• Title/Summary/Keyword: tamper

Search Result 108, Processing Time 0.023 seconds

Applicability of Blockchain based Bill of Lading under the Rotterdam Rules and UNCITRAL Model Law on Electronic Transferable Records

  • Yang, Jung-Ho
    • Journal of Korea Trade
    • /
    • v.23 no.6
    • /
    • pp.113-130
    • /
    • 2019
  • Purpose - This paper investigates applicability of blockchain based bill of lading under the current legal environment. Legal requirements of electronic bill of lading will be analyzed based on the Rotterdam Rules and recently enacted UNCITRAL Model Law on Electronic Transferable Records. Using comparative analysis with the previous registry model for electronic bill of lading, this paper examines the advantages of blockchain based bill of lading. Design/methodology - This research reviewed previous efforts for dematerializing bill of lading with its limitation. Main features of blockchain technology which can make up for deficiencies of registry model also be investigated to analyze whether these features can satisfy the requirements for the legal validity of the negotiable electronic transport record or electronic transferable records under the Rotterdam Rules and the MLETR. Findings - Main findings of this research can be summarized as follows: Blockchain system operated in an open platform can improve transparency and scalability in transfer of electronic bill of lading by assuring easy access for transaction. Distributed ledger technology of blockchain makes it more difficult to forge or tamper with transactions because all participants equally shares identical transaction records. Consensus mechanism and timestamp in a blockchain transaction guarantee the integrity and uniqueness of a transaction. These features are enough to satisfy the requirements of electronic transferable records under the Rotterdam Rules and MLTER. Originality/value - This study has significance in that it provided implications for the introduction of electronic bill of lading by analyzing whether the blockchain based electronic bill of lading model meets the legal requirements under the current legal system prepared prior to the introduction of blockchain technology, and by presenting the advantages of the blockchain based bill of lading model through comparative analysis with the existing registry model.

Secure Boot Security Requirements for Cryptographic Modules against Supply Chain Threats (공급망 위협에 대응하기 위한 암호모듈의 안전한 부팅 보안 요구사항 제안)

  • Jong Wook Park;Sanghan Lee;Bonseok Koo;Seon Yeob Baek;Sang Yun Han
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.33 no.6
    • /
    • pp.989-1000
    • /
    • 2023
  • In order to respond to supply chain threats, active research and development efforts are underway for software tamper prevention technologies such as Secure Boot and management systems like Software Bill of Materials(SBOM). Particularly, the Trusted Computing Group (TCG) is introducing standards for Trusted Platform Module(TPM) to provide a secure and trustworthy computing boot environment. This paper emphasizes the need for introducing secure booting technology for cryptographic modules to ensure that they remain safe and provide reliable functionality even in the face of supply chain threats. Furthermore, it analyzes vulnerabilities in cryptographic modules verified by the ISO/IEC 19790 standard and proposes security requirements for secure booting of cryptographic modules to address these vulnerabilities.

Configurable Smart Contracts Automation for EVM based Blockchains

  • ZAIN UL ABEDIN;Muhammad Shujat Ali;Ashraf Ali;Sana Ejaz
    • International Journal of Computer Science & Network Security
    • /
    • v.23 no.10
    • /
    • pp.147-156
    • /
    • 2023
  • Electronic voting machines (EVMs) are replacing research ballots due to the errors involved in the manual counting process and the lengthy time required to count the votes. Even though these digital recording electronic systems are advancements, they are vulnerable to tampering and electoral fraud. The suspected vulnerabilities in EVMs are the possibility of tampering with the EVM's memory chip or replacing it with a fake one, their simplicity, which allows them to be tampered with without requiring much skill, and the possibility of double voting. The vote data is shared among all network devices, and peer-to-peer verification is performed to ensure the vote data's authenticity. To successfully tamper with the system, all of the data stored in the nodes must be changed. This improves the proposed system's efficiency and dependability. Elections and voting are fundamental components of a democratic system. Various attempts have been made to make modern elections more flexible by utilizing digital technologies. The fundamental characteristics of free and fair elections are intractability, immutability, transparency, and the privacy of the actors involved. This corresponds to a few of the many characteristics of blockchain-like decentralized ownership, such as chain immutability, anonymity, and distributed ledger. This working research attempts to conduct a comparative analysis of various blockchain technologies in development and propose a 'Blockchain-based Electronic Voting System' solution by weighing these technologies based on the need for the proposed solution. The primary goal of this research is to present a robust blockchain-based election mechanism that is not only reliable but also adaptable to current needs.

