• Journal of the Optical Society of Korea
• /
• 제20권4호
• /
• pp.476-480
• /
• 2016

For the application of multiusers, the arrangement and distribution of the keys is a much concerning problem in a cryptosystem. In this paper, we propose an optical encryption scheme with multiple users based on computational ghost imaging (CGI) and orthogonal modulation. The CGI encrypts the secret image into an intensity vector rather than a complex-valued matrix. This will bring convenience for post-processing and transmission of the ciphertext. The orthogonal vectors are taken as the address codes to distinguish users and avoid cross-talk. Only the decryption key and the address code owned by an authorized user are matched, the secret image belonging to him/her could be extracted from the ciphertext. Therefore, there are two security levels in the encryption scheme. The feasibility and property are verified by numerical simulations.

• Journal of the Optical Society of Korea
• /
• 제20권1호
• /
• pp.42-54
• /
• 2016

A hybrid color and grayscale images encryption scheme based on the quaternion Hartley transform (QHT), the two-dimensional (2D) logistic map, the double random phase encoding (DRPE) in gyrator transform (GT) domain and the three-step phase-shifting interferometry (PSI) is presented. First, we propose a new color image processing tool termed as the quaternion Hartley transform, and we develop an efficient method to calculate the QHT of a quaternion matrix. In the presented encryption scheme, the original color and grayscale images are represented by quaternion algebra and processed holistically in a vector manner using QHT. To enhance the security level, a 2D logistic map-based scrambling technique is designed to permute the complex amplitude, which is formed by the components of the QHT-transformed original images. Subsequently, the scrambled data is encoded by the GT-based DRPE system. For the convenience of storage and transmission, the resulting encrypted signal is recorded as the real-valued interferograms using three-step PSI. The parameters of the scrambling method, the GT orders and the two random phase masks form the keys for decryption of the secret images. Simulation results demonstrate that the proposed scheme has high security level and certain robustness against data loss, noise disturbance and some attacks such as chosen plaintext attack.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제14권3호
• /
• pp.1249-1262
• /
• 2020

Along with the increase of the importance of information used in practice, adversaries tried to take valuable information in diverse ways. The simple and fundamental solution is to encrypt the whole data. Since the cost of encryption is increasing along with the size of data, the cost for securing the data is a burden to a system where the size of the data is not small. For the reason, in some applications where huge data are used for service, service providers do not use any encryption scheme for higher security, which could be a source of trouble. In this work, we introduce a new type of data securing technique named Trapdoor Digital Shredder(TDS) which disintegrates a data to multiple pieces to make it hard to re-construct the original data except the owner of the file who holds some secret keys. The main contribution of the technique is to increase the difficulty in obtaining private information even if an adversary obtains some shredded pieces. To prove the security of our scheme, we first introduce a new security model so called IND-CDA to examine the indistinguishability of shredded pieces. Then, we show that our scheme is secure under IND-CDA model, which implies that an adversary cannot distinguish a subset of shreds of a file from a set of random shreds.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제12권9호
• /
• pp.4271-4294
• /
• 2018

Communication cost is the most important factor in Wireless Sensor Networks (WSNs), as exchanging control keying messages consumes a large amount of energy from the constituent sensor nodes. Time-based Dynamic Keying and En-Route Filtering (TICK) can reduce the communication costs by utilizing local time values of the en-route nodes to generate one-time dynamic keys that are used to encrypt reports in a manner that further avoids the regular keying or re-keying of messages. Although TICK is more energy efficient, it employs no re-encryption operation strategy that cannot determine whether a healthy report might be considered as malicious if the clock drift between the source node and the forwarding node is too large. Secure SOurce-BAsed Loose Synchronization (SOBAS) employs a selective encryption en-route in which fixed nodes are selected to re-encrypt the data. Therefore, the selection of encryption nodes is non-adaptive, and the dynamic network conditions (i.e., The residual energy of en-route nodes, hop count, and false positive rate) are also not focused in SOBAS. We propose an energy efficient selection of re-encryption nodes based on fuzzy logic. Simulation results indicate that the proposed method achieves better energy conservation at the en-route nodes along the path when compared to TICK and SOBAS.

• Journal of the Optical Society of Korea
• /
• 제20권3호
• /
• pp.341-357
• /
• 2016

A novel asymmetric multiple-image encryption method using an octonion Fresnel transform (OFST) and a two-dimensional Sine Logistic modulation map (2D-SLMM) is presented. First, a new multiple-image information processing tool termed the octonion Fresneltransform is proposed, and then an efficient method to calculate the OFST of an octonion matrix is developed. Subsequently this tool is applied to process multiple plaintext images, which are represented by octonion algebra, holistically in a vector manner. The complex amplitude, formed from the components of the OFST-transformed original images and modulated by a random phase mask (RPM), is used to derive the ciphertext image by employing an amplitude- and phase-truncation approach in the Fresnel domain. To avoid sending whole RPMs to the receiver side for decryption, a random phase mask generation method based on SLMM, in which only the initial parameters of the chaotic function are needed to generate the RPMs, is designed. To enhance security, the ciphertext and two decryption keys produced in the encryption procedure are permuted by the proposed SLMM-based scrambling method. Numerical simulations have been carried out to demonstrate the proposed scheme's validity, high security, and high resistance to various attacks.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제15권12호
• /
• pp.4508-4530
• /
• 2021

Today distributed data storage service are being widely used. However lack of proper means of security makes the user data vulnerable. In this work, we propose a Randomized Block Size (RBS) model for secure data storage in distributed environments. The model work with multifold block sizes encrypted with the Chinese Remainder Theorem-based RSA (C-RSA) technique for end-to-end security of multimedia data. The proposed RBS model has a key generation phase (KGP) for constructing asymmetric keys, and a rand generation phase (RGP) for applying optimal asymmetric encryption padding (OAEP) to the original message. The experimental results obtained with text and image files show that the post encryption file size is not much affected, and data is efficiently encrypted while storing at the distributed storage server (DSS). The parameters such as ciphertext size, encryption time, and throughput have been considered for performance evaluation, whereas statistical analysis like similarity measurement, correlation coefficient, histogram, and entropy analysis uses to check image pixels deviation. The number of pixels change rate (NPCR) and unified averaged changed intensity (UACI) were used to check the strength of the proposed encryption technique. The proposed model is robust with high resilience against eavesdropping, insider attack, and chosen-plaintext attack.

