• (The)Study of the Eastern Classic
• /
• no.35
• /
• pp.359-385
• /
• 2009

The study aims to investige how Soupjin, military training has been changed in early Joseon Dynasty. The conclusions are following these. First, Jin means military marching or attacking the enemy and Jinbeop means how to make Jin or traning but now Jinbeop indicates textbook of Jinbeop rather than practing it. Second, publishing Owijinbeop is completed as a result of continuous series of Jinbeop textbook and Owi systems are built up by military construction reorganization. Third, the total number of articles is 268 from Taejo to Seonjo in early Joseon Dynasty. They are divided into different parts according to kings. Forth, Taejo, Taejong, Munjong, Sejo, Yejong and Jungjong are the kings who take the lead of Jinbeop training directly. Among them Munjong and Sejo are highly considered that they edited and revised Sinjinbeop and tried to unify military organization. Besides Jungjong discussed Jinbeop textbooks which are published by prior kings and even make them be practiced. But after Imjinwaeran, Seonjo accepted the book Gihyosinseo by Cheokgyegwang in China and transformed our Jinbeop for protecting the country. Firth, We found that Hyangmyung and Jintoigyjak had been focused from Sejo to Jungjong. Because in this period Joseon had to find the way to protect the country from north Yeojin, But after Imjinwaeran Seonjo introduced Cheokgyegwang's Jeolgangjinbeop in China because of Japanese attacks.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.15 no.3
• /
• pp.3-12
• /
• 2005

This paper introduces a 3D perceptual model based on JND(Just Noticeable Difference) and proposes a video watermarking scheme which is perceptual approach of adaptive embedding in 3D-DCT domain. Videos are composed of consecutive frames with many similar adjacent frames. If a watermark is embedded in the period of similar frames with little motion, it can be easily noticed by human eyes. Therefore, for the transparency the watermark should be embedded into some places where motions exist and for the robustness its magnitude needs to be adjusted properly. For the transparency and the robustness, watermark based on 3D perceptual model is utilized. That is. the sensitivities from the 3D-DCT quantization are derived based on 3D perceptual model, and the sensitivities of the regions having more local motion than global motion are adjusted. Then the watermark is embedded into visually significant coefficients in proportion to the strength of motion in 3D-DCT domain. Experimental results show that the proposed scheme improves the robustness to MPEG compression and temporal attacks by about $3{\sim}9\%$, compared to the existing 3D-DCT based method. In terms of PSNR, the proposed method is similar to the existing method, but JND guarantees the transparency of watermark.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.17 no.1
• /
• pp.21-32
• /
• 2007

Vuillaume-Okeya presented unsigned receding methods for protecting modular exponentiations against side channel attacks, which are suitable for tamper-resistant implementations of RSA or DSA which does not benefit from cheap inversions. The proposed method was using a signed representation with digits set ${1,2,{\cdots},2^{\omega}-1}$, where 0 is absent. This receding method was designed to be computed only from the right-to-left, i.e., it is necessary to finish the receding and to store the receded string before starting the left-to-right evaluation stage. This paper describes new receding methods for producing SPA-resistant unsigned representations which are scanned from left to right contrary to the previous ones. Our contributions are as follows; (1) SPA-resistant unsigned left-to-right receding with general width-${\omega}$, (2) special case when ${\omega}=1$, i.e., unsigned binary representation using the digit set {1,2}, (3) SPA-resistant unsigned left-to-right Comb receding, (4) extension to unsigned radix-${\gamma}$ left-to-right receding secure against SPA. Hence, these left-to-right methods are suitable for implementing on memory limited devices such as smartcards and sensor nodes

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.6A
• /
• pp.63-73
• /
• 2008

RFID(Radio Frequency IDentification) system is an automated identification system that basically consists of tags and readers and Back-End-Databases. Tags and Readers communicate with each other by RF signal. As a reader can identify many tags in contactless manner using RF signal, RFID system is expected to do a new technology to replace a bar-code system in supply-chain management and payment system and access control and medical record and so on. However, RFID system creates new threats to the security of systems and privacy of individuals, Because tags and readers communicate with each other in insecure channel using RF signal. So many people are trying to study various manners to solve these problems against attacks, But they are difficult to apply to RFID system based on EPCglobal UHF Class-1 Generation-2 tags. Recently, Chien and Chen proposed a mutual Authentication protocol for RFID conforming to EPCglobal UHF Class-1 Generation-2 tags. we discover vulnerabilities of security and inefficiency about their protocol. Therefore, We analyze vulnerabilities of their protocol and propose an efficient mutual authentication protocol that improves security and efficiency.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.12 no.6
• /
• pp.59-69
• /
• 2002

Many Linear attacks have introduced after M. Matsui suggested Linear Cryptanalysis in 1993. The one of them is the method suggested by B. Kaliski and M. Robshaw. It was a new method using multiple linear approximations to attack for block ciphers. It requires less known plaintexts than that of Linear Cryptanalysis(LC) by Matsui, but it has a problem. In this paper, we will introduce the new method using multiple linear approximation that can solve the problem. Using the new method, the requirements of the known plaintexts is 5(1.25) times as small as the requirements in LC on 8(16) round DES with a success rate of 95%(86%) respectively. We can also adopt A Chosen Plaintext Linear Attack suggested by L. R. Knudsen and J. E. Mathiassen and then our attack requires about $2^{40.6}$ chosen plaintexts to recover 15 key bits with 86% success rate. We believe that the results in this paper contain the fastest attack on the DES full round reported so far in the open literature.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.13 no.6
• /
• pp.141-148
• /
• 2003

