• The Journal of Society for e-Business Studies
• /
• v.22 no.2
• /
• pp.169-185
• /
• 2017

Juliano Rizzo and Thai Duong, the authors of the BEAST attack [11, 12] on SSL, have proposed a new attack named CRIME [13] which is Compression Ratio Info-leak Made Easy. The CRIME exploits how data compression and encryption interact to discover secret information about the underlying encrypted data. Repeating this method allows an attacker to eventually decrypt the data and recover HTTP session cookies. This security weakness targets in SPDY and SSL/TLS compression. The attack becomes effective because the attacker is enable to choose different input data and observe the length of the encrypted data that comes out. Since Transport Layer Security (TLS) ensures integrity of data transmitted between two parties (server and client) and provides strong authentication for both parties, in the last few years, it has a wide range of attacks on SSL/TLS which have exploited various features in the TLS mechanism. In this paper, we will discuss about the CRIME and other versions of SSL/TLS attacks along with countermeasures, implementations. We also present direction for SSL/TLS attacks resistance in practice.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.12 no.3
• /
• pp.75-85
• /
• 2016

MANET is a network composed only mobile network having limited resources and has dynamic topology characteristics. Therefore, every mobile node acts as a route and delivers data by using multi-hop method. In particular, group communication such as multicast is desperately needed because of characteristics such as battery life of limited wireless bandwidth and mobile nodes. However, the multicast technique can have different efficient of data transmission according to configuring method of a virtual topology by the movement of the nodes and the performance of a multicast can be significantly degraded. In this paper, the region based security multicast technique is proposed in order to increase the efficiency of data transmission by maintaining an optimal path and enhance the security features in data transmission. The group management node that manages the state information of the member nodes after the whole network is separated to area for efficient management of multicast member nodes is used. Member node encrypts using member key for secure data transmission and the security features are strengthened by sending the data after encrypted using group key in group management node. The superiority of the proposed technique in this paper was confirmed through experiments.

• The KIPS Transactions:PartC
• /
• v.12C no.2 s.98
• /
• pp.183-190
• /
• 2005

In this thesis, first, we propose I-frame encryption techniques of video data for video data itself encryption and propose license agent that processing user's certification and decryption in client system automatically when user execute encrypted video data in system server. License agent runs user's certification, encryption and decryption of video data based on PID(Public Key Infrastructure) using shared key-pool when execute of video data. Also, compose duplex buffer control and propose real time decryption method using efficient buffer scheduling to reduce much playing delay times that happen processing decryption when execute of videoa data of high-capacity.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.34 no.5
• /
• pp.895-905
• /
• 2024

Even now that the coronavirus pandemic has ended, collaboration tools that connect office work and remote work are showing high usage rates. These collaboration tools are related to sensitive data within an organization, and a lot of data is generated through the interactions of not only individuals but also members of various organizations. However, the generated data is structurally mixed, encrypted, or deleted or hidden through anti-forensic functions supported by collaboration tools. Digital investigations targeting collaboration tools require analysis methods to collect this data and obtain key data. In this paper, we explained how to collect and analyze data using Naver Works, a collaboration tool in the Windows environment.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2002.11a
• /
• pp.99-101
• /
• 2002

At ACISP'02, H.J. Kim et al.[1] proposed a new traitor tracing scheme. However, this paper show that the proposed scheme is to be insecure by presenting a conspiracy attack. Using our attack, any two subscribers can collaborate to derive the secret key of the data supplier and tell or sell it to any body. Thus, the unauthorized user can always decrypt the encrypted session key with the decrypted session key. Also the two subscribers cannot be traced by the data supplier

• Journal of the Korea Computer Industry Society
• /
• v.5 no.8
• /
• pp.829-840
• /
• 2004

Business model in Web environments is usually provided by digital data. Information exchange of users and service providers should be performed by encryted data. Encrypted protection. In this paper, We have prevented using contents by users is not accessed based on RBAC. in this paper, We propose a new DB encryption scheme which use RBAC and digital signature based on PMI.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.4 no.3
• /
• pp.671-679
• /
• 2000

In this study, the messages sent at application layer are encrypted by using RSA Public Keys before sending. Then we developed the information security system devised for the secure WWW data transmission by extending the functions of the Netscape browser and by using application programs such as Java applications and by using the plug-in methods. Not only can these technologies reduce and make it easier to perform key management or encryption transmission process, but they can also reduce the processing time of encryption correspondence.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.12 no.12
• /
• pp.5878-5884
• /
• 2011

We present steganographic service model and algorism that fit feature of streaming audio book service in order to hide information of copyright and certificate of it. Secret information is encrypted with random numger by secret key that client and server share, so that increase confidentiality. We made secret data distributed randomly and evenly, and improved throughput by simplifying additional computations considering streaming environment.

• Journal of the Optical Society of Korea
• /
• v.15 no.3
• /
• pp.244-251
• /
• 2011

We propose a new 2-step phase-shifting digital holographic optical encryption technique and analyze tolerance error for this cipher system. 2-step phase-shifting digital holograms are acquired by moving the PZT mirror with phase step of 0 or ${\pi}$/2 in the reference beam path of the Mach-Zehnder type interferometer. Digital hologram with the encrypted information is Fourier transform hologram and is recorded on CCD camera with 256 gray-level quantized intensities. The decryption performance of binary bit data and image data is analyzed by considering error factors. One of the most important errors is quantization error in detecting the digital hologram intensity on CCD. The more the number of quantization error pixels and the variation of gray-level increase, the more the number of error bits increases for decryption. Computer experiments show the results to be carried out encryption and decryption with the proposed method and the graph to analyze the tolerance of the quantization error in the system.

• Journal of the Korean Data and Information Science Society
• /
• v.18 no.1
• /
• pp.107-121
• /
• 2007

An efficient encoding algorithm (or encryption algorithm) is essential for mobile devices since their resources such as computation power and battery capacity are very limited. This study is to propose an efficient encoding scheme for protecting mobile music. In the proposed scheme, server distributes each music file in a shuffled form or an encrypted one, then only authorized consumers can play the music after un-shuffling or decrypting it. We show the effectiveness of our proposed scheme by implementing and evaluating the prototype system on WIPI emulator. Experimental results show that our scheme can achieve much better performance than the standard encryption algorithm of OMA DRM.