• 정보보호학회논문지
• /
• 제26권1호
• /
• pp.17-30
• /
• 2016

본 논문에서는 효율적인 공개키 기반 공모자 추적 및 제외 스킴을 제안하고자 한다. 공모자 추적 및 제외 스킴은 암호 전송 스킴(Broadcast encryption scheme)에 공모자 추적과 제외 기능을 추가한 것으로 악의적인 사용자들이 유출한 개인키 또는 공모한 해적판 키를 시스템에서 제외함으로서 스킴의 안전성을 유지하는 것이다. 또한 제외 기능은 일부 사용자만을 위한 암호문을 만들 수 있어 다양한 응용 환경에 적용할 수 있는 스킴이다. 본 논문에서는 합성수 위수의 겹선형 군을 기반으로 설계된 스킴[Augmented broadcast encryption scheme]을 소수 위수의 겹선형 군을 기반으로 하는 스킴으로 변화시켰고, 효율성의 척도인 공개키, 개인키, 암호문의 크기를 크게 개선했다. 또한 제외 기능에 대한 분석을 통해 기존 논문의 제한적인 제외 기능을 충분한 제외 기능으로 확장하는 결과를 얻을 수 있었다. 본 논문에서 제안하는 스킴의 구조는 계층적 구조 또는 피라미드 구조를 갖는 우리나라 정부, 군 조직 등에 쉽게 적용 가능하다.

• 융합보안논문지
• /
• 제12권4호
• /
• pp.85-90
• /
• 2012

DES는 64비트 단위로 나뉘어 진 각각의 블록이 한번의 암호화 알고리즘을 거쳐 암호화 된다. 대칭알고리즘으로서 똑같은 키와 알고리즘이 암호화와 복호화에 쓰인다. 복호화 할 때 키를 반대로 적용하는 등의 약간의 차이는 있다. 키 길이는 64비트로 표현되는데 이 중에서 실제로는 56비트만이 키로서 사용되고 나머지 8비트는 패리티 체크 비트로 사용된다. 암호화는 64비트 블록과 56비트 키를 바탕으로 만든 16개의 보조키가 총 16번의 혼돈과 확산을 거쳐 완료된다. DES 알고리즘을 선택한 이유는 암호 강도에 대한 의문이 제기되고 있기는 하지만 상업적으로 가장 널리 보급되어 이용되고 있다. 또한 기본 알고리즘을 DES로 채택한 현장에서 앞으로도 상당한 기간 동안 이용이 계속될 것으로 예상되는 DES 알고리즘을 효과적으로 활용하는 방안이 현장에서 참고되기를 기대한다.

• 산업융합연구
• /
• 제17권1호
• /
• pp.1-6
• /
• 2019

정보의 기밀성을 보장하기 위해 고대로부터 다양한 암호기술들이 제안되었고, 다양한 방식으로 발전하고 있다. 기하급수적으로 증가하는 컴퓨터 파워로 인해 안전성 때문에 암호화 키가 점차 증가되고, 짧은 기간에만 안전성을 보장받는 방식으로 기술이 발전되고 있다. 4차 산업혁명의 도래로 다양한 분야에 암호화기술이 요구되고 있다. 최근 동형암호를 활용한 암호화 기술이 주목받고 있다. 암호화된 정보의 연산을 위해 복호화하는 과정에서 사용된 키와 복호문의 노출로 인해 보안위협이 발생된다. 동형 암호는 암호문의 데이터를 연산하여 평문상태의 정보를 노출없이 정보를 안전하게 처리가 가능하다. 다양한 서비스에서 암호화된 개인정보가 저장된 빅데이터 처리시 동형암호을 활용할 경우 키사용과 복호화 평문의 노출이 없기 때문에 보안의 위협을 피할 수 있다.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제10권5호
• /
• pp.2394-2406
• /
• 2016

ABE has become an effective tool for data protection in cloud computing. However, since users possessing the same attributes share the same private keys, there exist some malicious users exposing their private keys deliberately for illegal data sharing without being detected, which will threaten the security of the cloud system. Such issues remain in many current ABE schemes since the private keys are rarely associated with any user specific identifiers. In order to achieve user accountability as well as provide key exposure protection, in this paper, we propose a key-insulated ciphertext policy attribute based encryption with key exposure accountability (KI-CPABE-KEA). In our scheme, data receiver can decrypt the ciphertext if the attributes he owns match with the self-centric policy which is set by the data owner. Besides, a unique identifier is embedded into each user's private key. If a malicious user exposes his private key for illegal data sharing, his identity can be exactly pinpointed by system manager. The key-insulation mechanism guarantees forward and backward security when key exposure happens as well as provides efficient key updating for users in the cloud system. The higher efficiency with proved security make our KI-CPABE-KEA more appropriate for secure data sharing in cloud computing.