The self-healing key distribution scheme with revocation capability proposed by Staddon et al. enables a dynamic group of users to establish a group key over an unreliable network, and has the ability to revoke users from and add users to the group while being resistant to collusion attacks. In such a protocol, if some packet gets lost, users ale still capable of recovering the group key using the received packets without requesting additional transmission from the group manager. In this scheme, the storage overhead at each group member is O($m^2$1og p) and the broadcast message size of a group manager is O( ((m$t^2$+mt)log p), where m is the number of sessions, t is the maximum number of colluding group members, and p is a prime number that is large enough to accommodate a cryptographic key. In this paper we describe the more efficient self-healing key distribution scheme with revocation capability, which achieves the same goal with O(mlog p) storage overhead and O(($t^2$+mt)log p) communication overhead. We can reduce storage overhead at each group member and the broadcast message size of the group manager without adding additional computations at user's end and group manager's end.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.15 no.6
• /
• pp.59-69
• /
• 2005

Ad hoc network is the network which can be considered without a pre-constructed infrastructure, and a mobile node can join the network freely. However, the participation of the mobile nodes to the ad hoc network brings up much burden of re-computation for new routes, because it leads to losing the connection frequently. And, also, it causes serious security problem to be broadcasted wrong information by the malicious user. Therefore, it needs authentication against the mobile nodes. To make that Possible, we have two methods: single CA and distributed CA. In the case of CA method, the wireless network can be collapsed owing to expose the CA, but still the distributed CA method is a little more safe than previous one because it needs attacks toward a lot of CAs to collapse the network We can consider Secret Share scheme as the method that constructs the distributed CA system, but it is weak when the network size is too large. In this paper, we suggest hierarchical structure for the authentication method to solve this problem, and we will show the results of simulation for this suggestion.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.15 no.6
• /
• pp.37-47
• /
• 2005

Recently, the malicious e-mail worm-viruses have been widely spreaded over the Internet. If the recipient opens the e-mail attachment or an e-mail itself that contains the worm-virus, the worm-virus can be activated and then cause a tremendous damage to the system by propagating itself to everyone on the mailing list in the user's e-mail package. In this paper, we have designed and implemented two methods blocking e-mail worm-viruses. In the fist method, each e-mail is transmitted only by sender activity such as the click of button on a mail client application. In the second one, we insert the two modules into the sender side, where the one module transforms a recipient's address depending on a predefined rule only in time of pushing button and the other converts the address reversely with the former module whenever an e-mail is sent. The lader method also supports a polymorphism model in order to cope with the new types of e-mail worm-virus attacks. The two methods are designed not to work for the e-mail viruses. There is no additional fraction on the receiver's side of the e-mail system. Experimental results show that the proposed methods can screen the e-mail worm-viruses efficiently with a low overhead.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.16 no.6
• /
• pp.63-71
• /
• 2006

In this paper, we propose a secure solution for user authentication by using fingerprint verification on the sensor-client-server model, even with the client that is not necessarily trusted by the sensor holder or the server. To protect possible attacks launched at the untrusted client, our solution makes the fingerprint sensor validate the result computed by the client for the feature extraction. However, the validation should be simple so that the resource-constrained fingerprint sensor can validate it in real-time. To solve this problem, we separate the feature extraction into binarization and minutiae extraction, and assign the time-consuming binarization to the client. After receiving the result of binarization from the client, the sensor conducts a simple validation to check the result, performs the minutiae extraction with the received binary image from the client, and then sends the extracted minutiae to the server. Based on the experimental results, the proposed solution for fingerprint verification can be performed on the sensor-client-server model securely and in real-time with the aid of an untrusted client.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.3
• /
• pp.621-635
• /
• 2012

Although most proposed security schemes have scrutinized their own security models for protecting different types of threats and attacks, this naturally causes a problem as follows-- if a security analysis tool would fit a certain scheme, it may not be proper to other schemes. In order to address this problem, this paper analyzes how security requirements of each paper could be different by comparing with two schemes: Agrawal et al.'s scheme OPES (Order Preserving Encryption Scheme) and Zdonik et al.'s FCE (Fast Comparison Encryption). Zdonik et al. have formally disproved the security of Agrawal et al.'s scheme OPES. Thereafter, some scholars have wondered whether the OPES can guarantee its applicability in a real world for its insecurity or not. However, the analysis by Zdonik et al. does not have valid objectivity because they used the security model INFO-CPA-DB for their scheme FCE to analyze Agrawal et al.'s scheme OPES, in spite of the differences between two schemes. In order to analyze any scheme correctly and apply it to a real world properly, the analysis tool should be comprehensively standardized. We re-analyze Zdonik et al.'s analysis for OPES and then propose general formalizations of security and privacy for all of the encrypted retrieval systems. Finally, we recommend the minimum level of security requirements under our formal definitions. Additional considerations should be also supplemented in accordance with the conditions of each system.