Browse > Article
http://dx.doi.org/10.13089/JKIISC.2007.17.2.83

A Packet encryption scheme and extension of Cryptoki for connectionless packet network  

Ko, Haeng-Seok (National Security Research Institute(NSRI))
Park, Sang-Hyun (National Security Research Institute(NSRI))
Kwon, Oh-Seok (Chungnam National University)
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.17, no.2, 2007 , pp. 83-92 More about this Journal
Abstract
In connectionless packet network, if a sender encrypts packets by block chaining mode and send it to receiver, the receiver should decrypt packets in encrypted order that is not received order. Therefore, the performance and efficiency are lowered for crypto communication system. To solve this problem, we propose packet encryption scheme for connectionless packet network that can decrypt the packets independently, even if the received order of packets are changed or packets are missed. The scheme makes new IV(Initial Vector) using IV that created by key exchange process and salt that made by random number. We propose extended Cryptoki API that added packet encryption/decryption functions and mechanism for improving convenience and performance. We implement the scheme and get result that the performance increased about $1.5{\sim}l5.6$ times compare with in case of implementing using Cryptoki API in the test environment.
Keywords
packet encryption; connectionless packet network; Cryptoki API;
Citations & Related Records
Times Cited By KSCI : 2  (Citation Analysis)
연도 인용수 순위
1 박수진, 신동명, 김학범, 최용락, '국제 보안 API 표준화 동향,' 통신정보보호학회지, 11(1), pp. 55-63, 2001
2 RSA Laboratories, 'PKCS #11 v2.2,' 2004
3 안하기, 신경욱, 'AES Rijndael 블록 암호 알고리즘의 효율적인 하드웨어 구현,' 정보보호학회논문지, 12(2), pp53-63, April, 2002
4 Steven M. Bellovin, 'Problem Areas for the IP Security Protocols,' Proceedings of sixth annual USENIX Security Symposium, pp. 205-214, July 1996
5 주학수, 이언경, 김승주, '암호라이브러리 및 암호API 개발 현황,' 정보보호학회지, 12(4), pp. 94-103, 2002
6 Stephen A. Thomas, SSL & TLS Essentials Securing the web, Willey Computing Publishing, 2000
7 Yoe-Sub Shin, Yang-Gyu Kim, Haeng-Seok Ko, Dong-Heyok Jan-g, Taejoo Chang, Oh-Seok Kwon, 'A Study on the High Speed Crypto-System for the M-ultiSessions,' SAM03, 2003
8 이상한, 고행석, 장태주, 김영수, 양상운, 박상현, 구본석, '고속 세션 변경이 가능한 블록 암호화 장치 및 그 구동방법,' 특허번호 10-0420555, 2004
9 William Stallings, Cryptography and Network Security, Prentice Hall, 2003
10 M. Bellare, A. Desai, E. Jokipii, and P. Roga way, 'A concrete security treatment of symmetric encryption,' Proceedings of the 38th IEEE symposium on Foundations of Computer Science, IE-EE, 1997, pp. 394-403
11 Voydock V., Kent S., 'Security Mechanisms in High-Level Network Protocols,' Computing Surveys, pp. 135-171, J-une 1983   DOI   ScienceOn
12 김명희, 김은환, 전문석, 'KCDSA 메커니즘을 제공하는 PKCS#11 설계 및 분석', 정보보호학회논문지, 14(5), pp. 141-151, 2004
13 P. Rogaway, 'Nonce-based symmetric encryption, Fast Software Encryption,' 11th International Workshop, FSE 2004, Delhi, India, February 5-7, 2004
14 전신우, 정용진, 권오준, 'Rijndael 암호 알고리즘을 구현한 암호 프로세서의 설계,' 정보보호학회논문지, 11(6), pp. 77-87, 2001