Changhoon Lee

• PhD
• Professor (Full) at Seoul National University of Science and Technology, South Korea

In this paper, we propose a new block cipher HIGHT with 64-bit block length and 128-bit key length. It provides low-resource hard- ware implementation, which is proper to ubiquitous computing device such as a sensor in USN or a RFID tag. HIGHT does not only consist of simple operations to be ultra-light but also has enough security as a good encryp...

Currently, the monetary value of cryptocurrencies is extremely high, leading to frequent theft attempts. Cyberattacks targeting cryptocurrency wallets and the scale of these attacks are also increasing annually. However, many studies focus on large-scale exchanges, leading to a lack of research on cryptocurrency wallet security. Nevertheless, the t...

Recently, differential-neural cryptanalysis, which combines deep learning with differential cryptanalysis, has gained attention as a powerful and practical cryptanalysis method. In this approach, a neural distinguisher is trained to distinguish the target cipher with specific differential properties from other ciphers, and its statistical analysis...

The Metaverse is currently becoming a massive technology platform and is considered to be the next significant development in global technology and business landscapes. The Metaverse is a digital platform that people can enter or transport virtual items with a device as a medium, implemented as virtual but very similar to the real world through the...

Huang et al. introduced the conditional cube attack at EUROCRYPT 2017, where it was presented as a conditional cube variable with specific key bit conditions that significantly reduced diffusion. This attack necessitates a set of cube variables that are not multiplied in the first round, while the conditional cube variable is not multiplied with or...

The cube attack was proposed at the 2009 Eurocrypt. The attack derives linear polynomials for specific output bits of a BlackBox cipher. Cube attacks target recovery keys or secret states. In this paper, we present a cube attack on a 5-round Sycon permutation and a 6-round Sycon permutation with a 320-bit state, whose rate occupies 96 bits, and who...

Healthcare applications store private user data on cloud servers and perform computation operations that support several patient diagnoses. Growing cyber-attacks on hospital systems result in user data being held at ransom. Furthermore, mathematical operations on data stored in the Cloud are exposed to untrusted external entities that sell private...

Physical memory acquisition is a prerequisite when performing memory forensics, referring to a set of techniques for acquiring and analyzing traces associated with user activity information, malware analysis, cyber incident response, and similar areas when the traces remain in the physical RAM. However, certain types of malware have applied anti-me...

Advanced information technologies have transformed into high-level services for more efficient use of energy resources through the fusion with the energy infrastructure. As a part of these technologies, the energy cloud is a technology that maximizes the efficiency of energy resources through the organic connection between the entities that produce...

Preemptive respondents on cyber threats have become an essential part of cybersecurity. Cyber Threat Intelligence (CTI) is an evidence-based threat detection and prevention system. CTI system analyzes and shares the security data to mitigate evolving cyber threats using security-related data. However, to gather enough amount of data for analysis, t...

Connections of cyber-physical system (CPS) components are gradually increasing owing to the introduction of the Industrial Internet of Things (IIoT). IIoT vulnerability analysis has become a major issue because complex skillful cyber-attacks on CPS systems exploit their zero-day vulnerabilities. However, current white box techniques for vulnerabili...

Side-channel threat is a form of cryptanalysis that takes advantage of secret information leaked during program implementations, through measurement and evaluation of systematic parameters, such as execution time, power consumption and electromagnetic field (EMF) radiation. Since various side-channel analysis techniques have applied successfully in...

The proliferation of various connected platforms, including Internet of things, industrial control systems (ICSs), connected cars, and in-vehicle networks, has resulted in the simultaneous use of multiple protocols and devices. Chaotic situations caused by the usage of different protocols and various types of devices, such as heterogeneous networks...

The convergence of fifth-generation (5G) communication and the Internet-of-Things (IoT) has dramatically increased the diversity and complexity of the network. This change diversifies the attacker’s attack vectors, increasing the impact and damage of cyber threats. Cyber threat intelligence (CTI) technology is a proof-based security system which re...

Recently, many lightweight block ciphers are proposed, such as PRESENT, SIMON, SPECK, Simeck, SPARX, GIFT, and CHAM. Most of these ciphers are designed with Addition–Rotation–Xor (ARX)-based structure for the resource-constrained environment because ARX operations can be implemented efficiently, especially in software. However, if the word size of...

The research combines two heuristic algorithms, COMSOAL and Priority rule-based algorithm, to design a production scheduling algorithm. Meanwhile it refers to dispatching rule and wafer start rule. Also base on the requirements and characters of wafer foundry companies, it designs proper capacity constraint model and wafer start rule to construct p...

