• Proceedings of the Korea Contents Association Conference
• /
• 2005.11a
• /
• pp.200-204
• /
• 2005

POS system that become that is supply net administration and computerization fetters of customer management that become point in distribution network constructed database and use XML-Encryption that is certificate techniques of PKI and standard of security for security that is XML's shortcoming and design distributed processing POS system using XML for data integration by introduction of Ubiquitous concept. This POS system has four advantages. First, high portability Second, efficiency of data transmission. Third, improvement of data process speed. Fourth, security of data.

• Journal of the Institute of Electronics Engineers of Korea CI
• /
• v.49 no.3
• /
• pp.74-80
• /
• 2012

Recently at SCIS2011, Nakatsu et. al. proposed multi-round Correlation Power Analysis(CPA) on Hardware Advanced Encryption Standard(AES) to improve the performance of CPA with limited number of traces. In this paper, we propose, Multi-Round CPA to retrieve master key using CPA of 1round and 2round on Hardware DES. From the simulation result for the proposed attack method, we could extract 56-bit master key using the 300 power traces of Hardware DES in DPA contes. And it was proved that we can search more master key using multi-round CPA than using single round CPA in limited environments.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.7 no.5
• /
• pp.1343-1356
• /
• 2013

Cloud computing has emerged as perhaps the hottest development in information technology at present. This new computing technology requires that the users ensure that their infrastructure is safety and that their data and applications are protected. In addition, the customer must ensure that the provider has taken the proper security measures to protect their information. In order to achieve fine-grained and flexible access control for cloud computing, a new construction of hierarchical attribute-based encryption(HABE) with Ciphertext-Policy is proposed in this paper. The proposed scheme inherits flexibility and delegation of hierarchical identity-based cryptography, and achieves scalability due to the hierarchical structure. The new scheme has constant size ciphertexts since it consists of two group elements. In addition, the security of the new construction is achieved in the standard model which avoids the potential defects in the existing works. Under the decision bilinear Diffie-Hellman exponent assumption, the proposed scheme is provable security against Chosen-plaintext Attack(CPA). Furthermore, we also show the proposed scheme can be transferred to a CCA(Chosen-ciphertext Attack) secure scheme.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.12 no.2
• /
• pp.53-64
• /
• 2002

This paper describes a design of cryptographic processor that implements the AES (Advanced Encryption Standard) block cipher algorithm, "Rijndael". An iterative looping architecture using a single round block is adopted to minimize the hardware required. To achieve high throughput rate, a sub-pipeline stage is added by dividing the round function into two blocks, resulting that the second half of current round function and the first half of next round function are being simultaneously operated. The round block is implemented using 32-bit data path, so each sub-pipeline stage is executed for four clock cycles. The S-box, which is the dominant element of the round block in terms of required hardware resources, is designed using arithmetic circuit computing multiplicative inverse in GF($2^8$) rather than look-up table method, so that encryption and decryption can share the S-boxes. The round keys are generated by on-the-fly key scheduler. The crypto-processor designed in Verilog-HDL and synthesized using 0.25-$\mu\textrm{m}$ CMOS cell library consists of about 23,000 gates. Simulation results show that the critical path delay is about 8-ns and it can operate up to 120-MHz clock Sequency at 2.5-V supply. The designed core was verified using Xilinx FPGA board and test system.

• Journal of the Institute of Electronics Engineers of Korea SD
• /
• v.45 no.6
• /
• pp.80-88
• /
• 2008

In this paper, the block cipher algorithms, 3-DES(Triple Data Encryption Standard), AES(Advanced Encryption Standard), SEED, HASH(SHA-1), which are domestic and international standards, have been implemented as an integrated cryptographic engine for smart card applications. For small area and low power design which are essential requirements for portable devices, arithmetic resources are shared for iteration steps in each algorithm, and a two-level clock gating technique was used to reduce the dynamic power consumption. The integrated cryptographic engine was verified with ALTERA Excalbur EPXA10F1020C device, requiring 7,729 LEs(Logic Elements) and 512 Bytes ROM, and its maximum clock speed was 24.83 MHz. When designed by using Samsung 0.18 um STD130 standard cell library, the engine consisted of 44,452 gates and had up to 50 MHz operation clock speed. It was estimated to consume 2.96 mW, 3.03 mW, 2.63 mW, 7.06 mW power at 3-DES, AES, SEED, SHA-1 modes respectively when operating at 25 MHz clock. We found that it has better area-power optimized structure than other existing designs for smart cards and various embedded security systems.

