• Journal of KIISE:Computer Systems and Theory
• /
• v.37 no.4
• /
• pp.226-238
• /
• 2010

OpenSSL is an open-source library implementing SSL that is a secure communication protocol. However, the library has a severe vulnerability that its security information can be easily exposed to malicious software when the library is used in a form of shared library on Linux and UNIX operating systems. We propose a scheme to attack the vulnerability of the OpenSSL library. The scheme injects codes into a running client program to execute the following attacks on the vulnerability in a SSL handshake. First, when a client sends a server a list of cryptographic algorithms that the client is willing to support, our scheme replaces all algorithms in the list with a specific algorithm. Such a replacement causes the server to select the specific algorithm. Second, the scheme steals a key for data encryption and decryption when the key is generated. Then the key is sent to an outside attacker. After that, the outside attacker decrypts encrypted data that has been transmitted between the client and the server, using the specified algorithm and the key. To show that our scheme is realizable, we perform an experiment of collecting encrypted login data that an ftp client using the OpenSSL shared library sends its server and then decrypting the login data.

• Journal of KIISE:Computer Systems and Theory
• /
• v.26 no.8
• /
• pp.918-929
• /
• 1999

동기식 스트림 암호통신 방식을 사용하는 암호통신에서는 암/복호화 과정 수행시 암호통신 과정에서 발생하는 사이클슬립으로 인해 키수열의 동기이탈 현상이 발생되고 이로 인해 오복호된 데이타를 얻게된다. 이러한 위험성을 감소하기 위한 방안으로 현재까지 암호문에 동기신호와 세션키를 주기적으로 삽입하여 동기를 이루는 주기적인 동기암호 통신방식을 사용하여 왔다. 본 논문에서는 CDMA(Cellular Division Multiple Access) 이동망에서 데이타서비스를 제공할 때 사용되는 점대점 프로토콜의 주소영역의 특성을 이용하여 단위 측정시간 동안 측정된 주소비트 정보와 플래그 패턴의 수신률을 이용하여 문턱 값보다 작은경우 동기신호와 세션키를 전송하는 비주기적인 동기방식을 사용하므로써 종래의 주기적인 동기방식으로 인한 전송효율성 저하와 주기적인 상이한 세션키 발생 및 다음 주기까지의 동기이탈 상태의 지속으로 인한 오류확산 등의 단점을 해결하였다. 제안된 알고리즘을 링크계층의 점대점 프로토콜(Point to Point Protocol)을 사용하는 CDMA 이동망에서 동기식 스트림 암호 통신방식에 적용시 동기이탈율 10-7의 환경에서 주기가 1sec인 주기적인 동기방식에서 요구되는 6.45x107비트에 비해 3.84x105비트가 소요됨으로써 전송율측면에서의 성능향상과 오복호율과 오복호 데이타 비트측면에서 성능향상을 얻었다. Abstract In the cipher system using the synchronous stream cipher system, encryption / decryption cause the synchronization loss (of key arrangement) by cycle slip, then it makes incorrect decrypted data. To lessen the risk, we have used a periodic synchronous cipher system which achieve synchronization at fixed timesteps by inserting synchronization signal and session key. In this paper, we solved the problem(fault) like the transfer efficiency drops by a periodic synchronous method, the periodic generations of different session key, and the incorrectness increases by continuing synchronization loss in next time step. They are achieved by the transfer of a non-periodic synchronous signal which carries synchronous signal and session key when it is less than the threshold value, analyzing the address field of point-to-point protocol, using the receiving rate of address bits information and flag patterns in the decision duration, in providing data services by CDMA mobile network. When the proposed algorithm is applied to the synchronous stream cipher system using point-to-point protocol, which is used data link level in CDMA mobile network, it has advanced the result in Rerror and Derror and in transmission rate, by the use of 3.84$\times$105bits, not 6.45$\times$107bits required in periodic synchronous method, having lsec time step, in slip rate 10-7.

