• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2008.10a
• /
• pp.703-707
• /
• 2008

Nowadays, Internet becomes an essential element in our life. We can make use of numerous on-line services through Internet such as information search, on-line shopping, e-mail service, etc. But, while getting the benefits of Internet service, invasion of our privacy frequently occurs because on-line service providers tend to request excessive or unnecessary personal information. So, there have been some researches on anonymous authentication, which means that user can authenticate herself, not revealing her identity or personal information. But, most of the researches are not somewhat applicable to current authentication infrastructure. In this paper, we propose a pseudonym-based anonymous PKI with short group signature. Using our proposed scheme, we can provide anonymity with conditional traceability to current PKI.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.29 no.4C
• /
• pp.581-593
• /
• 2004

The interest in wireless LAN security is on the increase owing to a role of high-speed wireless Internet infrastructure of wireless LAN. Wi-Fi has released WPA standard in order to overcome drawbacks of WEP algorithm that is security element of current IEEE 802.11-based wireless LAN system. Pairwise key management and group key management in a mixed-mode which supports both terminals running WPA and terminals running original WEP security are very complicate. In this paper, we analyze flaws in WPA authenticator key management state machine for key distribution and propose the countermeasures to overcome the analyzed problems. Additionally, WPA authenticator key management state machine to which the solutions are applied is described. The reconstructed WPA authenticator key management state machine helps the AP perform efficiently group key exchange and group key update in the mixed-mode.

• Journal of the Korea Convergence Society
• /
• v.8 no.9
• /
• pp.41-47
• /
• 2017

This study is a preceding research designed to deduct an institutional supplementary measure that minimizes any inevitable side effects from the improvement of artificial intelligence (AI) technology, which is the core element of the Fourth Industrial Revolution. In this specific case in which the Robo-Advisor, the representative type of AI-applied technology, was hacked by a third party and ended up manipulating prices, the study was intended to examine the responsibility relationship of the current legal framework. Although the current legal framework strictly prohibits acts such as hacking and manipulation, it was confirmed that if the Robo-Advisor management firm acts in compliance with protection measures regarding hacking, the firm is free from any legal liabilities and there is insufficient legal protection available for ordinary investors with grand-scale damage from price manipulation Based on this study, further studies are needed to derive more institutional supplementary measures on overcoming these problems.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.4
• /
• pp.809-826
• /
• 2018

The entropy evaluation method for noise sources is one of the evaluation methods for the random number generator that is the essential element of modern cryptographic systems and cryptographic modules. The primary entropy evaluation methods outside of the country are more suitable to apply to hardware noise sources than software noise sources, and there is a difficulty in quantitative evaluation of entropy by software noise source. In this paper, we propose an entropy evaluation method that is suitable for software noise sources, considering characteristics of software noise sources. We select time-dependent noise sources that are software noise sources of Windows OS, and the heuristic analysis and experimental analysis are performed considering the characteristics of each time-dependent noise source. Based on these analyses, we propose an entropy harvest method from the noise source and the min-entropy estimation method as the entropy evaluation method for time-dependent noise sources. We also show how to use our entropy evaluation method in the Conditioning Component described in SP 800-90B of NIST(USA).

• The Transactions of the Korea Information Processing Society
• /
• v.7 no.10
• /
• pp.3138-3147
• /
• 2000

EC(Electronic Commerce) which is cone the virtual space through Internet, has the advantage of time and space. On the contrary, it also has weak point like security probelm because anybody can easily access to the system due to open network attribute of Internet. Theretore, we need the solutions that protect the EC security problem for safe and useful EC activity. One of these solution is the implemonlation of a strong cipher algorithm. YK2(YoungKu Kang) cipher algorithm proposed in this paper is advantage for the EC security and it overcomes the limit of the current 6/1 bits block cipher algorithm using 128 bits key length for input, output, encryption key and 32 rounds. Moreover, it is degigned for the increase of time complexity and probability calculation by adapting more complex design for key scheduling regarded as one of the important element effected to enciyption.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.6
• /
• pp.1295-1305
• /
• 2017

There is SEED cryptosystem in domestic block cipher standard. This code was drafted by the Korea Information Security Agency (KISA) in October 1998 and underwent a public verification process in December of the same year, which resulted in the final amendment to improve safety and performance. Unlike DES, it is a 128-bit block cipher that has been passed through various processes and established in 2005 as an international standard. It is a block cipher with a pastel structure like DES, but the input bit block has been increased to 128 bits, double DES. In this paper, first, we introduce the general algorithm of SEED cryptosystem and analyzed mathematically generating principle of key-value which is used in F-function. Secondly, we developed a table that calculates the exponent of the primitive element ${\alpha}$ corresponding to the 8-bit input value of the S-function and finally analyzed calculating principle of S-function designed in G-function through the new theorem and example. Through this course, we hope that it is to be suggest the ideas and background theory needed in developing new cryptosystem to cover the weakness of SEED cryptosystem.