Abstract With the rapid development of computer-supported cooperative work (CSCW) technology, graphical collaborative editing plays an increasingly important role in CSCW. The most important technique in graphics co-editing is the consistency of graphics co-editing, which mainly includes causality consistency, consistency of results, and consistenc...

BM123-64 block cipher, which was proposed by Minh, N.H. and Bac, D.T. in 2014, was designed for high speed communication applications factors. It was constructed in hybrid controlled substitution–permutation network (CSPN) models with two types of basic controlled elements (CE) in distinctive designs. This cipher is based on switchable data-depende...

Cyber-threat intelligence (CTI) is a knowledge-based threat management system that addresses increasing cyber threats. The CTI system creates reputation information for network resources such as IP, URL and file hash based on security data collected from Security Information and Event Management (SIEM) systems. This information can be applied exten...

Color information plays an important role in the color image segmentation and real-time color sensor, which affects the result of video image segmentation and correct real-time temperature value. In this paper, a novel real-time color image segmentation method is proposed, which is based on color similarity in RGB color space. According to the colo...

Real-time collaborative graphical editing system allows a group of users simultaneously to view and edit the shared graphical documents from geographically dispersed sites connected by networks. The strategy of consistency maintenance is the key technique to ensure correctness in this editing system. This paper maps the two-dimensional drawing area...

This paper proposes a novel method for real-time gesture recognition. Aiming at improving the effectiveness and accuracy of HGR, spatial pyramid is applied to linguistically segment gesture sequence into linguistic units and a temporal pyramid is proposed to get a time-related histogram for each single gesture. Those two pyramids can help to extrac...

Ubiquitous networks enable mobile users to communicate with each other efficiently and independently without the need of inventing agent. This approach is proved to be delay and spectral efficient. Due to the nature of underlying Big data, such networks are prone to several security and privacy challenges. Because such gigantic data is not only dif...

Juliano Rizzo and Thai Duong, the authors of the BEAST attack [11, 12] on SSL, have proposed a new attack named CRIME [13] which is Compression Ratio Info-leak Made Easy. The CRIME exploits how data compression and encryption interact to discover secret information about the underlying encrypted data. Repeating this method allows an attacker to eve...

Data-dependent operations (DDOs) that were introduced by Moldovyan in 2003 (Moldovyan in MMM-ACNS 2003, LNCS, 2776: 316–327, Springer, Heidelberg, 5; Moldovyan et al. in Int J Netw Secur 2(2):114–225, 6, in Proceedings of CCCT04, VII:123–128, 7), have been proposed as a primitive suitable for designing efficient ciphers with simple key scheduling....

In the Internet of things, trust establishment plays an important role of improving cooperation and enhancing security. To evaluate the trust relationships among sensor nodes accurately, an appropriate trust estimation model should be designed so as to against attack and misbehavior effectively. In this paper, a novel quantitative model of trust va...

After Bitcoin was proposed by Satoshi Nakamoto in 2009, studies have been carried out to apply the Block Chain technology in various environment, which was applied as a distributed transaction of Bitcoin. Smart contracts, voting and proof of ownership of digital contents are typical applications of Block Chain. They used the feature that it is impo...

Several security mechanisms have been investigated and deployed that provide protection for real time platforms. Each security mechanism is contributed to enhance the SCADA system security, but at the same time, the mechanism is limited and depended on the other protocols for the purposes of message security, and its delivery. Few researches are co...

In this paper, we propose to use the deep learning technique for abnormal event detection by extracting spatiotemporal features from video sequences. Human eyes are often attracted to abnormal events in video sequences, thus we firstly extract saliency information (SI) of video frames as the feature representation in the spatial domain. Optical flo...

With the development of computer and IT technologies, enterprise management has gradually become information-based management. Moreover, due to poor technical competence and non-uniform management, most breeding enterprises show a lack of organisation in data collection and management. In addition, low levels of efficiency result in increasing prod...

Switchable data-dependent operations (SDDOs) that were introduced by Moldovyan (MMM-ACNS 2003, LNCS, vol 2776, pp 316–327. Springer, Heidelberg, 2003), have been proposed as a primitive suitable to designing efficient ciphers with simple key scheduling. These solve the problems of the weakness of key change process, and also the SDDO-based ciphers...

There are technological, operational, and environmental constraints at tactical edge, which are disconnected operation, intermittent connectivity, and limited bandwidth, size, weight and power limitations, ad-hoc and mobile network, and so on. Moreover, an operational environment is highly dynamic: requirements change in response to the emerging si...

Compared to the past, the current disk storages have dramatically increased and extremely many data are transferred on the network everyday. In spite of the anticipation that such development will be continued, there have been lack of studies for improving the data-imaging time in terms of the digital forensics. In this paper, we firstly investigat...

