Hanjae Jeong

Vulnerability analysis of secure USB flash drives

USB flash drive without any security function causes the exposure of private information. So new USB flash drive supported security function was invented to compensate for the problem. In this paper, we analyze vulnerability of 6 famous secure USB flash drives, and demonstrate that password can be exposed on communication between the secure USB flash drive and PC. Also we show the vulnerability on the data recovery and the S/W bug of secure USB flash drive.

Hybrid Key Management Architecture for Robust SCADA Systems

Recently, as a demand for connecting Supervisory Control and Data Acquisition (SCADA) systems to open networks increases, the study of SCADA system security becomes an issue. Many researchers have proposed key management schemes for SCADA systems. However, previous studies lack the proper considerations for availability. In this paper, we build up cryptographic security requirements for robust SCADA systems. In addition, we propose a hybrid key management architecture for robust SCADA systems which supports replace protocol for availability and reduces the number of keys to be stored in a master terminal unit.

A method for secure and efficient block cipher using white-box cryptography

Nowadays many information should be protected securely. Generally, they are encrypted by cryptographic algorithm. A secret value is used as encryption key which must not be exposed as public. However, the key can be extracted by adversary using white box attack. In the white box attack, the adversary is supposed to have full control of the target programs execution environment. A White-Box Cryptography is introduced to protect key from white box attack. In the previous research, white box cryptography is applied to symmetric key encryption. Although they provide protection mechanism from extracting key, they have disadvantages that are low performance and difficulty of key update. In this paper, we mentioned White-Box AES proposed by Chow et al. and improve its low performance and key update problem. We adopted composite mode using White-Box AES and Standard AES. Our scheme shows almost same performance with Standard AES and provides dynamic key approach effect. Moreover, it has a CPA-secure property and can be constructed for CCA-secure scheme with Message Authentication Code.

A proposal of appropriate evaluation scheme for exchangeable CAS (XCAS)

A conditional access system (CAS) only allows appropriate users to get access to contents. The advent of exchangeable CAS (XCAS) that updated version of CAS is developed. But the standards or evaluation schemes for XCAS are absent, so many interoperability problems among XCAS of each company may have to be occurred. Therefore, a specific scheme that can evaluate the security and suitability of exchangeable conditional access systems has been requested. In this paper, we propose an appropriate evaluation scheme for XCAS. The evaluation scheme includes an evaluation purpose and four components to evaluate the evaluation target, the evaluation process, the evaluation subject, and the evaluation cost involved.

A Study on Development of Information Security Evaluation Model

ABSTRACT The purposes of this study is development of information security evaluation model for governments to analyze domestic and foreign existing models. Recent domestic information security certification systems have several problems, because shortage of organic connectivity each other. Therefore we analysis on domestic and foreign existing models, specify security requirements, evaluation basis and other facts of models, optimize these facts for governments, and develop new model for domestic governments.Key Words:Information Security, Information Security System, Information Security Evaluation, Information Security Check, Information Security Management System, Information Security Evaluation Model 1. 서 론 1) 정보화의 급속한 발달로 정보보호의 중요성에 대한 인식이 증가하고 있으며, 이에 따라 조직은 정보보호정책을 수립하고 다양한 정보보호제품을 활용하여 정보보호수준을 향상시키기 위해 노력하고 있다. 이러한 조직의 정보보호수준을 평가하고 향상시키기 위해 국내·외 정보보호 관련기관에서는 다양한 제도를 개발하여 적용하고 있다. 국내에서는 한국정보보호진흥원이 정보보호 관리체계 인증제도를 2002년부터 운영하고 있으며, 국가정보원에서도 공공기관의 정보보안 관리수준평가를 2006년부터 시범 운영하고 있다. 하지만 이들은 평가인증제도, 정보통신기반보호제도, 정보보호 안전진단제도 등 기존 제도와의 유기적인 연결성 부족으로

On the security of an novel protocol for downloadable CAS

In 2008, Jeong et al. proposed a novel protocol for a downloadable conditional access system (DCAS). They claimed that their protocol provided mutual authentication and secure downloading of conditional access (CA) software. However we show that their protocol has a fatal weakness such that it is insecure to the impersonation attack. So, we propose the improved protocol based on their protocol. Moreover, we hope that by showing this design flaw, similar mistakes can be avoided in future designs.

A Study on Appropriate Device Authentication Scheme Based PKI for Exchangeable CAS (XCAS)

A condition access system (CAS) refers to a hardware-based system that allows only authenticated users to have access to contents. The CAS has many disadvantages found in that in the replacement of multiple service operator (MSO) a set-top box should be also changed and the smart-card often causes malfunction. To deal with the problems, exchangeable CAS (XCAS) was developed in 2009. However, in the XCAS, no method to authenticate a proper set-top box has been put forward. In this paper, we propose a novel program for set-top authentication in the XCAS. Additionally, we offer a format of certificate of authentication, and procedures of issuing the certificate for broadcasting services suitable for the XCAS. The technical method of authentication a set-top box that will be discussed is of high efficiency since in the MSO it requires only two subjects to communicate during the authentication in the MSO.

A Study on Evaluation Scheme for Exchangeable CAS (XCAS)

A condition access system (CAS) refers to a hardware-based system that allows only authenticated users to have access to contents. The CAS has many disadvantages found in that in the replacement of multiple service operator (MSO) a set-top box should be also changed and the smart-card often causes malfunction. To deal with the problems, exchangeable CAS (XCAS) was developed in 2009. However the standards or evaluation schemes for XCAS are absent. Existing evaluation schemes are not appropriate for evaluating XCAS due to the evaluation standard, the evaluation cost and efficiencies. Therefore, a specific scheme that can evaluate the security and suitability of exchangeable conditional access systems has been requested. In this paper, we propose an appropriate evaluation scheme for XCAS. The evaluation scheme includes an evaluation purpose and four components to evaluate the evaluation target, the evaluation process, the evaluation subject, and the evaluation cost involved.

A Key Management Scheme for Radio Frequency Communication Environment

The development of wireless communications provides mobility and accessibility to the wire communication users. Wireless sensor network is one of the leading wireless communication techniques. The security mechanism for wired network communication cannot be applied to wireless sensor network because of the limited resource and computing capability of nodes. Furthermore, communication errors frequently occur and the speed is low. Thus, efficient key management scheme is required in low-speed environment. In this paper, we proposed an efficient and secured master key-based scheme compared to the existing scheme. The advantage of our scheme is that establishing and renewing the pair-wise key is possible. In addition, it provides functions such as establishing group keys and renewing it. Furthermore, adding nodes is enabled through our scheme. The master key-based scheme can be applied to military operations and to radio communications for confidential communications.

Advanced Key Management Architecture Based on Tree Structure for Secure SCADA Communications

The SCADA(Supervisory Control And Data Acquisition) system is a control system for infrastructure of nation. In the past, the SCADA system was designed without security function because of its closed operating environment. However, the security of the SCADA system has become an issue with connection to the open network caused by improved technology. In this paper we review the constraints and security requirements for SCADA system and propose advanced key management architecture for secure SCADA communications. The contributions of the present work are that our scheme support both message broadcasting and secure communications, while the existing key management schemes for SCADA system don`t support message broadcasting. Moreover, by evenly spreading much of the total amount of computation across high power nodes (MTU or SUB-MTU), our protocol avoids any potential performance bottleneck of the system while keeping the burden on low power (RTU) nodes at minimal.