• International Journal of Computer Science & Network Security
• /
• v.21 no.8
• /
• pp.229-237
• /
• 2021

Cloud of things (CoTs) is a newer idea which combines cloud computing (CC) with the Internet of Things (IoT). IoT capable of comprehensively producing data, and cloud computing can be presented pathways that allow for the progression towards specific destinations. Integrating these technologies leads to the formation of a separate element referred to as the Cloud of Things (CoTs). It helps implement ideas that make businesses more efficient. This technology is useful for monitoring a device or a machine and managing or connecting them. Since there are a substantial amount of machines that can run the IoT, there is now more data available from the IoT that would have to be stored on a local basis for a provisional period, and this is impossible. CoTs is used to help manage and analyze data to additionally create usable information by permitting and applying the development of advanced technology. However, combining these elements has a few drawbacks in terms of how secure the process is. This investigation aims to recent study literature from the past 3 years that talk about how secure the technology is in terms of protecting by authentication, reliability, availability, confidentiality, and access control. Additionally, this investigation includes a discussion regarding some kinds of potential attacks when using Cloud of Things. It will also cover what the various authors recommend and conclude with as well as how the situation can be approached to prevent an attack.

• Earthquakes and Structures
• /
• v.24 no.4
• /
• pp.259-274
• /
• 2023

In this paper, mechanical properties of periodic foundation made of concrete and rubber are investigated by a parametric study using the finite element method (FEM). Periodic foundation is a special type of seismic isolation foundation used in civil engineering, which is inspired by the meso-scale structure of phononic crystals in solid-state physics. This type of foundation is capable of reducing the seismic wave propagating though the foundation, therefore providing additional protection for the structures. In the FEM analysis, layered periodic foundation is frequently modelled due to its simplicity in numerical modeling. However, the isolation effect of periodic foundation on nuclear power plant has not been fully discussed to the best knowledge of authors. In this work, we construct four numerical models of nuclear power plant with different foundations to investigate the seismic isolation effects of periodic foundations. The results show that the layered periodic foundation can increase the natural period of the nuclear power plant like traditional base isolation systems, which is beneficial to the structures. In addition, the seismic response of the nuclear power plant can also be effectively reduced in both vertical and horizontal directions when the frequencies of the incident waves fall into some specific frequency bandgaps of the periodic foundation. Furthermore, it is demonstrated that the layered periodic foundation can reduce the amplitude of the floor response spectrum, which plays an important role in the protection of the equipment.

• Steel and Composite Structures
• /
• v.42 no.1
• /
• pp.91-106
• /
• 2022

Concrete-filled square stainless steel tubes (CFSSST), which possess relatively large flexural stiffness, high corrosion resistance and require simple joint configurations and low maintenance cost, have a great potential in constructional applications. Despite that the use of stainless steel may result in high initial cost compared to their conventional carbon steel counterparts, the whole-life cost of CFSSST is however considered to be lower, which offers a competitive choice in engineering practice. In this paper, a comprehensive experimental and numerical program on 24 CFSSST stub column specimens, including 3 austenitic and 3 duplex stainless steel square hollow section (SHS) stub columns and 9 austenitic and 9 duplex CFSSST stub columns, has been carried out. Finite element (FE) models were developed to be used in parametric analysis to investigate the influence of the tube thickness and concrete strength on the ultimate capacities more accurately. Comparisons of the experimental and numerical results with the predictions made by design guides ACI 318, ANSI/AISC 360, Eurocode 4 and GB 50936 have been performed. It was found that these design methods generally give conservative predictions to the ultimate capacities of CFSSST stub columns. Improved calculation methods, developed based on the Continuous Strength Method, have been proposed to provide more accurate estimations of the ultimate resistances of CFSSST stub columns. The suitability of these proposals has been validated by comparison with the test results, where a good agreement between the predictions and the test results have been achieved.

• Proceedings of the Korea Society of Information Technology Applications Conference
• /
• 2005.11a
• /
• pp.281-284
• /
• 2005

Kerberos is system that offer authorization in internet and authentication service. Can speak that put each server between client and user in distributed environment and is security system of symmetry height encryption base that offer authentication base mutually. Kerberos authentication is based entirely on the knowledge of passwords that are stored on the Kerberos Server. A user proves her identity to the Kerberos Server by demonstrating Knowledge of the key. The fact that the Kerberos Server has access to the user's decrypted password is a rwsult of the fact that Kerberos does not use public key cryptogrphy. It is a serious disadvantage of the Kerbercs System. The Server must be physically secure to prevent an attacker from stealing the Kerberos Server and learning all of the user passwords. Kerberos was designend so that the server can be stateless. The Kerberos Server simply answers requests from users and issues tickets. This study focused on designing a SIP procy for interworking with AAA server with respect to user authentication and Kerberos System. Kerberos is security system of encryption base that offer certification function mutually between client application element and server application element in distributed network environment. Kerberos provides service necessary to control whether is going to approve also so that certain client may access to certain server. This paper does Credit-Control Server's function in AAA system of Diameter base so that can include Accounting information that is connected to Rating inside certification information message in Rating process with Kerberos system.