• Journal of Information Technology Applications and Management
• /
• 제18권3호
• /
• pp.61-72
• /
• 2011

Trust for the data created, processed and transferred on e-Science environments can be estimated with provenance. The information to form provenance, which says how the data was created and reached its current state, increases as data evolves. It is a heavy burden to trace and verify the massive provenance in order to trust data. On the other hand, it is another issue how to trust the verification of data with provenance. This paper proposes a fast and exact verification of inter-domain data transfer and data origin for e-Science environment based on PKI. The verification, which is called two-way verification, cuts down the tracking overhead of the data along the causality presented on Open Provenance Model with the domain specialty of e-Science environment supported by Grid Security Infrastructure (GSI). The proposed scheme is easy-applicable without an extra infrastructure, scalable irrespective of the number of provenance records, transparent and secure with cryptography as well as low-overhead.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제12권9호
• /
• pp.4527-4547
• /
• 2018

Signcryption is a cryptographic primitive that provides authentication (signing) and confidentiality (encrypting) simultaneously at a lower computational cost and communication overhead. With the proposition of certificateless public key cryptography (CLPKC), certificateless signcryption (CLSC) scheme has gradually become a research hotspot and attracted extensive attentions. However, many of previous CLSC schemes are constructed based on time-consuming pairing operation, which is impractical for mobile devices with limited computation ability and battery capacity. Although researchers have proposed pairing-free CLSC schemes to solve the issue of efficiency, many of them are in fact still insecure. Therefore, the challenging problem is to keep the balance between efficiency and security in CLSC schemes. In this paper, several existing CLSC schemes are cryptanalyzed and a new CLSC scheme without pairing based on elliptic curve cryptosystem (ECC) is presented. The proposed CLSC scheme is provably secure against indistinguishability under adaptive chosen-ciphertext attack (IND-CCA2) and existential unforgeability under adaptive chosen-message attack (EUF-CMA) resting on Gap Diffie-Hellman (GDH) assumption and discrete logarithm problem in the random oracle model. Furthermore, the proposed scheme resists the ephemeral secret leakage (ESL) attack, public key replacement (PKR) attack, malicious but passive KGC (MPK) attack, and presents efficient computational overhead compared with the existing related CLSC schemes.

• 한국콘텐츠학회논문지
• /
• 제6권11호
• /
• pp.225-234
• /
• 2006

본 논문에서는 콘텐츠 보호의 암호화를 위해 ECC, MD-5, AES를 통합한 보안 프로세서를 SIP (Semiconductor Intellectual Property)로 설계하였다. 각각의 SIP는 VHDL RTL로 모델링하였으며, 논리합성, 시뮬레이션, FPGA 검증을 통해 재사용이 가능하도록 구현하였다. 또한 ARM9과 SIP들이 서로 통신이 가능하도록 AMBA AHB의 스펙에 따라 버스동작모델을 설계, 검증하였다. 플렛폼기반의 통합 보안 SIP는 ECC, AES, MD-5가 내부 코어를 이루고 있으며 각각의 SIP들은 ARM9과 100만 게이트 FPGA가 내장된 디바이스를 사용하여 검증하였으며 최종적으로 매그나칩 $0.25{\mu}m(4.7mm{\times}4.7mm$) CMOS 공정을 사용하여 MPW(Multi-Project Wafer) 칩으로 제작하였다.

• 전기전자학회논문지
• /
• 제18권2호
• /
• pp.198-205
• /
• 2014

정보화 기술의 발전에 따라 웨어러블 장치, 휴대용 장치, RFID와 같은 소형 애플리케이션에 대한 관심이 증가하고 있고, 여기에 적용하기 위한 소형 암호화 회로의 중요성이 강조되고 있다. 본 논문에서는 소형 애플리케이션에 적합한 AES 기반 암호화 회로를 제안한다. 제안하는 회로에서는 저장 공간의 최소화, 연산 자원의 공유를 통해서 크기를 최소화 하였다. 제안하는 회로는 $8{\times}16$ 비트 크기의 SRAM 두 개를 사용하였으며, 65nm 표준 셀 라이브러리를 이용하여 합성한 결과 2,241 개의 게이트로 구현되었고, 처리 속도는 초당 50.57M 비트이다. 따라서 저면적 암호화 회로를 필요로 하는 다양한 애플리케이션에 적용하여 사용할 수 있다.

• Journal of Information Processing Systems
• /
• 제8권1호
• /
• pp.159-174
• /
• 2012

This paper presents a study on a high-performance design for a block cipher algorithm implemented on modern many-core graphics processing units (GPUs). The recent emergence of VLSI technology makes it feasible to fabricate multiple processing cores on a single chip and enables general-purpose computation on a GPU (GPGPU). The GPU strategy offers significant performance improvements for all-purpose computation and can be used to support a broad variety of applications, including cryptography. We have proposed an efficient implementation of the encryption/decryption operations of a block cipher algorithm, SEED, on off-the-shelf NVIDIA many-core graphics processors. In a thorough experiment, we achieved high performance that is capable of supporting a high network speed of up to 9.5 Gbps on an NVIDIA GTX285 system (which has 240 processing cores). Our implementation provides up to 4.75 times higher performance in terms of encoding and decoding throughput as compared to the Intel 8-core system.