• Journal of KIISE
• /
• v.44 no.8
• /
• pp.860-869
• /
• 2017

Recently, due to the personal information security act, the encryption of personal information has attracted attention. However, if the conventional encryption scheme is used directly, the database schema must be changed because the conventional encryption scheme does not preserve the format of the data, which can yield a large cost. Therefore, the Format-Preserving Encryption(FPE) has emerged as an important technique that ensures the confidentiality of the data and maintains the database schema naturally. Accordingly, National Institute of Standards and Technology(NIST) recently published the FF1 and FF3 as standards for FPE, although problems have been found in the security of FF1 and FF3 against message recovery attacks. In this paper, we study and analyze FF1 and FF3 as the standards of FPE, as well as the message recovery attack on these schemes. We also study a secure FPE against message recovery attack and verify the efficiency by implementing standardized FF1 and FF3.

• IEIE Transactions on Smart Processing and Computing
• /
• v.6 no.2
• /
• pp.133-139
• /
• 2017

Vehicles have increasingly evolved and become intelligent with convergence of information and communications technologies (ICT). Vehicle communications (VC) has become one of the major necessities for intelligent vehicles. However, VC suffers from serious security problems that hinder its commercialization. Hence, the IEEE 1609 Wireless Access Vehicular Environment (WAVE) protocol defines a security service for VC. This service includes Advanced Encryption Standard-Counter with CBC-MAC (AES-CCM) for data encryption in VC. A high-speed AES-CCM crypto module is necessary, because VC requires a fast communication rate between vehicles. In this study, we propose and implement an efficient AES-CCM hardware architecture for high-speed VC. First, we propose a 32-bit substitution table (S_Box) to reduce the AES module latency. Second, we employ key box register files to save key expansion results. Third, we save the input and processed data to internal register files for secure encryption and to secure data from external attacks. Finally, we design a parallel architecture for both cipher block chaining message authentication code (CBC-MAC) and the counter module in AES-CCM to improve performance. For implementation of the field programmable gate array (FPGA) hardware, we use a Xilinx Virtex-5 FPGA chip. The entire operation of the AES-CCM module is validated by timing simulations in Xilinx ISE at a speed of 166.2 MHz.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.8 no.11
• /
• pp.4028-4049
• /
• 2014

Attribute-based encryption (ABE) is a promising cryptographic primitive for implementing fine-grained data sharing in cloud computing. However, before ABE can be widely deployed in practical cloud storage systems, a challenging issue with regard to attributes and user revocation has to be addressed. To our knowledge, most of the existing ABE schemes fail to support flexible and direct revocation owing to the burdensome update of attribute secret keys and all the ciphertexts. Aiming at tackling the challenge above, we formalize the notion of ciphertext-policy ABE supporting flexible and direct revocation (FDR-CP-ABE), and present a concrete construction. The proposed scheme supports direct attribute and user revocation. To achieve this goal, we introduce an auxiliary function to determine the ciphertexts involved in revocation events, and then only update these involved ciphertexts by adopting the technique of broadcast encryption. Furthermore, our construction is proven secure in the standard model. Theoretical analysis and experimental results indicate that FDR-CP-ABE outperforms the previous revocation-related methods.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.22 no.1
• /
• pp.211-220
• /
• 2018

The standard data link layer encryption provided by CCSDS has a structure that encodes HDLC frame into it using an AES algorithm. However, CCSDS is standard method has a structure in which the receiving side cannot request a re-activation when noise interference occurs over an unstable channel. SES Alarmed has a structure that enables the receiving side to additionally detect errors and perform re-activation requests in an operational structure similar to that of link encryption in CCSDS. The SES Alarmed related paper was intended to identify the optimum range of thresholds and identify data corruption due to channel noise. In this paper, the focus was on reducing the re-activation process if the HDLC frame, excluding the password Sync code, consistently exceeds any threshold levels. The HDLC frame order was changed and the results of using SES Alarmed were proposed and compared.

• Journal of information and communication convergence engineering
• /
• v.10 no.3
• /
• pp.248-252
• /
• 2012

The sensor network standard DASH7 was proposed to improve transmission quality and low power communication. Specifications for the standard are currently being developed, so the security specification has not been firmly implemented. However, without a security specification, a network cannot work due to threats from malicious users. Thus we must ensure confidentiality and authentication of data packets by using a cryptography method. To contribute to the DASH7 security specification, this paper shows the implementation results of network and data link layer security by using advanced encryption standard (AES) counter with CBC-MAC (CCM) over CC430 sensor nodes.