• The Journal of Information Technology
• /
• v.2 no.2
• /
• pp.177-197
• /
• 1999

On regarding Problems on information security technology that have its rise in the Introduction of electronic money lately, security evaluation of the types of electronic money is important. Therefore in this paper I tried to analyse introduction viladity based on that,in korea. In perticular, there is a synthetical and systematical study on the security of eletronic money, on the viewpoint of choice combination of cryptography technology and the types of attacks on it. And in case of the electronic money that the criterion of efficiency and functionism is superior to that of security, I emphasize on the fact that it could be valid electronic money if it were supplemented by tamper resistance technology in middle-long term

• Journal of Korea Multimedia Society
• /
• v.12 no.8
• /
• pp.1120-1127
• /
• 2009

The commensurate number of the attacks and infringement targeting a vulnerability of the game service has been increasing constantly, due to the dramatic growth and expansion of the impact of the game industry. However, there exist no subsequent researches for the differentiated technology, which is to prevent the reverse function of the game service. Therefore, in this study, we examined the current status of infringement toward online game services which are provided in the market currently and designed the proper technical measures for a manipulation of the game service which is the most vulnerable part. We have encrypted an execution file and decrypted it in real time process. Furthermore, we conducted debugging, disassemble, and prevented a its own memory dump, also concealed the information to overcome the module dependency to preclude a manipulation.

• Review of KIISC
• /
• v.13 no.4
• /
• pp.88-101
• /
• 2003

인터넷과 전자상거래의 발전에 따라 전자적 수단으로 화폐 가치를 이전하는 수단이 마그네틱 카드에서 IC카드로 대체될 것으로 기대되고 있다. IC카드는 마그네틱 카드보다 많은 데이터를 저장할 수 있고, 물리적인 보안(Tamper-resistance)과 암호기법(Cryptographic Technique)을 통해 외부와의 통신을 엄격히 통제 및 보호할 수 있는 장점이 있다. 본 고에서는 IC카드의 안전성에 대해 알아보기 위해 먼저 IC카드를 정의하고 분류한다. 그리고, IC카드의 안전성 관련기능으로 카드에서의 사용자 인증, 카드와 카드단말사이의 실체인증, 접근통제 및 데이터의 기밀성/무결성, 키관리에 대해 알아보고, IC카드와 관련된 공격모델 및 공격기법들을 조사하여 정리하고자 한다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.5
• /
• pp.987-999
• /
• 2014

A PUF is embedded and implemented into a tag or a device, and outputs a noise y with an input of x, based on its own unique physical characteristics. Although x is used multiple times as inputs of PUF, the PUF outputs slightly different noises, ($y_1,{\cdots}y_n$), and also the PUF has tamper-resistance property, hence it has been widely used in cryptographic protocol. In this paper, we study how to design a PUF-based RFID authentication protocol in a secure and an efficient way. Compared with recent schemes, the proposed scheme guarantees both authentication and privacy of backword/forward under the compromise of long-term secrets stored in tag. And also, the most cost and time-consumming procedure, key recovery algorithm used with PUF, has been desgined in the side of RFID reader, not in the tag, and, consequently, gives possibility to minimize costs for implementation and running time.

• Proceedings of the Korea Concrete Institute Conference
• /
• 1997.04a
• /
• pp.613-619
• /
• 1997

The present study has an objetive to define the characteristic of the Porous Concrete to be used in the resistant layers of the pavement. Up to the moment there is no material which is capable which is capable of satisfying the mechanical resistances and drainability, two characterstics which interves, and a detailled study has been carried out on the same order to obtain the porous concrete of this study. such as: Mode and time of compaction. type of cement, water/cement ratio, maxium size of aggregates, sieve test. incorporation of some additives and additions etc., among them emphasizing the use of a method of compaction vibro-compression in the laboratory with which an optimum compacting was reached, and can be obtanied on the site with a spreader rated with double tamper. With this porous concrete for this study whose dominating characteristics is the drainability jointly with a high mechanical resistance. a safe and silence firm is obtained, with can be a great diffusion in the near future, for its application on the pavements. Based on these works carried out, there was the first experience in the world of field application with 25cm of resistance layer of Porous Concrete Pavement in Salamanca, Spain.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.1
• /
• pp.11-18
• /
• 2013

