• 정보보호학회논문지
• /
• 제18권4호
• /
• pp.3-15
• /
• 2008

검색 가능 암호 시스템 (Searchable Encryption)은 암호화된 데이터에서 키워드를 검색하는 문제를 해결하기 위하여 2000년에 Song 등에 의해서 처음으로 제안되었다. 지금까지 대칭키 암호화 방식과 공개키 암호화 방식에 기반하는 여러 가지 검색 가능 암호 시스템이 제안되었으나, 공개키 암호화 방식에 기반한 기존의 기법들은 암호화 된 문서의 검색을 위해 서버에서 저장해야 하는 인덱스들의 크기가 키워드 개수에 비례하여 선형적으로 증가하는 단점을 가진다. 본 논문에서는 공개키 기반 검색 가능 암호 시스템에서 서버에서 저장하는 인덱스의 길이를 줄이기 위해 Bloom Filter를 적용하는 방법을 제안하고, Boneh 등이 제안한 PEKS(Public key Encryption with Keyword Search)에 제안한 방법을 적용하여, 메모리 측면에서 그 효율성을 분석한다.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제16권4호
• /
• pp.1286-1306
• /
• 2022

Searchable symmetric encryption (SSE) provides a safe and effective solution for retrieving encrypted data on cloud servers. However, the existing SSE schemes mainly focus on single keyword search in single client, which is inefficient for multiple keywords and cannot meet the needs for multiple clients. Considering the above drawbacks, we propose a scheme enabling dynamic multi-client and Boolean query in searchable symmetric encryption for cloud storage system (DMC-SSE). DMC-SSE realizes the fine-grained access control of multi-client in SSE by attribute-based encryption (ABE) and novel access control list (ACL), and supports Boolean query of multiple keywords. In addition, DMC-SSE realizes the full dynamic update of client and file. Compared with the existing multi-client schemes, our scheme has the following advantages: 1) Dynamic. DMC-SSE not only supports the dynamic addition or deletion of multiple clients, but also realizes the dynamic update of files. 2) Non-interactivity. After being authorized, the client can query keywords without the help of the data owner and the data owner can dynamically update client's permissions without requiring the client to stay online. At last, the security analysis and experiments results demonstrate that our scheme is safe and efficient.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제11권12호
• /
• pp.6116-6132
• /
• 2017

The proxy re-encryption allows an intermediate proxy to convert a ciphertext for Alice into a ciphertext for Bob without seeing the original message and leaking out relevant information. Unlike many prior identity based proxy re-encryption schemes which are based on the number theoretic assumptions such as large integer factorization and discrete logarithm problem. In this paper, we first propose a novel identity based proxy re-encryption scheme which is based on the hardness of standard Learning With Error(LWE) problem and is CPA secure in the standard model. This scheme can be reduced to the worst-case lattice hard problem that is able to resist attacks from quantum algorithm. The key step in our construction is that the challenger how to answer the private query under a known trapdoor matrix. Our scheme enjoys properties of the non-interactivity, unidirectionality, anonymous and so on. In this paper, we utilize primitives include G-trapdoor for lattice and sample algorithms to realize simple and efficient re-encryption.

• International Journal of Computer Science & Network Security
• /
• 제22권8호
• /
• pp.113-122
• /
• 2022

At the point when it is check out ourselves, it might track down various information in each turn or part of our lives. Truth be told, information is the new main thrust of our advanced civilization and in this every day, "information-driven" world, security is the significant angle to consider to guarantee dependability and accessibility of our organization frameworks. This paper includes a new cryptographic algorithm for safe route traversal for data of smart cities which is a contemporary, non-hash, non-straight, 3D encryption execution intended for having information securely scrambled in the interim having a subsequent theoretical layer of safety over it. Encryption generally takes an information string and creates encryption keys, which is the way to unscramble as well. In the interim in another strategy, on the off chance that one can sort out the encryption key, there are opportunities to unravel the information scrambled inside the information string. Be that as it may, in this encryption framework, the work over an encryption key (which is created naturally, henceforth no pre-assurance or uncertainty) just as the calculation produces a "state" in a way where characters are directed into the Rubik block design to disregard the information organization.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제11권6호
• /
• pp.3254-3272
• /
• 2017

With the development of wireless access technologies and the popularity of mobile intelligent terminals, cloud computing is expected to expand to mobile environments. Attribute-based encryption, widely applied in cloud computing, incurs massive computational cost during the encryption and decryption phases. The computational cost grows with the complexity of the access policy. This disadvantage becomes more serious for mobile devices because they have limited resources. To address this problem, we present an efficient verifiable outsourced scheme based on the bilinear group of prime order. The scheme is called the verifiable outsourced computation ciphertext-policy attribute-based encryption scheme (VOC-CP-ABE), and it provides a way to outsource intensive computing tasks during encryption and decryption phases to CSP without revealing the private information and leaves only marginal computation to the user. At the same time, the outsourced computation can be verified by two hash functions. Then, the formal security proofs of its (selective) CPA security and verifiability are provided. Finally, we discuss the performance of the proposed scheme with comparisons to several related works.

