• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.10 no.4
• /
• pp.1790-1806
• /
• 2016

Digital image encryption is widely used for image data security. JPEG standard compresses image with great performance on reducing file size. Thus, to encrypt an image in JPEG format we should keep the quality of original image and reduced size. This paper proposes a JPEG image encryption scheme based on quantized DC and non-zero AC coefficients inner category scrambling. Instead of coefficient value encryption, the address of coefficient is encrypted to get the address of cipher text. Then 8*8 blocks are shuffled. Chaotic iteration is employed to generate chaotic sequences for address scrambling and block shuffling. Analysis of simulation shows the proposed scheme is resistant to common attacks. Moreover, the proposed method keeps the file size of the encrypted image in an acceptable range compared with the plain text. To enlarge the cipher text possible space and improve the resistance to sophisticated attacks, several additional procedures are further developed. Contrast experiments verify these procedures can refine the proposed scheme and achieve significant improvements.

• Journal of the Optical Society of Korea
• /
• v.16 no.4
• /
• pp.354-364
• /
• 2012

In this paper, a new 2-step quadrature phase-shifting digital holographic optical encryption method using orthogonal polarization is proposed and tolerance errors for this method are analyzed. Unlike the conventional technique using a PZT mirror, the proposed optical setup comprises two input and output polarizers, and one ${\lambda}$/4-plate retarder. This method makes it easier to get a phase shift of ${\pi}$/2 without using a mechanically driven PZT device for phase-shifting and it simplifies the 2-step phase-shifting Mach-Zehnder interferometer setup for optical encryption. The decryption performance and tolerance error analysis for the proposed method are presented. Computer experiments show that the proposed method is an alternate candidate for 2-step quadrature phase-shifting digital holographic optical encryption applications.

• Current Optics and Photonics
• /
• v.3 no.4
• /
• pp.320-328
• /
• 2019

A method for joint-transform correlator (JTC) multiple-image encryption based on a quick-response (QR) code key is proposed. The QR codes converted from different texts are used as key masks to encrypt and decrypt multiple images. Not only can Chinese text and English text be used as key text, but also symbols can be used. With this method, users have no need to transmit the whole key mask; they only need to transmit the text that is used to generate the key. The correlation coefficient is introduced to evaluate the decryption performance of our proposed cryptosystem, and we explore the sensitivity of the key mask and the capability for multiple-image encryption. Robustness analysis is also conducted in this paper. Computer simulations and experimental results verify the correctness of this method.

• Journal of the Korean Mathematical Society
• /
• v.50 no.2
• /
• pp.361-377
• /
• 2013

In this work we deal with the problem of how to squeeze multiple ciphertexts without losing original message information. To do so, we formalize the notion of decomposability for public-key encryption and investigate why adding decomposability is challenging. We construct an ElGamal encryption scheme over extension fields, and show that it supports the efficient decomposition. We then analyze security of our scheme under the standard DDH assumption, and evaluate the performance of our construction.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.4 no.5
• /
• pp.925-938
• /
• 2010

Depending on network conditions, a communication network could be overloaded when media are transmitted. Research has been carried out to lessen network overloading, such as by filtering, load distribution, frame dropping, and other methods. Among these methods, one of the most effective is frame dropping, which reduces specified video frames for bandwidth diminution. In frame dropping, B-frames are dropped and then I- and P-frames are dropped, based on the dependency among the frames. This paper proposes a scheme for protecting copyrights by encryption, when frame dropping is applied to reduce the bandwidth of media based on the MPEG-4 file format. We designed two kinds of frame dropping: the first stores and then sends the dropped files and the other drops frames in real time when transmitting. We designed three kinds of encryption methods using the DES algorithm to encrypt MPEG-4 data: macro block encryption in I-VOP, macro block and motion vector encryption in P-VOP, and macro block and motion vector encryption in I-, P-VOP. Based on these three methods, we implemented a digital rights management solution for MPEG-4 data streaming. We compared the results of dropping, encryption, decryption, and the quality of the video sequences to select an optimal method, and found that there was no noticeable difference between the video sequences recovered after frame dropping and the ones recovered without frame dropping. The best performance in the encryption and decryption of frames was obtained when we applied the macro block and motion vector encryption in I-, P-VOP.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.6
• /
• pp.1065-1078
• /
• 2014

Considering the safety of the data and performance, it can be said that the performance of the AES algorithm in a symmetric key-based encryption is the best in the IPSec-based VPN. When using the AES algorithm in IPSec-based VPN even with the expensive hardware encryption card such as OCTEON Card series of Cavium Networks, the Performance of VPN works less than half of the firewall using the same hardware. In 2008, Intel announced a set of 7 AES-NI instructions in order to improve the performance of the AES algorithm on the Intel CPU. In this paper, we verify how much the performance IPSec-based VPN can be improved when using seven sets of AES-NI instruction of the Intel CPU.

