• Proceedings of the Korea Information Processing Society Conference
• /
• 2009.11a
• /
• pp.703-704
• /
• 2009

멀티미디어 환경을 기반으로 한 온라인 회의 시스템은 큰 발전을 가져왔지만 회의 통제 불가 같은 단점과 정보 보안에 있어서의 취약점이 존재한다. 이에 본 논문에서는 비대칭키 암호 알고리즘과 OTP 및 티켓 시스템을 이용하여 기밀성과 회의 통제 기능을 추가한 다중 접속 도메인 시스템을 제안하고자 한다.

• Journal of KIISE:Computer Systems and Theory
• /
• v.34 no.7
• /
• pp.288-295
• /
• 2007

The illegal copying and redistribution of digitally-stored information is a crucial problem to distributors who electronically sell digital data. fingerprinting scheme is a technique which supports copyright protection to track redistributors of electronic information using cryptographic techniques. Anonymous asymmetric fingerprinting scheme prevents the merchant from framing a buyer by making the fingerprinted version known to the buyer only. And this scheme allows the buyer to purchase goods without revealing her identity to the seller. In this paper, a new anonymous asymmetric fingerprinting scheme with TTP is introduced. The buyer's fingerprint is generated by the Fingerprint Certificate Authority which is a TTP. When the seller embeds the fingerprint in the digital data, the protocol uses the homomorphic encryption scheme. Thus the seller cannot know the buyer's fingerprint and the buyer's anonymity is guaranteed by using anonymous key pair.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2003.05a
• /
• pp.782-786
• /
• 2003

It requires protection technologies to permit consumer to store a digital broadcasting content and at the same time to protect the intellectual property from illegal action. There is content encryption as one of protection technologies. In this paper, we proposed a protection scheme for digital broadcasting content that broadcasting server. Multiplexes the encryption key into MPEG-2 TS(transport stream) to be able to encrypt received TS at set top box. The proposed method is to modify PMT(program map table) for the information related encryption key and to multiplex key as TS packets. After then the encryption key is extracted from TS stream which is encrypted in set top box.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.16 no.1
• /
• pp.23-33
• /
• 2006

Key Agreement protocols are among the most basic and widely used cryptographic protocols. In this paper we present an efficient O-based authenticated key agreement (AKA) protocol by using bilinear maps, especially well suited to unbalanced computing environments : an ID-based AKA protocol for Server and Client. Particularly, considering low-power clients' devices, we remove expensive operations such as bilinear maps from a client side. Our protocol uses signcryption and provide security in random oracle model.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.15 no.3
• /
• pp.31-42
• /
• 2005

We consider a network storage model whose administrator can not be fully trusted. In this model, we assume that all data stored are encrypted for data confidentiality and one owner distributes the decryption key for each time period to users. In this paper, we propose three privilege management schemes. In the first scheme, called Temporal Privilege Management (TPM), we use a symmetric encryption based on one-way function chains for key encapsulation. In the second scheme, called Asymmetric Temporal Privilege Management (ATPM), anyone can encrypt the data using the public key of owner, but only privileged users can decrypt the encrypted data. Finally, we present a scheme to restrict writers' privilege using ID-based signatures in ATPM. In our schemes, the privilege managements are based on the time and the addition of users is efficient. Specially, applying TPM and ATPM, we can solve the back-issue problem.

• The KIPS Transactions:PartC
• /
• v.9C no.1
• /
• pp.1-8
• /
• 2002

Digital image watermarking is a technique for the purpose of protecting the ownership of the image by embedding proprietary watermarks in a digital image. It is required for the digital image watermarking scheme to pursue the robustness against water marking attacks and the perceptual Invisibility more than usual in steganography area, to guarantee not a hidden watermarking algorithm but the publicity of water-marking algorithm details and hidden use of key, which can protect the unauthorized user access from detection. In this paper we propose a new copyright watermarking scheme, which is barred on one-way hash functions using ElGamal functions and modular operations. ElGamal functions are widely used in cryptographic systems. Our watermarking scheme is robust against LSB(least significant bit) attacks and gamma correction attack, and also perceptually invisible. We demonstrate the characteristics of our proposed watermarking scheme through experiments. It is necessary to proceed as the future work the algorithm of achieving at the same time both the pseudo-randomness for the steno-key generation and the asymmetric-key generation.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.3
• /
• pp.459-466
• /
• 2017

