• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.1
• /
• pp.41-51
• /
• 2018

Format preserving encryption(FPE) performs encryption with preserving the size and format of plain-text. Therefore, it is possible to minimize the structural change of the database before and after the encryption. For example, when encrypting data such as credit card number or social security number, it is possible to maintain the existing database structure because FPE outputs the same form of cipher-text as plain-text. Currently, the National Institute of Standards and Technology (NIST) recommends FF1 and FF3 as standards for FPE. Recently, in Korea, FEA, which is a very efficient FPE algorithm, has been adopted as the standard of FPE. In this paper, we analyze FEA and measure the performance of FEA by optimizing it in various environments.

• Journal of Korea Multimedia Society
• /
• v.16 no.10
• /
• pp.1156-1162
• /
• 2013

Face verification has been widely studied during the past two decades. One of the challenges is the rising concern about the security and privacy of the template database. In this paper, we propose a secure face verification system which generates a unique secure cryptographic key from a face template. The face images are processed to produce face templates or codes to be utilized for the encryption and decryption tasks. The result identity data is encrypted using Advanced Encryption Standard (AES). Distance metric naming hamming distance and Euclidean distance are used for template matching identification process, where template matching is a process used in pattern recognition. The proposed system is tested on the ORL, YALEs, and PKNU face databases, which contain 360, 135, and 54 training images respectively. We employ Principle Component Analysis (PCA) to determine the most discriminating features among face images. The experimental results showed that the proposed distance measure was one the promising best measures with respect to different characteristics of the biometric systems. Using the proposed method we needed to extract fewer images in order to achieve 100% cumulative recognition than using any other tested distance measure.

• The KIPS Transactions:PartC
• /
• v.13C no.1 s.104
• /
• pp.83-94
• /
• 2006

This paper describes ATM cell encipherment method using Rijndael Algorithm adopted as an AES(Advanced Encryption Standard) by NIST in 2001. ISO 9160 describes the requirement of physical layer data processing in encryption/decryption. For the description of ATM cell encipherment method, we implemented ATM data encipherment equipment which satisfies the requirements of ISO 9160, and verified the encipherment/decipherment processing at ATM STM-1 rate(155.52Mbps). The DES algorithm can process data in the block size of 64 bits and its key length is 64 bits, but the Rijndael algorithm can process data in the block size of 128 bits and the key length of 128, 192, or 256 bits selectively. So it is more flexible in high bit rate data processing and stronger in encription strength than DES. For tile real time encryption of high bit rate data stream. Rijndael algorithm was implemented in FPGA in this experiment. The boundary of serial UNI cell was detected by the CRC method, and in the case of user data cell the payload of 48 octets (384 bits) is converted in parallel and transferred to 3 Rijndael encipherment module in the block size of 128 bits individually. After completion of encryption, the header stored in buffer is attached to the enciphered payload and retransmitted in the format of cell. At the receiving end, the boundary of ceil is detected by the CRC method and the payload type is decided. n the payload type is the user data cell, the payload of the cell is transferred to the 3-Rijndael decryption module in the block sire of 128 bits for decryption of data. And in the case of maintenance cell, the payload is extracted without decryption processing.

• Journal of Ubiquitous Convergence Technology
• /
• v.2 no.1
• /
• pp.12-17
• /
• 2008

In this paper, the 128bit AES block cipher algorithm OCB (Offset Code Book) mode for privacy and authenticity of high speed packet data was efficiently designed in C language level and was optimized to support the required capacity of contents server using high performance DSP. It is known that OCB mode is about two times faster than CBC-MAC mode. As an experimental result, the encryption / decryption speed of the implemented block cipher was 308Mbps, 311 Mbps respectively at 1GHz clock speed, which is 50% faster than a general design with 3.5% more memory usage.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2004.05a
• /
• pp.1043-1046
• /
• 2004

본 논문에서는 MPEG-4 스트림의 디지털 저작권 관리(DRM)를 위한 암호화 방법을 제안한다. MPEG-4는 멀티미디어 스트리밍을 위한 표준이며 MPEG-4 파일 포맷에 따라 저장된다. 인가된 사용자들만 접근이 가능하도록 MPEG-4 파일 포맷으로부터 추출된 I-VOP, P-VOP의 매크로 블록(MB)들과 모션 벡터(MV)들을 암호화 하는 3가지 방법을 설계하였고, MPEG-4 데이터의 암호화에는 DES(Data Encryption Standard)를 사용하였다. 이러한 암호화 방법을 기반으로 MPEG-4 데이터 스트리밍을 위한 인터넷 방송 서비스용 DRM 솔루션을 구현하고, 최적의 암호화 방법을 선택하기 위해 복호화 속도 및 영상의 품질을 비교하였다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.8 no.3
• /
• pp.79-94
• /
• 1998

