• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.14 no.6
• /
• pp.3-13
• /
• 2004

Kvarnstrom et al. ${in}^{[10]}$ proposed a rule protection scheme by using one-way hash function to protect rules in security systems over ubiquitous environment. Son et at. ${in}^{[5-6]}$ also prooposed a rule protection scheme for Snort, which is one of the most common IDS. These schemes provide security only for the header information but not for its contents. To solve this problem, this paper presents a scheme based on the symmetric cryptosystem over Snort not only for the header information but also contents. This paper uses the key management based on PCMCIA security module proposed ${by}^{[12]}$ for the symmetric cryptosystem. Our scheme could be adjusted to other security systems, which use the rule based detection.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.20 no.1
• /
• pp.55-60
• /
• 2020

In this paper, we propose an access control system using cryptography as a method to protect personal data in public blockchain. The proposed system is designed to encrypt data according to the access policy, store it in the blockchain, and decrypt only the person who satisfy the access policy. In order to improve performance and scalability, an encryption mechanism is implemented outside the blockchain. Therefore, data access performance could be preserved while cryptographic operations executed Furthermore it can also improve the scalability by adding new access control modules while preserving the current configuration of blockchain network. The encryption scheme is based on the attribute-based encryption (ABE). However, unlike the traditional ABE, the "retention period", is incorporated into the access structure to ensure the right to be forgotten. In addition, symmetric key cryptograpic algorithms are used for the performance of ABE. We implemented the proposed system in a public blockchain and conducted the performance evaluation.

• The KIPS Transactions:PartC
• /
• v.8C no.5
• /
• pp.525-534
• /
• 2001

Generally, compression and encryption procedures are performed independently in lossless image compression and encryption. When compression is followed by encryption, the compressed-stream should have the property of randomness because its entropy is decreased during the compression. However, when full data is compressed using image compression methods and then encrypted by encryption algorithms, real-time processing is unrealistic due to the time delay involved. In this paper, we propose to combine compression and encryption to reduce the overall processing time. It is method decomposing gray-scale image by means of quadtree compression algorithms and encrypting the structural part. Moreover, the lossless compression ratio can be increased using a transform that provides an decorrelated image and homogeneous region, and the encryption security can be improved using a reconstruction of the unencrypted quadtree data at each level. We confirmed the increased compression ratio, improved encryption security, and real-time processing by using computer simulations.

• Journal of Korea Multimedia Society
• /
• v.9 no.2
• /
• pp.215-225
• /
• 2006

Binary images, such as cartoon character images, text images and signature images, which consist of two values with black and white have more difficulties inserting imperceptible secret data than color images. Steganography using binary cover images is not easy to satisfy requirements for both the imperceptibility of stego images and a high embedding rate of secret data at the same time. In this paper, we propose a scheme that can get both the high quality of stego images and a high embedding rate by supplementing the advantages of previous research. In addition, the insertion of the proposed method changes only existing pixels of the imperceptible position and can embed the secret data of [$log_2(mn+1)-2$] bits in a block with size of $m{\times}n$.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.10 no.2
• /
• pp.328-332
• /
• 2006

Efficient finite field operation in the elliptic curve (EC) public key cryptography algorithm, which attracts much of latest issues in the applications in information security, is very important. Traditional serial finite multipliers root from Mastrovito's serial multiplication architecture. In this paper, we adopt the polynomial basis and propose a new finite field multiplier, inducing numerical expressions which can be applied to exhibit 3 times as much performance as the Mastrovito's. We described the proposed multiplier with HDL to verify and evaluate as a proper hardware IP. HDL-implemented serial GF (Galois field) multiplier showed 3 times as fast speed as the traditional serial multiplier's adding only partial-sum block in the hardware. So far, there have been grossly 3 types of studies on GF($2^m$) multiplier architecture, such as serial multiplication, array multiplication, and hybrid multiplication. In this paper, we propose a novel approach on developing serial multiplier architecture based on Mastrovito's, by modifying the numerical formula of the polynomial-basis serial multiplication. The proposed multiplier architecture was described and implemented in HDL so that the novel architecture was simulated and verified in the level of hardware as well as software.

