• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.34 no.1
• /
• pp.61-70
• /
• 2024

As users use various services along with the rapid increase in Internet services, it may be difficult to manage accounts. To solve these difficulties, various password management applications are emerging. From a forensic point of view, password management applications can provide clues to obtain criminal evidence. The purpose of this paper is to acquire the data stored by the user in the password management application. To this end, we propose a better way to decrypt the encrypted data through reverse engineering, evaluate the security of the application to be analyzed, and safely store the data.

• The KIPS Transactions:PartC
• /
• v.14C no.6
• /
• pp.463-470
• /
• 2007

Revocation is one of the main difficulties faced in implementing Public Key Infrastructures(PHs). Boneh, Ding and Tsudik first introduced a mediated cryptography for obtaining immediate revocation of RSA keys used in PKIs. Their method is based on the idea that each user's private key can be split into two random shares, one of which is given to the user and the other to an online security mediator(SEM). Thus any signature or decryption must be performed as a cooperation between a user and his/her associated SEM and revocation is achieved by instructing the mediator SEM to stop cooperating the user. Recently, Libert and Quisquater showed that the fast revocation method using a SEcurity Mediator(SEM) in a mRSA can be applied to the Boneh-Franklin identify based encryption and GDH signature schemes. In this paper we propose a mediated identity based signature(mIBS) with batch verification which apply the SEM architecture to an identity based signature. Libert's GDH siganture scheme is not forward secure even though forward security is an important and desirable feature for signature schemes. We propose an efficient key udating mediated signature scheme, mKUS based on mIBS and analyze its security and efficiency.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.5
• /
• pp.1099-1112
• /
• 2018

The field of post-quantum cryptography (PQC) is an active area of research as cryptographers look for public-key cryptosystems that can resist quantum adversaries. Among those categories in PQC, code-based cryptosystem provides high security along with efficiency. Recent works on code-based cryptosystems focus on the side-channel resistant implementation since previous works have indicated the possible side-channel vulnerabilities on existing algorithms. In this paper, we recovered the secret key in HyMES(Hybrid McEliece Scheme) using a single power consumption trace. HyMES is a variant of McEliece cryptosystem that provides smaller keys and faster encryption and decryption speed. During the decryption, the algorithm computes the parity-check matrix which is required when computing the syndrome. We analyzed HyMES using the fact that the joint distributions of nonlinear functions used in this process depend on the secret key. To the best of our knowledge, we were the first to propose the side-channel analysis based on joint distributions of leakages on public-key cryptosystem.

• Journal of KIISE:Computer Systems and Theory
• /
• v.37 no.4
• /
• pp.226-238
• /
• 2010

OpenSSL is an open-source library implementing SSL that is a secure communication protocol. However, the library has a severe vulnerability that its security information can be easily exposed to malicious software when the library is used in a form of shared library on Linux and UNIX operating systems. We propose a scheme to attack the vulnerability of the OpenSSL library. The scheme injects codes into a running client program to execute the following attacks on the vulnerability in a SSL handshake. First, when a client sends a server a list of cryptographic algorithms that the client is willing to support, our scheme replaces all algorithms in the list with a specific algorithm. Such a replacement causes the server to select the specific algorithm. Second, the scheme steals a key for data encryption and decryption when the key is generated. Then the key is sent to an outside attacker. After that, the outside attacker decrypts encrypted data that has been transmitted between the client and the server, using the specified algorithm and the key. To show that our scheme is realizable, we perform an experiment of collecting encrypted login data that an ftp client using the OpenSSL shared library sends its server and then decrypting the login data.

• Journal of KIISE:Computer Systems and Theory
• /
• v.26 no.8
• /
• pp.918-929
• /
• 1999

