• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.11 no.1
• /
• pp.25-33
• /
• 2001

In 1998, A. Young and M. Yung introduced the concept of ARC that conjugates functionalities of a typical PKI with the ability to escrow privte keys of the system users. Also in 1999, P. Paillier and M. Yung proposed a new notion - called SE-PKI -which presents other additional advantages beyond ARC. But SE-PKI system uses only one escrow agent. The storage of users secret information at a single agent can make it significant point of attack and arouse controversy about invasion of privacy. This paper presents SE-PKI key recovery system that multiple escrow agents can participate in it. Also, in our system, escrow agents can\`t recover user\`s ciphertext.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.12 no.1
• /
• pp.55-66
• /
• 2002

Electronic cash system based on anonymous coins have been invented by David Chaum. However, von Solms and Naccache discovered that such anonymous coins also very well suited to support criminals in Blacoailing. In this paper, we suggest a method that a client informs a bank of the information about blackmailing attack by using Schnorr identification protocol of XTR version at the stage of identification, whenever he is blackmailed. In general, blackmailing is the most serious among the various drawbacks of electronic cash system. Especially, blackmiling to be done when the client is kidnapped brings a fatal result to electronic cash system. But if the Schnorr identification protocol of XTR version is used, we can efficiently defeat blackmailing without assumption required in the existing method to defeat blackmailing.

• The KIPS Transactions:PartA
• /
• v.10A no.6
• /
• pp.657-664
• /
• 2003

Supporting the availability, integrity, and confidentiality of the information is crucial. The survivability storage systems require to encode and distribute data over multiple storage nodes or data base to survive failures and malicious attacks Information dispersal scheme is one of the most efficient schemes allowing high availability and security with reasonable overhead. In this paper, we propose an algorithm determining the optimal (m, n)-lDS in terms of availability, given a set of IDS's. The proposed algorithm will be very useful for designing a highly available and secure storage system since many factors such as node number, storage space, operation speed, etc. interact with each other and thereby finding an optimal information dispersal scheme is very difficult.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.28 no.8C
• /
• pp.827-834
• /
• 2003

In this paper, we implemented an optical information security system using computer generated hologram based on the principle of interference and BaTiO$_3$that is photorefractive material. First of all, we would generate binary phase hologram which can reconstruct the original image perfectly, and regard this hologram as the image to be encrypted. And then applying the interference rule to the hologram, encrypted and reference (fkey information) images are generated. In the decrypting process, we can get an interference intensity by interfering the reference image and the encrypted image in the Mach-Zehnder interferometer. and transforming interference intensity information into phase information using LCD(liquid crystal display) and finally recover original image by inverse Fourier transforming the phase information. In this process, the Intensity information generated by interference of two images is very sensitive to external vibrations. So, we get a stable interference using the characteristic of SPPCM(self pumped phase conjugate mirror) of BaTiO$_3$that is photorefractive material. The proposed method has an advantage of double image encryption by encrypting the hologram of the image instead of original image.

• Journal of information and communication convergence engineering
• /
• v.14 no.4
• /
• pp.233-239
• /
• 2016

A remote control system (RCS) can monitor a user's confidential information by using the broadcast receivers in Android OS. However, the current RCS detection methods are based only on a virus vaccine. Therefore, if the user's smartphone is infected by a brand new RCS, these methods cannot detect this new RCS immediately. In this paper, we present a secure message transmission medium. This medium is completely isolated from networks and can communicate securely through a QR code channel by using symmetric key cryptography such as the AES block cipher and public key cryptography such as elliptic curve cryptography for providing security. Therefore, the RCS cannot detect any confidential information. This approach is completely immune to any RCS attacks. Furthermore, we present a secure QR code-based key exchange protocol by using the elliptic curve Diffie-Hellman method and message transmission protocols; the proposed protocol has high usability and is very secure.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.31 no.2C
• /
• pp.200-207
• /
• 2006

Recently, with the development of information and communication technology, digital pay-TV technology is paid attention. So the Protection of the provided contents is becoming more important. However, in order to encourage an active based on digital TV, the contents and information sent and received respectively by the broadcaster and the subscriber must be protected. Therefore, in this paper, I analyze the requirements to protect the digital contents, the security and efficiency of the previous digital pay-TV system model. Then I proposed a key management model for digital pay-TV system.

• Journal of Information Processing Systems
• /
• v.16 no.5
• /
• pp.1034-1047
• /
• 2020

The personal authentication technique is an essential tool in this complex and modern digital information society. Traditionally, the most general mechanism of personal authentication was using alphanumeric passwords. However, passwords that are hard to guess or to break, are often hard to remember. There are demands for a technology capable of replacing the text-based password system. Graphical passwords can be an alternative, but it is vulnerable to shoulder-surfing attacks. This paper looks through a number of recently developed graphical password systems and introduces a personal authentication system using a machine learning technique with electroencephalography (EEG) signals as a new type of personal authentication system which is easier for a person to use and more difficult for others to steal than other preexisting authentication systems.

• The Journal of Information Technology
• /
• v.6 no.1
• /
• pp.107-115
• /
• 2003

With the development of Information Communication Technique, electronic commerce is widely used in internet using public key certificates. And the study for access control in database system is also progressed actively. In this paper, we analyze access control mechanism using attribute certificated and we propose new access mechanism in distributed system using attribute certificates.

• The KIPS Transactions:PartC
• /
• v.10C no.5
• /
• pp.565-574
• /
• 2003

This paper implements an intrusion detection message exchange protocol library (IDMEPL) for SDMS-RTIR, which Korea Information Security Agency (KISA) has developed to hierarchically detect and respond to network vulnerability scan attacks. The IDMEPL, based on the IDMEF and the IAP of the IDWG, enables SDMS-RTIR to interact with other intrusion detection systems (IDS) in realtime, and supports the TLS protocol to prevent security threats in exchanging messages between its server and its agents. Especially, with the protocol selection stage, the IDMEPL can support various protocols such as the IDXP besides the IAP. Furthermore, it can allow for agents to choose an appropriate security protocol for their own network, achieving security stronger than mutual authentication. With the IDMEPL, SDMS-RTIR can receive massive intrusion detection messages from heterogeneous IDSes in large-scale networks and analyze them.

• Journal of Digital Convergence
• /
• v.10 no.10
• /
• pp.325-332
• /
• 2012

Due to its communication vulnerability resulting in a range of problems, e.g. eavesdropping, information exposure, traffic analysis and spoofing, RFID system becomes the target of attackers. Accordingly, many investigators have proposed various protocols to the extent of theorem proving or verification as the implementation is challenging. This paper thus proposes a safe RFID security protocol using public keys, session keys, hashes, XORs, and random numbers. Timestamps and hashes are applied to the most vulnerable section between readers and tags to detect attacks in attack signals with time difference. Also, to prevent tag information from being exposed in the last session, hash operation is adopted before communication. Finally, in this paper, we designed a RFID security protocol using public and session keys applicable to real systems and verified the security of the proposed protocol with a differentiated formal verification technique.