Daejeon, South Korea
Daejeon, South Korea

Time filter

Source Type

Sasaki Y.,Nippon Telegraph and Telephone | Emami S.,Macquarie University | Hong D.,Attached Institute of ETRI | Kumar A.,Indian Institute of Technology Kharagpur
Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) | Year: 2012

This paper revisits previous known-key distinguishers on generic Feistel-SP ciphers based on rebound attacks. In this paper first we propose a new 5-round inbound phase that requires 2 c computations, while the previous work requires 2 2c computations (c is a size of the S-box). The new method also improves the number of rounds which can be attacked. Then, we apply the new procedure to Camellia. After several optimizations for Camellia, it is shown that collisions are efficiently generated against 9 rounds out of 18 rounds of Camellia-128 including FL and whitening layers in the compression function modes such as MMO and Miyaguchi-Preneel modes. The attack on Camellia is verified by a machine experiment and the generated results are presented in the paper. © 2012 Springer-Verlag.


Shin S.,Attached Institute of ETRI | Lee S.,Technology Strategy Research Division | Kim H.,Kyungil University | Kim S.,Applied Technology Internet
Expert Systems with Applications | Year: 2013

Recently, as damage caused by Internet threats has increased significantly, one of the major challenges is to accurately predict the period and severity of threats. In this study, a novel probabilistic approach is proposed effectively to forecast and detect network intrusions. It uses a Markov chain for probabilistic modeling of abnormal events in network systems. First, to define the network states, we perform K-means clustering, and then we introduce the concept of an outlier factor. Based on the defined states, the degree of abnormality of the incoming data is stochastically measured in real-time. The performance of the proposed approach is evaluated through experiments using the well-known DARPA 2000 data set and further analyzes. The proposed approach achieves high detection performance while representing the level of attacks in stages. In particular, our approach is shown to be very robust to training data sets and the number of states in the Markov model. © 2012 Elsevier Ltd. All rights reserved.


Hong D.,Attached Institute of ETRI | Koo B.,Attached Institute of ETRI | Sasaki Y.,NTT Corporation | Sasaki Y.,University of Electro - Communications
Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) | Year: 2010

In this paper, we improve previous preimage attacks on hash function HAS-160, which is standardized in Korea. We show that the last 68 steps out of 80 steps of HAS-160 can be attacked, while a previous attack works for only intermediate 52 steps. We also show that the first 67 steps of HAS-160 can be attacked. These attacks are based on the meet-in-the-middle attack, which is also used in the previous attack. Recently, various techniques of preimage attacks have been proposed on other hash functions. We show that these techniques can also be applied to HAS-160 and the number of attacked steps can be improved. For the attack on 68 steps, we first generate pseudo-preimages with a complexity of 2150.7, and then convert them to a preimage with a complexity of 2156.3. This attack uses a memory of 212 ×7 words. To the best of our knowledge, attacking 68 steps is the best of all attacks on HAS-160 hash function. © 2010 Springer-Verlag.


Jeon S.,Attached Institute of ETRI | Kim S.,Pohang University of Science and Technology | Yu H.,Pohang University of Science and Technology
Information Sciences | Year: 2016

Watching TV programs at the scheduled airtime is difficult due to time differences between countries or personal circumstances. Not to be a victim of spoilers, people sometimes choose a self imposed isolation from civilization until they have seen their favorite program, such as to stay away from the Internet. However, smartphones allow people to habitually check the SNS messages posted by their friends to maintain their relationships. It leads to the problem of exposing spoilers about their favorite TV programs. To prevent a self imposed isolation from their friends, we need automatic method for detecting spoilers from TV program tweets. To the best of our knowledge, there have been two works that have addressed the spoiler detection task: (1) a keyword matching method and (2) a machine-learning method based on Latent Dirichlet Allocation (LDA). However, they were not designed for short texts as well as the real-world system. The keyword matching method incorrectly predicts most tweets as spoilers. Although the LDA-based method works well on large bodies of text, it fails to accurately detect spoilers from short texts such as Twitter. In this work, we introduce a simple and powerful method of spoiler detection based on four representative features, which are significant indicators of spoilers. To identify and utilize four features, we conduct a precise analysis on real-world tweet data, and we build an SVM-based prediction model based on the result. Using tweets about Dancing with the Stars, and the final of the 2014 World-Cup, we evaluate the effectiveness of the proposed methods on spoiler detection tasks. According to the result, our method achieves greater precision than the competitors while maintaining a comparable recall performance. At the same time, our method outperforms the competitors in terms of processing time, showing that our method is sufficiently lightweight for application to the web-browser. Furthermore, to reduce the labeling cost, we introduce a semi-supervised approach that automatically re-trains the prediction model based on a small amount of labeled data. The experimental results show that the semi-supervised approach delivers performance comparable to that of the previous model. © 2015 Published by Elsevier B.V.


