• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.35 no.9B
• /
• pp.1330-1341
• /
• 2010

Power analysis (PA) is known as a powerful physical attack method in the field of information security. This method uses the statistical characteristics of leaked power consumption signals measured from security devices to reveal the secret keys. However, when measuring a leakage power signal, it may be easily distorted by the noise due to its low magnitude values, and thus the PA attack shows different performances depending on the noise level of the measured signal. To overcome this vulnerability of the PA attack, we propose a noise-reduction method based on wavelet de-noising. Experimental results show that the proposed de-noising method improves the attack efficiency in terms of the number of signals required for the successful attack as well as the reliability on the guessing key.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.1
• /
• pp.73-83
• /
• 2018

There has been increasing interest from NIST and other companies in studying post-quantum cryptography in order to resist against quantum computers. Multivariate polynomial based, code based, lattice based, hash based digital signature, and isogeny based cryptosystems are one of the main categories in post quantum cryptography. Among these categories, isogeny based cryptosystem is known to have shortest key length. In this paper, we implemented Supersingular Isogeny Diffie-Hellman (SIDH) protocol efficiently on low-end mobile device. Considering the device's specification, we select supersingular curve on 523 bit prime field, and generate efficient isogeny computation tree. Our implementation of SIDH module is targeted for 32bit environment.

• Smart Media Journal
• /
• v.10 no.3
• /
• pp.48-53
• /
• 2021

The authentication process is a key step that should be used to verify that a user is legitimate, and it should be used to verify that a user is a legitimate user and grant access only to that user. Recently, two-factor authentication and OTP schemes are used by most applications to add a layer of security to the login process and to address the vulnerability of using only one factor for authentication, but this method also allows access to user accounts without permission. This is a known security vulnerability. In this paper, we propose a Zero Knowledge Proofs (ZKP) personal information authentication scheme based on a Smart Contract of a block chain that authenticates users with minimal personal information exposure conditions. This has the advantage of providing many security technologies to the authentication process based on blockchain technology, and that personal information authentication can be performed more safely than the existing authentication method.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.14 no.2
• /
• pp.15-22
• /
• 2004

For an ElGamal-type signature scheme using a generate g of order q, it has been well-known that the message nonce should be chosen randomly in the interval (0, q-1) for each message to be signed. In (2), H. Kuwakado and H. Tanaka proposed a polynomial time algorithm that gives the private key of the signer if two signatures with message nonces 0＜$k_1$, $k_2$$\leq$Ο(equation omitted) are available. Recently, R. Gallant, R. Lambert, and S. Vanstone suggested a method to improve the efficiency of elliptic curve crytosystem using integer decomposition. In this paper, by applying the integer decomposition method to the algorithm proposed by Kuwakado and Tanaka, we extend the algorithm to work in the case when ｜$k_1$ ｜,｜$k_2$, ｜$\leq$Ο(equation mitted) and improve the efficiency and completeness of the algorithm.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.18 no.8
• /
• pp.2253-2280
• /
• 2024

In the upcoming era of transportation, a groundbreaking technology, known as vehicle-to-everything (V2X) communication, is poised to redefine our driving experience and revolutionize traffic management. Real-time and secure communication plays a pivotal role in V2X networks, with the decision-making process being a key factor in establishing communication and determining malicious nodes. The proposed framework utilizes a directed acyclic graph (DAG) to facilitate real-time processing and expedite decision-making. This innovative approach ensures seamless connectivity among vehicles, the surrounding infrastructure, and various entities. To enhance communication efficiency, the entire roadside unit (RSU) region can be subdivided into various sub-regions, allowing RSUs to monitor and govern each sub-region. This strategic approach significantly reduces transaction approval time, thereby improving real-time communication. The framework incorporates a consensus mechanism to ensure robust security, even in the presence of malicious nodes. Recognizing the dynamic nature of V2X networks, the addition and removal of nodes are aligned. Communication latency is minimized through the deployment of computational resources near the data source and leveraging edge computing. This feature provides invaluable recommendations during critical situations that demand swift decision-making. The proposed architecture is further validated using the "veins" simulation tool. Simulation results demonstrate a remarkable success rate exceeding 95%, coupled with a significantly reduced consensus time compared to prevailing methodologies. This comprehensive approach not only addresses the evolving requirements of secure V2X communication but also substantiates practical success through simulation, laying the foundation for a transformative era in transportation.

