• Title/Summary/Keyword: 오라클

Search Result 134, Processing Time 0.024 seconds

Padding Oracle Attack on Block Cipher with CBC|CBC-Double Mode of Operation using the BOZ-PAD (BOZ-PAD 방법을 사용하는 블록암호 기반 CBC|CBC 이중 모드에 대한 패딩 오라클 공격)

  • Hwang, Seongjin;Lee, Changhoon
    • The Journal of Society for e-Business Studies
    • /
    • v.20 no.1
    • /
    • pp.89-97
    • /
    • 2015
  • In the various application environments on the internet, we use verified cipher algorithm to protect personal information of electronic commerce or application environments. Even so, if an application method isn't proper, the information you want to keep can be intercepted. This thesis studied about result of Padding Oracle Attack, an application environment which apply CBC|CBC operational mode based on block cipher and BOZ padding method.

A Diffie-Hellman Key Exchange Protocol in the Standard Model (표준 모델에서 안전한 Diffie-Hellman 키 교환 프로토콜)

  • Jeong, Ik-Rae;Kwon, Jeong-Ok;Lee, Dong-Hoon;Hong, Do-Won
    • Journal of KIISE:Information Networking
    • /
    • v.35 no.6
    • /
    • pp.465-473
    • /
    • 2008
  • The MQV protocol has been regarded as the most efficient authenticated Diffie- Hellman key exchange protocol, and standardized by many organizations including the US NSA. In Crypto 2005, Hugo Krawczyk showed vulnerabilities of MQV to several attacks and suggested a hashed variant of MQV, called HMQV, which provides the same superb performance of MQV and provable security in the random oracle model. In this paper we suggest an efficient authenticated Diffie-Hellman key exchange protocol providing the same functionalities and security of HMQV without random oracles. So far there are no authenticated Diffie-Hellman protocols which are provably secure without using random oracles and achieve the same level of security goals of HMQV efficiently yet.

Blockchain Oracle for Random Number Generator using Irregular Big Data (비정형 빅데이터를 이용한 난수생성용 블록체인 오라클)

  • Jung, Seung Wook
    • Convergence Security Journal
    • /
    • v.20 no.2
    • /
    • pp.69-76
    • /
    • 2020
  • Blockchain 2.0 supports programmable smart contract for the various distributed application. However, the environment of running smart contract is limited in the blockchain, so the smart contract only get the deterministic information, such as block height, block hash, and so on. Therefore, some applications, which requires random information, such as lottery or batting, should use oracle service that supply the information outside of blockchain. This paper develops a random number generator oracle service. The random number generator oracle service use irregular big data as entropy source. This paper tests the randomness of bits sequence generated from oracle service using NIST SP800-22. This paper also describes the advantages of irregular big data in our model in perspective of cost comparing hardware entropy source.

Safety Analysis of Various Padding Techniques on Padding Oracle Attack (패딩 오라클 공격에 따른 다양한 패딩방법의 안전성 분석)

  • Kim, Kimoon;Park, Myungseo;Kim, Jongsung;Lee, Changhoon;Moon, Dukjae;Hong, Seokhee
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.25 no.2
    • /
    • pp.271-278
    • /
    • 2015
  • We use various types of cryptographic algorithms for the protection of personal and sensitive informations in the application environments, such as an internet banking and an electronic commerce. However, recent researches were introduced that if we implement modes of operation, padding method and other cryptographic implementations in a wrong way, then the critical information can be leaked even though the underlying cryptographic algorithms are secure. Among these attacking techniques, the padding oracle attack is representative. In this paper, we analyze the possibility of padding oracle attacks of 12 kinds of padding techniques that can be applied to the CBC operation mode of a block cipher. As a result, we discovered that 3 kinds were safe padding techniques and 9 kinds were unsafe padding techniques. We propose 5 considerations when designing a safe padding techniques to have a resistance to the padding oracle attack through the analysis of three kinds of safe padding techniques.

Generating Test Oracles from Sequence Diagram for Java (Sequence Diagram을 이용한 테스트 오라클 생성)

  • 정정수
    • Proceedings of the Korean Information Science Society Conference
    • /
    • 2000.10a
    • /
    • pp.442-444
    • /
    • 2000
  • 이 논문에서는 산업계의 표준으로 널리 사용되고 있는 객체 지향 시스템의 명세 언어인 UML의 sequence diagram을 이용하여 객체 지향 시스템을 검증하는 방법과 이 방법을 테스팅 오라클을 생성하는데 사용할 수 있는 프레임웍을 제시하였다. 우리는 sequence diagram을 테스팅 결과의 검증에 사용하기 위하여 정형적으로 재정의 하였다. 그리고 시제 논리의 강력한 검증 능력을 사용하기 위해서 Half-Order Dynamic Temporal Logic(HDTL)이라 불리는 새로운 시제 논리를 정의하였고 sequence diagram을 HDTL 논리식으로 변화시키는 의미 함수(semantic function)를 정의하였다. HDTL에서 오토마톤을 생성하기 위해서 Tableau 방법을 변형하여 적용시켰다. 이 결과 생성된 오토마톤은 이상 상태(anomaly), 즉 sequence diagram에 표현되지 않은 사건(evevt)의 발생을 검색하는 오라클로 사용할 수 있다. 테스팅의 결과를 수작업으로 검증하는 것은 매우 어렵고 오류가 발생하기 쉬운 작업이므로 제안한 방법은 유용하게 사용될 수 있다.

  • PDF

NEWS RADAR

  • Korea Database Promotion Center
    • Digital Contents
    • /
    • no.10 s.161
    • /
    • pp.130-137
    • /
    • 2006
  • PDF