• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.5
• /
• pp.1079-1087
• /
• 2018

Binary scalar multiplication which is the main operation of elliptic curve cryptography is vulnerable to the side-channel analysis. Especially, it is vulnerable to the side-channel analysis which uses power consumption and electromagnetic emission patterns. Thus, various countermeasures have been studied. However, they have focused on eliminating patterns of data dependent branches, statistical characteristic according to intermediate values, or the interrelationships between data. No countermeasure have been taken into account for the secure design of the key bit check phase, although the secret scalar bits are directly loaded during that phase. Therefore, in this paper, we demonstrate that we can extract secret scalar bits with 100% success rate using a single power or a single electromagnetic trace by performing key bit-dependent attack on hardware implementation of binary scalar multiplication algorithm. Experiments are focused on the $Montgomery-L{\acute{o}}pez-Dahab$ ladder algorithm protected by scalar randomization. Our attack does not require sophisticated pre-processing and can defeat existing countermeasures using a single-trace. As a result, we propose a countermeasure and suggest that it should be applied.

• Journal of KIISE:Computing Practices and Letters
• /
• v.14 no.2
• /
• pp.246-250
• /
• 2008

This paper presents the design of network vulnerability analysis system which can integrate various vulnerability assessment tools to improve the preciseness of the vulnerability scan result. Manual checking method performed by a security expert is the most precise and safe way. But this is not appropriate for the large-scale network which has a lot of systems and network devices. Therefore automatic scanning tool is recommended for fast and convenient use. The scanning targets may be different according to the kind of vulnerability scanners, or otherwise even for the same scanning target, the scanning items and the scanning results may be different by each vulnerability scanner, Accordingly, there are the cases in which various scanners, instead of a single scanner, are simultaneously utilized with the purpose of complementing each other. However, in the case of simultaneously utilizing various scanners on the large-scale network, the integrative analysis and relevance analysis on vulnerability information by a security manager becomes time-consumable or impossible. The network vulnerability analysis system suggested in this paper provides interface which allows various vulnerability assessment tools to easily be integrated, common policy which can be applied for various tools at the same time, and automated integrative process.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.15 no.12
• /
• pp.7292-7301
• /
• 2014

With the development of IT Info-Communications technology, the vehicle with a combination of wireless-communication technology has resulted in significant research into the convergence of the component of existing traffic with information, electronics and communication technology. Intelligent Vehicle Communication is a Machine-to-Machine (M2M) concept of the Vehicle-to-Vehicle. The Vehicle-to-Infrastructure communication consists of safety and the ease of transportation. Security technologies must precede the effective Intelligent Vehicle Communication Structure, unlike the existing internet environment, where high-speed vehicle communication is with the security threats of a wireless communication environment and can receive unusual vehicle messages. In this paper, the Vehicle Identification number between the V2I and the secure message communication protocol was proposed using hash functions and a time stamp, and the validity of the vehicle was assessed. The proposed system was the performance evaluation section compared to the conventional technique at a rate VPKI aspect showed an approximate 44% reduction. The safety, including authentication, confidentiality, and privacy threats, were analyzed.

• Journal of KIISE:Information Networking
• /
• v.29 no.5
• /
• pp.583-594
• /
• 2002

Assuring the security of group communications such as tole-conference and software distribution requires a common group key be shared among the legal members in a secure manner. Especially for large groups with frequent membership change, efficient rekey mechanism is essential for scalability. One of the most popular ways to provide sealable rekey is to partition the group into several subgroups. In this paper, we propose a two-layered key management scheme which combines DEP and CBT, a protocol in which subgroup manager cannot access the multicast data and another that has a multi-core, respectively. We also select sub-group key management protocols suitable for our structure and design new rekey protocols to exclude the subgroup managers from the multicast data. Compared to previous protocols based on CBT, our scheme provides forward secrecy, backward secrecy and scalability. This would reduce the number of encryption and decryption for a rekey message and would improve the efficiency number of rekey messages and the amount of information related to group members that group managers must maintain compared to DEP.