• 한국정보통신학회:학술대회논문집
• /
• 한국정보통신학회 2017년도 추계학술대회
• /
• pp.578-580
• /
• 2017

IoT 기술의 발전으로 IoT 기기들 사이의 통신에 보안이 중요해지고 있으며, 다양한 보안 알고리즘을 사용하고 있다. 많은 대칭 키 알고리즘 중에 AES (Advanced Encryption Standard) 알고리즘은 높은 보안성으로 지금까지 사용하고 있다. 본 논문에서는 효율적인 AES 알고리즘의 하드웨어 구조를 제안한다. 제안하는 하드웨어 구조는 암호화 모듈과 키 생성 모듈에 4단 파이프라인 구조를 적용하여, 높은 처리량과 낮은 지연시간을 가진다. 총 512비트의 일반 텍스트를 46 사이클에 처리가 가능하다. 제안하는 하드웨어 디자인은 65nm 공정에서 1.18GHz의 최대 주파수와 13Gbps의 처리량을 가지며, 180nm 공정에서 800MHz의 최대 주파수와 8.9Gbps의 처리량을 가진다.

• 한국정보통신학회논문지
• /
• 제12권2호
• /
• pp.269-275
• /
• 2008

최근 유비쿼터스 기술의 급속한 성장으로 모바일 컴퓨팅 분야에서의 스토리지 용량에 대한 요구가 증가하였다. 가상 스토리지 프로토콜인 iSCSI(Internet Small Computer Interface)는 이러한 문제를 효율적으로 해결하기 위한 방안이 될 수 있다. 그러나, 이 프로토콜의 불안전한 특성은 스토리지 시스템을 불안하고 외부에 노출되게 할 우려가 있다. 따라서, 본 논문에서는 모바일 기기를 위한 안전하고도 가벼운 iSCSI 기반의 가상 스토리지 스킴을 설계하고 제안하고자 한다. 성능평가를 통해 제안된 알고리즘은 기존의 IPsec보다 100% 읽기/쓰기 성능개선을 보여주고 있다.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제13권9호
• /
• pp.4788-4813
• /
• 2019

In this paper, we introduce concepts of optimal and near optimal secret data hiding schemes. We present a new digital image steganography approach based on the Galois field $GF(p^m)$ using graph and automata to design the data hiding scheme of the general form ($k,N,{\lfloor}{\log}_2p^{mn}{\rfloor}$) for binary, gray and palette images with the given assumptions, where k, m, n, N are positive integers and p is prime, show the sufficient conditions for the existence and prove the existence of some optimal and near optimal secret data hiding schemes. These results are derived from the concept of the maximal secret data ratio of embedded bits, the module approach and the fastest optimal parity assignment method proposed by Huy et al. in 2011 and 2013. An application of the schemes to the process of hiding a finite sequence of secret data in an image is also considered. Security analyses and experimental results confirm that our approach can create steganographic schemes which achieve high efficiency in embedding capacity, visual quality, speed as well as security, which are key properties of steganography.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제14권11호
• /
• pp.4522-4536
• /
• 2020

Nowadays, cloud is the fastest emerging technology in the IT industry. We can store and retrieve data from the cloud. The most frequently occurring problems in the cloud are security and privacy preservation of data. For improving its security, secret information must be protected from various illegal accesses. Numerous traditional cryptography algorithms have been used to increase the privacy in preserving cloud data. Still, there are some problems in privacy protection because of its reduced security. Thus, this article proposes an ElGamal Elliptic Curve (EGEC) Homomorphic encryption scheme for safeguarding the confidentiality of data stored in a cloud. The Users who hold a data can encipher the input data using the proposed EGEC encryption scheme. The homomorphic operations are computed on encrypted data. Whenever user sends data access permission requests to the cloud data storage. The Cloud Service Provider (CSP) validates the user access policy and provides the encrypted data to the user. ElGamal Elliptic Curve (EGEC) decryption was used to generate an original input data. The proposed EGEC homomorphic encryption scheme can be tested using different performance metrics such as execution time, encryption time, decryption time, memory usage, encryption throughput, and decryption throughput. However, efficacy of the ElGamal Elliptic Curve (EGEC) Homomorphic Encryption approach is explained by the comparison study of conventional approaches.

• International Journal of Computer Science & Network Security
• /
• 제22권2호
• /
• pp.209-213
• /
• 2022

Key exchange protocol (KEP) is an essential setup to secure authenticates transmission among two or more users in cyberspace. Digital files protected and transmitted by the encryption of the files over public channels, a single key communal concerning the channel parties and utilized for both to encrypt the files as well as decrypt the files. If entirely done, this impedes unauthorized third parties from imposing a key optimal on the authorized parties. In this article, we have suggested a new KEP term as isokey interchange protocol based on generalization of modern mathematics term as isomathematics by utilizing isonumbers for corresponding isounits over the Block Upper Triangular Isomatrices (BUTI) which is secure, feasible and extensible. We also were utilizing arithmetic operations like Isoaddition, isosubtraction, isomultiplication and isodivision from isomathematics to build iso-key interchange protocol for network communication. The execution of our protocol is for two isointegers corresponding two elements of the group of isomatrices and cryptographic performance of products eachother. We demonstrate the protection of suggested isokey interchange protocol against Brute force attacks, Menezes et al. algorithm and Climent et al. algorithm.