• The KIPS Transactions:PartC
• /
• v.9C no.2
• /
• pp.149-156
• /
• 2002

Current vaccine program which scans virus code patterns has a difficult to detect the encrypted viruses or polymorphic viruses. The decryption part of polymorphic virus appears to be different every time it replicates. We must monitor the behavior of the decryption code which decrypts the body of the virus in order to detect these kinds of viruses. Specialty, it is not easy for the existing methods to detect the virus if the virus writer has modified the loop count of execution intentionally. In this paper, we propose an advanced emulator using a new algorithm so as to detect various kinds of polymorphic viruses. As a result of experiment using advanced emulator, we found that our proposed method has improved the virus detecting rate about 2%. In addition, our proposed system has a merit that it runs on not only MS-Windows but also Linux, and Unix-like Platform.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2017.10a
• /
• pp.549-551
• /
• 2017

There are currently various file encryption systems and applications for encryption and storage of file on disk. However, the existing file encryption solutions handle encryption and decryption all at once by file or directory. In this study, we propose a system call supporting partial encryption function of the file. The user sets the partial encryption of the file by using system call interface, and writes the contents. And then the data is encrypted and stored on the disk. Also if the user sets the decryption and reads the data, the necessary part of data is decrypted by applying the user setting. According to the user setting, only the necessary part is encrypted and stored on a storage medium. As a result, the information in a secret level can be saved efficiently and securely.

• Journal of the Institute of Electronics Engineers of Korea SD
• /
• v.42 no.8 s.338
• /
• pp.15-26
• /
• 2005

In this paper, we propose an efficient $GF(2^m)$ multi-segment multiplier architecture and study its application to elliptic curve cryptography processors. The multi-segment based ECC datapath has a very small combinational multiplier to compute partial products, most of its internal data buses are word-sized, and it has only a single m bit multiplexer and a single m bit register. Hence, the resource requirements of the proposed ECC datapath can be minimized as the segment number increases and word-size is decreased. Hence, as compared to the ECC processor based on digit-serial multiplication, the proposed ECC datapath is more efficient in resource usage. The resource requirement of ECC Processor implementation depends not only on the number of basic hardware components but also on the complexity of interconnection among them. To show the realistic area efficiency of proposed ECC processors, we implemented both the ECC processors based on the proposed multi-segment multiplication and digit serial multiplication and compared their FPGA resource usages. The experimental results show that the Proposed multi-segment multiplication method allows to implement ECC coprocessors, requiring about half of FPGA resources as compared to digit serial multiplication.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.13 no.2
• /
• pp.13-29
• /
• 2003

Web-mail system is worthy of note as a next generation e-mail system for its mobility and easiness. But many web-mail system does not have any kind of security mechanism. Even if web-mail system provides security services, its degree of strength is too low. Using these web-mail systems, the e-mail is tabbed, modified or forged by attacker easily. To solve these problems, we design and implement secure web-mail system based on the international e-mail security standard S/MIME in this thesis. This secure web-mail system is composed of server system and client system The server system performs basic mail functions - sending/receiving the mails, storing the mails, and management of user information, etc. And the client system performs cryptographic functions - encryption/decryption of the mails, digital signing and validation, etc. Because client system performs cryptographic functions this secure web-mail system gives its reliability and safety, and provides end-to-end security between mail users. Also, this secure web-mail system increase system efficiency by minimize server load.

• The KIPS Transactions:PartC
• /
• v.10C no.6
• /
• pp.695-704
• /
• 2003

As wireless Internet speads widely, circulation of various types of digital contents become active. Therefore, it is necesary to make a mobile-based DRM (Digatal Rights Management) system to protect digital contents from illegal reproduction and to give proper rights to contents users, In this paper, we present a mibile security system, which protects the copyright for digital contents offered throughout the mobile environment. Our security system is focused on presenting mobile-based DRM architecture. Especially, considering mobile device's decrying power, we adopted partial encryption scheme. For this, wecompared and evaluated the performant of each contents encryption scheme (the entire encryption scheme and the partial encription scheme) and proved that a proper DRM system for current wireless devices is the partial encryption system. Our mobile DRM system can be very efficient to protect contents on the wireless Internet environment.