• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.17 no.3
• /
• pp.35-42
• /
• 2007

We describe the problem of reducing the key material in the Even-Mansour cipher without security degradation. Even and Mansour proposed a block cipher based on XORing secret key material just prior to and after applying random oracle permutation P such that $C=k_2\bigoplus P(M\bigoplus k_1)$. Recently, Gentry and Ramzan showed that this scheme in the random permutation oracle can be replaced by the four-round Feistel network construction in the random function oracle and also proved that their scheme is super-pseudorandom. In this paper we reduce the key size from 2n to n, which is the optimal key size of Even-Mansour cipher in the random function oracle model and also give almost the same level of security.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.4
• /
• pp.37-44
• /
• 2008

The 128-bit block cipher SMS4 which is used in WAPI, the Chinese WALN national standard, uses a 128-bit user key with the number of 32 rounds. In this paper, we present a differential attack on the 20-round SMS4 using 16-round differential characteristic. This attack requires $2^{126}$ chosen plaintexts with $2^{105.85}$ 20-round SMS4 decryptions. This result is better than any previously known cryptanalytic results on SMS4 in terms of the numbers of attacked rounds.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.10 no.4
• /
• pp.107-112
• /
• 2000

In this paper, we study a security of HEA(Hangul Encryption Algorithm) against differential cryptanalysis. HEA, which is 1,024bits input/output and 56bits key size, has the same structure as DES(Data Encyption Standard) only for Korean characters to be produced in ciphertexts. An encryption algorithm should be developed to meet certain critria such as input/ouput dependencies, correlation, avalanche effects, etc. However HEA uses the same S-Boxes as DES does and just expands the plaintext/ciphertext sizes . We analysize HEA with a differential cryptanalysis and present two results. The number of rounds of HEA has not been determined in a concrete basis of cryptanalysis and we show a chosen plintext attack of 10 round reduced HEA with a diffe- rential cryptanalysis characteristic.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.11 no.5
• /
• pp.85-96
• /
• 2001

This paper describes saturation attacks on reduced-round versions of SKIPJACK. To begin with, we will show how to construct a 16-round distinguisher which distinguishes 16 rounds of SKIPJACK from a random permutation. The distinguisher is used to attack on 18(5~22) and 23(5~27) rounds of SKIPJACK. We can also construct a 20-around distinguisher based on the 16-round distinguisher. This distinguisher is used to attack on 22(1~22) and 27(1~27) rounds of SKIPJACK. The 80-bit user key of 27 rounds of SKIPJACK can be recovered with $2^{50}$ chosen plaintexts and 3\cdot 2^{75}$ encryption times.

• Annual Conference on Human and Language Technology
• /
• 2019.10a
• /
• pp.97-102
• /
• 2019

KorQuAD 2.0은 총 100,000+ 쌍으로 구성된 한국어 질의응답 데이터셋이다. 기존 질의응답 표준 데이터인 KorQuAD 1.0과의 차이점은 크게 세가지가 있는데 첫 번째는 주어지는 지문이 한두 문단이 아닌 위키백과 한 페이지 전체라는 점이다. 두 번째로 지문에 표와 리스트도 포함되어 있기 때문에 HTML tag로 구조화된 문서에 대한 이해가 필요하다. 마지막으로 답변이 단어 혹은 구의 단위뿐 아니라 문단, 표, 리스트 전체를 포괄하는 긴 영역이 될 수 있다. Baseline 모델로 구글이 오픈소스로 공개한 BERT Multilingual을 활용하여 실험한 결과 F1 스코어 46.0%의 성능을 확인하였다. 이는 사람의 F1 점수 85.7%에 비해 매우 낮은 점수로, 본 데이터가 도전적인 과제임을 알 수 있다. 본 데이터의 공개를 통해 평문에 국한되어 있던 질의응답의 대상을 다양한 길이와 형식을 가진 real world task로 확장하고자 한다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2022.11a
• /
• pp.583-585
• /
• 2022

