• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.20 no.5
• /
• pp.550-558
• /
• 2019

As the scale of the Internet of Things (IoT) environment grows and develops day by day, the information collected and shared through IoT devices becomes increasingly diverse and more common. However, because IoT devices have limitations on computing power and a low power capacity due to their miniaturized size, it is difficult to apply security technologies like encryption and authentication that have been directly applied in the previous Internet environment, making the IoT vulnerable to security threats. Because of this weakness, important information that needs to be delivered safely and accurately is exposed to the threat of malicious exploitation, such as data forgery, data leakage, and infringement of personal information. In order to overcome this threat, various security studies are being actively conducted to compensate for the weaknesses in IoT environment devices. In particular, since various devices interact, and share and communicate information collected in the IoT environment, each device should be able to communicate with reliability. With regard to this, various studies have been carried out on techniques for device authentication. This study examines the limitations and problems of the authentication techniques that have been studied thus far, and proposes technologies that can certify IoT devices for safe communication between reliable devices in the Internet environment.

• Journal of the Korea Society of Computer and Information
• /
• v.26 no.4
• /
• pp.1-9
• /
• 2021

In this paper, we propose a training algorithm of support vector machine (SVM) with a sensitive variable. Although machine learning models enable automatic decision making in the real world applications, regulations prohibit sensitive information from being used to protect privacy. In particular, the privacy protection of the legally protected attributes such as race, gender, and disability is compulsory. We present an efficient least square SVM (LSSVM) training algorithm using a fully homomorphic encryption (FHE) to protect a partial sensitive attribute. Our framework posits that data owner has both non-sensitive attributes and a sensitive attribute while machine learning service provider (MLSP) can get non-sensitive attributes and an encrypted sensitive attribute. As a result, data owner can obtain the encrypted model parameters without exposing their sensitive information to MLSP. In the inference phase, both non-sensitive attributes and a sensitive attribute are encrypted, and all computations should be conducted on encrypted domain. Through the experiments on real data, we identify that our proposed method enables to implement privacy-preserving sensitive LSSVM with FHE that has comparable performance with the original LSSVM algorithm. In addition, we demonstrate that the efficient sensitive LSSVM with FHE significantly improves the computational cost with a small degradation of performance.

• Journal of Internet Computing and Services
• /
• v.20 no.5
• /
• pp.95-104
• /
• 2019

Various kinds of devices are used for the Internet of Things (IoT) service, and IoT devices mainly use communication technology that uses the frequency of the unlicensed band. There are several types of communication technology in the unlicensed band, but WiFi is most commonly used. Devices used for IoT services vary in computing resources from devices with limited capabilities to smartphones and provide services over wireless networks such as WiFi. Most IoT devices can't perform complex operations for network control, thus they choose a WiFi access point (AP) based on signal strength. This causes a decrease in IoT service efficiency. In this paper, an intelligent AP system that can efficiently control the WiFi connection of the IoT devices is implemented. Based on the network information measured by the IoT device, the access point learns using a feed forward neural network algorithm, and predicts a network connection state to control the WiFi connection. By controlling the WiFi connection at the AP, the service efficiency of the IoT device can be improved.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.9 no.4
• /
• pp.11-22
• /
• 1999

Least-mean-square(LMS) adaptive filters have proven to be extremely useful in a number of signal processing tasks. However LMS adaptive filter suffer from a slow rate of convergence for a given steady-state mean square error as compared to the behavior of recursive least squares adaptive filter. In this paper an efficient signal interference control technique is introduced to improve the convergence speed of LMS algorithm with tap weighted vectors updating which were controled by reusing data which was abandoned data in the Adaptive transversal filter in the scheme with data recycling buffers. The computer simulation show that the character of convergence and the value of MSE of proposed algorithm are faster and lower than the existing LMS according to increasing the step-size parameter $\mu$ in the experimentally computed. learning curve. Also we find that convergence speed of proposed algorithm is increased by (B+1) time proportional to B which B is the number of recycled data buffer without complexity of computation. Adaptive transversal filter with proposed data recycling buffer algorithm could efficiently reject ISI of channel and increase speed of convergence in avoidance burden of computational complexity in reality when it was experimented having the same condition of LMS algorithm.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.11 no.1
• /
• pp.13-23
• /
• 2001

This paper implemented into hardware SEED which is the KOREA standard 128-bit block cipher. First, at the respect of hardware implementation, we compared and analyzed SEED with AES finalist algorithms - MARS, RC6, RIJNDAEL, SERPENT, TWOFISH, which are secret key block encryption algorithms. The encryption of SEED is faster than MARS, RC6, TWOFISH, but is as five times slow as RIJNDAEL which is the fastest. We propose a SEED hardware architecture which improves the encryption speed. We divided one round into three parts, J1 function block, J2 function block J3 function block including key mixing block, because SEED repeatedly executes the same operation 16 times, then we pipelined one round into three parts, J1 function block, J2 function block, J3 function block including key mixing block, because SEED repeatedly executes the same operation 16 times, then we pipelined it to make it more faster. G-function is implemented more easily by xoring four extended 4 byte SS-boxes. We tested it using ALTERA FPGA with Verilog HDL. If the design is synthesized with 0.5 um Samsung standard cell library, encryption of ECB and decryption of ECB, CBC, CFB, which can be pipelined would take 50 clock cycles to encrypt 384-bit plaintext, and hence we have 745.6 Mbps assuming 97.1 MHz clock frequency. Encryption of CBC, OFB, CFB and decryption of OFB, which cannot be pipelined have 258.9 Mbps under same condition.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.14 no.5
• /
• pp.109-119
• /
• 2004