One of the most widely-used open source project; OpenSSL is a cryptography library that is used to secure most web sites, servers and clients. One can secure the communication with the Secure Socket Layer (SSL) or its successor, Transport Layer Security (TLS) protocols by using the OpenSSL library. Since cryptography protocols will be updated and enhanced in order to keep the system protected, the library was written in such a way that simplifies the integration of new cryptographic methods, especially for the symmetric cryptography protocols. However, it gets a lot more complicated in adding an asymmetric cryptography protocol and no guide can be found for the integration of the asymmetric cryptography protocol. In this paper, we explained the architecture of the OpenSSL library and provide a simple tutorial to modify the OpenSSL library in order to accommodate custom protocols of both symmetric and asymmetric cryptography.

• Convergence Security Journal
• /
• v.24 no.1
• /
• pp.51-57
• /
• 2024

Although industrial control systems (ICSs) recently keep evolving with the introduction of Industrial IoT converging information technology (IT) and operational technology (OT), it also leads to a variety of threats and vulnerabilities, which was not experienced in the past ICS with no connection to the external network. Since various control command messages are sent to field devices of the ICS for the purpose of monitoring and controlling the operational processes, it is required to guarantee the message integrity as well as control center authentication. In case of the conventional message integrity codes and signature schemes based on symmetric keys and public keys, respectively, they are not suitable considering the asymmetry between the control center and field devices. Especially, compromised node attacks can be mounted against the symmetric-key-based schemes. In this paper, we propose message authentication scheme based on double hash chains constructed from cryptographic hash function without introducing other primitives, and then propose extension scheme using Merkle tree for multiple uses of the double hash chains. It is shown that the proposed scheme is much more efficient in computational complexity than other conventional schemes.

• The Transactions of the Korea Information Processing Society
• /
• v.4 no.6
• /
• pp.1565-1575
• /
• 1997

A new encryption algorithm had been proposed as a replacement to the Data Encryption Standard (DES) in [1,2]. It called the Extended DES (EDES) has a key length of 112 bits. The plaintext data consists of 96 bits divided into 3 sub-blocks of 32 bits each. The EDES has a potentially higher resistance to differential cryptanalysis that the DES due to the asymmetric number of f functions performed on each of the 3 sub-blocks and due to the increase of S-boxes from 8 to 16. This paper propose a hardware design for the EDES and its implementation in VLSI. The VLSI chip implements data encryption and decryption in a single hardware unit. With a system clock frequency of 15Mhz the device permits a data conversion rate of about 90Mbit/sec. Therefore, the chip can be applied to on-line encryption in high-speed networking protocols.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.19 no.6
• /
• pp.23-35
• /
• 2009

Password-Authenticated Key Exchange (PAKE) Protocol is a useful tool for secure communication conducted over open networks without sharing a common secret key or assuming the existence of the public key infrastructure (PKI). It seems difficult to design efficient PAKE protocols using RSA, and thus many PAKE protocols are designed based on the Diffie-Hellman key exchange (DH-PAKE). Therefore it is important to design an efficient PAKE based on RSA function since the function is suitable for designing a PAKE protocol for imbalanced communication environment. In this paper, we propose a computationally-efficient key exchange protocol based on the RSA function that is suitable for low-power devices in imbalanced environment. Our protocol is more efficient than previous RSA-PAKE protocols, required theoretical computation and experiment time in the same environment. Our protocol can provide that it is more 84% efficiency key exchange than secure and the most efficient RSA-PAKE protocol CEPEK. We can improve the performance of our protocol by computing some costly operations in offline step. We prove the security of our protocol under firmly formalized security model in the random oracle model.