• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.9 no.8
• /
• pp.1741-1748
• /
• 2005

In this paper, we describe VLSI design and performance evaluation of OCB-AES crytographic algorithm that simulataneously provides privacy and authenticity. The OCB-AES crytographic algorithm sovles the problems such as long operation time and large hardware of conventional crytographic system, because the conventional system must implement the privancy and authenticity sequentially with seqarated algorithms and hardware. The OCB-AES processor with area-efficient modular offset generator and tag generator is designed using IDEC Samsung 0.35um standard cell library and consists of about 55,700 gates. Its cipher rate is about 930Mbps and the number of clock cycles needed to generate the 128-bit tags for authenticity and integrity is (m+2)${\times}$(Nr+1), where m and Nr represent the number of block for message and number of rounds for AES encryption, respectively. The OCB-AES processor can be applicable to soft cryptographic IP of IEEE 802.11i wireless LAN and Mobile SoC.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.12 no.5
• /
• pp.15-25
• /
• 2002

In this paper a design of high performance cryptographic processor which implements AES Rijndael algorithm is described. To eliminate performance degradation due to round-key computation delay of conventional processor, the on-the-fly precomputation of round key based on modified round structure is adopted. And on-the-fly round key generator which supports 128, 192, and 256-bit key has modular structure. The designed processor has iterative structure which uses 1 clock cycle per round and supports three operation modes, such as ECB, CBC, and CTR mode which is a candidate for new AES modes of operation. The cryptographic processor designed in Verilog-HDL and synthesized using 0.251$\mu\textrm{m}$ CMOS cell library consists of about 51,000 gates. Simulation results show that the critical path delay is about 7.5ns and it can operate up to 125Mhz clock frequency at 2.5V supply. Its peak performance is about 1.45Gbps encryption or decryption rate under 128-bit key ECB mode.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.21 no.11
• /
• pp.878-883
• /
• 2020

Cryptographic algorithms are used to prevent the illegal manipulation of data. They are divided into public-key cryptosystems and symmetric-key cryptosystems. Public-key cryptosystems require considerable time for encryption and decryption compared to symmetric-key cryptosystem. On the other hand, key management, and delivery are easier for public-key cryptosystems than symmetric-key cryptosystems because different keys are used for encryption and decryption. Furthermore, hash functions are being used very effectively to verify the integrity of the digital content, as they always generate output with a fixed size using the data of various sizes as input. This paper proposes a method using RSA public-key cryptography and a hash function to determine if a digital image is deformed or not and to detect the manipulated location. In the proposed method, the entire image is divided into several blocks, 64×64 in size. The watermark is then allocated to each block to verify the deformation of the data. When deformation occurs, the manipulated pixel will be divided into smaller 4×4 sub-blocks, and each block will have a watermark to detect the location. The safety of the proposed method depends on the security of the cryptographic algorithm and the hash function.

• The KIPS Transactions:PartC
• /
• v.17C no.3
• /
• pp.233-242
• /
• 2010

In the recent years, power attacks were widely investigated, and so various countermeasures have been proposed. In the case of block ciphers, masking methods that blind the intermediate results in the algorithm computations(encryption, decryption) are well-known. In case of SEED block cipher, it uses 32 bit arithmetic addition and S-box operations as non-linear operations. Therefore the masking type conversion operations, which require some operating time and memory, are required to satisfy the masking method of all non-linear operations. In this paper, we propose a new masked S-boxes that can minimize the number of the masking type conversion operation. Moreover we construct just one masked S-box table and propose a new formula that can compute the other masked S-box's output by using this S-box table. Therefore the memory requirements for masked S-boxes are reduced to half of the existing masking method's one.

• Journal of the Institute of Electronics Engineers of Korea SD
• /
• v.44 no.1
• /
• pp.8-15
• /
• 2007

This paper proposed hardware architecture of the block cryptographic algorithm HIGHT aiming small size and low power application, and analyzed its performance. The HIGHT is a modified algorithm of the Feistel. The encryption and decryption circuit were designed as one iterative block. It reduces the redundant circuit that yields small area. For the performance improvement, the circuit generates 32-bit subkey during 1 clock cycle. we synthesized the HIGHT with Hynix $0.25-{\mu}m$ CMOS technology. The proposed circuit size was 2.658 EG(equivalent gate), and its power consumption was $10.88{\mu}W$ at 2.5V for 100kHz. It is useful for a passive RFID tag or a smart IC card of a small size and low power.