• KIPS Transactions on Computer and Communication Systems
• /
• v.11 no.12
• /
• pp.453-460
• /
• 2022

As high-performance quantum computers are expected to be developed, studies are being actively conducted to build a post-quantum security system that is safe from potential quantum computer attacks. When the Grover's algorithm, a representative quantum algorithm, is used to search for a secret key in a symmetric key cryptography, there may be a safety problem in that the security strength of the cipher is reduced to the square root. NIST presents the post-quantum security strength estimated based on the cost of the Grover's algorithm required for an attack of the cryptographic algorithm as a post-quantum security requirement for symmetric key cryptography. The estimated cost of Grover's algorithm for the attack of symmetric key cryptography is determined by the quantum circuit complexity of the corresponding encryption algorithm. In this paper, the quantum circuit of the SCHWAEMM algorithm, AEAD family of SPARKLE, which was a finalist in NIST's lightweight cryptography competition, is efficiently implemented, and the quantum cost to apply the Grover's algorithm is analyzed. At this time, the cost according to the CDKM ripple-carry adder and the unbounded Fan-Out adder is compared together. Finally, we evaluate the post-quantum security strength of the lightweight cryptography SPARKLE SCHWAEMM algorithm based on the analyzed cost and NIST's post-quantum security requirements. A quantum programming tool, ProjectQ, is used to implement the quantum circuit and analyze its cost.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.6 no.2
• /
• pp.171-179
• /
• 2011

Feistel and SPN are the two main structures in a block cipher. Feistel is a symmetric structure which has the same structure in encryption and decryption, but SPN is not a symmetric structure. Encrypt round function and decrypt round function in SPN structure have three parts, round key addition and substitution layer with S-box for confusion and permutation layer for defusion. Most SPN structure for example ARIA and AES uses 8 bit S-Box at substitution layer, which is vulnerable to Square attack, Boomerang attack, Impossible differentials cryptanalysis etc. In this paper, we propose a SPN which has a symmetric structure in encryption and decryption. The whole operations of proposed algorithm are composed of the even numbers of N rounds where the first half of them, 1 to N/2 round, applies a right function and the last half of them, (N+1)/2 to N round, employs an inverse function. And a symmetry layer is located in between the right function layer and the inverse function layer. The symmetric layer is composed with a multiple simple bit slice involution S-Boxes. The bit slice involution S-Box symmetric layer increases difficult to attack cipher by Square attack, Boomerang attack, Impossible differentials cryptanalysis etc. The proposed symmetric SPN block cipher with bit slice involution S-Box is believed to construct a safe and efficient cipher in Smart Card and RFID environments where electronic chips are built in.

• The Journal of Korea Institute of Information, Electronics, and Communication Technology
• /
• v.13 no.5
• /
• pp.425-431
• /
• 2020

Recent advancements in industries and technologies have resulted in an increase in the volume of transportation, management, and distribution of logistics. Radio-frequency identification (RFID) technologies have been developed to efficiently manage such a large amount of logistics information. The use of RFID for management is being applied not only to the logistics industry, but also to the power transmission and energy management field. However, due to the limitation of program development capacity, the RFID device is limited in development, and this limitation is vulnerable to security because the existing strong encryption method cannot be used. For this reason, we designed a chaotic system for security with simple operations that are easy to apply to such a restricted environment of RFID. The designed system is a two-dimensional tent map chaotic system. In order to solve the problem of a biased distribution of signals according to the parameters of the chaotic dynamical system, the system has a cryptographic parameter(𝜇₁), a distribution parameter(𝜇₂), and a parameter(𝜃), which is the constant point, ID value, that can be used as a key value. The designed RFID authentication system is similar to random numbers, and it has the characteristics of chaotic signals that can be reproduced with initial values. It can also solve the problem of a biased distribution of parameters, so it is deemed to be more effective than the existing encryption method using the chaotic system.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.16 no.5
• /
• pp.93-106
• /
• 2006

With the rapid growth of the wireless Internet communication, a new generation of mobile devices have made possible the broad distribution of mobile digital contents, such as image, music, video, games and applications over the wireless Internet. Mobile devices are rapidly becoming the major means to extend communication channels without copy Protection, usage rule controlling and authentication. As a result, mobile digital contents may be illegally altered, copied and distributed among unauthorized mobile devices. In this paper, we take a look at Open Mobile Alliance (OMA) DRM v2.0 in general, its purpose and function. The OMA is uniquely the focal point for development of an open standard for mobile DRM. Next we introduces features for an active content and illustrates the difference between an active content and an inactive content. Enabling fast rendering of an active content, we propose an OMA-based DRM framework. This framework include the following: 1) Extending DCF Header for supporting an selective encryption, 2) Content encryption key management, 3) Rendering API for an active content. Experimental results show that the proposed framework is able to render an active content fast enough to satisfy Quality of Experience. %is framework has been proposed for a mobile device environment, but it is also applicable to other devices, such as portable media players, set-top boxes, or personal computer.

