• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.3
• /
• pp.413-426
• /
• 2017

In this paper, we propose an adder that can be applied to data encrypted with a fully homomorphic encryption scheme and an addition method with improved performance that can be applied when adding multiple data. The proposed arithmetic adder is based on the Kogge-Stone Adder method with the optimal circuit level among the existing hardware-based arithmetic adders and suitable to apply the cryptographic SIMD (Single Instruction for Multiple Data) function on encrypted data. The proposed multiple addition method does not add a large number of data by repeatedly using Kogge-Stone Adder which guarantees perfect addition result. Instead, when three or more numbers are to be added, three numbers are added to C (Carry-out) and S (Sum) using the full-adder circuit implementation. Adding with Kogge-Stone Adder is only when two numbers are finally left to be added. The performance of the proposed method improves dramatically as the number of data increases.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2014.05a
• /
• pp.250-253
• /
• 2014

Due to limited resource, marine communication is severely limited when compared to communications in land. Radio relay facilities, etc. based on a wired network through a long distance communication is possible. In addition, the aircraft is in the air, the ground-based network service based on long-range straight-line distance and elevation (LOS: Line of Sight) communications. On the other hand, the distance in a straight line to the sea, the sea level because communication is limited or through satellite, underwater communications relay equipment installed in the communication scheme has been investigated.. In this paper, using TCP-based real-time joint maritime security communication links were studied. Harsh marine environment, real-time communication that can provide secure communications and propose a LINK joint. In this study, more secure, and convenient communications at sea, a plan was presented to you.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.15 no.3
• /
• pp.77-89
• /
• 2005

As the ID-based public key cryptosystems become a very active research area, a number of ID-based key agreement protocols have been proposed, but unfortunately many of them were analyzed that there were some security flaws in the protocols. In addition to key agreement protocols, in recent, Liu et al. and Kim et al. proposed the key agreement protocols that multiple session keys are established at once among participated entities. In this paper, we propose an ID-based tripartite key agreement protocol that establishes 8 keys by improving the efficiency of the Liu et al's. Moreover, the proposed protocol can be used in the situation where multiple different private key generators(PKG) are involved. Therefore, because the private key issued by different PKGs belonging to each entity's domain can be used, our proposed scheme is more efficiently applicable to the practical applications.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.17 no.3
• /
• pp.17-25
• /
• 2007

Delegation of signing capability is a common practice in various applications. Mambo et al. proposed a proxy signatures as a solutions for delegation of signing capability. Proxy signatures allow a designated proxy signer to sign on behalf of an original signer. After the concept of proxy signature scheme is proposed, many variants are proposed to support more general delegation setting. To capture all possible delegation structures, the concept of delegation network was proposed by Aura. ID-based cryptography, which is suited for flexible environment, is desirable to construct a delegation network. Chow et al proposed an ID-based delegation network. In the computational point of view, their solution requires E pairing operations and N elliptic curve scalar multiplications where E and N are the number of edges and nodes in a delegation structure, respectively. In this paper, we proposed an efficient ID-based delegation network which requires only E pairing operations. Moreover, we can design a modified delegation network that requires only N pairing operations.

• Journal of Internet Computing and Services
• /
• v.13 no.2
• /
• pp.59-71
• /
• 2012

PKI-based public key scheme is outstanding in terms of authenticity and privacy. Nevertheless its application brings big burden due to the certificate/key management. It is difficult to apply it to limited computing devices in WSN because of its high encryption complexity. The Bilinear Pairing emerged from the original IBE to eliminate the certificate, is a future significant cryptosystem as based on the DDH(Decisional DH) algorithm which is significant in terms of computation and secure enough for authentication, as well as secure and faster. The practical EC Weil Pairing presents that its encryption algorithm is simple and it satisfies IND/NM security constraints against CCA. The Random Oracle Model based IBE PKG is appropriate to the structure of our target system with one secret file server in the operational perspective. Our work proposes modification of the Weil Pairing as proper to the closed network for secret file distribution[2]. First we proposed the improved one computing both encryption and message/user authentication as fast as O(DES) level, in which our scheme satisfies privacy, authenticity and integrity. Secondly as using the public key ID as effective as PKI, our improved IBE variant reduces the key exposure risk.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.27 no.10C
• /
• pp.1015-1026
• /
• 2002

