• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.2
• /
• pp.357-365
• /
• 2012

NFC(Near Field Communication),the short-distance communication protocol, is a technology with a wide range of application applied to smart phones. In particular, many of the services in NFC environments utilize users' privacy information. Privacy information used in such services leads to new vulnerability due to the very features of NFC technology and of NFC devices represented by smart phones. Therefore, the purpose of this study is to suggest a methodology that analyzes privacy vulnerability resulting from a NFC environments in technological, managerial and institutional aspects and a methodology aimed to establish a countermeasure to augment them. Also, this study will suggest vulnerability and countermeasures accordingly in domestic NFC service drawn out through the above methodologies and a countermeasure to improve the vulnerability. It is expected that various safe countermeasures for privacy protection in NFC environments will be established through the suggested methodologies.

• Journal of the Korean Society of Marine Environment & Safety
• /
• v.13 no.3
• /
• pp.199-206
• /
• 2007

In analyzing the security threats and their management system and making questions on security awareness to the concerned parties in the field of coastal passenger ship, we draw its security vulnerability and the features of security threats. The countermeasures and security system are proposed in order to response the diverse security threats and to set up the security culture of coastal passenger ship.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.2
• /
• pp.261-270
• /
• 2015

In information security devices, such as Smart Cards, vulnerabilities of the RSA algorithm which is used to protect the data were found in the Side Channel Analysis. The RSA is especially vulnerable to Power Analysis which uses power consumption when the algorithm is working. Typically Power Analysis is divided into SPA(Simple Power Analysis) and DPA(Differential Power Analysis). On top of this, there is a CA(Collision Analysis) which is a very powerful attack. CA makes it possible to attack using a single waveform, even if the algorithm is designed to secure against SPA and DPA. So Message blinding, which applies the window method, was considered as a countermeasure. But, this method does not provide sufficient safety when the window size is small. Therefore, in this paper, we propose a new countermeasure that provides higher safety against CA. Our countermeasure is a combination of message and exponent blinding which is applied to the window method. In addition, through experiments, we have shown that our countermeasure provides approximately 124% higher attack complexity when the window size is small. Thus it can provide higher safety against CA.

• THE INTERNATIONAL COMMERCE & LAW REVIEW
• /
• v.42
• /
• pp.247-274
• /
• 2009

The supply chain security programs are designed to prevent terrorist attacks on world transit system, and to help protect the passengers and workers who use these systems on a daily basis. as evidenced by the train bombings in London and Madrid in recent years, the threats to America's transit systems are real. After 9 11 terrors in 2001, security problem is appearing to every nations and international organizations main pending issue than any problem and various countermeasure is prepared. Security is the major issue in international trade, with significant potential costs and economic impact. So, We need to ensure that supply chain security does not become a new non-tariffs barrier. The aim of this study is to examine the international maritime and aviation law on the supply chain security. Also I review the supply chain security in U.S. and other countries.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.1
• /
• pp.221-227
• /
• 2014

When implementing cryptographic algorithms in mobile devices like smart cards, the security against side-channel attacks should be considered. Side-channel attacks try to find critical information from the side-channel infromation obtained from the underlying cryptographic devices' execution. Especially, the power analysis attack uses the power consumption profile of the devices as the side-channel information. This paper proposes a new gate-level countermeasure against the power analysis attack and the glitch attack and suggests how to apply the measure to securely implement AES.

• Journal of the Korea Safety Management & Science
• /
• v.15 no.4
• /
• pp.17-24
• /
• 2013

On this study, we extracted pending problem and controversial point from management of disaster such as terror for domestic massive performance and then, investigated countermeasure plan against disaster for massive performance through comparison and analysis between anti-disaster strategy of Korea and U.S. U.S are conducting security system actively for passenger of major facilities such as public institution. Nonetheless, In U.S that has the world's best security system, serious affair such as 911 terror and Boston marathon terror are continued to happen. When considering domestic situation that North Korea and South Korea are antagonistic to each other, it is judged when it is high time to prepare for threat of terrorism. Accordingly, On this study, through analyzing of latest terror attacks in U.S and disaster risk in the nation, we analyzed in detail countermeasure plan classified as legislation, operation of security system, instilling a sense. As the result of this analyzing, using by flow-chart, we suggested domestic optimized disaster management system for massive performance. Consequently, we propose to establish systematized disaster management system such as preliminary survey of disaster influence for massive performance.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.4
• /
• pp.585-591
• /
• 2013

Recently, the combined attack which is a combination of side channel analysis and fault attack has been developed to extract the secret key during the cryptographic processes using a security device. Unfortunately, an attacker can find the private key of RSA cryptosystem through one time fault injection and power signal analysis. In this paper, we diagnosed SPA/FA resistant BNP(Boscher, Naciri, and Prouff) exponentiation algorithm as having threats to a similar combined attack. And we proposed a simple countermeasure to resist against this combined attack by randomizing the private key using error infective method.

• Convergence Security Journal
• /
• v.8 no.2
• /
• pp.15-25
• /
• 2008

In today's broadcasting and communication systems, many applications are converged information in a complicated manner by interworking with various networks such as satellite networks. Specifically, as broadcasting and communication systems have become more advanced in terms of technology and capacity, the increase in information assets has created new types of threats and vulnerabilities that we're not previously apparent. This paper has proposed the following methodologies for analyzing the risks and estimating the economical that could arise in broadcasting and communication convergence systems. First, the assets are prioritized by grading them according to confidentiality(copyrights), integrity, and availability. Based on such an analysis, this paper presents a model that can be used for verifying the risk variables caused by changing threats and vulnerabilities. Second, this paper presents a method for quantitatively estimating the economical caused by countermeasure costs for each time period.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.20 no.4
• /
• pp.155-160
• /
• 2010

Since the RSA cryptosystem based on Chinese Remainder Theorem is vulnerable to many fault insertion attacks, some countermeasures against them were proposed. Recently, Kim et al. or Ha et al. respectively proposed each countermeasure scheme based on fault propagation method. Unfortunately, Hur et al. insist that these countermeasures are vulnerable to their opcode modification fault attack. In this paper, we show that the proposed attack can not apply to almost CRT-RSA countermeasures which use multi-precision operations in long bit computation. Therefore, the countermeasure against fault attack proposed by Kim et al. or Ha et al. are still secure.

• Proceedings of KOSOMES biannual meeting
• /
• 2003.11a
• /
• pp.99-104
• /
• 2003

The maritime security risk has been recognized since the terrorists attacked the world trade center and the Pentagon In this paper, maritime security risk is analyzed on the basis if the data of crime in Korean sea We propose the countermeasures to prevent maritime security threats