• Korean Security Journal
• /
• no.53
• /
• pp.63-79
• /
• 2017

Defence Security Command is the only military intelligence and investigation agency which is in charge of safeguarding military information and investigating specific crimes such as subversion and disloyalty in military. While the presidential security provided by Defence Security Command, along with Presidential Security Service(PSS) and the police, forms one of three pillars sustaining presidential security, its works and activities have been rarely known to the public due to the military confidentiality. This study looks into some data specialized into the presidential security among works of Defense Security Command by using various resources such as biographies of key people, media reports, and public materials. It reviews the presidential security works in a historical sense that the works have developed and changed in accordance with the historical changes of Defense Security Command, which was rooted in Counter-Intelligence Corps (Teukmubudae in Korean) in 1948 and leads to the present. The study findings are as follows. First, when the Korean War broke out in 1950 and since then the South Korea was under the threat of the North Korean armed forces and left wing forces, Counter-Intelligence Corps(Bangcheopdudae in Korean) took the lead in presidential security more than the police who was in charge of it. Secondly, even after the Presidential Security Office has founded in 1963, the role of the military on presidential security has been extended by changing its titles from Counter-Intelligence Corps to Army Security corps to Armed Forces Security Command. It has developed their provision of presidential security based on the experience at the president Rhee regime when they could successfully guard the president Rhee and the important government members. Third, since the re-establishment into Defence Security Command in 1990, it has added more security services and strengthened its legal basis. With the excellent expertise, it played a pivotal role in the G20 and other state-level events. After the establishment of the Moon Jaeinin government, its function has been reduced or abolished by the National Defense Reform Act. However, the presidential security field has been strengthening by improving security capabilities through reinforcing the organization. This strengthening of the security capacity is not only effective in coping with the current confrontation situation with the hostile North Korean regime, but also is important and necessary in conducting constant monitoring of the military movement and security-threat factors within military during the national security events.

• The Journal of the Korea Contents Association
• /
• v.5 no.3
• /
• pp.9-17
• /
• 2005

Recently, there are rapid development of information and communication technology and rapid growing of e-business users. We propose a method for security problem on the internet environment which changes from wire internet to wireless internet or wire/ wireless internet. Wireless e-business adopts credit card WPP protocol and AIP protocol proposed by ASPeCT. WAP, one of the protocol used by WPP has weakness of leaking out information from WG which connected wire and wireless communication. Certification chain based AIP protocol requires a lot of computation time and user IDs are known to others. We propose a Micro-Payment protocol based on credit card. Our protocol use the encryption techniques of the public key with ID to ensure the secret of transaction in the step of session key generation. IDs are generated using ECC based Weil pairing. We also use the certification with hidden electronic sign to transmit the payment result. The proposed protocol also solves the privacy protection and Non-repudiation problem.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.4
• /
• pp.857-869
• /
• 2016

It is a well-known fact that password based authentication system has been threatened for crucial data leakage through monitoring key log. Recently, to prevent this type of attack using keystroke logging, virtual onscreen keyboards are widely used as one of the solutions. The virtual keyboards, however, also have some crucial vulnerabilities and the major weak point is that important information, such as password, can be exposed by tracking the trajectory of the mouse cursor. Thus, in this paper, we discuss the vulnerabilities of the onscreen keyboard, and present hypothetical attack scenario and a method to crack passwords. Finally to evaluate the performance of the proposed scheme, we demonstrate an example experiment which includes attacking and cracking by utilizing password dictionary and analyze the result.

• Journal of Advanced Navigation Technology
• /
• v.11 no.1
• /
• pp.118-126
• /
• 2007

An ad hoc network is a system of wireless mobile nodes that dynamically self-organize in arbitrary and temporary network topologies allowing people and devices to internetwork without any preexisting communication infrastructure. Although ad hoc network is attractive solution, there are still some major flaws that prevent commercial growth. Security is one of these main barriers; ad hoc networks are known to be particularly vulnerable to security attack. It is difficult to establish a centralized key distribution center and a trusted certification authority to provide cryptographic keys and digital certificates to nodes. To prevent attacks in ad hoc routing protocols, many algorithms have been used. In this paper, we have depicted a secure framework for multipath routing in wireless multihop network, which is comprehensive solution for secure data forwarding in wireless multihop networks. With the simulation results, the proposed scheme is compared with existing source routing scheme.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.2
• /
• pp.253-260
• /
• 2015

The side-channel attack is widely known as an attack on implementations of cryptographic algorithms using additional side-channel information such as power traces, electromagnetic waves and sounds. As a countermeasure of side channel attack, the masking method is usually used, however full-round masking makes the efficiency of ciphers dramatically decreased. In order to avoid such a loss of efficiency, one can use reduced-round masking. In this paper, we describe a side channel attack on the lightweight block cipher LEA with the first one~six rounds masked. Our attack is based on differentials and power traces which provide knowledge of Hamming weight for the intermediate data computed during the enciphering of plaintexts. According to our experimental result, it is possible to recover 25 bits of the first round key in LEA-128.