A Study on the Crime Investigation of Anonymity-Driven Blockchain Forensics (익명 네트워크 기반 블록체인 범죄 수사방안 연구)

  • Han, Chae-Rim;Kim, Hak-Kyong
    • Convergence Security Journal
    • /
    • v.23 no.5
    • /
    • pp.45-55
    • /
    • 2023
  • With the widespread use of digital devices, anonymous communication technologies such as the dark web and deep web are becoming increasingly popular for criminal activity. Because these technologies leave little local data on the device, they are difficult to track using conventional crime investigation techniques. The United States and the United Kingdom have enacted laws and developed systems to address this issue, but South Korea has not yet taken any significant steps. This paper proposes a new blockchain-based crime investigation method that uses physical memory data analysis to track the behavior of anonymous network users. The proposed method minimizes infringement of basic rights by only collecting physical memory data from the device of the suspected user and storing the tracking information on a blockchain, which is tamper-proof and transparent. The paper evaluates the effectiveness of the proposed method using a simulation environment and finds that it can track the behavior of dark website users with a residual rate of 77.2%.

Training of Accounting Professionals Following the Introduction of Block Chain Technology (블록체인 기술 다식부기 시스템 도입에 따른 회계전문인 육성 방안)

  • Yang, Haejin;Bae, Kheesu
    • Journal of Information Technology Applications and Management
    • /
    • v.26 no.4
    • /
    • pp.41-50
    • /
    • 2019
  • Block chain technology revolutionizes the 'double entry bookkeeping' of accounting principles in 600 years. It will be an opportunity for you to become one. The advent of the block chain will revolutionize the accounting world. It is no exaggeration to say that it is a skill. The use of block chains for accounting leads to the occurrence of transactions. It's easy to identify a transaction, and it's easy to fake or tamper with it. The accounting industry because it is difficult to communicate transparent accounting information to stake holders. Transformations will be possible across the board (Carlozo, 2017). An entity shall provide financial information that is useful to interested parties in making reasonable economic decisions. Transactions arising from business activities are recorded and provided in the books. Interested parties are here. We need to make decisions to protect our interests and make those decisions rationally. To make a decision, we know how the outcome of the decision will affect our self-interest. Because it has to do so, it uses corporate information for this purpose. But the investor is one way of doing business. It is difficult to trust the information provided by (Yermack, 2017). As a result, ICO companies, startups, small businesses lose a lot of business opportunities because they don't have investors. In addition, the management mixes cash flows with accounting interests to indicate changes in cash flows. It experiences failure in its business due to its inability to analyze and predict faithfully. But it's a blockhead in accounting. Applying the factors and recording them in the book will result in a number of benefits for different stake holders. It can be provided. The financial information in the block chain is not subject to further review or verification. It can improve the timeliness and increase reliability of financial information because it cannot be forged or tampered with (Delloitte, 2016). Based on the fourth industrial revolution, the pace of change in all sectors of society has never been faster. Based on block chain technology, decision-making structure is based on vertical structure of the past. Transforming into a horizontal structure collapses existing tools and advances transparency and decentralization a change of Copernican interpersonal awareness with the trend of the times, which is becoming angry with modern people.

