• Journal of the Institute of Electronics Engineers of Korea CI
• /
• v.42 no.5
• /
• pp.21-30
• /
• 2005

Recently, a mobile IPv6 binding update protocol using Address Based Keys (BU-ABK) was proposed. This protocol applies Address Based Keys (ABK), generated through identity-based cryptosystem, to enable strong authentication and secure key exchange without any global security infrastructure. However, because it cannot detect that public cryptographic parameters for ABKs are altered or forged, it is vulnerable to man-in-the-middle attacks and denial of service attacks. Furthermore, it has heavy burden of managing the public cryptographic parameters. In this paper, we show the weaknesses of BU-ABK and then propose an enhanced BU-ABK (EBU-ABK). Furthermore, we provide an optimization for mobile devices with constraint computational power. The comparison of EBU-ABK with BU-ABK shows that the enhanced protocol achieves strong security while not resulting in heavy computation overhead on a mobile node.

• Journal of Digital Convergence
• /
• v.18 no.5
• /
• pp.249-256
• /
• 2020

The session initiation protocol (SIP) is a signaling protocol, which is used to controlling communication session creation, manage and finish over Internet protocol. Based on it, we can implement various services like voice based electronic commerce or instant messaging. Recently, Qiu et al. proposed an enhanced password authentication scheme for SIP. However, this paper withdraws that Qiu et al.'s scheme is weak against the off-line password guessing attack and has denial of service problem. Addition to this, we propose an improved password authentication scheme as a remedy scheme of Qiu et al.'s scheme. For this, the proposed scheme does not use server's verifier and is based on elliptic curve cryptography. Security validation is provided based on a formal validation tool ProVerif. Security analysis shows that the improved authentication scheme is strong against various attacks over SIP.

• Journal of the Institute of Electronics Engineers of Korea SD
• /
• v.42 no.6 s.336
• /
• pp.67-74
• /
• 2005

Crypto-systems have difficulties in designing hardware due to the various standards. We propose a programmable and configurable architecture for cryptography coprocessors to accommodate various crypto-systems. The proposed architecture has a 32 bit I/O interface and internal bus width, and consists of a programmable finite field arithmetic unit, an input/output unit, a register file, and a control unit. The crypto-system is determined by the micro-codes in memory of the control unit, and is configured by programming the micro-codes. The coprocessor has a modular structure so that the arithmetic unit can be replaced if a substitute has an appropriate 32 bit I/O interface. It can be used in many crypto-systems by re-programming the micro-codes for corresponding crypto-system or by replacing operation units. We implement an elliptic curve crypto-processor using the proposed architecture and compare it with other crypto-processors

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.19 no.1
• /
• pp.10-23
• /
• 1994

To transmit information efficiently and securely in On-line transmission, data compression, secrecy and authentication are required. In this paper, we propose LZWH4 which creates two compression strings with applying Hnageul to LZW. design HDES1 by extending S-box (S1-S16) which satsfies SAC and correlation coefficient as a partial countermeasure of Differential Cryptanalysis and implement LZWHDES1 which concatenates efficiently these for digital signature in On-line transmission. Also HDES1 is more in U.D.(Unicity Distance) than DES and HDES. We show that the proposed LZWHDES1 reduces processing times than LZWHDES which LZW is directly concatnated to DES and LZWHDES which LZWH1 is directly concatenated to HDES. LZWHDES1 can be used to digital signature system as conventional key cryptosystem.

• Journal of KIISE:Computer Systems and Theory
• /
• v.29 no.11
• /
• pp.622-633
• /
• 2002

Authentication and Key Agreement using password provide convenience and amenity, but what human can remember has extremely low entropy. To overcome its defects, AMP(Authentiration and key agreement via Memorable Password) which performs authentication and key agreement securely via low entropy password are presented. AMP uses Diffie-Hellman problem that depends on discrete logarithm problem. Otherwise, this thesis applies elliptic curve cryptosystem to AMP for further efficiency That is, this thesis presents EC-AMP(Elliptic Curve-AMP) protocol based on elliptic curve discrete logarithm problem instead of discrete logarithm problem, and shows its high performance through the implementation. EC-AMP secures against various attacks in the random oracle model just as AMP Thus, we nay supply EC-AMP to the network environment that requires authentication and key agreement to get both convenience and security from elliptic curve discrete logarithm problem.

