• ETRI Journal
• /
• 제38권1호
• /
• pp.123-132
• /
• 2016

The Boneh, Goh, and Nissim (BGN) cryptosytem is the first homomorphic encryption scheme that allows additions and multiplications of plaintexts on encrypted data. BGN-type cryptosystems permit very small plaintext sizes. The best-known approach for the expansion of a message size by t times is one that requires t implementations of an initial scheme; however, such an approach becomes impractical when t is large. In this paper, we present a method of message expansion of BGN-type homomorphic encryption using composite product pairing, which is practical for relatively large t. In addition, we prove that the indistinguishability under chosen plaintext attack security of our construction relies on the decisional Diffie-Hellman assumption for all subgroups of prime order of the underlying composite pairing group.

• 한국멀티미디어학회논문지
• /
• 제10권1호
• /
• pp.58-65
• /
• 2007

본 논문에서는 MPEG 기반의 동영상 데이터를 보호하기 위한 알고리즘을 제안하였다. 기존의 고정된 셔플링 테이블을 사용하는 단순 전치 암호화의 경우 계산량이 적은 반면에 선택적 평문 공격에 취약한 난점을 가지고 있다. 이러한 단점을 보완하기 위해서는 프레임 단위로 셔플링 테이블을 동적으로 생성해야 하는데 이 경우, 동적인 셔플링 테이블 생성 시간과 키를 관리하는 것이 문제가 된다. 이러한 문제를 해결하기 위해 영상의 특징에 따라 적응적으로 변하는 인터리빙 알고리즘을 제안하고 이를 이용하여 DPCM 처리된 8*8 블록을 셔플링하여 일차적으로 영상을 스크램블링한 후 기존의 랜덤 셔플링 테이블을 이용하여 최종적으로 영상을 암호화하였다. 실험 결과 기존의 SEED를 이용한 암호화 방식에 비해 수행 시간이 약 10% 정도에 불과했고 암호화에 따른 압축률 감소 등의 문제는 보이지 않았다. 동영상 암호화는 인트라 프레임에 대해서는 정지영상과 통일한 방식의 암호화 방법을 적용하고 예측 프레임에서는 DC 계수 및 AC 계수에 비해 상대적으로 데이터량이 적으면서 암호화 효과가 좋은 움직임 벡터를 대상으로 암호화하였고 예측 프레임내의 인트라블록에 의한 암호화 효과가 떨어지는 것을 방지하기 위해 매크로 블록 셔플링 알고리즘을 이용하였다.

• 한국통신학회논문지
• /
• 제16권1호
• /
• pp.101-114
• /
• 1991

DES like 암호계에서 S(ubstitution) box는 암호계의 비선형성과 안전성을 결정하는 가장 중요한 요소이다. 본 논문에서는 입력의 임의의 한 빗도의 변화에 대하여 모든 출력 빗트가 1/2의 확률로 변화하는 SAC(Strict Avalanche Criterion) 조건을 만족하는 비설형 S-box의 구성 방법과 어울려, 최대차 SAC 조건을 만족하는 bijective S-box의 구성 방법에 대하여도 제안하였다. 또한, 제안한 구성 방법에 의한 S-box의 실례를 제시하였다.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제7권5호
• /
• pp.1343-1356
• /
• 2013

Cloud computing has emerged as perhaps the hottest development in information technology at present. This new computing technology requires that the users ensure that their infrastructure is safety and that their data and applications are protected. In addition, the customer must ensure that the provider has taken the proper security measures to protect their information. In order to achieve fine-grained and flexible access control for cloud computing, a new construction of hierarchical attribute-based encryption(HABE) with Ciphertext-Policy is proposed in this paper. The proposed scheme inherits flexibility and delegation of hierarchical identity-based cryptography, and achieves scalability due to the hierarchical structure. The new scheme has constant size ciphertexts since it consists of two group elements. In addition, the security of the new construction is achieved in the standard model which avoids the potential defects in the existing works. Under the decision bilinear Diffie-Hellman exponent assumption, the proposed scheme is provable security against Chosen-plaintext Attack(CPA). Furthermore, we also show the proposed scheme can be transferred to a CCA(Chosen-ciphertext Attack) secure scheme.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제15권2호
• /
• pp.600-616
• /
• 2021

SIMON and SPECK are two families of lightweight block ciphers that have excellent performance on hardware and software platforms. At CRYPTO 2019, Gohr first introduces the differential cryptanalysis based deep learning on round-reduced SPECK32/64, and finally reduces the remaining security of 11-round SPECK32/64 to roughly 38 bits. In this paper, we are committed to evaluating the safety of SIMON cipher under the neural differential cryptanalysis. We firstly prove theoretically that SIMON is a non-Markov cipher, which means that the results based on conventional differential cryptanalysis may be inaccurate. Then we train a residual neural network to get the 7-, 8-, 9-round neural distinguishers for SIMON32/64. To prove the effectiveness for our distinguishers, we perform the distinguishing attack and key-recovery attack against 15-round SIMON32/64. The results show that the real ciphertexts can be distinguished from random ciphertexts with a probability close to 1 only by 2^8.7 chosen-plaintext pairs. For the key-recovery attack, the correct key was recovered with a success rate of 23%, and the data complexity and computation complexity are as low as 2⁸ and 2^20.1 respectively. All the results are better than the existing literature. Furthermore, we briefly discussed the effect of different residual network structures on the training results of neural distinguishers. It is hoped that our findings will provide some reference for future research.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제15권12호
• /
• pp.4508-4530
• /
• 2021