• Information Systems Review
• /
• v.25 no.4
• /
• pp.47-65
• /
• 2023

In this paper, we investigate how the online voting system can be a trust-based system from a technical perspective. Under four principles of voting, we finely evaluate the existing belief that offline voting is safer and more reliable than online voting based on procedural processes, technical principles. Many studies have suggested the ideas for implementing online voting system, but they have not attempted to strictly examine the technologies of online voting system from the perspective of voting requirements, and usually verification has been insufficient in terms of practical acceptance. Therefore, this study aims to analyze how the technologies are utilized to meet the demanding requirements of voting based on the technologies proven in the field. In addition to general data encryption, online voting requires more technologies for preventing data manipulation and verifying voting results. Moreover, high degree of confidentiality is required because voting data should not be exposed not only to outsiders but also to managers or the system itself. To this end, the security techniques such as Blind Signature, Bit Delegation and Key Division are used. In the case of blockchain-based voting, Mixnet and Zero-Knowledge Proof are required to ensure anonymity. In this study, the current status of the online voting system is analyzed based on the field system that actually serves. This study will enhance our understanding on online voting security technologies and contribute to build a more trust-based voting mechanism.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.10 no.5
• /
• pp.1000-1008
• /
• 2009

It also increases the competitive power of the nation. With all these merits of electronic documents, there exist threats to the security such as illegal outflow, destroying, loss, distortion, etc. Currently, the techniques to protect the electronic documents against illegal forgery, alteration or removal are not enough. Until now, various security technologies have been developed for electronic documents. However, most of them are limited to prevention of forgery or repudiation. Cryptography for electronic documents is quite heavy that direct cryptography is not in progress. Additionally, key management for encryption/decryption has many difficulties that security has many weak points. Security has inversely proportional to efficiency. It is strongly requested to adopt various cryptography technologies into the electronic document system to offer more efficient and safer services. Therefore, this paper presents some problems in cryptography technologies currently used in the existing electronic document systems, and offer efficient methods to adopt cryptography algorithms to improve and secure the electronic document systems. To validate performance of proposed method compare with the existing cryptographies, critical elements have been compared, and it has been proved that the proposed method gives better results both in security and efficiency.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.15 no.2
• /
• pp.319-326
• /
• 2020

PRNGs(Pseudorandom number generators) are essential for generating encryption keys for to secure online communication. A bitstream generated by the PRNG must be generated at high speed to encrypt the big data effectively in a symmetric key cryptosystem and should ensure the randomness of the level to pass through the several statistical tests. CA(Cellular Automata) based PRNGs are known to be easy to implement in hardware and to have better randomness than LFSR based PRNGs. In this paper, we design PRNGs based on PMLCA(Programable Maximum Length CA) that can generate effective key sequences in symmetric key cryptosystem. The proposed PRNGs generate bit streams through nonlinear control method. First, we design a PRNG based on an (m,n)-cell PMLCA ℙ with a single complement vector that produces linear sequences with the long period and analyze the period and the generating polynomial of ℙ. Next, we design an (m,n)-cell PC-MLCA based PRNG with two complement vectors that have the same period as ℙ and generate nonlinear sequences, and analyze the location of outputting the nonlinear sequence.

• Journal of the Korea Society of Computer and Information
• /
• v.15 no.7
• /
• pp.57-66
• /
• 2010

Due to the advancement of IPTV technologies, open IPTV services are a step closer to becoming reality. In such service environment, users are able to enjoy IPTV services using a variety of devices available at their home domain. However, it is impossible to get such flexible services at their convenience unless each of devices is individually connected to Set-Top-Box (STB) because of Conditional Access System (CAS) or service providers otherwise allow STB to freely distribute decoded contents to every user devices attached to STB. In this paper, we propose a key management scheme for securely distributing contents from STB to multiple user devices at home domain. The proposed scheme also makes the service providers be able to control the access rights to each of user devices without installing individual STBs. It is achieved by computationally dividing a private key of RSA signature scheme into three parts and thus makes possible to distribute the contents scrambled through a underlying CAS mechanism without re-encrypting them that the existing scheme should employ. It improves significantly computation and communication complexities, maintaining it as secure as the existing schemes. Additionally, it prevents misbehaving users from illegally distributing the contents from STB to their devices available at home domain.