• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.28 no.5B
• /
• pp.381-387
• /
• 2003

The importance of protection for data and information is increasing by the rapid development of information communication and network. And concern of the private-information protection is increasing for the requested user's demand. Analysis of unknown signal characteristics is importance for the safe system maintenance from hacker and cracker. Detected target of unknown signals is virus, inner invader and outer invader, etc. Because existed unknown signal detection method exist individually for the virus, inner invader and outer invader system performance is very lower and system cost is very much. Therefore, in this paper proposed merging IDS system performs detection for virus, inner intrusion and outer intrusion method. Design of the proposed system is used Synopsys Ver. 1999.10 and VHDL coding. The proposed IDS system is practical in the system performance and cost for the individually existed IDS, and proposed IDS system utilized a part of system resources.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.8 no.7
• /
• pp.1493-1500
• /
• 2004

Today's Commercial security server system which provide secrecy, integrity and availability may still be vulnerable to denial-of-service attacks. Authentication system whith use a public key cryptography and process RSA encryption is relatively slow and the slowness has become a major security threat specifically in service flooding attacks caused by authentication requests. The service flooding attacks render the server incapable of providing its service to legitimitive clients. Therefore the importance of implementing systems that prevent denial of service attacks and provide service to legitimitive users cannot be overemphasized. In this paper, we propose a puzzle protocol which applies to authentication model. our gradually strengthening authentication model improves the availability and continuity of services and prevent denial of service attacks and we implement flooding of service tolerance system to verify the efficiency of our model. This system is expected to be ensure in the promotion of reliability.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.20 no.2
• /
• pp.351-358
• /
• 2016

This paper describes an efficient hardware implementation of lightweight block cipher algorithm CLEFIA. The CLEFIA crypto-processor supports for three master key lengths of 128/192/256-bit, and it is based on the modified generalized Feistel network (GFN). To minimize hardware complexity, a unified processing unit with 8 bits data-path is designed for implementing GFN that computes intermediate keys to be used in round key scheduling, as well as carries out round transformation. The GFN block in our design is reconfigured not only for performing 4-branch GFN used for round transformation and intermediate round key generation of 128-bit, but also for performing 8-branch GFN used for intermediate round key generation of 256-bit. The CLEFIA crypto-processor designed in Verilog HDL was verified by using Virtex5 XC5VSX50T FPGA device. The estimated throughput is 81.5 ~ 60 Mbps with 112 MHz clock frequency.

• Journal of Digital Convergence
• /
• v.12 no.10
• /
• pp.253-258
• /
• 2014

Recently, the development of cloud computing technology is developed as soon as smartphones is increases, and increased that users want to receive big data service. Hadoop framework of the big data service is provided to hadoop file system and hadoop mapreduce supported by data-intensive distributed applications. But, smpartphone service using hadoop system is a very vulnerable state to data authentication. In this paper, we propose a initial authentication protocol of hadoop system assisted by smartphone service. Proposed protocol is combine symmetric key cryptography techniques with ECC algorithm in order to support the secure multiple data processing systems. In particular, the proposed protocol to access the system by the user Hadoop when processing data, the initial authentication key and the symmetric key instead of the elliptic curve by using the public key-based security is improved.

• IEIE Transactions on Smart Processing and Computing
• /
• v.2 no.3
• /
• pp.168-175
• /
• 2013

Key escrow is a default property that is inherent in identity-based cryptography, where a curious private key generator (PKG) can derive a secret value shared by communicating entities in its domain. Therefore, a dishonest PKG can encrypt and decrypt ciphers or can carry out any attack on the communicating parties. Of course, the escrow property is not completely unwanted but is acceptable in other particular applications. On the other hand, in more civil applications, this key escrow property is undesirable and needs to be removed to provide maximum communication privacy. Therefore, this paper presents an escrow-free identity-based key agreement protocol that is also applicable even in a distinct PKG condition that does not use pairings. The proposed protocol has comparable computational and communicational performance to many other protocols with similar security attributes, of which their security is based on costly bilinear pairings. The protocol's notion was inspired by McCullagh et al. and Chen-Kudla, in regard to escrow-free and multi-PKG key agreement ideas. In particular, the scheme captures perfect forward secrecy and key compromise impersonation resilience, which were lacking in McCullagh et al.'s study, as well as all other desirable security attributes, such as known key secrecy, unknown key-share resilience and no-key control. The merit in the proposed protocol is the achievement of all required security requirements with a relatively lower computational overhead than many other protocols because it precludes pairings.