Kim S.H.,Attached Institute of ETRI | Han D.,Attached Institute of ETRI | Lee D.H.,Korea University
Proceedings of the ACM Conference on Computer and Communications Security | Year: 2013

OpenSSL is the most widely used library for SSL/TLS on the Android platform. The security of OpenSSL depends greatly on the unpredictability of its Pseudo Random Number Generator (PRNG). In this paper, we reveal the vulnerability of the OpenSSL PRNG on the Android. We first analyze the architecture of the OpenSSL specific to Android, and the overall operation process of the PRNG from initialization until the session key is generated. Owing to the nature of Android, the Dalvik Virtual Machine in Zygote initializes the states of OpenSSL PRNG early upon booting, and SSL applications copy the PRNG states of Zygote when they start. Therefore, the applications that use OpenSSL generate random data from the same initial states, which is potential problem that may seriously affect the security of Android applications. Next, we investigate the possibility of recovering the initial states of the OpenSSL PRNG. To do so, we should predict the nine external entropy sources of the PRNG. However, we show that these sources can be obtained in practice if the device is fixed. For example, the complexity of the attack was O(232+t) in our smartphone, where t is the bit complexity for estimating the system boot time. In our experiments, we were able to restore the PRNG states in 74 out of 100 cases. Assuming that we knew the boot time, i.e., t=0, the average time required to restore was 35 min on a PC with four cores (eight threads). Finally, we show that it is possible to recover the PreMasterSecret of the first SSL session with O(258) computations using the restored PRNG states, if the application is implemented by utilizing org.webkit package and a key exchange scheme is RSA. It shows that the vulnerability of OpenSSL PRNG can be a real threat to the security of Android. © 2013 ACM.


Jung K.-Y.,Hanyang University | Ju S.,Attached Institute of ETRI | Teixeira F.L.,Ohio State University
IEEE Microwave and Wireless Components Letters | Year: 2011

We develop a modal finite-difference time-domain (FDTD) method with a complex-frequency-shifted (CFS) perfectly matched layer (PML) to analyze magnetic photonic crystal (MPhC) waveguides. MPhCs are periodic structures with unit cell composed of two misaligned anisotropic dielectric layers and one ferromagnetic layer. Numerical results show that the proposed modal FDTD can reduce both memory and CPU costs by one order of magnitude or more compared to the conventional FDTD. © 2011 IEEE.


Choi J.,Attached Institute of ETRI | Shin I.,Attached Institute of ETRI
Proceedings of the ACM Conference on Computer and Communications Security | Year: 2013

This paper proposes an authentication and key management framework to strengthen the security level of the advanced metering infrastructure based on the DLMS/COSEM standard. The current DLMS/COSEM standard does not specify detailed secret key generation and distribution procedures, which induce a critical issues regarding interoperability in secure communication among AMI devices. Moreover, the protocol suffers from a key distribution problem, which can expose a session secret key supposed to be shared only by two devices to a third party node. The basic ideas are that smart meters and data collection systems perform the authentication and key exchange with AMI server using existing Extensible Authentication Protocol (EAP) standard, and DLMS/COSEM secret keys are created and shared securely using pre-formed secure channels. We show how the proposed framework can be realized in advanced metering infrastructure using existing standard protocols and provide preliminary security and performance comparisons with the existing related proposals. © 2013 ACM.


Koo B.,Attached Institute of ETRI | Hong D.,Attached Institute of ETRI | Kwon D.,Attached Institute of ETRI
Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) | Year: 2011

HIGHT is a lightweight block cipher, proposed in CHES 2006 , and on the process of ISO/IEC 18033-3 standardization. It is a 32-round Feistel-like block cipher with 64-bit block and 128-bit key. In this paper, we present the first attack on the full HIGHT using related-key rectangle attack with 2 123.169 encryptions, 257.84 data, and 4 related keys. Our related-key rectangle attack is valid for 2126 weak keys and this attack can be easily extended to an attack for the full key space faster than an exhaustive key searching using 4 related keys. We observe that an "add-difference" of master keys is propagated to an add-difference of subkeys with probability 1, so we can find 3-round local collisions of HIGHT by considering an add-difference as a relation of keys. Exploiting these local collisions and "over-simplified" structure of key-schedule, we construct a new 15.5-round related-key differential trail with relatively high probability. We construct a 24-round related-key rectangle distinguisher with probability 2-117.68 from an 8.5-round and a 15.5-round related-key truncated differential trail with local collisions by applying the ladder switch technique, and then suggest an attack on full rounds of HIGHT with this distinguisher. Our result implies that HIGHT cannot be regarded as an instantiation of the ideal cipher used in some provably secure schemes. © 2011 Springer-Verlag.


Cho M.-H.,Attached Institute of ETRI
2012 IEEE International Conference on Wireless Information Technology and Systems, ICWITS 2012 | Year: 2012

I have developed eRTOS-USN which is a real-time operating system for ubiquitous sensor networks, and successfully ported it on the Nano24 (with atmega128L CPU) sensor nodes. eRTOS-USN is suitable for the low computing power, small memory embedded controllers used in USN applications. © 2012 IEEE.


Soo L.H.,Attached Institute of ETRI
Proceedings - International Carnahan Conference on Security Technology | Year: 2016

Sony in United States and KHNP in South Korea were hit by a series of cyberattacks late in 2014 that were blamed on North Korea. U.S. president Obama responded strongly and positively as control tower, and led Sony do not surrender to hacker's demand. U.S government demonstrated retaliatory action against North Korea under the proportional principle, blacklisted 3 North Korean entities and 10 officials. That days, there was the outrage of internet of North Korea. In order to enhance the cyber security response capability, U.S created a new office, CTIIC and encouraged the development of ISAOs, and made Sanctions EO, Information Sharing EO etc. KHNP and the Ministry of Industry rectified incidents itself early period when cyber incident arose, and the situation did not recovered as quickly as desired. S. Korea had not retaliation actions, otherwise called for closer global cooperation against cyber-attacks. To enhance national cyber security and resilience, S. Korea government created the new post of presidential secretary for cyber security and draw up 'Strengthening National Cyber Security Posture' initiative. © 2015 IEEE.

Loading Attached Institute of ETRI collaborators
Loading Attached Institute of ETRI collaborators