• Journal of KIISE:Computer Systems and Theory
• /
• v.34 no.3
• /
• pp.113-123
• /
• 2007

This paper presents a high-performance elliptic curve cryptographic processor over $GF(2^m)$. The proposed design adopts Lopez-Dahab Montgomery algorithm for elliptic curve point multiplication and uses Gaussian normal basis for $GF(2^m)$ field arithmetic operations. We select m=163 which is the smallest value among five recommended $GF(2^m)$ field sizes by NIST and it is Gaussian normal basis of type 4. The proposed elliptic curve cryptographic processor consists of host interface, data memory, instruction memory, and control. We implement the proposed design using Xilinx XCV2000E FPGA device. Based on the FPGA implementation results, we can see that our design is 2.6 times faster and requires significantly less hardware resources compared with the previously proposed best hardware implementation.

• Journal of KIISE:Computing Practices and Letters
• /
• v.14 no.4
• /
• pp.446-450
• /
• 2008

Private Matching is the problem of computing the intersection of private datasets of two parties without revealing their own datasets. Freedman et al.[1] introduced a solution for the problem, where only one party gets private matching. When both parties want to get private matching simultaneously, we can consider the use of Kissner and Song[2]'s method which is a privacy-preserving set intersection with group decryption in multi-party case. In this paper we propose new protocols for fair private matching. Instead of group decryption we introduce a Semi-Trusted Third Party for fairness. We also propose an update procedure without restarting the PM protocol.

• Journal of Internet Computing and Services
• /
• v.8 no.1
• /
• pp.79-85
• /
• 2007

As the use of the computer and networks generalized, the various tasks which are requested secrets can be processed such os the banking transaction. And because of increasing of data exchange, Internet, and mobile networks, the method which is not connected only but also used with many users has been changed. Especially because of the structural problem of the Internet, a lot of information is leaked out when we use the Internet banking. If we check the Internet banking by using an existing cypher method which is either simple of slow, a credit card number, an account number or password will be leaked out. Because the security of information doesn't meet our expectation, we need more powerful cryptography. But, the wasted space-time which is required shouldn,t be ignored when the whole transferred data are encrypted. So, by using both the Elliptic Curve algorithm which is based on mobile networks and the partial encryption of the DTD of XML in this essay, we will implement more faster cypher method of the partial XML.

• Journal of Korea Society of Industrial Information Systems
• /
• v.23 no.4
• /
• pp.13-22
• /
• 2018

In this paper, double encryption technology of image based on scramble operation and phase-shifting digital holography is proposed. For the purpose, we perform first encryption digitally using scramble operation for the to be encrypted image, and perform phase modulation to the first encrypted image. Finally, we get the secondary encryption information through the interference between the phase-shifted reference wave and phase modulated image. The decryption process proceeds in the reverse order of the encryption process. The original image is reconstructed by digitally decoding the two encrypted images through a phase shift digital holography technique that appropriately performs arithmetic processing, phase-demodulating and then using the encryption key information used in the scramble operation. The proposed cryptosystem can recover the original image only if both the key information used in the scramble operation, the distance information used in the phase shift digital holography technique, and the wavelength of the light source are known accurately.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.8 no.12
• /
• pp.4568-4587
• /
• 2014

Authentication of videos and images based on the content is becoming an important problem in information security. Unfortunately, previous studies lack the consideration of Kerckhoffs's principle in order to achieve this (i.e., a cryptosystem should be secure even if everything about the system, except the key, is public knowledge). In this paper, a solution to the problem of finding a relationship between a frame's index and its content is proposed based on the creative utilization of a robust manifold feature. The proposed solution is based on a novel semi-fragile watermarking scheme for H.264/AVC video content authentication. At first, the input I-frame is partitioned for feature extraction and watermark embedding. This is followed by the temporal feature extraction using the Isometric Mapping algorithm. The frame index is included in the feature to produce the temporal watermark. In order to improve security, the spatial watermark will be encrypted together with the temporal watermark. Finally, the resultant watermark is embedded into the Discrete Cosine Transform coefficients in the diagonal positions. At the receiver side, after watermark extraction and decryption, temporal tampering is detected through a mismatch between the frame index extracted from the temporal watermark and the observed frame index. Next, the feature is regenerate through temporal feature regeneration, and compared with the extracted feature. It is judged through the comparison whether the extracted temporal watermark is similar to that of the original watermarked video. Additionally, for spatial authentication, the tampered areas are located via the comparison between extracted and regenerated spatial features. Experimental results show that the proposed method is sensitive to intentional malicious attacks and modifications, whereas it is robust to legitimate manipulations, such as certain level of lossy compression, channel noise, Gaussian filtering and brightness adjustment. Through a comparison between the extracted frame index and the current frame index, the temporal tempering is identified. With the proposed scheme, a solution to the Kerckhoffs's principle problem is specified.