• Proceedings of the Korea Information Processing Society Conference
• /
• 2003.05c
• /
• pp.2245-2248
• /
• 2003

본 논문에서는 Kerberos 인증 메커니즘과 Kerberos에 공개키기반의 환경을 결합시킨 PKINIT, PKTAPP, PKCROSS을 비교 분석하였다. 각 인증 메커니즘에서 키 교환을 위환 비밀키 및 공개키의 암 복호화, 서명 및 서명검증 등의 횟수를 분석하고 이를 기반으로 실제 인증에 소요되는 연산시간을 비교하였다. 분석 방법 및 견과를 다양한 환경에 적용한 적절한 인증 메커니즘을 선택하는데 활용할 수 있으며, 특히 모바일과 같은 연산능력이 제한되는 환경에 적합한 인증 기법 개발에 적용시키고자 한다.

• Proceedings of the Korean Information Science Society Conference
• /
• 2003.04a
• /
• pp.284-286
• /
• 2003

VPN을 고속화하기 위한 패킷처리 가속기롤 설계.구현하고 그 성능을 평가하였다. 본 논문에서 구현된 패킷처리 가속기는 IPIP처리, 암/복호 처리, HASH 처리, 무결성 검사 등의 IPsec 패킷처리 기능을 내장하고 있다. 기능 및 성능 시험을 통하여 최대 1Gbps이상의 속도로 패킷을 처리할 수 있다는 결과를 얻었다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.1
• /
• pp.11-18
• /
• 2013

In order to prevent tampering and reverse engineering of executive code, this paper propose a new tamper resistant software mechanism. This paper presents a cryptographic MAC function and a relationship which has its security level derived by the importance of code block instead of by merely getting the encryption and decryption key from the previous block. In this paper, we propose a cryptographic MAC function which generates a dynamic MAC function key instead of the hash function as written in many other papers. In addition, we also propose a relationships having high, medium and low security levels. If any block is determined to have a high security level then that block will be encrypted by the key generated by the related medium security level block. The low security block will be untouched due to efficiency considerations. The MAC function having this dynamic key and block relationship will make analyzing executive code more difficult.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.34 no.12B
• /
• pp.1407-1417
• /
• 2009

We propose a e-document management system that can provide segmented page information on a document according to different levels of authority from access control environment. The proposed system creates hierarchy identifier using a one-way hash chain and therefore does not need to own key information for all users as in existing system. Also by creating group keys by compounding hash chain hierarchy identifier with randomly formed group identifier, the system can flexibly respond to dynamic changes from group member movements while at the same time resolving the problems of key formation and management in document encoding technique using symmetric key for each page. Lastly as a result of comparative analysis through an experiment with existing e-document management systems, the proposed system showed superiority in the efficiency of encoding and decoding document and the speed of encoding and decoding by the pages.

• Journal of Digital Convergence
• /
• v.14 no.12
• /
• pp.155-164
• /
• 2016

In this paper, we investigate and analyze big data platform published at home and abroad. The results had a problem with personal information security on each platform. In particular, there was a vulnerability in the encryption of personal information stored in big data representative of HBase NoSQL DB that is commonly used for big data platform. However, data encryption and decryption cause the system load. In this paper, we propose a method of encryption with HBase, encryption and decryption systems, and methods for applying the personal information management system (PMIS) for each step of the way and big data platform to reduce the load on the network to communicate. And we propose a new big data platform that reflects this. Therefore, the proposed Big Data platform will greatly contribute to the activation of Big Data used to obtain personal information security and system performance efficiency.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.17 no.2
• /
• pp.83-92
• /
• 2007

In connectionless packet network, if a sender encrypts packets by block chaining mode and send it to receiver, the receiver should decrypt packets in encrypted order that is not received order. Therefore, the performance and efficiency are lowered for crypto communication system. To solve this problem, we propose packet encryption scheme for connectionless packet network that can decrypt the packets independently, even if the received order of packets are changed or packets are missed. The scheme makes new IV(Initial Vector) using IV that created by key exchange process and salt that made by random number. We propose extended Cryptoki API that added packet encryption/decryption functions and mechanism for improving convenience and performance. We implement the scheme and get result that the performance increased about $1.5{\sim}l5.6$ times compare with in case of implementing using Cryptoki API in the test environment.

• The Journal of the Korea Contents Association
• /
• v.6 no.11
• /
• pp.1-7
• /
• 2006

In this paper, a SOAP based ebXML cryptography system is proposed for the optimum XML document encryption using RSA algorithm in e-Marketplace. And ciphering algorithms of DES, 3DES, RSA, and proposed RSA were used for the performance analysis of ebXML cryptography system. The network performance of ciphering and deciphering times is evaluated for its enhancement of SOAP based ebXML ciphering e-Marketplace systems using the same block and document sizes by computer simulations.

• Journal of the Korean Institute of Intelligent Systems
• /
• v.20 no.1
• /
• pp.76-80
• /
• 2010

It is floating to security of information and the early assignment that it is important it processes and to transmit in inundations of information that I changed suddenly. I used the encryption/decryption process that applied simple substitution and mathematical calculation algorithm at theory and encryption transmission steps protective early information. Hardware and financial loss are using spurious random number to be satisfied with the random number anger that isn't real random number to size so much perfect information protection using One-time pad for applying this. I was transformed into serial test under a test to prove spurious random number anger, and it is into random number anger stronger, and the transformation serial test that proposes is proving it in algorithm speed and efficiency planes.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.20 no.4
• /
• pp.786-792
• /
• 2016

Camellia was jointly developed by Nippon Telegraph and Telephone Corporation and Mitsubishi Electric Corporation in 2000. Camellia specifies the 128-bit message block size and 128-, 192-, and 256-bit key sizes. In this paper, a modified round operation block which unifies a register setting for key schedule and a conventional round operation block is proposed. 16 ROMs needed for key generation and round operation are implemented using only 4 dual-port ROMs. Due to the use of a message buffer, encryption/decryption can be executed without a waiting time immediately after KA and KB are calculated. The suggested block cipher Camellia algorithm is designed using Verilog-HDL, implemented on Virtex4 device and operates at 184.898MHz. The designed cryptographic core has a maximum throughput of 1.183Gbps in 128-bit key mode and that of 876.5Mbps in 192 and 256-bit key modes. The cryptographic core of this paper is applicable to security module of the areas such as smart card, internet banking, e-commerce and satellite broadcasting.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.6
• /
• pp.1345-1354
• /
• 2012

The modern society with the wide spread USB memory, witnesses the acceleration in the development of USB products that applied secure technology. Secure USB is protecting the data using the method as device-based access control, encryption of stored files, and etc. In terms of forensic analyst, to access the data is a lot of troubles. In this paper, we studied software-based data en/decryption technology and proposed for analysis mechanism to validation vulnerability that secured on removable storage media. We performed a vulnerability analysis for USB storage device that applied security mechanism. As a result, we found vulnerabilities that extracts a source file without a password.