SPA-Resistant Unsigned Left-to-Right Receding Method (SPA에 안전한 Unsigned Left-to-Right 리코딩 방법)

  • Kim, Sung-Kyoung;Kim, Ho-Won;Chung, Kyo-Il;Lim, Jong-In;Han, Dong-Guk
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.17 no.1
    • /
    • pp.21-32
    • /
    • 2007
  • Vuillaume-Okeya presented unsigned receding methods for protecting modular exponentiations against side channel attacks, which are suitable for tamper-resistant implementations of RSA or DSA which does not benefit from cheap inversions. The proposed method was using a signed representation with digits set ${1,2,{\cdots},2^{\omega}-1}$, where 0 is absent. This receding method was designed to be computed only from the right-to-left, i.e., it is necessary to finish the receding and to store the receded string before starting the left-to-right evaluation stage. This paper describes new receding methods for producing SPA-resistant unsigned representations which are scanned from left to right contrary to the previous ones. Our contributions are as follows; (1) SPA-resistant unsigned left-to-right receding with general width-${\omega}$, (2) special case when ${\omega}=1$, i.e., unsigned binary representation using the digit set {1,2}, (3) SPA-resistant unsigned left-to-right Comb receding, (4) extension to unsigned radix-${\gamma}$ left-to-right receding secure against SPA. Hence, these left-to-right methods are suitable for implementing on memory limited devices such as smartcards and sensor nodes

Performance Improvement of Power Attacks with Truncated Differential Cryptanalysis (부정차분을 이용한 전력분석 공격의 효율 향상*)

  • Kang, Tae-Sun;Kim, Hee-Seok;Kim, Tae-Hyun;Kim, Jong-Sung;Hong, Seok-Hie
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.19 no.1
    • /
    • pp.43-51
    • /
    • 2009
  • In 1998, Kocher et al. introduced Differential Power Attack on block ciphers. This attack allows to extract secret key used in cryptographic primitives even if these are executed inside tamper-resistant devices such as smart card. At FSE 2003 and 2004, Akkar and Goubin presented several masking methods, randomizing the first few and last few($3{\sim}4$) rounds of the cipher with independent random masks at each round and thereby disabling power attacks on subsequent inner rounds, to protect iterated block ciphers such as DES against Differential Power Attack. Since then, Handschuh and Preneel have shown how to attack Akkar's masking method using Differential Cryptanalysis. This paper presents how to combine Truncated Differential Cryptanalysis and Power Attack to extract the secret key from intermediate unmasked values and shows how much more efficient our attacks are implemented than the Handschuh-Preneel method in term of reducing the number of required plaintexts, even if some errors of Hamming weights occur when they are measured.

