• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.5
• /
• pp.817-826
• /
• 2022

AI technology is being successfully introduced in many fields, and models deployed as a service are deployed with black box environment that does not expose the model's information to protect intellectual property rights and data. In a black box environment, attackers try to steal data or parameters used during training by using model output. This paper proposes a method of inferring the type of model to directly find out the composition of layer of the target model, based on the fact that there is no attack to infer the information about the type of model from the deep learning model. With ResNet, VGGNet, AlexNet, and simple convolutional neural network models trained with MNIST datasets, we show that the types of models can be inferred using the output values in the gray box and black box environments of the each model. In addition, we inferred the type of model with approximately 83% accuracy in the black box environment if we train the big and small relationship feature that proposed in this paper together, the results show that the model type can be infrerred even in situations where only partial information is given to attackers, not raw probability vectors.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.5
• /
• pp.751-763
• /
• 2022

With the recent increase in spending growth in the IoT sector worldwide, the importance of lightweight block ciphers to encrypt them is also increasing. The lightweight block cipher PIPO algorithm proposed in ICISC 2020 is an SPN-structured cipher using an unbalanced bridge structure. The white box attack model refers to a state in which an attacker may know the intermediate value of the encryption operation. As a technique to cope with this, Chow et al. proposed a white box implementation technique and applied it to DES and AES in 2002. In this paper, we propose a white box PIPO applying a white box implementation to a lightweight block cipher PIPO algorithm. In the white box PIPO, the size of the table decreased by about 5.8 times and the calculation time decreased by about 17 times compared to the white box AES proposed by Chow and others. In addition, white box PIPO was used for mobile security products, and experimental results for each test case according to the scope of application are presented.

• Electronics and Telecommunications Trends
• /
• v.27 no.4
• /
• pp.123-129
• /
• 2012

최근 교통사고가 발생하는 경우, 사고 발생의 책임 소재에 대한 판단을 용이하게하고, 사고예방의 효과가 높은 이유로 택시, 버스와 같은 대중교통 시설과 개인 차량에 교통사고 상황을 영상으로 기록할 수 있는 차량용 영상기록 블랙박스(VEDR: Video Event Data Recorder)의 장착이 증가하고 있다. 그러나 이러한 블랙박스의 설치 및 활용에 대한 법적 규정이 미비하여 개인의 사생활 침해 가능성과 범죄에의 악용 우려가 높다. 본고에서는 차량용 블랙박스의 사용과 함께 발생할 수 있는 보안적인 문제점들을 살펴보았다. 특히 차량용 블랙박스에서 발생할 수 있는 보안적인 문제들 중에서 현재 사회적으로 가장 이슈가 되고 있는 블랙박스에 저장된 데이터의 위 변조 문제와 개인의 프라이버시 보호 문제를 중심으로 살펴보았다. 또한 이러한 보안 문제와 관련한 국내 외의 법률 동향을 살펴보았으며, 향후 제정될 이러한 법률들을 지원하기 위하여 보완하여야 할 문제와 추가로 고려되어야 하는 문제 등을 함께 살펴보았다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.4
• /
• pp.771-783
• /
• 2012

This paper proposes a scheme to collect video data of the vehicle black box in order to strengthen the public safety. The existing schemes, such as surveillance system with the fixed CCTV and car black box, have privacy issues, network traffic overhead and the storage space problems because all video data are sent to the central server. In this paper, the central server only collects the video data related to the accident or the criminal offense using the GPS information and time in order to investigation of the accident or the criminal offense. The proposed scheme addresses the privacy issues and reduces network traffic overhead and the storage space of the central server since the central server collects the video data only related to the accident and the criminal offense. The implementation and experiment shows that our service is feasible. The proposed service can be used as a component of remote surveillance system to prevent the criminal offense and to investigate the criminal offense.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2010.10a
• /
• pp.627-628
• /
• 2010

S. Chow proposes white-box cryptography mechanism of AES algorithm(WBC-AES) in 2002. WBC mechanism is implementation method which is resistant to white-box attack. We describe the WBC-AES and contents protection method using it.

