• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.18 no.4
• /
• pp.73-78
• /
• 2018

In this paper, we consider a system where multiple sources are encrypted in separated nodes and sent through their respective public communication channels into a joint sink node. We are interested at the problem on protecting the security of an already existing system such above, which is found out to have correlated encryption keys. In particular, we focus on finding a solution without introducing additional secret keys and with minimal modification to minimize the cost and the risk of bringing down an already running system. We propose a solution under a security model where an eavesdropper obtains all ciphertexts, i.e., encrypted sources, by accessing available public communication channels. Our main technique is to use encoders of universal function to encode the ciphertexts before sending them to public communication channels.

• The Journal of Korean Institute of Next Generation Computing
• /
• v.14 no.5
• /
• pp.60-70
• /
• 2018

A software defined storage (SDS) is being deployed in cloud environment to allow multiple users to virtualize physical servers, but a solution for optimizing space efficiency with limited physical resources is needed. In the conventional data deduplication system, it is difficult to deduplicate redundant data uploaded to distributed storages. In this paper, we propose a distributed deduplication method using similarity-based clustering and multi-layer bloom filter. Rabin hash is applied to determine the degree of similarity between virtual machine servers and cluster similar virtual machines. Therefore, it improves the performance compared to deduplication efficiency for individual storage nodes. In addition, a multi-layer bloom filter incorporated into the deduplication process to shorten processing time by reducing the number of the false positives. Experimental results show that the proposed method improves the deduplication ratio by 9% compared to deduplication method using IP address based clusters without any difference in processing time.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.12 no.6
• /
• pp.2429-2449
• /
• 2018

Dynamic data possession verification is a common requirement in cloud storage systems. After the client outsources its data to the cloud, it needs to not only check the integrity of its data but also verify whether the update is executed correctly. Previous researches have proposed various schemes based on Merkle Hash Tree (MHT) and implemented some initial improvements to prevent the tree imbalance. This paper tries to take one step further: Is there still any problems remained for optimization? In this paper, we study how to raise the efficiency of data dynamics by improving the parts of query and rebalancing, using a new data structure called Rank-Based Merkle AVL Tree (RB-MAT). Furthermore, we fill the gap of verifying multiple update operations at the same time, which is the novel batch updating scheme. The experimental results show that our efficient scheme has better efficiency than those of existing methods.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2001.10b
• /
• pp.899-902
• /
• 2001

공개키 연산을 이용하는 고액 지불 시스템(Macro Payment System)은 높은 수수료로 인해 경제성이 맞지 않아 소액 지불(Micro Payment)에는 적합하지 않다. 해쉬 연산을 이용한 PayWord 프로토콜은 저렴한 메커니즘 비용과 신속한 트랜잭션 처리, 거래과정에서 브로커의 오프라인 참여로 소액 대금 결재에 적합하다. 그러나 특정 상점에만 사용 가능한 화폐가치를 포함하여, 사용자가 거래하는 상점이 많아지면 관리 저장해야 하는 해쉬 체인의 수가 늘어나는 단점이 있다. 본 논문에서는 전자화폐에 해당하는 해쉬 체인을 하나만 생성하여 여러 상점들에 안전한 지불을 수행하는 개선된 소액 지불 프로토콜을 제안한다. 제안한 방법은 지불과정에 MAC(Message Authentication Code)을 이용한 해쉬 간을 추가하여, 상점들의 공모 및 악의적인 수정을 방지한다. 따라서 사용자는 하나의 해쉬 체인만을 생성함으로써 기존의 PayWord보다 계산부담이 줄고, 여러 상점들과의 일시적인 거래관계에서도 효율적인 지불을 수행한다.

• ETRI Journal
• /
• v.44 no.5
• /
• pp.780-793
• /
• 2022

Large-scale ontology management is one of the main issues when using ontology data practically. Although many approaches have been proposed in relational database management systems (RDBMSs) or object-oriented DBMSs (OODBMSs) to develop large-scale ontology management systems, they have several limitations because ontology data structures are intrinsically different from traditional data structures in RDBMSs or OODBMSs. In addition, users have difficulty using ontology data because many terminologies (ontology nodes) in large-scale ontology data match with a given string keyword. Therefore, in this study, we propose a (graph database-based ontology management system (GOMS) to efficiently manage large-scale ontology data. GOMS uses a graph DBMS and provides new query templates to help users find key concepts or instances. Furthermore, to run queries with multiple joins and path conditions efficiently, we propose GOMS encoding as a filtering tool and develop hash-based join processing algorithms in the graph DBMS. Finally, we experimentally show that GOMS can process various types of queries efficiently.

