• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.12 no.6
• /
• pp.59-69
• /
• 2002

Many Linear attacks have introduced after M. Matsui suggested Linear Cryptanalysis in 1993. The one of them is the method suggested by B. Kaliski and M. Robshaw. It was a new method using multiple linear approximations to attack for block ciphers. It requires less known plaintexts than that of Linear Cryptanalysis(LC) by Matsui, but it has a problem. In this paper, we will introduce the new method using multiple linear approximation that can solve the problem. Using the new method, the requirements of the known plaintexts is 5(1.25) times as small as the requirements in LC on 8(16) round DES with a success rate of 95%(86%) respectively. We can also adopt A Chosen Plaintext Linear Attack suggested by L. R. Knudsen and J. E. Mathiassen and then our attack requires about $2^{40.6}$ chosen plaintexts to recover 15 key bits with 86% success rate. We believe that the results in this paper contain the fastest attack on the DES full round reported so far in the open literature.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.13 no.1
• /
• pp.81-86
• /
• 2009

Almost all network systems provide an authentication mechanism based on user ID and password. In such system, it is easy to obtain the user password using a sniffer program with illegal eavesdropping. The one-time password and challenge-response method are useful authentication schemes that protect the user passwords against eavesdropping. In client/server environments, the one-time password scheme using time is especially useful because it solves the synchronization problem. In this paper, we propose a new identification scheme One Pass Identification. The security of Password base System is based on the square root problem, and Password base System is secure against the well known attacks including pre-play attack, off-line dictionary attack and server comprise. A number of pass of Password base System is one, and Password base System processes the password and does not need the key. We think that Password base System is excellent for the consuming time to verify the prover.

• Journal of the Korea Society of Computer and Information
• /
• v.12 no.4
• /
• pp.21-31
• /
• 2007

This Paper presents an SOA framework that enables smooth provision of service to ordinary users while also replacing the current B2B environment-oriented SOA framework. To that end, the proposed SOA will be reviewed for its concept, characteristics, and components. Key to its design is that it will be implemented using the prospective next-generation P2P platform known as JXTA. The proposed framework includes all the basic functions of other SOA frameworks, and will make Provision and use of services more easy compared with other frameworks. Under this service, data and applications controlling these data are provided in an enabling format, thereby addressing security problems. Another advantage of this proposed framework is that each peer is able to play all roles of a service provider, service client, and service registry.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.39B no.4
• /
• pp.207-215
• /
• 2014

Password based authentication systems are most widely used for user convenience in web services. However such authentication systems are known to be vulnerable to various attacks such as password guessing attack, dictionary attack and key logging attack. Besides, many of the web systems just provide user authentication in a one-way fashion such that web clients cannot verify the authenticity of the web server to which they set access and give passwords. Therefore, it is too difficult to protect against DNS spoofing, phishing and pharming attacks. To cope with the security threats, web system adopts several enhanced schemes utilizing one time password (OTP) or long and strong passwords including special characters. However there are still practical issues. Users are required to buy OTP devices and strong passwords are less convenient to use. Above all, one-way authentication schemes generate several vulnerabilities. To solve the problems, we propose a multi-channel, multi-factor authentication scheme by utilizing QR-Code. The proposed scheme supports both user and server authentications mutually, thereby protecting against attacks such as phishing and pharming attacks. Also, the proposed scheme makes use of a portable smart device as a OTP generator so that the system is convenient and secure against traditional password attacks.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.7 no.2
• /
• pp.447-455
• /
• 2012

The present study was carried out with a view to examine the protective actions of physical and occupational therapists for patients's privacy. For this purpose, a survey was conducted with the questionnaires that were distributed to 297 physical and occupational therapists engaged in general hospitals as well as in rehabilitation clinics across the country from January 2 to 13, 2012. From the survey, it was made known that the overall extent of protective actions practiced by them was $3.54{\pm}.733$ in average. Divided by area, the average protective action in communication was $3.62{\pm}.776$, followed by $3.57{\pm}1.013$ in direct contact and $3.53{\pm}.780$ in maintenance and management, respectively. The analysis of general characteristics by each area showed that the older their age gets and the longer their career is, the more the protective action is practiced by them. Although they are well aware of the fact that the medical information of patients should be kept 100% secret and they practice it to almost excellent grade (5), the physical and occupational therapists, as key experts in charge of improving functions of patients, were found to have little concern for and little knowledge about contents of protecting medical information. It is thus required to perform public relation and instruction continuously to intensify their awareness of needs to protect patients' privacy and to implant ethical sense in this regard deep in their mind.

• Journal of Intelligence and Information Systems
• /
• v.16 no.3
• /
• pp.147-161
• /
• 2010

As broadcasting and communication are converged recently, communication is jointed to TV. TV viewing has brought about many changes. The IPTV (Internet Protocol Television) provides information service, movie contents, broadcast, etc. through internet with live programs + VOD (Video on demand) jointed. Using communication network, it becomes an issue of new business. In addition, new technical issues have been created by imaging technology for the service, networking technology without video cuts, security technologies to protect copyright, etc. Through this IPTV network, users can watch their desired programs when they want. However, IPTV has difficulties in search approach, menu approach, or finding programs. Menu approach spends a lot of time in approaching programs desired. Search approach can't be found when title, genre, name of actors, etc. are not known. In addition, inserting letters through remote control have problems. However, the bigger problem is that many times users are not usually ware of the services they use. Thus, to resolve difficulties when selecting VOD service in IPTV, a personalized service is recommended, which enhance users' satisfaction and use your time, efficiently. This paper provides appropriate programs which are fit to individuals not to save time in order to solve IPTV's shortcomings through filtering and recommendation-related system. The proposed recommendation system collects TV program information, the user's preferred program genres and detailed genre, channel, watching program, and information on viewing time based on individual records of watching IPTV. To look for these kinds of similarities, similarities can be compared by using ontology for TV programs. The reason to use these is because the distance of program can be measured by the similarity comparison. TV program ontology we are using is one extracted from TV-Anytime metadata which represents semantic nature. Also, ontology expresses the contents and features in figures. Through world net, vocabulary similarity is determined. All the words described on the programs are expanded into upper and lower classes for word similarity decision. The average of described key words was measured. The criterion of distance calculated ties similar programs through K-medoids dividing method. K-medoids dividing method is a dividing way to divide classified groups into ones with similar characteristics. This K-medoids method sets K-unit representative objects. Here, distance from representative object sets temporary distance and colonize it. Through algorithm, when the initial n-unit objects are tried to be divided into K-units. The optimal object must be found through repeated trials after selecting representative object temporarily. Through this course, similar programs must be colonized. Selecting programs through group analysis, weight should be given to the recommendation. The way to provide weight with recommendation is as the follows. When each group recommends programs, similar programs near representative objects will be recommended to users. The formula to calculate the distance is same as measure similar distance. It will be a basic figure which determines the rankings of recommended programs. Weight is used to calculate the number of watching lists. As the more programs are, the higher weight will be loaded. This is defined as cluster weight. Through this, sub-TV programs which are representative of the groups must be selected. The final TV programs ranks must be determined. However, the group-representative TV programs include errors. Therefore, weights must be added to TV program viewing preference. They must determine the finalranks.Based on this, our customers prefer proposed to recommend contents. So, based on the proposed method this paper suggested, experiment was carried out in controlled environment. Through experiment, the superiority of the proposed method is shown, compared to existing ways.