Substantial changes have occurred in the Information Technology (IT) sectors and with these changes, the demand for remote access to field sensor information has increased. This allows visualization, monitoring, and control through various electronic devices, such as laptops, tablets, i-Pads, PCs, and cellular phones. The smart phone is considered...

This paper proposes three new padding methods designed to withstand padding oracle attacks, which aim at recovering a plaintext without knowing the secret key by exploiting oracle’s characteristic of checking the padding during decryption. Of the ten existing padding methods, only two (ABYT-PAD and ABIT-PAD) can withstand padding oracle attacks. Ho...

COSB-128 is a type of fast controllable permutation block (CPB), which is designed to ensure a high speed of data transformation and high stability to differential analysis. In this paper, we present the possibility to distinguish between a 10-round COSB-128 and a 128-bit random permutation through a full 10-round related-key difference characteris...

COSB-128 (Moldovyan et al., 2002) is a block cipher with 128-bit and 256-bit secret keys, which use key and data-dependent operational substitutions in fast controllable permutation blocks (CPB) concept. It is designed with a simple key schedule to ensure a high speed of data transformation by fast block encryption algorithms and expected to be hig...

In the directional carrier sense multiple access-collision avoidance (directional-CSMA-CA) mechanism, the efficient channel access mechanism with a collision-controlled concept is one of the most challenging topics. Especially, in capillary machine-to-machine (M2M) where wireless personal area network (WPAN) is a key technology for its wireless con...

We use various types of cryptographic algorithms for the protection of personal and sensitive informations in the application environments, such as an internet banking and an electronic commerce. However, recent researches were introduced that if we implement modes of operation, padding method and other cryptographic implementations in a wrong way,...

In this paper, we propose a differential fault analysis on symmetric SPN block cipher with bitslice involution S-box in 2011. The target block cipher was designed using AES block cipher and has advantage about restricted hardware and software environment using the same structure in encryption and decryption. Therefore, the target block cipher must...

In the various application environments on the internet, we use verified cipher algorithm to protect personal information of electronic commerce or application environments. Even so, if an application method isn`t proper, the information you want to keep can be intercepted. This thesis studied about result of Padding Oracle Attack, an application e...

In this paper, we propose a differential fault analysis on SSB having same structure in encryption and decryption proposed in 2011. The target algorithm was designed using advanced encryption standard and has advantage about hardware implementations. The differential fault analysis is one of side channel attacks, combination of the fault injection...

In the various application environments on the internet, we use verified cipher algorithm to protect personal information. Even so, if an application method isn`t proper, the information you want to keep can be intercepted. One of the representative examples of it is a PADDING ORACLE ATTACK. This thesis studied about STRP, MIKEY, CMS, IPSec, TLS, I...

In this paper, we evaluate the security of lightweight block ciphers PRESENT-80 and PRESENT-128 applicable to hybrid information systems against biclique cryptanalysis. To recover the secret key of PRESENT-80/128, our attacks require full PRESENT-80 encryptions and full PRESENT-128 encryptions, respectively. These results are superior to known bicl...

With the rapid development of wireless mobile communication, the password-based three-party authenticated key exchange protocol has attracted an increasing amount of attention. To generate more session keys at one time for different applications, Li et al. proposed a password-based three-party authenticated multiple key exchange (3PAMKE) protocol f...

Stage financing is the basic operation of venture capital investment. In investment, usually venture capitalists use different strategies to obtain the maximum returns. Due to its advantages to reduce the information asymmetry and agency cost, stage financing is widely used by venture capitalists. Although considerable attentions are devoted to sta...

The use of satellite automotive navigation systems has increased rapidly worldwide in recent years. Forensic analysis of these devices can be identified information of evidential value in criminal cases. Mappy GPS navigation software is one of the most popular products of satellite navigation software in Korea. Mappy records the usage history, such...

Recently, importance of digital forensics has increased and using analysis methods of digital evidence in the analysis of evidence of various types. However, analysis time and effort is steadily increasing because personal disk capacity is too big and it has many number of files. Most digital evidence has time property, such as access time, creatio...

In the field of Data Mining, the estimation of the quality of the learned models is a key step in order to select the most appropriate tool for the problem to be solved. Traditionally, a k-fold validation technique has been carried out so that there ...

PRINTcipher-48/96 are 48/96-bit block ciphers proposed in CHES 2010 which support the 80/160-bit secret keys, respectively. In this paper, we propose related-key cryptanalysis of PRINTcipher. To recover the 80-bit secret key of PRINTcipher-48, our attack requires 247 related-key chosen plaintexts with a computational complexity of . In the case of...

