV of the United Nations Convention on the Recognition and Enforcement of Foreign Arbitral Awards (New York Convention), in order to obtain the recognition and enforcement of a foreign arbitral award, a party applying for recognition and enforcement of a foreign arbitral award shall supply (a) the duly authenticated original award or a duly certified copy thereof and (b) the original arbitration agreement or a duly certified copy thereof. In addition, if the arbitral award or arbitration agreement is not made in an official language of the country in which the award is relied upon, the party applying for recognition and enforcement of the award shall produce a translation of these documents into such language, and the translation shall be certified by an official or sworn translator or by a diplomatic or consular agent. In a case where a Vietnamese company which had obtained a favorable arbitral award in Vietnam applied for recognition and enforcement of a Vietnamese arbitral award before a Korean court, the recent Korean Supreme Court Judgment (Docket No. 2004 Da 20180. 'Judgment') rendered on December 12, 2004 has alleviated the document requirements as follows : The Judgment held that (i) the party applying for recognition andenforcement of a foreign arbitral award does not have to strictly comply with the document requirements when the other party does not dispute the existence and the content of the arbitral award and the arbitration agreement and that (ii) in case the translation submitted to the court does not satisfy the requirement of Article 4, the court does not have to dismiss the case on the ground that the party applying for recognition and enforcement of a foreign arbitral award has failed to comply with the translation requirement under Article 4, and instead may supplement the documents by obtaining an accurate Korean translation from an expert translator at the expense of the party applying for recognition and enforcement of the foreign arbitral award. In this regard, the author fully supports the view of the Judgment. Finally, the Judgment held that, even though the existence of a written arbitration agreement was not disputed at the arbitration, there was no written arbitration agreement between the plaintiff and the defendant and wenton to repeal the judgment of the second instance which admitted the existence of a written arbitration agreement between the parties. In this regard, the author does not share the view of the Judgment. The author believes that considering the trend of alleviating the formality requirement of arbitration agreements under Article 2 of the New York Convention, the Supreme Court could have concluded that there was a written arbitration agreement because the defendant participated in thearbitration proceedings in Vietnam without disputing the formality requirement of the arbitration agreement. Or the Supreme Court should have taken the view that the defendant was no longer permitted to dispute the formality requirement of the arbitration agreement because otherwise it would be clearly against the doctrine of estoppel.

• KIPS Transactions on Computer and Communication Systems
• /
• v.7 no.2
• /
• pp.49-58
• /
• 2018

A certificate is a means to certify users by conducting the identification of the users, the prevention of forgery and alteration, and non-repudiation. Most people use an accredited certificate when they perform a task using online banking, and it is often used for the purpose of proving one's identity in issuing various certificates and making electronic payments in addition to online banking. At this time, the issued certificate exists in a file form on the disk, and it is possible to use the certificate issued in an existing device in a new device only if one copies it from the existing device. However, most certificate duplication methods are a method of duplication, entering an 8-16 digit verification code. This is inconvenient because one should enter the verification code and has a weakness that it is vulnerable to security issues. To solve this weakness, this study proposes a method for enhancing security certificate duplication in a multi-channel using TCP and BLE. The proposed method: 1) shares data can be mutually authenticated, using BLE Advertising data; and 2) encrypts the certificate with a symmetric key algorithm and delivers it after the certification of the device through an ECC-based electronic signature algorithm. As a result of the implementation of the proposed method in a mobile environment, it could defend against sniffing attacks, the area of security vulnerabilities in the existing methods and it was proven that it could increase security strength about $10^{41}$ times in an attempt of decoding through the method of substitution of brute force attack existing method.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.17 no.11
• /
• pp.51-56
• /
• 2016

In this paper, we propose an Arduino-based plant monitoring system. The proposed system is based on the Arduino platform, using an environmental sensor and a pressure sensor for measuring temperature, humidity and illuminance in order to monitor the state of the environment and the facilities of the plant. Monitoring data are transmitted to a ZigBee coordinator connected to a server through a radio frequency transceiver. When using a pressure sensor and the environment sensor data stored on the host server, checking the pressure in the environment of the plant and equipment is intended to report any alarm status to the administrator. Using a grid line-based key distribution scheme, the authentication node dynamically generates a data key to protect the monitoring information. Applying a ZigBee wireless sensor network does not require additional wiring for the actual implementation of a plant monitoring system. Possible working-environment monitoring of an efficient plant can help analyze the cause of any failure by backtracking the working environment when a failure occurs. In addition, it is easy to expand or add a sensor function using the Arduino platform and an expansion board.