동기식 스트림 암호통신 방식을 사용하는 암호통신에서는 암/복호화 과정 수행시 암호통신 과정에서 발생하는 사이클슬립으로 인해 키수열의 동기이탈 현상이 발생되고 이로 인해 오복호된 데이타를 얻게된다. 이러한 위험성을 감소하기 위한 방안으로 현재까지 암호문에 동기신호와 세션키를 주기적으로 삽입하여 동기를 이루는 주기적인 동기암호 통신방식을 사용하여 왔다. 본 논문에서는 CDMA(Cellular Division Multiple Access) 이동망에서 데이타서비스를 제공할 때 사용되는 점대점 프로토콜의 주소영역의 특성을 이용하여 단위 측정시간 동안 측정된 주소비트 정보와 플래그 패턴의 수신률을 이용하여 문턱 값보다 작은경우 동기신호와 세션키를 전송하는 비주기적인 동기방식을 사용하므로써 종래의 주기적인 동기방식으로 인한 전송효율성 저하와 주기적인 상이한 세션키 발생 및 다음 주기까지의 동기이탈 상태의 지속으로 인한 오류확산 등의 단점을 해결하였다. 제안된 알고리즘을 링크계층의 점대점 프로토콜(Point to Point Protocol)을 사용하는 CDMA 이동망에서 동기식 스트림 암호 통신방식에 적용시 동기이탈율 10-7의 환경에서 주기가 1sec인 주기적인 동기방식에서 요구되는 6.45x107비트에 비해 3.84x105비트가 소요됨으로써 전송율측면에서의 성능향상과 오복호율과 오복호 데이타 비트측면에서 성능향상을 얻었다. Abstract In the cipher system using the synchronous stream cipher system, encryption / decryption cause the synchronization loss (of key arrangement) by cycle slip, then it makes incorrect decrypted data. To lessen the risk, we have used a periodic synchronous cipher system which achieve synchronization at fixed timesteps by inserting synchronization signal and session key. In this paper, we solved the problem(fault) like the transfer efficiency drops by a periodic synchronous method, the periodic generations of different session key, and the incorrectness increases by continuing synchronization loss in next time step. They are achieved by the transfer of a non-periodic synchronous signal which carries synchronous signal and session key when it is less than the threshold value, analyzing the address field of point-to-point protocol, using the receiving rate of address bits information and flag patterns in the decision duration, in providing data services by CDMA mobile network. When the proposed algorithm is applied to the synchronous stream cipher system using point-to-point protocol, which is used data link level in CDMA mobile network, it has advanced the result in Rerror and Derror and in transmission rate, by the use of 3.84$\times$105bits, not 6.45$\times$107bits required in periodic synchronous method, having lsec time step, in slip rate 10-7.

• KIPS Transactions on Computer and Communication Systems
• /
• v.11 no.12
• /
• pp.453-460
• /
• 2022

As high-performance quantum computers are expected to be developed, studies are being actively conducted to build a post-quantum security system that is safe from potential quantum computer attacks. When the Grover's algorithm, a representative quantum algorithm, is used to search for a secret key in a symmetric key cryptography, there may be a safety problem in that the security strength of the cipher is reduced to the square root. NIST presents the post-quantum security strength estimated based on the cost of the Grover's algorithm required for an attack of the cryptographic algorithm as a post-quantum security requirement for symmetric key cryptography. The estimated cost of Grover's algorithm for the attack of symmetric key cryptography is determined by the quantum circuit complexity of the corresponding encryption algorithm. In this paper, the quantum circuit of the SCHWAEMM algorithm, AEAD family of SPARKLE, which was a finalist in NIST's lightweight cryptography competition, is efficiently implemented, and the quantum cost to apply the Grover's algorithm is analyzed. At this time, the cost according to the CDKM ripple-carry adder and the unbounded Fan-Out adder is compared together. Finally, we evaluate the post-quantum security strength of the lightweight cryptography SPARKLE SCHWAEMM algorithm based on the analyzed cost and NIST's post-quantum security requirements. A quantum programming tool, ProjectQ, is used to implement the quantum circuit and analyze its cost.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.6 no.2
• /
• pp.171-179
• /
• 2011