APPLICATION OF FUZZY SET THEORY IN SAFEGUARDS

  • Fattah, A.;Nishiwaki, Y.
    • Proceedings of the Korean Institute of Intelligent Systems Conference
    • /
    • 1993.06a
    • /
    • pp.1051-1054
    • /
    • 1993
  • The International Atomic Energy Agency's Statute in Article III.A.5 allows it“to establish and administer safeguards designed to ensure that special fissionable and other materials, services, equipment, facilities and information made available by the Agency or at its request or under its supervision or control are not used in such a way as to further any military purpose; and to apply safeguards, at the request of the parties, to any bilateral or multilateral arrangement, or at the request of a State, to any of that State's activities in the field of atomic energy”. Safeguards are essentially a technical means of verifying the fulfilment of political obligations undertaken by States and given a legal force in international agreements relating to the peaceful uses of nuclear energy. The main political objectives are: to assure the international community that States are complying with their non-proliferation and other peaceful undertakings; and to deter (a) the diversion of afeguarded nuclear materials to the production of nuclear explosives or for military purposes and (b) the misuse of safeguarded facilities with the aim of producing unsafeguarded nuclear material. It is clear that no international safeguards system can physically prevent diversion. The IAEA safeguards system is basically a verification measure designed to provide assurance in those cases in which diversion has not occurred. Verification is accomplished by two basic means: material accountancy and containment and surveillance measures. Nuclear material accountancy is the fundamental IAEA safeguards mechanism, while containment and surveillance serve as important complementary measures. Material accountancy refers to a collection of measurements and other determinations which enable the State and the Agency to maintain a current picture of the location and movement of nuclear material into and out of material balance areas, i. e. areas where all material entering or leaving is measurab e. A containment measure is one that is designed by taking advantage of structural characteristics, such as containers, tanks or pipes, etc. To establish the physical integrity of an area or item by preventing the undetected movement of nuclear material or equipment. Such measures involve the application of tamper-indicating or surveillance devices. Surveillance refers to both human and instrumental observation aimed at indicating the movement of nuclear material. The verification process consists of three over-lapping elements: (a) Provision by the State of information such as - design information describing nuclear installations; - accounting reports listing nuclear material inventories, receipts and shipments; - documents amplifying and clarifying reports, as applicable; - notification of international transfers of nuclear material. (b) Collection by the IAEA of information through inspection activities such as - verification of design information - examination of records and repo ts - measurement of nuclear material - examination of containment and surveillance measures - follow-up activities in case of unusual findings. (c) Evaluation of the information provided by the State and of that collected by inspectors to determine the completeness, accuracy and validity of the information provided by the State and to resolve any anomalies and discrepancies. To design an effective verification system, one must identify possible ways and means by which nuclear material could be diverted from peaceful uses, including means to conceal such diversions. These theoretical ways and means, which have become known as diversion strategies, are used as one of the basic inputs for the development of safeguards procedures, equipment and instrumentation. For analysis of implementation strategy purposes, it is assumed that non-compliance cannot be excluded a priori and that consequently there is a low but non-zero probability that a diversion could be attempted in all safeguards ituations. An important element of diversion strategies is the identification of various possible diversion paths; the amount, type and location of nuclear material involved, the physical route and conversion of the material that may take place, rate of removal and concealment methods, as appropriate. With regard to the physical route and conversion of nuclear material the following main categories may be considered: - unreported removal of nuclear material from an installation or during transit - unreported introduction of nuclear material into an installation - unreported transfer of nuclear material from one material balance area to another - unreported production of nuclear material, e. g. enrichment of uranium or production of plutonium - undeclared uses of the material within the installation. With respect to the amount of nuclear material that might be diverted in a given time (the diversion rate), the continuum between the following two limiting cases is cons dered: - one significant quantity or more in a short time, often known as abrupt diversion; and - one significant quantity or more per year, for example, by accumulation of smaller amounts each time to add up to a significant quantity over a period of one year, often called protracted diversion. Concealment methods may include: - restriction of access of inspectors - falsification of records, reports and other material balance areas - replacement of nuclear material, e. g. use of dummy objects - falsification of measurements or of their evaluation - interference with IAEA installed equipment.As a result of diversion and its concealment or other actions, anomalies will occur. All reasonable diversion routes, scenarios/strategies and concealment methods have to be taken into account in designing safeguards implementation strategies so as to provide sufficient opportunities for the IAEA to observe such anomalies. The safeguards approach for each facility will make a different use of these procedures, equipment and instrumentation according to the various diversion strategies which could be applicable to that facility and according to the detection and inspection goals which are applied. Postulated pathways sets of scenarios comprise those elements of diversion strategies which might be carried out at a facility or across a State's fuel cycle with declared or undeclared activities. All such factors, however, contain a degree of fuzziness that need a human judgment to make the ultimate conclusion that all material is being used for peaceful purposes. Safeguards has been traditionally based on verification of declared material and facilities using material accountancy as a fundamental measure. The strength of material accountancy is based on the fact that it allows to detect any diversion independent of the diversion route taken. Material accountancy detects a diversion after it actually happened and thus is powerless to physically prevent it and can only deter by the risk of early detection any contemplation by State authorities to carry out a diversion. Recently the IAEA has been faced with new challenges. To deal with these, various measures are being reconsidered to strengthen the safeguards system such as enhanced assessment of the completeness of the State's initial declaration of nuclear material and installations under its jurisdiction enhanced monitoring and analysis of open information and analysis of open information that may indicate inconsistencies with the State's safeguards obligations. Precise information vital for such enhanced assessments and analyses is normally not available or, if available, difficult and expensive collection of information would be necessary. Above all, realistic appraisal of truth needs sound human judgment.

  • PDF