• 한국산업정보학회논문지
• /
• 제23권5호
• /
• pp.1-8
• /
• 2018

본 논문은 시공간 블록 코딩 알고리즘을 위한 간단한 암호화 기법을 제안한다. 시공간 블록 코딩 알고리즘은 데이터를 전송하는데 두 개의 안테나를 사용하며, 전송 데이터는 원래의 데이터와 수신기에서 결합하기 위하여 변형된 데이터로 구성된다. 이러한 종류의 두 개의 송신 안테나 데이터는 각각 상대방의 안테나와 교환되어 전송될 수 있으며, 이러한 방법은 간단한 암호화 알고리즘으로 사용될 수 있다. 암호화 시간 제어 정보는 송신기와 수신기 사이에서 미리 공유되어야 한다. 제안된 구조는 암호화 알고리즘이 없는 경우와 비교하여 성능이 향상됨을 제시하였다.

• International Journal of Contents
• /
• 제11권4호
• /
• pp.56-69
• /
• 2015

This paper proposes an efficient image encryption scheme based on quintuple encryption using two chaotic maps. The encryption process is realized with quintuple encryption by calling the encrypt(E) and decrypt(D) functions five times with five different keys in the form EDEEE. The decryption process is accomplished in the reverse direction by invoking the encrypt and decrypt functions in the form DDDED. The keys for the quintuple encryption/decryption processes are generated by using a Tent map. The chaotic values for the encrypt/decrypt operations are generated by using a Gumowski-Mira map. The encrypt function E is composed of three stages: permutation, pixel value rotation and diffusion. The permutation stage scrambles all the rows and columns to chaotically generated positions. This stage reduces the correlation radically among the neighboring pixels. The pixel value rotation stage circularly rotates all the pixels either left or right, and the amount of rotation is based on chaotic values. The last stage performs the diffusion four times by scanning the image in four different directions: Horizontally, Vertically, Principal diagonally and Secondary diagonally. Each of the four diffusion steps performs the diffusion in two directions (forward and backward) with two previously diffused pixels and two chaotic values. This stage ensures the resistance against the differential attacks. The security and performance of the proposed method is investigated thoroughly by using key space, statistical, differential, entropy and performance analysis. The experimental results confirm that the proposed scheme is computationally fast with security intact.

• Journal of Multimedia Information System
• /
• 제2권2호
• /
• pp.193-206
• /
• 2015

In this paper a new approach for image encryption based on quadruple encryption with dual chaotic maps is proposed. The encryption process is performed with quadruple encryption by invoking the encrypt and decrypt routines with different keys in the sequence EDEE. The decryption process is performed in the reverse direction DDED. The key generation for the quadruple encryption is achieved with a 1D Circle map. The chaotic values for the encrypt and decrypt routines are generated by using a 2D Henon map. The Encrypt routine E is composed of three stages i.e. permutation, pixel value rotation and diffusion. The permutation is achieved by: row and column scrambling with chaotic values, exchanging the lower and the upper principal and secondary diagonal elements based on the chaotic values. The second stage circularly rotates all the pixel values based on the chaotic values. The last stage performs the diffusion in two directions (forward and backward) with two previously diffused pixels and two chaotic values. The security and performance of the proposed scheme are assessed thoroughly by using the key space, statistical, differential, entropy and performance analysis. The proposed scheme is computationally fast with security intact.

• Journal of Advanced Marine Engineering and Technology
• /
• 제32권6호
• /
• pp.955-963
• /
• 2008

In this paper, we propose an improved practical encryption and fault-tolerance decryption method using a non-negative value key and random function obtained with a white noise by using iterative phase wrapping method. A phase wrapping operating key, which is generated by the product of arbitrary random phase images and an original phase image. is zero-padded and Fourier transformed. Fourier operating key is then obtained by taking the real-valued data from this Fourier transformed image. Also the random phase wrapping operating key is made from these arbitrary random phase images and the same iterative phase wrapping method. We obtain a Fourier random operating key through the same method in the encryption process. For practical transmission of encryption and decryption keys via Internet, these keys should be intensity maps with non-negative values. The encryption key and the decryption key to meet this requirement are generated by the addition of the absolute of its minimum value to each of Fourier keys, respectively. The decryption based on 2-f setup with spatial filter is simply performed by the inverse Fourier transform of the multiplication between the encryption key and the decryption key and also can be used as a current spatial light modulator technology by phase encoding of the non-negative values. Computer simulations show the validity of the encryption method and the robust decryption system in the proposed technique.

• 전자통신동향분석
• /
• 제36권6호
• /
• pp.1-12
• /
• 2021

As the demand for big data and big data-based artificial intelligence (AI) technology increases, the need for privacy preservations for sensitive information contained in big data and for high-speed encryption-based AI computation systems also increases. Fully homomorphic encryption (FHE) is a representative encryption technology that preserves the privacy of sensitive data. Therefore, FHE technology is being actively investigated primarily because, with FHE, decryption of the encrypted data is not required in the entire data flow. Data can be stored, transmitted, combined, and processed in an encrypted state. Moreover, FHE is based on an NP-hard problem (Lattice problem) that cannot be broken, even by a quantum computer, because of its high computational complexity and difficulty. FHE boasts a high-security level and therefore is receiving considerable attention as next-generation encryption technology. However, despite being able to process computations on encrypted data, the slow computation speed due to the high computational complexity of FHE technology is an obstacle to practical use. To address this problem, hardware technology that accelerates FHE operations is receiving extensive research attention. This article examines research trends associated with developments in hardware technology focused on accelerating the operations of representative FHE schemes. In addition, the detailed structures of hardware that accelerate the FHE operation are described.