The home network environment can be defined as a network environment, connecting digital home devices such as computer systems, digital appliances, and mobile devices. In this kind of home network environments, there will be numerous local/remote interactions to monitor and control the home network devices and the home gateway. Such an environment may result in communication bottleneck. By applying the mobile agents that can migrate among the computing devices autonomously and work on behalf of the user, remote interactions and network traffics can be reduced enormously. The mobile agent authentication is necessary to apply mobile agent concept to the home network environments, as a prerequisite technology for authorization or access control to the home network devices and resources. The existing mobile agent systems have mainly used the public key based authentication scheme, which is not suitable to the home network environments, composed of digital devices of limited computation capability. In this paper, we propose a shared key based mobile agent authentication scheme for single home domain and expand the scheme to multiple domain environments with the public key based authentication scheme. Application of the shared key encryption scheme to the single domain mobile agent authentication enables to authenticate the mobile agent with less overhead than the public key based authentication scheme.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.15 no.2
• /
• pp.23-36
• /
• 2005

The main obstacle hindering the wide deployment of identity-based cryptosystem is that the entity responsible for creating the private key has too much power. As a result, private keys are no longer private. One obvious solution to this problem is to apply the threshold technique. However, this increases the authentication computation, and communication cost during the key issuing phase. In this paper, we propose a new effi ient model for issuing multiple private keys in identity-based encryption schemes based on the Weil pairing that also alleviates the key escrow problem. In our system, the private key of a user is divided into two components, KGK (Key Description Key) and KUD(Key Usage Desscriptor), which are issued separately by different parties. The KGK is issued in a threshold manner by KIC (Key Issuing Center), whereas the KW is issued by a single authority called KUM (Key Usage Manager). Changing KW results in a different private key. As a result, a user can efficiently obtain a new private key by interacting with KUM. We can also adapt Gentry's time-slot based private key revocation approach to our scheme more efficiently than others. We also show the security of the system and its efficiency by analyzing the existing systems.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.2
• /
• pp.39-47
• /
• 2008

Among previous Side Channel Analysis (SCA) methods, Differential Power Analysis (DPA) based on the statistical characteristics of collected signals has been known as an efficient attack for uncovering secret key of cryptosystems. However, the attack performance of this method is affected very much by the temporal misalignment and noise of collected side channel signals. In this paper, we propose a new method to surmount the noise problem in DPA. The performance of the proposed method is then evaluated while analyzing the power consumption signals of Micro-controller chips during a DES operation. Its performance is then compared to that of the original DPA in the time and frequency domains. When we compare the experimental results with respect to the needed number of traces to uncover the secret key, our proposed method shows the performance enhancement 33% in the time domain and 50% in the frequency domain.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.2
• /
• pp.3-10
• /
• 2008

The choice of basis for representation of element in $GF(2^m)$ affects the efficiency of a multiplier. Among them, a multiplier using redundant representation efficiently supports trade-off between the area complexity and the time complexity since it can quickly carry out modular reduction. So time of a previous multiplier using redundant representation is faster than time of multiplier using others basis. But, the weakness of one has a upper space complexity compared to multiplier using others basis. In this paper, we propose a new efficient multiplier with consideration that polynomial exponentiation operations are frequently used in cryptographic hardwares. The proposed multiplier is suitable fer left-to-right exponentiation environment and provides efficiency between time and area complexity. And so, it has both time delay of $T_A+({\lceil}{\log}_2m{\rceil})T_x$ and area complexity of (2m-1)(m+s). As a result, the proposed multiplier reduces $2(ms+s^2)$ compared to the previous multiplier using equally-spaced polynomials in area complexity. In addition, it reduces $T_A+({\lceil}{\log}_2m+s{\rceil})T_x$ to $T_A+({\lceil}{\log}_2m{\rceil})T_x$ in the time complexity.($T_A$:Time delay of one AND gate, $T_x$:Time delay of one XOR gate, m:Degree of equally spaced irreducible polynomial, s:spacing factor)

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.6A
• /
• pp.139-149
• /
• 2008

The amount of personal information collected by organizations and government agencies is continuously increasing. When a data collector publishes personal information for research and other purposes, individuals' sensitive information should not be revealed. On the other hand, published data is also required to provide accurate statistical information for analysis. k-Anonymity and ${\iota}$-diversity models are popular approaches for privacy preserving data publication. However, they are limited to static data release. After a dataset is updated with insertions and deletions, a data collector cannot safely release up-to-date information. Recently, the m-invariance model has been proposed to support re-publication of dynamic datasets. However, the m-invariant generalization can cause high information loss. In addition, if the adversary already obtained sensitive values of some individuals before accessing released information, the m-invariance leads to severe privacy disclosure. In this paper, we propose a novel technique for safely releasing dynamic datasets. The proposed technique offers a simple and effective method for handling inserted and deleted records without generalization. It also gives equivalent degree of privacy preservation to the m-invariance model.