• Journal of the Institute of Electronics Engineers of Korea CI
• /
• v.49 no.1
• /
• pp.29-38
• /
• 2012

Due to the rapid development of network environment and wireless communication technology, the distribution of digital video has made easily and the importance of the protection for digital video has been increased. This paper proposes the digital video encryption system based on multiple chaos maps for MPEG-2 video encoding process. The proposed method generates secret hash key of having 128-bit characteristics from hash chain using Tent map as a basic block and generates $8{\times}8$ lattice cipher by applying this hash key to Logistic map and Henon map. The method can reduce the encryption overhead by doing selective XOR operations between $8{\times}8$ lattice cipher and some coefficient of low frequency in DCT block and it provides simple and randomness characteristic because it uses the architecture of combining chaos maps. Experimental results show that PSNR of the proposed method is less than or equal to 12 dB with respect to encrypted video, the time change ratio, compression ratio of the proposed method are 2%, 0.4%, respectively so that it provides good performance in visual security and can be applied in real time.

• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.43 no.5 s.347
• /
• pp.137-146
• /
• 2006

IP address lookup has become a major bottleneck of packet forwarding and a critical issue for high-speed networking techniques in routers. In this paper, we propose an efficient high-speed IP address lookup scheme using adaptive multiple hashing and prefix grouping. According to our analysis results based on routing data distributions, we grouped prefix lengths and selected the number of hash functions in each group adaptively. As a result, we can reduce collisions caused by hashing. Accordingly, a forwarding table of our scheme has good memory efficiency, and thus is organized with the proper number of memory modules. Also, the proposed scheme has the fast building and searching mechanisms to develop the forwarding table only during a single memory access.

• Convergence Security Journal
• /
• v.23 no.4
• /
• pp.93-100
• /
• 2023

This paper presents a novel approach for assigning group keys within a dynamic swarm unmanned system environment. In this environment, multiple groups of unmanned systems have the flexibility to merge into a single group or a single unmanned system group can be subdivided into multiple groups. The proposed protocol encompasses two key steps: group key generation and sharing. The responsibility of generating the group key rests solely with the leader node of the group. The group's leader node employs a secret sharing scheme to fragment the group key into multiple fragments, which are subsequently transmitted. Nodes that receive these fragments reconstruct a fresh group key by combining their self-generated secret fragment with the fragment obtained from the leader node. Subsequently, they validate the integrity of the derived group key by employing the hash function. The efficacy of the proposed technique is ascertained through an exhaustive assessment of its security and communication efficiency. This analysis affirms its potential for robust application in forthcoming swarm unmanned system operations scenarios characterized by frequent network group modifications.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.2
• /
• pp.327-338
• /
• 2018

On-line/off-line signature is a technique for performing heavy computations required for signature generation in the off-line stage and completing the final signature by a simple operation in the online stage. This is suitable for application environments that require immediate signing responses to multiple users. In this paper, we propose two new on-line/off-line signature schemes based on RSA problem. The first technique can generate a signature with a fixed base exponentiation when signing online, and the second technique can complete an online signature with a very simple calculation such as a hash operation. The security of both signatures is based on the RSA problem, which is proven to be tightly secure without security loss in the random oracle model.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.10 no.2
• /
• pp.313-319
• /
• 2009

Recently the RFID system, which can recognize multiple tags simultaneously through wireless communication, is emerging as a new technology that can replace the barcode system. Furthermore, related industries are carrying out active research on tags and authentication protocols with guaranteed security that are widely applicable to logistics, distribution, etc. The present study proposes a protocol with enhanced security by introducing the concept of RBAC to the authentication protocol, and a method with lower security for effective mass authentication. The proposed method is advantageous in that it guarantees security against spoofing attack, traffic analysis, replay attack, etc. based on hash function.