• Journal of KIISE:Computer Systems and Theory
• /
• v.26 no.8
• /
• pp.918-929
• /
• 1999

동기식 스트림 암호통신 방식을 사용하는 암호통신에서는 암/복호화 과정 수행시 암호통신 과정에서 발생하는 사이클슬립으로 인해 키수열의 동기이탈 현상이 발생되고 이로 인해 오복호된 데이타를 얻게된다. 이러한 위험성을 감소하기 위한 방안으로 현재까지 암호문에 동기신호와 세션키를 주기적으로 삽입하여 동기를 이루는 주기적인 동기암호 통신방식을 사용하여 왔다. 본 논문에서는 CDMA(Cellular Division Multiple Access) 이동망에서 데이타서비스를 제공할 때 사용되는 점대점 프로토콜의 주소영역의 특성을 이용하여 단위 측정시간 동안 측정된 주소비트 정보와 플래그 패턴의 수신률을 이용하여 문턱 값보다 작은경우 동기신호와 세션키를 전송하는 비주기적인 동기방식을 사용하므로써 종래의 주기적인 동기방식으로 인한 전송효율성 저하와 주기적인 상이한 세션키 발생 및 다음 주기까지의 동기이탈 상태의 지속으로 인한 오류확산 등의 단점을 해결하였다. 제안된 알고리즘을 링크계층의 점대점 프로토콜(Point to Point Protocol)을 사용하는 CDMA 이동망에서 동기식 스트림 암호 통신방식에 적용시 동기이탈율 10-7의 환경에서 주기가 1sec인 주기적인 동기방식에서 요구되는 6.45x107비트에 비해 3.84x105비트가 소요됨으로써 전송율측면에서의 성능향상과 오복호율과 오복호 데이타 비트측면에서 성능향상을 얻었다. Abstract In the cipher system using the synchronous stream cipher system, encryption / decryption cause the synchronization loss (of key arrangement) by cycle slip, then it makes incorrect decrypted data. To lessen the risk, we have used a periodic synchronous cipher system which achieve synchronization at fixed timesteps by inserting synchronization signal and session key. In this paper, we solved the problem(fault) like the transfer efficiency drops by a periodic synchronous method, the periodic generations of different session key, and the incorrectness increases by continuing synchronization loss in next time step. They are achieved by the transfer of a non-periodic synchronous signal which carries synchronous signal and session key when it is less than the threshold value, analyzing the address field of point-to-point protocol, using the receiving rate of address bits information and flag patterns in the decision duration, in providing data services by CDMA mobile network. When the proposed algorithm is applied to the synchronous stream cipher system using point-to-point protocol, which is used data link level in CDMA mobile network, it has advanced the result in Rerror and Derror and in transmission rate, by the use of 3.84$\times$105bits, not 6.45$\times$107bits required in periodic synchronous method, having lsec time step, in slip rate 10-7.

• Journal of KIISE:Information Networking
• /
• v.29 no.5
• /
• pp.583-594
• /
• 2002

Assuring the security of group communications such as tole-conference and software distribution requires a common group key be shared among the legal members in a secure manner. Especially for large groups with frequent membership change, efficient rekey mechanism is essential for scalability. One of the most popular ways to provide sealable rekey is to partition the group into several subgroups. In this paper, we propose a two-layered key management scheme which combines DEP and CBT, a protocol in which subgroup manager cannot access the multicast data and another that has a multi-core, respectively. We also select sub-group key management protocols suitable for our structure and design new rekey protocols to exclude the subgroup managers from the multicast data. Compared to previous protocols based on CBT, our scheme provides forward secrecy, backward secrecy and scalability. This would reduce the number of encryption and decryption for a rekey message and would improve the efficiency number of rekey messages and the amount of information related to group members that group managers must maintain compared to DEP.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.38B no.12
• /
• pp.944-953
• /
• 2013

Recently, a storage media is becoming smaller and storage capacity is also becoming larger than before. However, important data was leaked through a small storage media. To solve these serious problem, many security companies manufacture secure USBs with secure function, such as data encryption, user authentication, not copying data, and management system for secure USB, etc. But various attacks, such as extracting flash memory from USBs, password hacking or memory dump, and bypassing fingerprint authentication, have appeared. Therefore, security techniques related to secure USBs have to concern many threats for them. The basic components for a secure USB are secure authentication and data encryption techniques. Though existing secure USBs applied password based user authentication, it is necessary to develop more secure authentication because many threats have appeared. And encryption chipsets are used for data encryption however we also concern key managements. Therefore, this paper suggests mutual device authentication based on PUF (Physical Unclonable Function) between USBs and the authentication server and key management without storing the secret key. Moreover, secure USB is systematically managed with metadata and authentication information stored in authentication server.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.11 no.5
• /
• pp.1693-1701
• /
• 2010

In this paper, requirements of efficient group key creation in multiple hierarchy structure environment with clear distinction of hierarchical roles within organizations are explained and the method of creating a group key that satisfies such requirements is proposed. The proposed method creates the group key through logical sum operation of hierarchy identifier created using uni-directional hash chain and group identifier randomly created according to the access right. The problem of excessive possession of key information by upper group users in the existing static group key creation technique was resolved. At the same time, lower group users were prevented from deducing key information of upper group users. In addition, as a result of comparative analysis performed with an experiment on existing super group key creation technique and multiple hierarchy group key method, the proposed method was found to be equivalent or superior to existing method in terms of various items including the total number of keys created, the number of keys possessed by users, the number of keys used for encoding and decoding of information, and expandability of keys.