본 논문에서는 컴퓨터 시스템에서 정보보호를 위해 가장 많이 사용하고 있는 DES(Data Encryption Standard)암호알고리즘을 시스템 설계 기술언어인 VHDL(Vhsic Hardware Description Language)로 설계하고 이것을 칩으로 합성하여 하드웨어에서 차지하는 면적과 속도를 비교 분석하였다. 설계방법에 있어서는 구현하는 방법에 따라 전 라운드 구현형, S-box 공유형 그리고 단일 라운드 반복형 범용성을 갖도록 하여 FPGA로 구현한다. 본 논문에서 구현한 단일 라운드 반복형 설계는 Synopsys의 EDA 툴을 이용하여 시뮬레이션 및 합성을 하였고, Xilinx사의 xdm을 이용하여 XC4052XL 칩에 구현하였다. 그 결과 입력 클록 50MHz상에서 100Mbps의 암,복호화 속도를 갖는 범용성 암호칩을 설계 및 구현한다.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2008.10a
• /
• pp.274-277
• /
• 2008

Rekeying is the process of changing the encryption key of an ongoing communication. The main objective is to limit the amount of data encrypted with the same key. The IEEE 802.11 standard defines the Wired Equivalent Privacy, or WEP, encapsulation of 802.11 data frames. MAC at sender encrypts the payload (frame body and CRC) of each 802.11 frame before transmission using RC4 stream cipher. MAC at receiver decrypts and passes data to higher level protocol. WEP uses symmetric key stream cipher (RC4) where same key will be used for data encryption and decryption at the sender and the receiver. WEP is not promising with the advancement of the wireless technology existing today. We propose to use the existing information to define the security attributes. This will eliminate the steps that regenerated keys have to be sent to each other over certain period. The rekeying scheme is according to the number of bytes transmitted. Therefore, even the attacker has recorded the packets, it will be insufficient information and time for the attacker to launch the attacks as the key is not deterministic. We develop a packet simulation software for packet transmission and simulate our propose scheme. From the simulation, our propose scheme will overcome the weak WEP key attack and provide an alternative solution to wireless packet transmission. Besides that, our solution appears to be a software approach where only driver updates are needed for the wireless client and server.

• Journal of the Institute of Electronics Engineers of Korea SP
• /
• v.42 no.5 s.305
• /
• pp.173-180
• /
• 2005

In this paper, we proposed the image hiding method which decreases calculation amount by encrypt partial data using discrete wavelet transform(DWT) and linear scale quantization which were adopted as the main technique for frequency transform in JPEG2000 standard. Also we used the chaotic system and cat map which has smaller calculation amount than other encryption algorithms and then dramatically decreased calculation amount. This method operates encryption process between quantization and entropy coding for preserving compression ratio of images and uses the subband selection method. Also, suggested encryption method to JPEG2000 progressive transmission. The experiments have been performed with the Proposed methods implemented in software for about 500 images. Consequently, we are sure that the proposed is efficient image encryption methods to acquire the high encryption effect with small amount of encryption. It has been shown that there exits a relation of trade-off between the execution time and the effect of the encryption. It means that the proposed methods can be selectively used according to the application areas.

• Journal of the Korean Society for Aeronautical & Space Sciences
• /
• v.31 no.10
• /
• pp.89-96
• /
• 2003

In this paper, a CCSDS(Consultative Committee for Space Data Systems) telecommand(TC) decryptor for the security of geostationary communications satellite was implemented. For the confidentiality of CCSDS TC datalink security, Option-A which implements the security services below the transfer sublayer was selected. Also CFB(Cipher Feedback) operation mode of DES(Data Encryption Standard) was used for the encryption of 56-bit data bits in 64-bit codeblock. To verify Decryptor function, the DES CFB logic implemented on A54SX32 FPGA(Field Programmable Gate Array) was integrated with interface and control logics in a PCB(Printed Circuit Board). Using a function test PC, the encrypted codeblocks were generated, transferred into the decryptor, decrypted, and the decrypted codeblocks were transmitted to the function test PC, and then compared with the source codeblocks. Through LED(Light Emitting Diode) ON operation by driving the relay related to Op-code decoded and the comparison between the codeblock output waveforms measured and those simulated, the telecommand decryptor function was verified.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.2
• /
• pp.65-73
• /
• 2008

Security layer of the Cdma2000 1x EV-DO is currently completing standard (C.S0024-A v2.0). Accordingly, a hardware security devices, that allows to implementation requirement of the security layer described in standard document, is required to apply security function about data transferred between AT and AN of then Cdma2000 1x EV-DO environment. This paper represents design of hardware device providing EV-DO security with simulation of the security layer protocol via the FPGA platform. The SHA-1 hash algorithm for certification and service of packet data, and the AES, SEED, ARIA algorithms for data encryption are equip in this device. And paper represents implementation of hardware that applies optionally certification and encryption function after executing key-switch using key-switching algorithm.