최근 기술의 발전으로 인해 자연어 처리 모델의 성능이 증가하고 있다. 그에 따라 평문 지문이 아닌 KorQuAD 2.0 과 같은 웹 문서를 지문으로 하는 기계 독해 과제를 해결하려는 연구가 증가하고 있다. 최근 기계 독해 과제의 대부분의 모델은 트랜스포머를 기반으로 하는 추세를 보인다. 그 중 대표적인 모델인 BERT 는 문자열의 순서에 대한 정보를 임베딩 과정에서 전달받는다. 한편 웹 문서는 태그 구조가 존재하므로 문서를 이해하는데 위치 정보 외에도 태그 정보도 유용하게 사용될 수 있다. 그러나 BERT 의 기존 임베딩은 웹 문서의 태그 정보를 추가적으로 모델에 전달하지 않는다는 문제가 있었다. 본 논문에서는 BERT 에 웹 문서 태그 정보를 효과적으로 전달할 수 있는 HTML 임베딩 기법 및 이를 위한 전처리 기법으로 HTML 태그 스택을 소개한다. HTML 태그 스택은 HTML 태그의 정보들을 추출할 수 있고 HTML 임베딩 기법은 이 정보들을 BERT 의 임베딩 과정에 입력으로 추가함으로써 웹 문서 질의 응답 과제의 성능 향상을 기대할 수 있다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.1
• /
• pp.15-29
• /
• 2014

Increasing the smart instrument based social and economical activity, problems of electronic business's safety, reliability and user's privacy are be on the rise. so variety standard cryptography algorithms for information security have been developed in korea and How to efficiently implement them in a variety of environments is issued. ARIA and SEED, developed in Korea, are standard block cipher algorithm to encrypt the 128-bit plaintext, are each configured Feistel, SPN structure. In this paper, SEED and ARIA were implemented using the GEZEL language that can be used easily in the software designer because grammar is simple compared to other hardware description language. In particular, in this paper, will be described in detail the characteristics and design method using GEZEL as the first paper that implements 128bits ARIA and SEED and it showed the flexibility and efficiency of development using GEZEL. SEED designed GEZEL is occupied 69043 slice, is operating Maximum frequency 146.25Mhz and ARIA is occupied 7282 slice, is operating Maximum frequency 286.172Mhz. Also, Speed of SEED designed and implemented signal flow method is improved 296%.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.5
• /
• pp.1175-1186
• /
• 2015

Financial fraud has been increasing along with credit card usage. Magnetic stripe cards have vulnerabilities in that credit card information is exposed in plaintext and cardholder verification is untrustworthy. So they have been replaced by a smart card scheme to provide enhanced security. Furthermore, the FinTech that combines the IT with Financial product is being prevalent. For that reason, many mobile device based payment schemes have been proposed for card present transaction. In this paper, we propose a virtual credit card number payment scheme based on public key system for efficient authentication in card present transaction. Our proposed scheme is able to authenticate efficiently in card present transaction by pre-registering virtual credit card number based on cardholder's public key without PKI. And we compare and analyze our proposed scheme with EMV.

• Journal of Korea Multimedia Society
• /
• v.10 no.1
• /
• pp.58-65
• /
• 2007

This dissertation proposes digital video protection algorithm lot moving image based on MPEG. Shuffling-based encryption algorithms using a fixed random shuffling table are quite simple and effective but vulnerable to the chosen plaintext attack. To overcome this problem, it is necessary to change the key used for generation of the shuffling table. However, this may pose a significant burden on the security key management system. A better approach is to generate the shuffling table based on the local feature of an image. In order to withstand the chosen plaintext attack, at first, we propose a interleaving algorithm that is adaptive to the local feature of an image. Secondly, using the multiple shuffling method which is combined interleaving with existing random shuffling method, we encrypted the DPCM processed 8*8 blocks. Experimental results showed that the proposed algorithm needs only 10% time of SEED encryption algorithm and moreover there is no overhead bit. In video sequence encryption, multiple random shuffling algorithms are used to encrypt the DC and AC coefficients of intra frame, and motion vector encryption and macroblock shuffling are used to encrypt the intra-coded macroblock in predicted frame.

• Journal of KIISE:Computer Systems and Theory
• /
• v.34 no.11
• /
• pp.581-588
• /
• 2007

In Digital Right Management, symmetric cipher is used for content encryption to reduce encryption cost, AES, advanced encryption standard is usually used to multimedia encryption under desktop environment because of its reasonable security level and computation cost. But mobile handheld device often uses slow speed processor and operates under battery-powered environment. Therefore it requires low computation cost and low energy consumption. This paper proposes new stream cipher scheme which combines pseudo random number generator(PRNG) and dynamically generated permutations. Proposed scheme activates PRNG and generates original key streams. Then it generates extended key streams by applying permutation to original sequence. These extended key streams are XORed with plaintext and generate ciphertext. Proposed scheme reduces the usage of PRNG. Therefore this scheme is fast and consumes less energy in comparison with normal stream cipher. Especially, this scheme shows great speed up (almost 2 times) than normal stream cipher scheme in random access.