• Convergence Security Journal
• /
• v.17 no.2
• /
• pp.15-22
• /
• 2017

This paper presents new 8-bit implementation of AES. Most typical 8-bit AES designs are to reduce the circuit area by sacrificing its throughput. The presented AES architecture employs two separated S-box to perform round operation and key generation in parallel. From the simulation results of the proposed AES-128, the maximum critical path delay is 13.0ns. It can be operated in 77MHz and the throughput is 15.2 Mbps. Consequently, the throughput of the proposed AES has 1.54 times higher throughput than the other counterpart although the area increasement is limited in 1.17 times. The proposed AES design enables very low-area design without sacrificing its performance. Thereby, it can be suitable for the various IoT applications that need high speed communication.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.10 no.2
• /
• pp.328-332
• /
• 2006

Efficient finite field operation in the elliptic curve (EC) public key cryptography algorithm, which attracts much of latest issues in the applications in information security, is very important. Traditional serial finite multipliers root from Mastrovito's serial multiplication architecture. In this paper, we adopt the polynomial basis and propose a new finite field multiplier, inducing numerical expressions which can be applied to exhibit 3 times as much performance as the Mastrovito's. We described the proposed multiplier with HDL to verify and evaluate as a proper hardware IP. HDL-implemented serial GF (Galois field) multiplier showed 3 times as fast speed as the traditional serial multiplier's adding only partial-sum block in the hardware. So far, there have been grossly 3 types of studies on GF($2^m$) multiplier architecture, such as serial multiplication, array multiplication, and hybrid multiplication. In this paper, we propose a novel approach on developing serial multiplier architecture based on Mastrovito's, by modifying the numerical formula of the polynomial-basis serial multiplication. The proposed multiplier architecture was described and implemented in HDL so that the novel architecture was simulated and verified in the level of hardware as well as software.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.14 no.2
• /
• pp.394-402
• /
• 2010

At a recent, enterprises based on online-service are established because of rapid growth of information network. These enterprises collect personal information and do customer management. If customers use a paid service, company send billing information to customer and customer pay it. Such circulation and management of information is big issue but most companies don't care of information security. Actually, personal information that was managed by largest internal open-market was exposed. For safe customer information management, this paper proposes the method that decrease load of RSA cryptography algorithm that is commonly used for preventing from illegal attack or hacking. The method for decreasing load was designed by Binary NAF Method and it can operates modular Exponentiation rapidly. We implemented modular Exponentiation algorithm using existing Binary Method and Windows Method and compared and evaluated it.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.40 no.3
• /
• pp.568-574
• /
• 2015

Recently RFID not only is widely utilized in various fields such as inventory management, merchandize logistics, etc., but also, has evolved as an important component of the Internet of Things (IoT). According to increasing the utilization field of RIFD, studies for security and privacy for RFID system have been made diverse. Among them, the ownership transfer protocols for RFID tags have also been proposed in connection with the purchase of products embedded with RFID tag. Recently, Kapoor and Piramuthu proposed a RFID ownership transfer protocol to solve the problems of security weakness of the previous RFID ownership transfer protocols. In this paper, we show that Kapoor-Piramuthu's protocol also has security problems and provide a new protocol to resolve them. Security analysis of newly proposed protocol shows the security concerns are resolved.

• Journal of Information Processing Systems
• /
• v.8 no.3
• /
• pp.495-520
• /
• 2012

A secure Electronic Payment System (EPS) is essential for the booming online shopping market. A successful EPS supports the transfer of electronic money and sensitive information with security, accuracy, and integrity between the seller and buyer over the Internet. SET, CyberCash, Paypal, and iKP are the most popular Credit Card-Based EPSs (CCBEPSs). Some CCBEPSs only use SSL to provide a secure communication channel. Hence, they only prevent "Man in the Middle" fraud but do not protect the sensitive cardholder information such as the credit card number from being passed onto the merchant, who may be unscrupulous. Other CCBEPSs use complex mechanisms such as cryptography, certificate authorities, etc. to fulfill the security schemes. However, factors such as ease of use for the cardholder and the implementation costs for each party are frequently overlooked. In this paper, we propose a Web service based new payment system, based on ANSI X9.59-2006 with extra features added on top of this standard. X9.59 is an Account Based Digital Signature (ABDS) and consumer-oriented payment system. It utilizes the existing financial network and financial messages to complete the payment process. However, there are a number of limitations in this standard. This research provides a solution to solve the limitations of X9.59 by adding a merchant authentication feature during the payment cycle without any addenda records to be added in the existing financial messages. We have conducted performance testing on the proposed system via a comparison with SET and X9.59 using simulation to analyze their levels of performance and security.