• Journal of Korea Multimedia Society
• /
• v.11 no.1
• /
• pp.1-12
• /
• 2008

Database encryption is one of the important mechanisms for prohibiting internal malicious users and outside hackers from utilizing data. Frequent occurrences of encryption and decryption cause degradation of database performance so that many factors should be considered in implementing encryption system. In this paper, we propose an architecture of database encryption system and data encryption module. In addition we suggest extended SQL in order to manage data encryption and decryption. In implementing database encryption system, we adopt ARIA encryption algorithm which is proved to be the most fast one among Korea standardized encryption algorithm. We use an single key for each database in encrypting data rather than using several keys in order to improve performance. Research over performance evaluation of database encryption system is rare up to now. Based on our implemented system, we provide performance evaluation results over various H/W platforms and compare performance differences between plain text and encrypted data.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.19 no.4
• /
• pp.848-854
• /
• 2015

There are a lot of encryption methods to secure database proposed recently. Those encryption methods can protect the sensitive data of users effectively, but it deteriorates the search performance of database query. In this paper, we proposed the selective element encryption method in order to complement those drawbacks. In addition, we compared the performance of the proposed method with that of tuple level encryption method using the various queries. As a result, we found that the proposed method, which use the selective element encryption with bloom filter as a index, has better performance than the other encryption method.

• Journal of KIISE:Computer Systems and Theory
• /
• v.35 no.2
• /
• pp.66-74
• /
• 2008

Since modem embedded systems need to access, manipulate or store sensitive information, it requires being equipped with cryptographic file systems. However, cryptographic file systems result in poor performance so that they have not been widely adapted to embedded systems. Most cryptographic file systems degrade the performance unnecessarily because of system architecture. This paper proposes ISEA (Indexed and Separated Encryption Approach) that supports for encryption/decryption in system architecture and removes redundant performance loss. ISEA carries out encryption and decryption at different layers according to page cache layer. Encryption is carried out at lower layer than page cache layer while decryption at upper layer. ISEA stores the decrypted data in page cache so that it can be reused in followed I/O request without decryption. ISEA provides page-indexing which divides page cache into cipher blocks and manages it by a block. It decrypts pages partially so that it can eliminate unnecessary decryption. In synthesized experiment of read/write with various cache hit rates, it gives results suggesting that ISEA has improved the performance of encryption file system efficiently.

• Journal of Internet of Things and Convergence
• /
• v.8 no.1
• /
• pp.79-85
• /
• 2022

Internet of Things (IoT) connects devices with various platforms, computing power, and functions. Due to the diversity of networks and the ubiquity of IoT devices, demands for security and privacy are increasing. Therefore, cryptographic mechanisms must be strong enough to meet these increased requirements, while at the same time effective enough to be implemented in devices with long-range specifications. In this paper, we present the performance and memory limitations of modern cryptographic primitives and schemes for different types of devices that can be used in IoT. In addition, detailed performance evaluation of the performance of the most commonly used encryption algorithms in low-spec devices frequently used in IoT networks is performed. To provide data protection, the binary ring uses encryption asymmetric fully homomorphic encryption and symmetric encryption AES 128-bit. As a result of the experiment, it can be seen that the IoT device had sufficient performance to implement a symmetric encryption, but the performance deteriorated in the asymmetric encryption implementation.

• Journal of the Korea Society for Simulation
• /
• v.9 no.2
• /
• pp.15-25
• /
• 2000

Since data security problems are very important in the information age, cryptographic algorithms for encryption and decryption have been studied for a long time. The GOST(Gosudarstvennyi Standard or Government Standard) algorithm as a data encryption algorithm with a 256-bit key is a 64-bit block algorithm developed in the former Soviet Union. In this paper, we describe how to design an encryption chip based on the GOST algorithm. In addition, the GOST algorithm is compared with the DES(Data Encryption Standard) algorithm, which has been used as a conventional data encryption algorithm, in modeling techniques and their performance. The GOST algorithm whose key size is relatively longer than that of the DES algorithm has been expanded to get better performance, modeled in VHDL, and simulated for implementation with an CPLD chip.