As per increasing research interest in the field of collaborative computing in recent year, the importance of security issues on that area is also incrementally growing. Generally, the persistency of collaborative system is facilitated with conventional authentication and cryptography schemes. It is however, hard to meet the access control requirements of distributed collaborative computing environments by means of merely apply the existing access control mechanisms. The distributed collaborative system must consider the network openness, and various type of subjects and objects while, the existing access control schemes consider only some of the access control elements such as identity, rule, and role. However, this may cause the state of security level alteration phenomenon. In order to handle proper access control in collaborative system, various types of access control elements such as identity, role, group, degree of security, degree of integrity, and permission should be taken into account. Futhermore, if we simply define all the necessary access control elements to implement access control algorithm, then collaborative system consequently should consider too many available objects which in consequence, may lead drastic degradation of system performance. In order to improve the state problems, we propose a novel access control framework that is suitable for the distributed collaborative computing environments. The proposed scheme defines several different types of object elements for the accessed objects and subjects, and use them to implement access control which allows us to guarantee more solid access control. Futhermore, the objects are distinguished by three categories based on the characteristics of the object elements, and the proposed algorithm is implemented by the classified objects which lead to improve the systems' performance. Also, the proposed method can support scalability compared to the conventional one. Our simulation study shows that the performance results are almost similar to the two cases; one for the collaborative system has the proposed access control scheme, and the other for it has not.

• The Transactions of the Korea Information Processing Society
• /
• v.6 no.1
• /
• pp.122-133
• /
• 1999

Uses can share information and use resources effectively by using TCP/IP-based networks. So, a protocol to manage complex networks effectively is needed. For the management of the distributed networks, the SNMP(Simple Network Management Protocol) has been adopted as an international standard in 1989, and the SNMPv2 in which a security function was added was published in 1993. There are two encryption schemes in SNMPv2, the one is a DES using symmetric encryption scheme and the other is a MD5(Message Digest5) hash function for authentication. But the DES has demerits that a key length is a few short and the encryption and the authentication is executed respectively. In order to solve these problems, wer use a RSA cryptography in this paper. In this paper, we examine the items related with SNMP. In addition to DES and MD5 propose in SNMPv3, we chance security functionality by adopting RSA, a public key algorithm executing the encryption and the authentication simultaneously. The proposed SNMPv3 security module is written in JAVA under Windows NT environment.

• Convergence Security Journal
• /
• v.14 no.7
• /
• pp.3-8
• /
• 2014

Recently, A utilization request of the U-Healthcare services are increasing rapidly. This is because the increase in smartphone users and ubiquitous computing technology was developed. Furthermore, the demand for access to and use of medical information systems is growing rapidly with a smartphone. This system have the advantage such as they can access from anywhere and anytime in the healthcare information system using their smartphone quickly and easily. But this system have various problems that are a privacy issue, the location disclosure issue, and the potential infringement of personal information. this problems are arise very explosive. Therefore, we propose a secure information security system that can solve the security problems in healthcare information systems for healthcare workers using smartphone. Our proposed system, doctors record, store, modify and manage patient medical information and this system would be safer than the existing healthcare information systems. The proposed system allows the doctor to perform further authentication by transmitting using SMS to GOTP message when they accessing medical information systems. So our proposed system can support to more secure system that can protect user individual information stealing and modify attack by two-factor authentication scheme. And this system can support confidentiality, integrity, location information blocking, personal information steal prevent using cryptography algorithm that is easy and fast.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.3
• /
• pp.363-374
• /
• 2023

A white-box environment refers to a situation where the internal information of an algorithm is disclosed. The AES white-box encryption was first announced in 2002, and in 2016, a side-channel analysis for white-box encryption called Differential Computation Analysis (DCA) was proposed. DCA analysis is a powerful side-channel attack technique that uses the memory information of white-box encryption as side-channel information to find the key. Although various countermeasure studies against DCA have been published domestically and internationally, there were no evaluated or analyzed results from experiments applying the hiding technique using dummy operations to DCA analysis. Therefore, in this paper, we insert LU T-shaped dummy operations into the WBC-AES algorithm proposed by S. Chow in 2002 and quantitatively evaluate the degree of change in DCA analysis response depending on the size of the dummy. Compared to the DCA analysis proposed in 2016, which recovers a total of 16 bytes of the key, the countermeasure proposed in this paper was unable to recover up to 11 bytes of the key as the size of the dummy decreased, resulting in a maximum decrease in attack performance of about 68.8%, which is about 31.2% lower than the existing attack performance. The countermeasure proposed in this paper confirms that the attack performance significantly decreases as smaller dummy sizes are inserted and can be applied in various fields.