• Journal of Digital Convergence
• /
• v.13 no.10
• /
• pp.343-351
• /
• 2015

With the diverse services of the current M2M environment being expanded to the organizations, the corporations, and the daily lives, the possibility of the occurrence of the vulnerabilities of the security of the related technologies have become an issue. In order to solve such a problem of the vulnerability of the security, this thesis proposes the technique for applying the cryptography algorithm for the protection of the device key of the M2M environment. The proposed technique was based on the elliptic curve cryptography Through the key exchange and the signature exchange in the beginning, the security session was created. And the white box cipher was applied to the encryption that creates the white box table using the security session key. Application results cipher algorithm, Elliptic Curve Cryptography provides a lightweight mutual authentication, a session key for protecting the communication session and a conventional white-box cipher algorithm and was guaranteed the session key used to encrypt protected in different ways. The proposed protocol has secure advantages against Data modulation and exposure, MITM(Man-in-the-middle attack), Data forgery and Manipulation attack.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2003.10a
• /
• pp.963-966
• /
• 2003

As the broadcasting service is digitalized, the copyrighters more concern about permitting users to record broadcasting content. However, the recording is very convenient function for the users to enjoy their favorite program without restriction of broadcasting schedule. In this paper, we will suggest an efficient mechanism to protect recorded content. We will also propose a new business model on the recorded broadcasting content using suggested protection mechanism.

• Convergence Security Journal
• /
• v.24 no.1
• /
• pp.69-76
• /
• 2024

The white-box implementation is a cryptographic technique used to protect the secret key of a cryptographic system. It is primarily employed for digital rights management for music and videos. Since 2002, numerous white-box implementations have been developed to ensure secure digital rights management. These have been applied to AES and DES. ARIA, a 128-bit block cipher with an involution substitution and permutation network (SPN), was selected as a South Korean standard in 2004. In this paper, we propose the first white-box ARIA implementation. Our implementation consists of 7,696 lookup tables, with a total size of 1,984 KB. We demonstrate that it also has considerable white-box diversity and white-box ambiguity from a security perspective.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2009.11a
• /
• pp.667-668
• /
• 2009

IPTV 시스템에서 서비스 제공자는 제한수신시스템(CAS, Conditional Access System)을 통해 미디어 콘텐츠의 안전한 전송을 제공한다. Scramble Function의 Pseudo-random sequence 생성 초기화 단계에서 사용하는 CW(Control Word)를 허가된 사용자만 획득하게 함으로써 데이터를 보호한다. 적합한 사용자 측에서는 스마트카드를 통해 획득한 CW를 셋톱박스에 전송하고, 셋톱박스는 CW를 이용해 암호화된 데이터로부터 원본의 미디어 콘텐츠를 획득한다. 이 때, CW가 그대로 셋톱박스에게 전송되기 때문에 비인가된 사용자가 공격을 통해 CW를 획득할 수 있어서 암호화된 전송이 요구된다. 이본 논문에서는 스마트카드와 셋톱박스 사이의 암호화 통신을 위해 기존의 방법보다 경량화된 상호인증 및 키 동의 프로토콜을 제안한다.

• Venture DIGEST
• /
• s.129
• /
• pp.14-16
• /
• 2009

복제방지 기술은 저작권이 있는 소프트웨어, 영화, 음악 등에 대해 불법적인 재생산을 막기 위한 기술적보호조치 중의 하나이다. 기술적보호조치를 우회하거나 무력화하는 행위에 대해서는 법에서 금지하고 있으며, 효과적이고 상당한 수준의 기술적보호조치가 요구되고 있다. 현재까지 인터넷 기반의 PC플랫폼을 중심으로 발전되어 왔던 복제방지 기술도 디지털 방송 및 다양한 휴대 기기의 발달과 이용 형태의 변화에 따라 복제방지 기술 또한 다양한 요구사항을 만족시키기 위한 보호기술로 확장되어 왔다. 소프트웨어 및 디지털 콘텐츠 제작자들은 좀 더 자극적이고 능동적이고 불법 복제 및 유통을 차단하기 위하여 복제 방지기술을 도입하고 있으며 MP3폰, 셋탑박스 등에 필수적으로 탑재되고 있다.