• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.2
• /
• pp.183-191
• /
• 2023

Cryptographic algorithms require extensive computational resources and rely on complex mathematical principles for security. However, IoT devices have limited resources, leading to insufficient computing power. As a result, lightweight cryptography has emerged, which uses fewer computational resources. NIST organized a competition to standardize lightweight cryptography and TinyJAMBU, one of the algorithms in the competition, is a permutation-based algorithm that repeats many permutation operations. In this paper, we implement TinyJAMBU on an 8-bit AVR processor with a proposedtechnique that includes a reverse shift method and precomputing some operations in a fixed key and nonce environment. Our techniques showed a maximum performance improvement of 7.03 times in permutation operations and 5.87 times in the TinyJAMBU algorithm, improving up to 9.19 times in a fixed key and nonce environment.

• Proceedings of the Korean Information Science Society Conference
• /
• 2001.04b
• /
• pp.211-213
• /
• 2001

공간 데이터베이스 시스템에서는 데이터의 보안과 사용자의 편의성을 제공하기 위해 사용자가 원하는 공간데이터만으로 구성된 공간 뷰를 제공한다. 클라이언트/서버 환경의 공간 데이터베이스 시스템에서 다수의 클라이언트에 의해 공간 뷰에 대한 질의가 요청 될 시 대용량의 데이터를 처리하기 위한 서버의 I/O 연산의 수행비용과 질의처리 비용 및 결과 데이터의 전송을 위한 전송 비용이 서버의 부하를 일으키고 질의 처리속도의 저하를 야기시킨다. 본 논문에서는 클라이언트/서버 환경의 공간 데이터베이스 시스템에서 공간 뷰의 생성 과정을 서버와 클라이언트에 분산시킨 크라이언트 실체화 기법을 제안한다. 공간 뷰 생성의 질의처리를 서버와 클라이언트에 분산시켜 대용량의 데이터와 복잡한 공간 연산에 따른 공간 뷰 생성과정의 서버 부하를 감소시키고 클라이언트에 실체화 함으로 해서 공간뷰에 대한 질의처리 요구에 따른 서버의 병목현상과 서버 부하를 감소시켜 사용자 응답시간을 최소화한다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2003.05c
• /
• pp.2213-2216
• /
• 2003

단일 호스트 환경에 특화되어 설계되어온 기존 침입탐지 시스템(Intrusion Detection System: IDS)은 침입 시 도메인의 보호만을 그 목적으로 하는 수동적인 성격으로써, 새로운 공격 기법에 대한 탐지 및 대응, 그리고 보다 그 규모가 큰 네트워크로의 확장 면에서 구조적인 결함을 가지고 있다. 이러한 IDS의 구조적 문제점의 해결방안으로 액티브 네트워크 기반의 IDS 에 관한 연구가 진행되고 있다. 액티브 네트워크(Active network)란 패킷 스위칭 네트워크 상에 프로그램 가능한 라우터 등인 액티브 노드들을 배치하고, 사용자의 요구에 상응하는 적절한 연산을 위한 데이터와 프로그램으로 구성된 스마트 패킷(smart packet)에 대하여 수행 가능하게 하는 접근 방법이다. 본 논문에서는 이를 기반으로 자율적이며 지능적인 에이전트로 구성된 멀티 에이전트 기술을 액티브 노드에 적용함으로써 기존 IDS 보안메커니즘에서 보다 러 진보된 능동적이고 적극적인 대응을 위한 보안 메커니즘을 제공하여 네트워크 공격에 의한 피해 최소화와 신속한 대응이 가능한 멀티 에이전트 기반 공격 대응 메커니즘을 제시하고, 이를 적용 가능한 액티브 네트워크 기반 프레임 설계를 제안한다.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.22 no.8
• /
• pp.1133-1138
• /
• 2018

Lightweight Encryption Algorithm (LEA) is one of the most promising lightweight block cipher algorithm due to its high efficiency and security level. There are many works on the efficient LEA implementation. However, many works missed the secure application services where the IoT platforms perform secure communications between heterogeneous IoT platforms. In order to establish the secure communication channel between them, the encryption should be performed in the on-the-fly method. In this paper, we present the LEA implementation performing the on-the-fly method over the ARM Cortex-M3 processors. The general purpose registers are fully utilized to retain the required variables for the key scheduling and encryption operations and the rotation operation is optimized away by using the barrel-shifter technique. Since the on-the-fly method does not store the round keys, the RAM requirements are minimized. The implementation is evaluated over the ARM Cortex-M3 processor and it only requires 34 cycles/byte.