• Journal of Communications and Networks
• /
• v.13 no.5
• /
• pp.518-524
• /
• 2011

A high assurance IP encryption (HAIPE) compliant protocol accelerator is proposed for military networks consisting of red (or classified) networks and black (or unclassified) networks. The boundary between red and black sides is assumed to be protected via a HAIPE device. However, the IP layer encryption introduces challenges for bandwidth on demand satellite communication. The problems experienced by transmission control protocol (TCP) over satellites are well understood: While standard modems (on the black side) employ TCP performance enhancing proxy (PEP) which has been shown to work well, the HAIPE encryption of TCP headers renders the onboard modem's PEP ineffective. This is attributed to the fact that under the bandwidth-on-demand environment, PEP must use traditional TCP mechanisms such as slow start to probe for the available bandwidth of the link (which eliminates the usefulness of the PEP). Most implementations recommend disabling the PEP when a HAIPE device is used. In this paper, we propose a novel solution, namely broadband HAIPE-embeddable satellite communications terminal (BHeST), which utilizes dynamic network performance enhancement algorithms for high latency bandwidth-on-demand satellite links protected by HAIPE. By moving the PEP into the red network and exploiting the explicit congestion notification bypass mechanism allowed by the latest HAIPE standard, we have been able to regain PEP's desired network enhancement that was lost due to HAIPE encryption (even though the idea of deploying PEP at the modem side is not new). Our BHeST solution employs direct video broadcast-return channel service (DVB-RCS), an open standard as a means of providing bandwidth-on-demand satellite links. Another issue we address is the estimation of current satellite bandwidth allocated to a remote terminal which is not available in DVBRCS. Simulation results show that the improvement of our solution over FIX PEP is significant and could reach up to 100%. The improvement over the original TCP is even more (up to 500% for certain configurations).

• Journal of Satellite, Information and Communications
• /
• v.10 no.4
• /
• pp.39-45
• /
• 2015

Satellite communication is high-speed large-capacity transmission in such a manner as to communicate with satellites in the chamber, and there is a wide area communication, but is not the security of the information. To compensate for this, AES encryption was applied to the CTR and CBC mode. Also, Blockage channel using a Markov chain to determine the impact caused by obstacles such as trees or buildings between the transmitter and the receiver was composed of Urban and Open Environment. The results of analyzing the performance of satellite communications over a high-speed link-based simulation, If applying encryption, performance of security is complementary but performance of the BER was aggravated and In the Open Environment fewer obstacles confirmed the BER performance is improved than the Urban Environment many obstacles.

• Journal of the Institute of Electronics Engineers of Korea SD
• /
• v.45 no.8
• /
• pp.67-74
• /
• 2008

A compact and high-performance AES(Advanced Encryption Standard) encryption/decryption processor is designed by applying various hardware sharing and optimization techniques. In order to achieve minimized hardware complexity, sharing the S-Boxes for round transformation with the key scheduler, as well as merging and reusing datapaths for encryption and decryption are utilized, thus the area of S-Boxes is reduced by 25%. Also, the S-Boxes which require the largest hardware in AES processor is designed by applying composite field arithmetic on $GF(((2^2)^2)^2)$, thus it further reduces the area of S-Boxes when compared to the design based on $GF(2^8)$ or $GF((2^4)^2)$. By optimizing the operation of the 64-bit round transformation and round key scheduling, the round transformation is processed in 3 clock cycles and an encryption of 128-bit data block is performed in 31 clock cycles. The designed AES processor has about 15,870 gates, and the estimated throughput is 412.9 Mbps at 100 MHz clock frequency.

• The KIPS Transactions:PartC
• /
• v.9C no.3
• /
• pp.343-350
• /
• 2002

This paper describes the implementation of H.235 protocol for authentication and media stream encryption of multimedia conference systems. H.235 protocol is recommended by ITU-T for H.323 multimedia conference security protocol to prevent from being eavesdropped and modified by an illegal attacker. The implementation in this paper has used password-based with symmetric encryption authentication. Media streams are encrypted using the Diffie-Hellman key exchange algorithm and symmetric encryption algorithms such as RC2, DES and Triple-DES. Also, 128-bit Advanced Encryption Standard and 128-bit Korean standard SEED algorithms are implemented for the future extension. The implemented authentication and media stream encryption has shown that it is possible to identify terminal users without exposing personal information on networks and to preserve security of multimedia conference. Also, encryption delay time and used memory are not increased even though supporting media stream encryption/decryption, thus the performance of multimedia conference system has not deteriorated.