• Journal of Convergence for Information Technology
• /
• v.7 no.4
• /
• pp.105-111
• /
• 2017

With the emergence of the fourth industrial revolution, more and more attempts have been made to apply IoT technology to the manufacturing process and launch the product. In this paper, we propose IoT authentication scheme based on hash chain which can easily apply IoT device to small and medium enterprises in Korea. In the proposed method, the companies that installed IoT devices suitable for the manufacturing environment are selected to maintain the linkage between IoT devices so that product information and release information can be efficiently collected and managed during the entire manufacturing process. In addition, the proposed scheme is characterized in that it does not require an additional encryption / decryption algorithm because the authentication information of the IoT device is constructed based on a hash chain. As a result of the performance evaluation, the efficiency of the manufacturing process was improved by 18.5% and the processing of the manufacturing process with the IoT device was shortened by 20.1% on the average according to the application of the IoT device. In addition, the labor cost reduction costs in the manufacturing process decreased by an average of 30.7%.

• Journal of KIISE:Computing Practices and Letters
• /
• v.12 no.3
• /
• pp.192-207
• /
• 2006

Today, the SSL protocol has been used as core part in various computing environments or security systems. But, the SSL protocol has several problems, because of the rigidity on operating. First, SSL protocol brings considerable burden to the CPU utilization so that performance of the security service in encryption transaction is lowered because it encrypts all data which is transferred between a server and a client. Second, SSL protocol can be vulnerable for cryptanalysis due to the key in fixed algorithm being used. Third, it is difficult to add and use another new cryptography algorithms. Finally. it is difficult for developers to learn use cryptography API(Application Program Interface) for the SSL protocol. Hence, we need to cover these problems, and, at the same time, we need the secure and comfortable method to operate the SSL protocol and to handle the efficient data. In this paper, we propose the SSL component which is designed and implemented using CBD(Component Based Development) concept to satisfy these requirements. The SSL component provides not only data encryption services like the SSL protocol but also convenient APIs for the developer unfamiliar with security. Further, the SSL component can improve the productivity and give reduce development cost. Because the SSL component can be reused. Also, in case of that new algorithms are added or algorithms are changed, it Is compatible and easy to interlock. SSL Component works the SSL protocol service in application layer. First of all, we take out the requirements, and then, we design and implement the SSL Component, confidentiality and integrity component, which support the SSL component, dependently. These all mentioned components are implemented by EJB, it can provide the efficient data handling when data is encrypted/decrypted by choosing the data. Also, it improves the usability by choosing data and mechanism as user intend. In conclusion, as we test and evaluate these component, SSL component is more usable and efficient than existing SSL protocol, because the increase rate of processing time for SSL component is lower that SSL protocol's.

• Journal of the Korean Institute of Traditional Landscape Architecture
• /
• v.29 no.3
• /
• pp.40-51
• /
• 2011

The purpose of the study was to understand the symbol and locational meanings in building and relocating Gwangje-jeong(光霽亭) through the analysis and interpretation on the construction background, history, the location and its characteristics. Concerning physical environment, human activities, the symbol and meanings of the formal Gwangje-jeong site and the present location, the study was concluded about the site and its meaning of tradition as following. Gwangje, the name of the pavilion, represents the fidelity of Maedang(梅堂) Yangdon(楊墩) who refused as Seonbee(a man of virtue) to be tainted with the corrupt world, which was related with the situation at that time. It implies Maedang's feeling of realizing Noojeongjeyong(樓亭題詠) of Gwangje-jeong along with the high spirit of Gwangpoongjewol(光風霽月). According to the record about rebuilding Gwangje-jeong, Maedang was the very person who planted plum flowers at the pavilion and put up the tablet of its name, Gwangje. Even after his death, Gwangje-jeong was the symbol indicating Yangdon, given the triple high ground and the planting of plum flowers. Also, Sookho(宿虎) town at the entrance of Gwangje-jeong and Bokhoam(伏虎巖: a rock) at the right side of the pavilion signifies the location for praising Maedang Yangdon, and the Yangjipha's Oensi(五言詩: five words verse) engraved on the rock gives a good description about the place, Agyesa that worshiped Yangdon. As Agye-Sa(阿溪祠) where Yangdon was worshiped and praised had been abolished in the 5th year under the Kojong's reign(1868), the spirit praising Maedang had finally been used for the relocation of Gwangje-jeong. Despite the relocation of Gwangje-jeong, the old Gwangje-jeong site has remained at least for 359years at Hucheonli, and its surroundings have maintained the name 'Gwangje' as the front place name morpheme, for example, 'Gwangje-jeong,' 'Gwangje Town,' 'Gwangje Bridge' and 'Gwangje Creek,' for symbolizing the praising of Maedang. Gwangje-jeong, as the center place of solidarity among Namwon Yang's family clan, has been able to maintain its symbol and meanings in spite of relocation, mainly because of the fellowship among the descendants, family clan and alumni who respected virtuous achievements of ancestors and shared the agony of the time. In addition, the symbolism has been preserved since the spirit of Gwangpoonjewol of Yangdon and his high character were cherished along with the spirit of Bongseon(奉先) that inherited and kept virtuous achievements of ancestors.