• 한국정보통신학회논문지
• /
• 제21권7호
• /
• pp.1276-1284
• /
• 2017

우리나라 경량 블록암호 표준인 LEA 알고리듬을 8-비트 데이터 패스의 하드웨어로 구현하고, 구현된 LEA-128 암호 프로세서에 대해 상관관계 전력분석 공격의 취약성을 분석하였다. 본 논문에서 적용된 CPA는 공격을 위해 가정된 라운드키 값으로 계산된 데이터의 해밍 거리와 LEA 암호 프로세서의 전력 소모량 사이의 상관 계수를 분석함으로써 올바른 라운드키 값을 검출한다. CPA 공격 결과로, 최대 상관계수가 0.6937, 0.5507인 올바른 라운드키 값이 검출되었으며, 블록암호 LEA가 전력분석 공격에 취약함이 확인되었다. CPA 공격에 대한 대응 방안으로 TRNG(True Random Number Generator) 기반의 매스킹 방법을 제안하였다. TRNG에서 생성되는 난수를 암호화 연산 중간 값에 더하는 마스킹 기법을 적용한 결과, 최대 상관계수가 0.1293와 0.1190로 매우 작아 잘못된 라운드키 값이 분석되었으며, 따라서 제안된 마스킹 방법이 CPA 공격에 강인함을 확인하였다.

• 정보보호학회지
• /
• 제17권2호
• /
• pp.9-23
• /
• 2007

The air interface supports a security layer which provides the key exchange protocol, authentication protocol, and encryption protocol. The authentication is performed on the encryption protocol packet. The authentication protocol header or trailer may contain the digital signature that is used to authenticate a portion of the authentication protocol packet that is authenticated. The encryption protocol may add a trailer to hide the actual length of the plaintext of padding to be used by the encryption algorithm. The encryption protocol header may contain variables such as the initialization vector (IV) to be used by the encryption protocol. It is our aim to firstly compute the session key created from the D H key exchange algorithm, and thereof the authenticating key and the encryption key being generated from the session key.

• 정보보호학회논문지
• /
• 제12권5호
• /
• pp.53-61
• /
• 2002

이 논문에서는 B2B 시스템에서 사용할 수 있는 XML. 기반의 키 복구 설계에 대해 소개한다. 이 키 복구는 시스템 내에서 사용되는 전자서명과 암호화를 W3C(World Wide Web Consortium)에서 최근 정의하고 있는 XML 전자서명 (XML Digital Signature)과 XML 암호화(XML Encryption)를 사용한다. 서명이나 암호화한 결과 값이 XML 문서 형태로 구성되고 시스템 전반에 사용되는 메시지들이 또한 모두 XML 문서 형태로 구성됨으로 기존의 XML 응용 및 XML 기반의 전자상거래 플랫폼에 투명하게 접목이 가능하다. 또한, 키 복구 방식으로는 키 위탁방식을 사용하며 기업에서 사용할 수 있도록 설계되고 구현되었다. 이 키 복구는 회사 내의 키 복구 서버로부터의 키 복구는 물론, 거래가 있는 다른 회사의 키 복구 서버에 대해 그 거래에 해당하는 문서의 키 복구 요청도 가능한 것이 그 특징이다

• Current Optics and Photonics
• /
• 제5권2호
• /
• pp.155-163
• /
• 2021

We propose a novel optical encryption scheme for cipher-feedback-block (CFB) mode, capable of encrypting two-dimensional (2D) page data with the use of two-step phase-shifting digital interferometry utilizing orthogonal polarization, in which the CFB algorithm is modified into an optical method to enhance security. The encryption is performed in the Fourier domain to record interferograms on charge-coupled devices (CCD)s with 256 quantized gray levels. A page of plaintext is encrypted into digital interferograms of ciphertexts, which are transmitted over a digital information network and then can be decrypted by digital computation according to the given CFB algorithm. The encryption key used in the decryption procedure and the plaintext are reconstructed by dual phase-shifting interferometry, providing high security in the cryptosystem. Also, each plaintext is sequentially encrypted using different encryption keys. The random-phase mask attached to the plaintext provides resistance against possible attacks. The feasibility and reliability of the proposed CFB method are verified and analyzed with numerical simulations.

• 전자공학회논문지
• /
• 제51권1호
• /
• pp.57-70
• /
• 2014

내적 암호화 방식은 비밀키와 암호문 사이에 파인 그레인 관계를 제공하는 암호학적 프리미티브이다. 본 논문은 완전한 속성 은닉 보호를 수행하는 새로운 IPE 방식을 제안한다. 제안한 IPE 방식은 합성 위수의 bilinear groups에 기반한다. 본 논문에서는 이중 암호화 시스템 체계를 사용하여 제안한 IPE의 완전한 속성 은닉 보호를 증명한다. 성능 분석에서 기존의 IPE 방식들과 제안한 IPE 방식의 연산량과 메모리 할당량을 비교한다.