Today distributed data storage service are being widely used. However lack of proper means of security makes the user data vulnerable. In this work, we propose a Randomized Block Size (RBS) model for secure data storage in distributed environments. The model work with multifold block sizes encrypted with the Chinese Remainder Theorem-based RSA (C-RSA) technique for end-to-end security of multimedia data. The proposed RBS model has a key generation phase (KGP) for constructing asymmetric keys, and a rand generation phase (RGP) for applying optimal asymmetric encryption padding (OAEP) to the original message. The experimental results obtained with text and image files show that the post encryption file size is not much affected, and data is efficiently encrypted while storing at the distributed storage server (DSS). The parameters such as ciphertext size, encryption time, and throughput have been considered for performance evaluation, whereas statistical analysis like similarity measurement, correlation coefficient, histogram, and entropy analysis uses to check image pixels deviation. The number of pixels change rate (NPCR) and unified averaged changed intensity (UACI) were used to check the strength of the proposed encryption technique. The proposed model is robust with high resilience against eavesdropping, insider attack, and chosen-plaintext attack.

• 정보보호학회논문지
• /
• 제28권4호
• /
• pp.803-807
• /
• 2018

Fantomas와 Robin은 FSE 2014에서 제안된 경량 블록암호 패밀리 LS-designs에 포함되는 블록암호로, 비트슬라이스 구현이 가능한 L-Box와 S-Box를 사용하여 부채널 분석 대응기법인 마스킹 기법을 효율적으로 적용할 수 있도록 설계되었다. 본 논문은 연관키 차분경로 분석을 통한 Fantomas와 Robin의 전체 128비트 키의 복구공격이 각각 $2^{56}$, $2^{72}$의 시간 복잡도와 $2^{52}$, $2^{69}$개의 선택 평문으로 가능함을 보인다.

• 정보보호학회논문지
• /
• 제12권6호
• /
• pp.59-69
• /
• 2002

1993년도에 선형 공격이 Matsui에 의해 제안된 이후에 이를 개량한 여러 선형 공격들이 등장하였다. 그 중에 한가지는 B. Kaliski와 M. Robshaw에 의한 방법인데, 이 방법은 여러 개의 독립적인 선형 근사식을 동시에 이용하여 블록 암호를 공격하는 새로운 방법이였다. 이 방법은 선형 공격 보다 더 적은 기지 평문수를 요구한다는 장점은 있었지만 실제로 그들의 방법을 블록 암호에 적용하는 데에는 문제점이 있었다. 본 고에서는 그러한 문제점을 해결하면서 동시에 여러 개의 독립적인 선형 근사식을 이용할 수 있는 방법을 제시한다. 본 고에서 제시된 방법을 이용했을때 선형 공격에 비해 8,16 라운드 DES에 대해 5배,1.25배 더 적은 기지 평문을 가지고 각각 95%, 86% 확률로 공격에 성공할 수 있었으며, 또한 선택 평문을 이용한 L. R. Knudsen과 J. E. Mathiassen의 방법을 본 고에서 제시한 방법에 접목하면, 약 $2^{40.6}$개 이하의 기지 평문들을 이용하여 86% 성공 확률로 키 15 비트를 찾을 수 있다. 이 결과는 현재까지 DES에 대한 공격 중 가장 우수한 결과이다.

• Journal of the Optical Society of Korea
• /
• 제20권1호
• /
• pp.42-54
• /
• 2016

A hybrid color and grayscale images encryption scheme based on the quaternion Hartley transform (QHT), the two-dimensional (2D) logistic map, the double random phase encoding (DRPE) in gyrator transform (GT) domain and the three-step phase-shifting interferometry (PSI) is presented. First, we propose a new color image processing tool termed as the quaternion Hartley transform, and we develop an efficient method to calculate the QHT of a quaternion matrix. In the presented encryption scheme, the original color and grayscale images are represented by quaternion algebra and processed holistically in a vector manner using QHT. To enhance the security level, a 2D logistic map-based scrambling technique is designed to permute the complex amplitude, which is formed by the components of the QHT-transformed original images. Subsequently, the scrambled data is encoded by the GT-based DRPE system. For the convenience of storage and transmission, the resulting encrypted signal is recorded as the real-valued interferograms using three-step PSI. The parameters of the scrambling method, the GT orders and the two random phase masks form the keys for decryption of the secret images. Simulation results demonstrate that the proposed scheme has high security level and certain robustness against data loss, noise disturbance and some attacks such as chosen plaintext attack.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제8권10호
• /
• pp.3572-3590
• /
• 2014

Cellular automata (CA) based cryptosystem has been studied for almost three decades, yet most of previously reported researches focus on the symmetric key encryption schemes. Up to now, few CA based public key encryption scheme has been proposed. To fill the gap, in this paper, we propose a new public key encryption scheme based on layered cellular automata (LCA). Specifically, in the proposed scheme, based on the T-shaped neighborhood structure, we combine four one-dimensional reversible CAs (set as the private key) to form the transition rules of a two-dimension CA, where the two-dimension CA is set as the corresponding public key. Based on the hardness assumption of the Decisional Dependent CA problem in LCA, we formally prove the proposed scheme is indistinguishably secure against the chosen-plaintext attack (IND-CPA). In addition, we also use a numeric example to demonstrate its feasibility. Finally, analysis of key space and time efficiency are also carried out along with RSA-1024, and the simulation results demonstrate that our proposed scheme is more efficient.