As the capacity of storage is gradually larger, most of the users logically use the storage devices dividing into multiple partitions. Therefore recovering partition stably from artificial partition concealing or partition damage is a very important issue. In this paper, we suggest a partition recovery algorithm which can conduct reliable and effic...

BMD-128 is a 128-bit block cipher with a 256-bit secret key and is based on switchable data-dependent operations. By using these operators, this algorithm was designed to ensure the high applicability in the transaction needing the change of session keys with high frequency. In this paper, we show that it is possible to distinguish between a 7-roun...

LBlock is a 64-bit lightweight block cipher which can be implemented in both constrained hardware environments, such as wireless sensor network, and software platforms. In this paper, we study the security of LBlock against a differential fault analysis. Based on a random nibble fault model, we propose two versions of the attack on LBlock. In the f...

Recent developments in grid and cloud computing technologies have enhanced the performance and scale of storage media. Data management and backup are becoming increasingly important in these environments. Backup systems constitute an important component of operating system security. However, it is difficult to recover backup data from an environmen...

In this paper, we propose a differential fault analysis on symmetry structured SPN block cipher proposed in 2008. The target algorithm has the SPN structure and a symmetric structure in encryption and decryption process. To recover the 128-bit secret key of the target algorithm, this attack requires only one random byte fault and an exhaustive sear...

Digital Forensics is being actively researched and performed in various areas against changing IT environment such as mobile phone, e-commerce, cloud service and video surveillance. Moreover, it is necessary to research unified digital evidence management for correlation analysis from diverse sources. Meanwhile, various triage approaches have been...

PP-1 is a scalable block cipher which can be implemented on a platform with limited resource. In this paper, we analyze the security of PP-1 by using truncated differential cryptanalysis. As concrete examples, we consider four versions of PP-1, PP-1/64, PP-1/128, PP-1/192, and PP-1/256. Our attack is applicable to full-round versions of them, respe...

KT-64 and MD-64 are hardware-optimized 64-bit block ciphers which are based on data-dependent operations. They provide high performance in FPGA implementation, which are suitable for low-resource devices such as RFID tags and wireless sensor network. In this paper, we propose cryptanalytic results on KT-64 and MD-64. Based on a related-key amplifie...

In order to improve the energy efficiency and avoid the energy hole problem in wireless sensor networks, this paper proposes a routing algorithm named RCBDF (Ring and Clustering Based on Data Filed). The algorithm uses the concept of physical field and the ring network. The routing algorithm will achieve a better balance between energy consumption...

In the existing economy based models of grid resource allocation and management, just as commodity market model and posted price model, sharing resource is based on negotiating about the usage duration or time, the usage fee, QoS (Quality of Service) and some other items between the owner or his broker and the consumer of grid resource. That will c...

256-bit block cipher XSB(eXtended Spn Block cipher) was proposed in 2012 and has a symmetric strucrure in encryption and decryption process. In this paper, we propose a differential fault analysis on XSB. Based on a random byte fault model, our attack can recover the secret key of XSB by using only two random byte fault injection. This result is th...

It is one key issue in the wireless mesh networks to provide various scenarios such as multimedia and applications. Links in the network can be organized and assigned to orthogonal channels so as to minimize the co-channel interference. In this paper we focus on the channel assignment problem for links in the mesh networks and aim at minimizing the...

In recent years, various computers have been compromised through several paths. In particular, the attack patterns and paths are becoming more various than in the past. Furthermore, systems damaged by hackers are used as zombie systems to attack other web servers or personal computers, so there is a high probability to spread secondary damage such...

In ad hoc sensor networks, it is very essential for sensors to know their own positions exactly which provide the context to sensed data. Sensors in ad hoc sensor networks enable to locate their positions from a relatively small number of landmarks that know their coordinates through external means (e.g., GPS). In this paper, we assume that sensor...

In this paper, we evaluate the security of lightweight block ciphers mCrypton and LED against biclique cryptanalysis. In cases of mCryton-64/96/128, our attacks require computational complexities of $2^{63.18}, 2^{94.81}$ and $2^{126.56}$ , respectively. These results are the first known biclique cryptanalytic results on mCrypton. The attack on...

Recently, companies seek a way to overcome their financial crisis by reducing costs in the field of IT. In such a circumstance, cloud computing is rapidly emerging as an optimal solution to the crisis. Even in a digital forensic investigation, whether users of an investigated system have used a cloud service is a very important factor in selecting...