• International Journal of Contents
• /
• v.11 no.2
• /
• pp.37-49
• /
• 2015

Sensors, equipment, ICT facilities and their corresponding software have a relatively short lifetime relative to that of constructional structure, so these devices have to be continuously fixed or exchanged during maintenance and management. Furthermore, software or analysis tools should be periodically upgraded according to advances in ICT and analysis technology. Conventional monitoring systems have serious problems in that it is difficult for site engineers to modify or upgrade hardware and analysis algorithms. Moreover, we depend on the original system developer when we want to modify or upgrade inner program structures. In this paper, we propose a novel design for integrated maintenance and management of a monitoring system by applying the mobile cloud concept. The system is intended for use in disaster prevention of constructional structures, including bridges, tunnels, and in traditional buildings in a local heritage village, we analyze the status of these structures over a long term or a short-term period as well as in disaster situations. Data are collected over a mobile cloud and future expectations are analyzed according to probabilistic and statistical techniques. We implement our integrated monitoring system to solve the existing problems mentioned above. The final goal of this study is to design and implement a monitoring system for more than 10,000 structures spread within Korea. Furthermore, we can specifically apply the monitoring system presented here to a bridge made from timber in Asan Oeam Village and a traditional house in Andong Hahoe Village to monitor for possible disasters. The entire system design and implementation can be developed on the LinkSaaS platform and the monitoring services can also be implemented on the platform. We prove that the proposed system has good performance by performing a TTA authentication test, web accommodation test, and operation test using emulated data.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.5
• /
• pp.1007-1017
• /
• 2019

Currently, most biometrics system authenticates users by using single biometric information. This method has many problems such as noise problem, sensitivity to data, spoofing, a limitation of recognition rate. One method to solve this problems is to use multi biometric information. The multi biometric authentication system performs information fusion for each biometric information to generate new information, and then uses the new information to authenticate the user. Among information fusion methods, a score-level fusion method is widely used. However, there is a problem that a normalization operation is required, and even if data is same, the recognition rate varies depending on the normalization method. A rank-level fusion method that does not require normalization is proposed. However, a existing rank-level fusion methods have lower recognition rate than score-level fusion methods. To solve this problem, we propose a rank-level fusion method with higher recognition rate than a score-level fusion method using correlation coefficient. The experiment compares recognition rate of a existing rank-level fusion methods with the recognition rate of proposed method using iris information(CASIA V3) and face information(FERET V1). We also compare with score-level fusion methods. As a result, the recognition rate improve from about 0.3% to 3.3%.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.15 no.2
• /
• pp.23-36
• /
• 2005

The main obstacle hindering the wide deployment of identity-based cryptosystem is that the entity responsible for creating the private key has too much power. As a result, private keys are no longer private. One obvious solution to this problem is to apply the threshold technique. However, this increases the authentication computation, and communication cost during the key issuing phase. In this paper, we propose a new effi ient model for issuing multiple private keys in identity-based encryption schemes based on the Weil pairing that also alleviates the key escrow problem. In our system, the private key of a user is divided into two components, KGK (Key Description Key) and KUD(Key Usage Desscriptor), which are issued separately by different parties. The KGK is issued in a threshold manner by KIC (Key Issuing Center), whereas the KW is issued by a single authority called KUM (Key Usage Manager). Changing KW results in a different private key. As a result, a user can efficiently obtain a new private key by interacting with KUM. We can also adapt Gentry's time-slot based private key revocation approach to our scheme more efficiently than others. We also show the security of the system and its efficiency by analyzing the existing systems.