• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.4
• /
• pp.753-763
• /
• 2014

Recently financial institutions and large retailers have a large amount of personal information leakage accident occurred one after another, and the damage is a trend of increasing day by day. Regulation such as enforcing the encryption of the personal identification information are strengthened. Efficient technology to encrypt personal information is Format-preserving encryption. Typical encryption expand output data length than input data length and change a format. Format Preserving Encryption is an efficient method to minimize database and application modification, because it makes preserve length and format of input data. In this paper, to encrypt personal information efficiently, we propose newly Format Preserving Encryption using Block cipher mode of operation.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.4
• /
• pp.601-608
• /
• 2023

Homomorphic encryption is a promising technology that has been extensively researched in recent years. It allows computations to be performed on encrypted data, without the need to decrypt it. In this paper, we perform bibliometric analysis to objectively and quantitatively analyze the research trends of homomorphic encryption technology using 6,047 homomorphic encryption papers from the Scopus database. Specifically, we analyze the number of papers by year, keyword co-occurrence, topic clustering, changes in related keywords over time, and country of homomorphic encryption research institutions. Our analysis results provide strategic directions for research and application of homomorphic encryption and can be a great help for subsequent research and industrial applications.

• Journal of the Korea Society of Computer and Information
• /
• v.19 no.12
• /
• pp.143-152
• /
• 2014

This paper introduces Database security to prevent the rapidly increasing issue of private information leakage. The Database security examined in the paper separates into DB access control area and DB encryption area which further leads the paper to analyze the factors of the two areas and suggest necessary elements for creating stable Database security. In addition, the paper examines previous DB security programs by areas and analyzes pros and cons from the tested result. The experiment indicated that while DB access control presents less degradation and reduced the need to modify the existing DBMS since the access control operates at the end point of the network, DB encryption presented strength in protecting the data from unauthorized access. On the other hand, DB access control is less useful in preventing the attack in advance which leaves the log to enable tracking afterward while DB encryption can only be operated by limited types of Database and causes degradation due to system load and shows higher percentage of failure when creating the system. This paper examines characteristics of Database security areas in order to be used as a reference for institutions or companies seeking stable Database security.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.4
• /
• pp.583-592
• /
• 2020

With the popularization of smartphones, Social Networking Service (SNS) has become the means of communication for modern people. Due to the nature of the means of communication, SNS generates a variety of archive and preservation evidence. Therefore, it is a major analysis target in terms of digital forensic investigation. An application that provides SNS stores data in a central server or database in a smartphone inside for user convenience. Some applications provide encryption for privacy, which can be anti-forensic in terms of digital forensic investigation. Therefore, the study of the encryption method should be continuously preceded. In this paper, we analyzed two applications that provide SQLite-based database encryption through SQLCipher module. Each database was decrypted and key data was identified.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.1
• /
• pp.41-51
• /
• 2018

Format preserving encryption(FPE) performs encryption with preserving the size and format of plain-text. Therefore, it is possible to minimize the structural change of the database before and after the encryption. For example, when encrypting data such as credit card number or social security number, it is possible to maintain the existing database structure because FPE outputs the same form of cipher-text as plain-text. Currently, the National Institute of Standards and Technology (NIST) recommends FF1 and FF3 as standards for FPE. Recently, in Korea, FEA, which is a very efficient FPE algorithm, has been adopted as the standard of FPE. In this paper, we analyze FEA and measure the performance of FEA by optimizing it in various environments.

• Journal of Information Processing Systems
• /
• v.13 no.3
• /
• pp.573-589
• /
• 2017

Cloud computing is an attractive solution that can provide low cost storage and powerful processing capabilities for government agencies or enterprises of small and medium size. Yet the confidentiality of information should be considered by any organization migrating to cloud, which makes the research on relational database system based on encryption schemes to preserve the integrity and confidentiality of data in cloud be an interesting subject. So far there have been various solutions for realizing SQL queries on encrypted data in cloud without decryption in advance, where generally homomorphic encryption algorithm is applied to support queries with aggregate functions or numerical computation. But the existing homomorphic encryption algorithms cannot encrypt floating-point numbers. So in this paper, we present a mechanism to enable the trusted party to encrypt the floating-points by homomorphic encryption algorithm and partial trusty server to perform summation on their ciphertexts without revealing the data itself. In the first step, we encode floating-point numbers to hide the decimal points and the positive or negative signs. Then, the codes of floating-point numbers are encrypted by homomorphic encryption algorithm and stored as sequences in cloud. Finally, we use the data structure of DoubleListTree to implement the aggregate function of SUM and later do some extra processes to accomplish the summation.