Recently, Guo et al. discovered some security flaws of the simple three-party key exchange protocol proposed by Lu and Cao, and proposed an improved protocol. Independently, Chung and Ku also showed some weaknesses of Lu and Cao’s protocol, and provided an improved protocol. In this paper, we review some insecurity of Lu and Cao’s protocol and anal...

Sharing copyright protected content without the copyright holder’s permission is illegal in many countries. Regardless, the number of illegal file sharing using BitTorrent continues to grow and most of file sharers and downloader are unconcerned legal action to transfer copywrite-protected files. However, it is difficult to gather enough probative...

LBlock is a 64-bit ultra-light block cipher suitable for the constrained environments such as wireless sensor network environments. In this paper, we propose a differential fault analysis on LBlock. Based on a random nibble fault model, our attack can recover the secret key of LBlock by using the exhaustive search of and five random nibble fault in...

The law enforcement agencies in the worldwide are confiscating or retaining computer systems involved in a crime/civil case at the preliminary investigation stage, even though the case does not involve a cyber-crime. They are collecting digital evidences from the suspects's systems and using them in the essential investigation procedure. It require...

Reliable routing of packets in a Mobile Ad Hoc Network (MANET) has always been a major concern. The open medium and the susceptibility of the nodes of being fault-prone make the design of protocols for these networks a challenging task. The faults in these networks, which occur either due to the failure of nodes or due to reorganization, can eventu...

When a forensic investigation is carried out in the enterprise environment, most of the important data are stored in database servers, and data stored in them are very important elements for a forensic investigation. As for database servers with such data stored, there are over 10 various kinds, such as SQL Server and Oracle. All the methods of inv...

MD-64 is a 64-bit block cipher with a 128-bit secret key and is based on data-dependent operations for the fast hardware performance. MD-64 is suitable to applications in resource constrained environments such as wireless sensor networks. In this paper, we propose a related-key amplified boomerang attack on the full-round MD-64. Our attack requires...

Some of the latest advancements and future directions in multimedia and mobile computing are discussed in this article. The latest advancements in pervasive computers, networks, telecommunication, and information technology, along with the proliferation of multimedia-capable mobile devices have driven the development of intelligent and pervasive mu...

It is necessary to have security for Wireless Sensor Networks (WSNs), which must be able to establish secure node to node communication. Sensor nodes should not have any a priori knowledge of which nodes will be close enough to be in their transmission range. And it is very likely that the topology of the network changes very frequently. Also a uni...

KT-64 is a 64-bit block cipher which use CSPNs suitable for the efficient FPGA implementation. In this paper, we propose a related-key amplified boomerang attack on the full-round KT-64. The attack on the full-round KT-64 requires related-key chosen plaintexts and KT-64 encryptions. This work is the first known cryptanalytic result on KT-64.

The ever growing capacity of hard drives poses a severe problem to forensic practitioners who strive to deal with digital investigations in a timely manner. Therefore, the on-the-spot digital investigation paradigm is emerging as a new standard to select only that evidence which is important for the case being investigated. In the light of this iss...

Detecting unseen illegal codes is always a challenging task. As the main action to deal with this problem, the behavior detection is unsatisfactory in both effectiveness and efficiency. This paper proposes task-based behavior detection (TBBD) which detects new illegal codes based on the user’s task instead of only on the software behavior. First, t...

Portable web browser is a stand-alone web browser, which is designed to run on web pages and applications on an operating system independently. Portable web browsers store artifacts in the installed in the folder, while normal web browsers store artifacts in the user's system. Therefore, portable web browsers are difficult to judge whether that use...

SEED is a 128-bit block cipher supporting 128, 192 and 256-bit secret keys. It has been adopted as a national industrial association standard (TTAS KO-12.0004) at 1999 and ISO/IEC 18033-3 and IETF RFC 4269 at 2005. The first cryptanalytic result on DFA is proposed in 2004. After that Jeong et al. proposed DFAs on SEED-128/192/256. In these attacks,...

In these days, a number of illegal file sharers using BitTorrent increase. Sharing copyrighted files without copyright holder’s permission is illegal, so they must be punished. However, it is difficult to find appropriate digital evidences and legal basis to punish them. This paper proposes the methodology about punishing illegal sharer using BitTo...

Growth in cloud services is surging around the world as cloud computing rapidly outstrips the projected growth rate for traditional IT products. Cloud service has characteristics that the data is synchronized in real time and could be approached from multiple devices. If the device is connected over network, it could be changed due to syncing servi...

When a forensic investigation is carried out in the enterprise environment, most of the important data is stored in database servers, and data stored in them are very important elements for a forensic investigation. As for database servers with such data stored, there are over 10 various kinds, such as SQL Server, Mysql and Oracle. All the methods...