• Journal of the Institute of Electronics Engineers of Korea SP
• /
• v.47 no.1
• /
• pp.159-168
• /
• 2010

In the recent years, power analysis attacks were widely investigated, and so various countermeasures have been proposed. In the case of block ciphers, masking methods that blind the intermediate results in the algorithm computations(encryption, decryption, and key-schedule) are well-known. The type conversion of masking is unavoidable since Boolean operation and Arithmetic operation are performed together in block cipher. Messerges proposed a masking type conversion algorithm resistant general power analysis attack and then it's vulnerability was reported. We present that some of exiting attacks have some practical problems and propose a new power analysis attack on Messerges's algorithm. After we propose the strengthen DPA and CPA attack on the masking type conversion algorithm, we show that our proposed attack is a practical threat as the simulation results.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.14 no.10
• /
• pp.4136-4156
• /
• 2020

Recently, data can be safely shared or stored using the infrastructure of cloud computing in various fields. However, issues such as data security and privacy affect cloud environments. Thus, a variety of security technologies are required, one of them is security technology using CP-ABE. Research into the CP-ABE scheme is currently ongoing, but the existing CP-ABE schemes can pose security threats and are inefficient. In terms of security, the CP-ABE approach should be secure against user collusion attacks and masquerade attacks. In addition, in a dynamic cloud environment where users are frequently added or removed, they must eliminate user access when they leave, and so users will not be able to access the cloud after removal. A user who has left should not be able to access the cloud with the existing attributes, secret key that had been granted. In addition, the existing CP-ABE scheme increases the size of the ciphertext according to the number of attributes specified by the data owner. This leads to inefficient use of cloud storage space and increases the amount of operations carried out by the user, which becomes excessive when the number of attributes is large. In this paper, CP-ABE access control is proposed to block access of withdrawn users in dynamic cloud environments. This proposed scheme focuses on the revocation of the attributes of the withdrawn users and the output of a ciphertext of a constant-size, and improves the efficiency of the user decryption operation through outsourcing.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.3
• /
• pp.645-653
• /
• 2016

Ransomware was first created in 1999, but its existence become widely known in Korean by 2015. As information and communication technology have developed, the storage capacity of computer has enlarged, it accordingly is getting more important to effectively manage these information, rather than the information itself. In such situation, the ransomware break into other people's computer and encrypt an files without a user's permission. So, it adversely affect the user. In this paper, we monitor an access of a specific process to the file. And on the basis of this monitoring information, we detect whether the abnormal approach happened. Through the detection result, we block the permission about access to the file for a specific process. Using this method, we propose a blocking technique for the ransomeware's abnormal approach and encryption to the files.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.14 no.12
• /
• pp.2657-2662
• /
• 2010

Demand on information security in mobile devices based control system grows rapidly with a view to counteracting information hacking and leakage. Among these techniques, encryption and authentication are most common. This paper presents CBC-MAC (Cipher Block Chaining-Message Authentication Code) based mobile devices control system. The system is termed as Secure Mobile in Vehicle (SMIV)We use CBC-MAC that is one of the most efficient authentication modes to protect information against any malicious attacks. By sharing the secret key of CBC-MAC between the transmitter and receiver, it asserts authentic information. The proposed system is verified in such a way that we develop mobile devices control system, apply the CBC-MAC algorithm to the control system and validate the received data. Unlike conventional systems where the development of control mechanism in mobile devices based control systems is main concern, this proposed system offers a secure communication link of the data in mobile devices control system and therefore would be useful to the design and implementation of various mobile devices based control systems.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2016.05a
• /
• pp.759-761
• /
• 2016

Recent changes in the information security environment have led to persistent attacks on intelligent assets such as cyber security breaches, leakage of confidential information, and global security threats. Since existing information security systems are not adequate for Advanced Persistent Threat; APT attacks, bypassing attacks, and attacks on encryption packets, therefore, continuous monitoring is required to detect and protect against such attacks. Accordingly, this paper suggests an operation plan for managing an information security system to block the attack routes of advanced persistent threats. This is achieved with identifying the valuable assets for prevention control by establishing information control policies through analyzing the vulnerability and risks to remove potential hazard, as well as constructing detection control through controlling access to servers and conducting surveillance on encrypted communication, and enabling intelligent violation of response by having corrective control through packet tagging, platform security, system backups, and recovery.