• Strategy21
• /
• s.42
• /
• pp.5-52
• /
• 2017

Debates about introducing nuclear submarines have been a main issue in Korea. The highest officials and the government has started to think seriously about the issue. Yet there were no certain decision to this issue or any agreements with US but it is still necessary to review about introducing nuclear submarines, the technologies and about the business. The reason for such issues are the highest officials of Korea to build nuclear submarine, nK's nuclear development and SLBM launching. ROKN's nuclear submarine's necessity will be to attack(capacity to revenge), defend(anti-SSBN Operation) and to respond against neighboring nation's threat(Russia, Japan, China). Among these nations, US, Russia (Soviet Union), Britain, France had built their submarines in a short term of time due to their industrial foundation regarding with nuclear propulsion submarines. However China and India have started their business without their industrial foundation prepared and took a long time to build their submarines. Current technology level of Korea have reached almost up to US, Russia, Britain and France when they first built their nuclear propulsion submarines since we have almost completed the business for the Changbogo-I,II and almost up to complete building the Changbogo-III which Korea have self designed/developed. Furthermore Korea have reached the level where we can self design large nuclear reactors and the integrated SMART reactor which we can call ourselves a nation with worldwide technologies. If introducing the nuclear submarine to the Korea gets decided, first of all we would have to review the technological problems and also introduce the foreign technologies when needed. The methods for the introduction will be developments after loans from the foreign, productions with technological cooperations, and individual production. The most significant thing will be that changes are continuous and new instances are keep showing up so that it is important to only have a simple reference to a current instances and have a review on every methods with many possibilities. Also developing all of the technologies for the nuclear propulsion submarines may be not possible and give financial damages so there may be a need to partially introduce foreign technologies. For the introduction of nuclear propulsion submarines, there must be a resolution of the international regulations together with the international/domestics resistances and the technological problems to work out for. Also there may be problem for the requirement fees to solve for and other tough problems to solve for. However nuclear submarines are powerful weapon system to risk everything above. This is an international/domestically a serious agenda. Therefore rather than having debates based on false facts, there must be a need to have an investigations and debates regarding the nation's benefits and national security.

• Strategy21
• /
• s.45
• /
• pp.116-147
• /
• 2019

Despite the fact that South Korea, one of peninsula countries, has been already a middle power in an international arena, it still tends to get stuck in continental-driven inertia and be reluctant to become a consolidated maritime power. In its efforts to deal with the parable of South Korea, designing a tailored-made strategy needs to be initiated in detail. Its design is centered around two variables: classification of waters and prestige. First of all, the domain of waters confronted to South Korea ranges from the greatest threat to scattered national interest. Second, South Korea is prestigiously regarded as the middle power which is equipped with the capability to see beyond its sovereign waters. The Maritime Access Strategy(MAS) can be more clearly explained by three-axis factors: ends, ways, and means. Ends need to be oriented to achieving three types of classified objectives-Deterrence, Engagement around the world to maximize remotely-scattered interest and Check of neighboring countries' seapower expansion, called DEC. Ways is mainly driven by the closer access to three different types of waters: waters of security, check, and interest. The active access and closer approach to the domain of waters need to be maintained with a high degree of willingness and capability. Means is attainable by guiding naval forces to be armed with multiple platforms and functionally-balanced assets. These platforms and assets will allow the naval forces to attain and maintain cost effective means, leading to making MAS feasible. This strategy allows the middle-power Korea to make the best of its maritime assets at various seas, contributing to international stability as well as national security and interest.

• Korean Security Journal
• /
• no.59
• /
• pp.217-242
• /
• 2019

Nowadays, Terrorism has become bloodier. Unlike the past, the recent terrorism has been indiscriminate in the purpose of mass- killing. Given this aspect, the threat of a CBRN attack is the biggest one to modern society. Notably, the possibility of terrorist attacks in Korea by international terrorist groups such as ISIL is higher than ever in consideration of its allusion; crusades and the devil's allied forces. To overcome these circumstances, various measures have been taken for counter terrorism at the state level including anti-terrorist legislation. Under the anti-terrorist act, police have to lead relevant inter agencies when it comes to the CBRN terror. At first glance, current countermeasures would work well. However, in order to respond quickly, the standing cooperations system of related departments need to be set up. In this sense, this article proposed a coagulatory body that could not only consider institutional-oriented organizational restructuring and response but also integrate and operate functions of various specialized institutions. It also stressed that the council should move toward a consultative body of information gathering, distribution and working- level consultation. With this cooperation system, counter-terrorism agencies can respond rapidly, stop wasting their effort and assets by about 30%. Also, they could design the atypical aspect of terrorism into standardized.