• International Journal of Contents
• /
• v.11 no.4
• /
• pp.56-69
• /
• 2015

This paper proposes an efficient image encryption scheme based on quintuple encryption using two chaotic maps. The encryption process is realized with quintuple encryption by calling the encrypt(E) and decrypt(D) functions five times with five different keys in the form EDEEE. The decryption process is accomplished in the reverse direction by invoking the encrypt and decrypt functions in the form DDDED. The keys for the quintuple encryption/decryption processes are generated by using a Tent map. The chaotic values for the encrypt/decrypt operations are generated by using a Gumowski-Mira map. The encrypt function E is composed of three stages: permutation, pixel value rotation and diffusion. The permutation stage scrambles all the rows and columns to chaotically generated positions. This stage reduces the correlation radically among the neighboring pixels. The pixel value rotation stage circularly rotates all the pixels either left or right, and the amount of rotation is based on chaotic values. The last stage performs the diffusion four times by scanning the image in four different directions: Horizontally, Vertically, Principal diagonally and Secondary diagonally. Each of the four diffusion steps performs the diffusion in two directions (forward and backward) with two previously diffused pixels and two chaotic values. This stage ensures the resistance against the differential attacks. The security and performance of the proposed method is investigated thoroughly by using key space, statistical, differential, entropy and performance analysis. The experimental results confirm that the proposed scheme is computationally fast with security intact.

• Journal of Multimedia Information System
• /
• v.2 no.2
• /
• pp.193-206
• /
• 2015

In this paper a new approach for image encryption based on quadruple encryption with dual chaotic maps is proposed. The encryption process is performed with quadruple encryption by invoking the encrypt and decrypt routines with different keys in the sequence EDEE. The decryption process is performed in the reverse direction DDED. The key generation for the quadruple encryption is achieved with a 1D Circle map. The chaotic values for the encrypt and decrypt routines are generated by using a 2D Henon map. The Encrypt routine E is composed of three stages i.e. permutation, pixel value rotation and diffusion. The permutation is achieved by: row and column scrambling with chaotic values, exchanging the lower and the upper principal and secondary diagonal elements based on the chaotic values. The second stage circularly rotates all the pixel values based on the chaotic values. The last stage performs the diffusion in two directions (forward and backward) with two previously diffused pixels and two chaotic values. The security and performance of the proposed scheme are assessed thoroughly by using the key space, statistical, differential, entropy and performance analysis. The proposed scheme is computationally fast with security intact.

• Journal of information and communication convergence engineering
• /
• v.7 no.1
• /
• pp.30-34
• /
• 2009

The encryption method is a well established technology for protecting sensitive data. However, once encrypted, the data can no longer be easily queried. The performance of the database depends on how to encrypt the sensitive data. In this paper we review the conventional encryption method which can be partially queried and propose the encryption method for numerical data which can be effectively queried. The proposed system includes the design of the service scenario, and metadata.

• Journal of the Korea Society of Computer and Information
• /
• v.13 no.5
• /
• pp.155-162
• /
• 2008

The security of digital image has become increasingly important with the development of the computing performance and internet. Therefore, the encryption algorithms exploiting chaos signal have recently attracted considerable attentions as a new method of image-encryption techniques. In this Paper, it is demonstrated that two different chaotic systems are synchronized by the methods of noise-induced synchronization. Based on this synchronization method, an image-encryption system is implemented and an image of Seok-Ga-Tap is encrypted as a verification of the performance of our system. The method suggested in this paper in which the noise is used as the key of decryption is superior to the existing methods in the aspect of the degree of encryption. In this paper, we Propose that the method is a new effective encryption algorithm as well as an easily applicable one.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.17 no.11
• /
• pp.3182-3203
• /
• 2023

With the growing adoption of cloud-based technologies, maintaining the privacy and security of cloud data has become a pressing issue. Privacy-preserving encryption schemes are a promising approach for achieving cloud data security, but they require careful design and implementation to be effective. The integrated approach to cloud data security that we suggest in this work uses CogniGate: the orchestrated permissions protocol, index trees, blockchain key management, and unique Opacus encryption. Opacus encryption is a novel homomorphic encryption scheme that enables computation on encrypted data, making it a powerful tool for cloud data security. CogniGate Protocol enables more flexibility and control over access to cloud data by allowing for fine-grained limitations on access depending on user parameters. Index trees provide an efficient data structure for storing and retrieving encrypted data, while blockchain key management ensures the secure and decentralized storage of encryption keys. Performance evaluation focuses on key aspects, including computation cost for the data owner, computation cost for data sharers, the average time cost of index construction, query consumption for data providers, and time cost in key generation. The results highlight that the integrated approach safeguards cloud data while preserving privacy, maintaining usability, and demonstrating high performance. In addition, we explore the role of differential privacy in our integrated approach, showing how it can be used to further enhance privacy protection without compromising performance. We also discuss the key management challenges associated with our approach and propose a novel blockchain-based key management system that leverages smart contracts and consensus mechanisms to ensure the secure and decentralized storage of encryption keys.