• Journal of KIISE:Information Networking
• /
• v.30 no.5
• /
• pp.614-620
• /
• 2003

As the proliferation of Internet, mobile agent related technologies are examined for possible growth and evolution. In information retrieval, network and distributed system management, and electronic commerce, mobile agent is more flexible than the traditional communication paradigm. Despite the performance benefits, mobile agent is not used widely in the market because it is very vulnerable to a variety of attacks. In many studies related the security vulnerability for a mobile agent, the high security causes the performance to degrade. In this paper, we propose and evaluate the efficient security model for mobile agent using TDGM(Trusted Domain & Guide Manager), which provides three kinds of services : the trusted domain management, the security service and the travel plan guide. The result clearly shows that this model provides high security and minimizes the performance degradation.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.19 no.2
• /
• pp.103-109
• /
• 2019

Due to the development of ICT technology, the IoT environment for connecting objects in the vicinity to networks and utilizing information about objects in various fields is getting attention, and security threats are also increasing. In order to solve the increasing security problem in IoT environment, we are studying methods that use certificate, encryption, hash calculation and block chain in the private sector. However, the security authentication method which overcomes the performance gap between devices and has compatibility with various devices It has not been proposed yet. In this paper, we propose an authentication method that can achieve wide compatibility by minimizing the influence of IoT device environment.

• Journal of the Korea Society of Computer and Information
• /
• v.27 no.12
• /
• pp.131-139
• /
• 2022

In this paper, to verify the authenticity of UxNB that assists terrestrial base stations, the solutions for SI (System Information) security presented in 3GPP TR 33.809 are analyzed from the perspective of UxNB. According to the definition of 3GPP (Third Generation Partnership Project), UxNB is a base station mounted on a UAV (Unmanned Aerial Vehicle), is carried in the air by the UAV, and is a radio access node that provides a connection to the UE (User Equipment). Such solutions for SI security can be classified into hash based, MAC (Message Authentication Codes) based, and digital signature based, and a representative solution for each category is introduced one by one. From the perspective of verifying the authenticity of UxNB for each solution, we compare and analyze the solutions in terms of provisioning information and update, security information leakage of UxNB, and additionally required amount of computation and transmission. As a result of the analysis, the solution for verifying the authenticity of the UxNB should minimize the secret information to be stored in the UxNB, be stored in a secure place, and apply encryption when it is updated over the air. In addition, due to the properties of the low computing power of UxNB and the lack of power, it is necessary to minimize the amount of computation and transmission.

• The Journal of Korean Association of Computer Education
• /
• v.14 no.1
• /
• pp.175-185
• /
• 2011

Recently RFID systems have been introduced in place of barcode systems to industries such as logistics, distribution, and manufacturing. Due to security vulnerabilities in wireless communication between the reader and tags, however, the authentication protocols for the communication have also been researched extensively. In order to solve the vulnerability of previously proposed protocols, this paper thus proposes an authentication protocol that satisfies the security requirements in the RFID system and minimizes the quantity of computation such as random number generation, transmitting the micro-time of databases. In addition, it is expected that the proposed cross authentication protocol is safe against replay attack, spoofing attack, traffic analysis, and eavesdropping attack when it is applied to the RFID system. Also, it has advantages such as providing a high level of security at a lower manufacturing cost.

• The KIPS Transactions:PartC
• /
• v.11C no.4
• /
• pp.409-418
• /
• 2004

Multicast services are provided on the Internet in fast increasing . Therefore it is important to keep security for multicast communication. Member leaving is deeply associated with scalability problem for group key management. If one member of the group is removed, new group key has to be generated and distributed to all remaining members of group. Minimizing the number of messages and operation cost for generation of the composite keys are important evaluating criteria of multicast key management scheme since generation and distribution of new keys for rekeying require expensive operation. Batch removal can reduce these important parameters rather than removing members sequentially In fashion one after another. In this paper, Hamming distance is calculated between eve교 members to be removed. The members with Hamming distance less than threshold are selected for rekeying procedure. With running the round assignment algorithm In the case of removing several members simultaneously, our model has advantages of reducing the number of message and operation cost for generation of the composite keys and eliminating possibility of collusion attack for rekeying.

• The Journal of Korean Association of Computer Education
• /
• v.9 no.2
• /
• pp.111-124
• /
• 2006

Multicast services are provided on the Internet in fast increasing. Therefore it is important to keep security for multicast communication. If a member of the group is removed, new group key has to be generated and distributed to all remaining members of group. Minimizing number of messages and operation cost for generation of the composite keys to be used to encrypting group key are important evaluating criteria of multicast key management scheme since generation and distribution of new keys for rekeying require expensive operation. Periodic batch rekeying can reduce these important parameters rather than rekeying sequentially in fashion one after another. In this paper, Hamming distance is calculated between every members to be removed. In batch rekeying the members with Hamming distance less than threshold are selected for rekeying procedure. With running the round assignment algorithm in the case of removing several members simultaneously, our scheme has advantages of reducing messages and operation cost for generation of the composite keys and eliminating possibility of collusion attack for rekeying. We evaluate performance of round assignment algorithm through simulation and show that our scheme is excellent after performance comparison of existent schemes and our scheme.