• 한국중재학회지:중재연구
• /
• 제9권1호
• /
• pp.367-390
• /
• 1999

The basic requirements for conducting electronic commerce include confidentiality, integrity, authentication and authorization. Cryptographic algorithms, make possible use of powerful authentication and encryption methods. Cryptographic techniques offer essential types of services for electronic commerce : authentication, non-repudiation. The oldest form of key-based cryptography is called secret-key or symmetric encryption. Public-key systems offer some advantages. The public key pair can be rapidly distributed. We don't have to send a copy of your public key to all the respondents. Fast cryptographic algorithms for generating message digests are known as one-way hash function. In order to use public-key cryptography, we need to generate a public key and a private key. We could use e-mail to send public key to all the correspondents. A better, trusted way of distributing public keys is to use a certification authority. A certification authority will accept our public key, along with some proof of identity, and serve as a repository of digital certificates. The digital certificate acts like an electronic driver's license. The Korea government is trying to set up the Public Key Infrastructure for certificate authorities. Both governments and the international business community must involve archiving keys with trusted third parties within a key management infrastructure. The archived keys would be managed, secured by governments under due process of law and strict accountability. It is important that all the nations continue efforts to develop an escrowed key in frastructure based on voluntary use and international standards and agreements.

• 전자통신동향분석
• /
• 제38권5호
• /
• pp.61-70
• /
• 2023

We investigated technological trends in an electrocardiogram (ECG)-based biometric cryptosystem that uses physiological features of ECG signals to provide personally identifiable cryptographic key generation and authentication services. The following technical details of the cryptosystem were investigated and analyzed: preprocessing of ECG signals, extraction of personally identifiable features, generation of quantified encryption keys from ECG signals, reproduction of ECG encryption keys under time-varying noise, and new security applications based on ECG signals. The cryptosystem can be used as a security technology to protect users from hacking, information leakage, and malfunctioning attacks in wearable/implantable medical devices, wireless body area networks, and mobile healthcare services.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제12권10호
• /
• pp.5100-5119
• /
• 2018

Most of existing privacy-preserving multi-authorities attribute-based encryption schemes (PP-MA-ABE) only considers the privacy of the user identity (ID). However, in many occasions information leakage is caused by the disclosing of his/her some sensitive attributes. In this paper, we propose a collusion-resisting ciphertext-policy PP-MA-ABE (CRPP-MACP-ABE) scheme with hiding both user's ID and attributes in the cloud storage system. We present a method to depict anonymous users and introduce a managerial role denoted by IDM for the management of user's anonymous identity certificate ($AID_{Cred}$). The scheme uses $AID_{Cred}$ to realize privacy-preserving of the user, namely, by verifying which attribute authorities (AAs) obtain the blinded public attribute keys, pseudonyms involved in the $AID_{Cred}$ and then distributes corresponding private keys for the user. We use different pseudonyms of the user to resist the collusion attack launched by viciousAAs. In addition, we utilize IDM to cooperate with multiple authorities in producing consistent private key for the user to avoid the collusion attack launched by vicious users. The proposed CRPP-MACP-ABE scheme is proved secure. Some computation and communication costs in our scheme are finished in preparation phase (i.e. user registration). Compared with the existing schemes, our scheme is more efficient.

• 한국군사과학기술학회지
• /
• 제12권5호
• /
• pp.609-614
• /
• 2009

In this paper, we have proposed a design for security network system passing through the non-security network which is commonly used for various networking services. Based on the security requirements which are assumed that the large classified data are bi-transmitted between a server and several terminals remotely located, some application methods of security techniques are suggested such as the network separation technique, the scale-down application technique of certification management system based on the PKI(Public Key Infrastructure), the double encryption application using the crypto-equipment and the asymmetric keys encryption algorithm, unrecoverable data deleting technique and system access control using USB device. It is expected that the application of this design technique for the security network causes to increase the efficiency of the existing network facilities and reduce the cost for developing and maintaining of new and traditional network security systems.

• ETRI Journal
• /
• 제37권4호
• /
• pp.696-706
• /
• 2015

This paper presents an achievable secure videoconferencing system based on quantum key encryption in which key management can be directly applied and embedded in a server/client videoconferencing model using, for example, OpenMeeting. A secure key management methodology is proposed to ensure both a trusted quantum network and a secure videoconferencing system. The proposed methodology presents architecture on how to share secret keys between key management servers and distant parties in a secure domain without transmitting any secrets over insecure channels. The advantages of the proposed secure key management methodology overcome the limitations of quantum point-to-point key sharing by simultaneously distributing keys to multiple users; thus, it makes quantum cryptography a more practical and secure solution. The time required for the encryption and decryption may cause a few seconds delay in video transmission, but this proposed method protects against adversary attacks.