• Journal of Information Technology Services
• /
• v.21 no.4
• /
• pp.63-74
• /
• 2022

Globally researchers at medical institutions are actively sharing COHORT data of patients to develop vaccines and treatments to overcome the COVID-19 crisis. OMOP-CDM, a common data model that efficiently shares medical data research independently operated by individual medical institutions has patient personal information (e.g. PII, PHI). Although PII and PHI are managed and shared indistinguishably through de-identification or anonymization in medical institutions they could not be guaranteed at 100% by complete de-identification and anonymization. For this reason the security of the OMOP-CDM database is important but there is no detailed and specific OMOP-CDM security inspection tool so risk mitigation measures are being taken with a general security inspection tool. This study intends to study and present a model for implementing a tool to check the security vulnerability of OMOP-CDM by analyzing the security guidelines for the US database and security controls of the personal information protection of the NIST. Additionally it intends to verify the implementation feasibility by real field demonstration in an actual 3 hospitals environment. As a result of checking the security status of the test server and the CDM database of the three hospitals in operation, most of the database audit and encryption functions were found to be insufficient. Based on these inspection results it was applied to the optimization study of the complex and time-consuming CDM CSF developed in the "Development of Security Framework Required for CDM-based Distributed Research" task of the Korea Health Industry Promotion Agency. According to several recent newspaper articles, Ramsomware attacks on financially large hospitals are intensifying. Organizations that are currently operating or will operate CDM databases need to install database audits(proofing) and encryption (data protection) that are not provided by the OMOP-CDM database template to prevent attackers from compromising.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.5
• /
• pp.3-13
• /
• 2011

In 2004, Boneh et.al. proposed a public key encryption with keyword search (PEKS) scheme which enables a server to test whether a keyword used in generating a ciphertext by a sender is identical to a keyword used in generating a query by a receiver or not. Yang et. al. proposed a probabilistic public key encryption with equality test (PEET) scheme which enables to test whether one message of ciphertext generated by one public key is identical to the other message generated by the other public key or not. If the message is replaced to a keyword, PEET is not secure against keyword guessing attacks and does not satisfy IND-CP A security which is generally considered in searchable encryption schemes. In this paper, we propose a public key encryption with equality test with designated tester (dPEET) which is secure against keyword guessing attacks and achieves IND-CPA security.

• The Journal of the Korea Contents Association
• /
• v.14 no.6
• /
• pp.1-10
• /
• 2014

Through the development of internet mobile devices and online business activation, sensitive data of unspecified user is being easily exposed. In such an open business environment, the outflow of sensitive personal information has often been remarked on recently for which adoption of encryption solution for database became top priority in terms of importance. In 2011, government also legislated for the protection of personal information as an information network law, and is now applying the law to a variety of industries. Firms began to comply with these regulations by establishing various measures for protection of personal information and are now quickly introducing encryption solution to reinforce security of personal information they are managing. In this paper, I present architecture and technological parts that should be considered when introducing security solution.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.3
• /
• pp.541-547
• /
• 2019

As leakage cases of personal information increase, the concern of personal information protection is also increasing. As a result, most applications encrypt and store sensitive information such as personal information. Especially, in case of instant messengers, it is more difficult to find database where is not encrypted and stored. However, this kind of database encryption acts as anti-forensic from the point of view of digital forensic investigation. In this paper, we analyze database encryption process of MalangMalang Talkcafe application which is one of instant messenger. Based on our analysis, we propose a decryption method and explain the meaningful information collected in the database.