• Journal of Advanced Marine Engineering and Technology
• /
• v.39 no.7
• /
• pp.709-715
• /
• 2015

Underwater gliders do not typically have separate propellers for forward motion. They generate propulsive forces based on the difference between their buoyancy and gravity. They can control the volume from the buoyancy engine to adjust the propulsive force. In addition, the attitude of the underwater glider is controlled by a rubberless motion controller. The motion controller can change the mass center and moment of inertia of the inner moving mass. Owing to the change in these parameters, the attitude of the underwater glider is changed. In this study, we derive nonlinear, six degree of freedom (DOF) mathematical models for the motion controller and buoyancy engine. Using these equations, we perform dynamic simulations of the proposed underwater glider, and verify the suitability of the design and dynamic performances of the proposed underwater glider. We then perform the motion control simulation for the pitch and roll angle, and analyze the dynamic performance according to the pitch and roll angles.

• The Journal of Industrial Distribution & Business
• /
• v.9 no.7
• /
• pp.61-70
• /
• 2018

Purpose - The purpose of this research is reflected on the rapid development of online tourism industries. The study was to establish the strategy for Korean tourism enterprises to develop tourist commodities suitable for Chinese tourists and attract them to visit Korea by the empirical analysis of the relation between repurchase intention of tourists and its premise variables (e-service quality, perceived value and satisfaction). Research design, data, and methodology - This research carried out a questionnaire survey on Chinese tourists who visited Korea with experience of using the online travel agency web sites. A total 398 answers were recovered, 41 of them were excluded due to the dishonest answers and 357 of them were finally analyzed. The data was analyzed with IBM SPSS AMOS 22.0. Results - The research results show that in the online travel agency web site e-service quality, convenience, interactivity, information validity, credibility had a positive impacts on perceived value and satisfaction. The perceived value of online travel agency website users has positive impart on satisfaction and repurchase intention. Satisfaction of online travel agency web site users have positive impacts on repurchase intention. But safety has no impact on perceived value while positive impacts on satisfaction was affected. Conclusions - First, in the online travel agency web site e-service quality, safety has no impact on perceived value while it was shown to have positive impacts on satisfaction because the users of online travel agency web sites believe that the protection of personal information, the defense of cracker and the safeguard of payment security are the basic premises of website operation. Although safety does not have impacts on perceived value, users benefits will suffer damage when hacker intrusion and other accidents occur so that online travel agency web sites should not ignore the security concerns. Second, credibility is a major concern for online travel agency web site users. At this time, it is necessary for the web site to establish a system to display both the commodity information and the using experience published on the user's SNS, thus improving the credibility of the website information.

• The Journal of Industrial Distribution & Business
• /
• v.9 no.4
• /
• pp.63-72
• /
• 2018

Purpose - The purpose of this paper is to investigate the effects of online game properties, social interaction, and player satisfaction on intention to online games in Chinese gamers. Research design, data, and methodology - This study is an empirical analysis assuming that properties of online games, social interaction and satisfaction will induce Chinese gamers' intention to play online games. We set the relationship between the six variables as follows. First, the properties of online games, exogenous variables, were identified by three factors: entertainment, security, participation and challenge. Second, we had input social interaction among gamers as another exogenous variables. Third, the gamer's satisfaction of online games was added to the research model as a mediating variable between exogenous variables and endogenous variables. Finally, gamer's intention to play influenced by satisfaction and social interaction was used as final endogenous variable. The data used for the empirical analysis were collected through questionnaires for Chinese under age 35 who enjoy the online games. The data used in the research were finally extracted from 195 questionnaires. The collected data were tested through the analysis of the measurement model (Step 1) and the analysis of the structural model (Step 2). The covariance structure equation model (SEM) was used for the analysis. The measurement model and structural model were evaluated by the maximum likelihood method. Results - The results of the empirical analysis are as follows. The satisfaction of online games were entertainment and security had a significant effect to satisfaction; but participation and challenge and social interaction had no significant effect on satisfaction. The social interaction among gamers and the satisfaction with online games have a significant influence on the intention to play online games. As a result, the attributes of the game were affecting the intention to play the game after satisfaction. Social interaction influenced the intention to play online games rather than satisfaction itself. Conclusions - This study provide some practical implications for the new companies who want to enter the online game industry and seek to competitiveness in China, and provide theoretical implications on the role of interaction among gamers in the study of online games.