In order to prevent tampering and reverse engineering of executive code, this paper propose a new tamper resistant software mechanism. This paper presents a cryptographic MAC function and a relationship which has its security level derived by the importance of code block instead of by merely getting the encryption and decryption key from the previous block. In this paper, we propose a cryptographic MAC function which generates a dynamic MAC function key instead of the hash function as written in many other papers. In addition, we also propose a relationships having high, medium and low security levels. If any block is determined to have a high security level then that block will be encrypted by the key generated by the related medium security level block. The low security block will be untouched due to efficiency considerations. The MAC function having this dynamic key and block relationship will make analyzing executive code more difficult.

• ETRI Journal
• /
• v.33 no.1
• /
• pp.60-70
• /
• 2011

Software is completely exposed to an attacker after it is distributed because reverse engineering is widely known. To protect software, techniques against reverse engineering are necessary. A code encryption scheme is one of the techniques. A code encryption scheme encrypts the binary executable code. Key management is the most important part of the code encryption scheme. However, previous schemes had problems with key management. In an effort to solve these problems in this paper, we survey the previous code encryption schemes and then propose a new code encryption scheme based on an indexed table. Our scheme provides secure and efficient key management for code encryption.

• Proceedings of the Korean Information Science Society Conference
• /
• 2002.04b
• /
• pp.346-348
• /
• 2002

자바는 플랫폼 독립적이라는 장점을 가지고 있지만, 쉽게 역-컴파일 하여 소스코드를 얻을 수 있기 때문에 악의 있는 사용자가 개발자의 모듈과 알고리즘, 데이터 구조를 쉽게 얻을 수 있고 불법 사공이 가능하다. 본 논문에서는 자바 클래스를 보호하기 위하여 소프트웨어에 저작권을 삽입하는 워터마킹 기술과 소스코드 변경을 방지하는 변경확인 기술 및 역-컴파일을 어렵게 하는 난독 기술을 적용한 클래스 단위의 자바 클래스 보호 시스템을 제안한다. 제안 시스템은 워터마크에 대만 왜곡 공격에 강하고, 워터마크에 변경확인 기술을 적용하여 워터마크의 변경을 방지하였다.

• 한국정보통신설비학회:학술대회논문집
• /
• 2008.08a
• /
• pp.155-158
• /
• 2008

In 1989, Kocher et al. introduced Differential Power Attack on block ciphers. This attack allows to extract secret key used in cryptographic computations even if these are executed inside tamper-resistant devices such as smart card. Since 1989, many papers were published to improve resistance of DPA. At FSE 2003 and 2004, Akkar and Goubin presented several masking methods to protect iterated block ciphers such as DES against Differential Power Attack. The idea is to randomize the first few and last few rounds(3 $\sim$ 4 round) of the cipher with independent random masks at each round and thereby disabling power attacks on subsequent inner rounds. This paper show how to combine truncated differential cryptanalysis applied to the first few rounds of the cipher with power attacks to extract the secret key from intermediate unmasked values.

• Proceedings of the Korean Information Science Society Conference
• /
• 2012.06c
• /
• pp.260-262
• /
• 2012

최근 홈 엔터테인먼트 기기에서 생성되는 대용량 멀티미디어 콘텐츠의 전송요구가 증가하면서 UWB(Ultra Wideband) 무선통신을 사용하는 WUSB(Wireless Universal Serial Bus)가 홈 네트워크의 구축을 위한 기술로 주목 받고 있다. 케이블 없이 통신하는 WUSB의 통신 환경은 호스트와 디바이스 사이에 데이터 전송 전에 반드시 서로가 원하는 정당한 상대임을 인증하는 과정이 필요하다. 하지만 기존의 호스트와 디바이스 사이에 인증과정 시 전달되는 메시지의 무결성, 도청, 프라이버시 문제 등 여러 가지 보안 위협에 쉽게 노출될 수 있는 가능성이 존재하기 때문에 안전한 인증 스킴 개발이 중요하다. 본 논문에서는 WUSB 호스트와 디바이스가 서로 인증하는 과정에서 Tamper-Resistance 메커니즘을 제공하고, 도청 위협과 Man-in-the-Middle 공격을 방지 할 수 있는 상호 인증 스킴을 제안한다.