Feistel and SPN are the two main structures in a block cipher. Feistel is a symmetric structure which has the same structure in encryption and decryption, but SPN is not a symmetric structure. Encrypt round function and decrypt round function in SPN structure have three parts, round key addition and substitution layer with S-box for confusion and permutation layer for defusion. Most SPN structure for example ARIA and AES uses 8 bit S-Box at substitution layer, which is vulnerable to Square attack, Boomerang attack, Impossible differentials cryptanalysis etc. In this paper, we propose a SPN which has a symmetric structure in encryption and decryption. The whole operations of proposed algorithm are composed of the even numbers of N rounds where the first half of them, 1 to N/2 round, applies a right function and the last half of them, (N+1)/2 to N round, employs an inverse function. And a symmetry layer is located in between the right function layer and the inverse function layer. The symmetric layer is composed with a multiple simple bit slice involution S-Boxes. The bit slice involution S-Box symmetric layer increases difficult to attack cipher by Square attack, Boomerang attack, Impossible differentials cryptanalysis etc. The proposed symmetric SPN block cipher with bit slice involution S-Box is believed to construct a safe and efficient cipher in Smart Card and RFID environments where electronic chips are built in.

• The Journal of Korea Institute of Information, Electronics, and Communication Technology
• /
• v.13 no.5
• /
• pp.425-431
• /
• 2020

Recent advancements in industries and technologies have resulted in an increase in the volume of transportation, management, and distribution of logistics. Radio-frequency identification (RFID) technologies have been developed to efficiently manage such a large amount of logistics information. The use of RFID for management is being applied not only to the logistics industry, but also to the power transmission and energy management field. However, due to the limitation of program development capacity, the RFID device is limited in development, and this limitation is vulnerable to security because the existing strong encryption method cannot be used. For this reason, we designed a chaotic system for security with simple operations that are easy to apply to such a restricted environment of RFID. The designed system is a two-dimensional tent map chaotic system. In order to solve the problem of a biased distribution of signals according to the parameters of the chaotic dynamical system, the system has a cryptographic parameter(𝜇₁), a distribution parameter(𝜇₂), and a parameter(𝜃), which is the constant point, ID value, that can be used as a key value. The designed RFID authentication system is similar to random numbers, and it has the characteristics of chaotic signals that can be reproduced with initial values. It can also solve the problem of a biased distribution of parameters, so it is deemed to be more effective than the existing encryption method using the chaotic system.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.16 no.5
• /
• pp.93-106
• /
• 2006

With the rapid growth of the wireless Internet communication, a new generation of mobile devices have made possible the broad distribution of mobile digital contents, such as image, music, video, games and applications over the wireless Internet. Mobile devices are rapidly becoming the major means to extend communication channels without copy Protection, usage rule controlling and authentication. As a result, mobile digital contents may be illegally altered, copied and distributed among unauthorized mobile devices. In this paper, we take a look at Open Mobile Alliance (OMA) DRM v2.0 in general, its purpose and function. The OMA is uniquely the focal point for development of an open standard for mobile DRM. Next we introduces features for an active content and illustrates the difference between an active content and an inactive content. Enabling fast rendering of an active content, we propose an OMA-based DRM framework. This framework include the following: 1) Extending DCF Header for supporting an selective encryption, 2) Content encryption key management, 3) Rendering API for an active content. Experimental results show that the proposed framework is able to render an active content fast enough to satisfy Quality of Experience. %is framework has been proposed for a mobile device environment, but it is also applicable to other devices, such as portable media players, set-top boxes, or personal computer.

• Information Systems Review
• /
• v.25 no.4
• /
• pp.47-65
• /
• 2023

In this paper, we investigate how the online voting system can be a trust-based system from a technical perspective. Under four principles of voting, we finely evaluate the existing belief that offline voting is safer and more reliable than online voting based on procedural processes, technical principles. Many studies have suggested the ideas for implementing online voting system, but they have not attempted to strictly examine the technologies of online voting system from the perspective of voting requirements, and usually verification has been insufficient in terms of practical acceptance. Therefore, this study aims to analyze how the technologies are utilized to meet the demanding requirements of voting based on the technologies proven in the field. In addition to general data encryption, online voting requires more technologies for preventing data manipulation and verifying voting results. Moreover, high degree of confidentiality is required because voting data should not be exposed not only to outsiders but also to managers or the system itself. To this end, the security techniques such as Blind Signature, Bit Delegation and Key Division are used. In the case of blockchain-based voting, Mixnet and Zero-Knowledge Proof are required to ensure anonymity. In this study, the current status of the online voting system is analyzed based on the field system that actually serves. This study will enhance our understanding on online voting security technologies and contribute to build a more trust-based voting mechanism.