• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.10 no.2
• /
• pp.338-343
• /
• 2006

This paper describes about the design concept and the architecture of an economic VPN system which can perform fast crypto operations with cheap cost. The essence of the proposed system architecture is consisting of the system with two companion chips dedicated to VPN: one chip is a multi-purpose network processor for security machine and the other is a crypto acceleration chip which encrypt and decrypt network packets in a high speed. This study also addresses about some realizations that is required for fast prototyping such as the porting of an operating system, the establishment of compiler tool chain, the implementation of device drivers and the design of IPSec security engine. Especially, the second chip supports the most time consuming block cipher algorithms including 3DES, AES, and SEED and its performance was evaluated.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2002.11b
• /
• pp.897-900
• /
• 2002

인터넷은 공개된 네트워크이므로 사용자에게 편리성을 제공하지만 정보통신 시스템의 보호취약점이 심각하게 노출되기 시작하면서 보호의 필요성에 대한 인식이 높아지고 있어 정보보호 산업은 정보산업과 전반적인 발전뿐만 아니라 국가전략차원에서도 가장 중요한 요소의 하나로 부각되고 있다. 본 논문에서는 기밀성 제공 측면에서 가장 널리 쓰이는 블록 암호 알고리즘의 국내 표준인 SEED와 차세대 암호 알고리즘으로 미연방 표준인 AES Rijndael을 단일칩으로 통합 구현하였다. 두 알고리즘 모두 라운드 변환을 반복 처리하는 구조를 채택하였으며, 자원을 최대한 공유할 수 있도록 설계하였다. 설계된 암호 프로세서는 Xilinx XCV-1000E FPGA로 구현, 테스트 보드 상에서 기능을 검증하였다.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• v.9 no.2
• /
• pp.261-264
• /
• 2005

선진국들은 공모 사업을 통해 많은 블록 암호가 개발되었으나 국내에서 개발된 블록 암호들은 크게 주목 받지 못했다. 블록 암호 개발은 기본의 암호와 차별성, 안전성 그리고 여러 플랫폼에서의 효율성이 중시되는데 이러한 조건을 다 만족하는 것은 쉽지 않기 때문이다. 본 논문은 128bit 블록 단위에서 128, 196, 256bit 키를 사용하는 새로운 블록 암호 알고리즘을 제안한다. 기존의 블록 암호 알고리즘은 SPN(Substitution-Permutation Network)구조, Feistel Network구조 등인데 본 논문에서 제안한 블록 암호 알고리즘은 변형된 Feistel Network구조로 입력 값 전체에서 선택된 32bit 만 update된다. 이러한 구조적 특성은 기존은 블록 암호 알고리즘들과 큰 차별이 되고 있다. PKC블록 암호 알고리즘은 국제 표준 블록 암호 알고리즘인 AES와 국내 표준 블록 암호 알고리즘인 SEED와 수행 속도 면에서 동등하거나 많이 개선된 것을 보이고 있다. 이러한 특성을 이용하면 제한된 환경에서 수행해야 하는 스마트카드 와 같은 분야에 많이 활용 될 수 있을 것이다.

• The Journal of the Korea Contents Association
• /
• v.4 no.4
• /
• pp.71-78
• /
• 2004

Dedicated Short Range Communications(DSRC) as a prominent communications candidate for Intelligent Transportation Systems(ITS) have been developed to support ITS applications such as value-added information service, e-commerce, electronic toll payment, etc. These various applications associated with electronic payment through unsecure communication channel of DSRC suffer from security threats. To ensure secure payment, we have adopted appropriate cryptographic mechanisms including encipherment, authentication exchange and digital signature. The cryptographic mechanisms require to use cryptographic keys established between two communication entities. In this paper, we propose a secure electronic payment system which is designed to have some functions for strong authentication, encryption, key agreement, etc. Especially, we adopt domestic developed cryptographic algorithms such as EC-KCDSA and SEED for digital signature and block cipher, respectively. We can show those mechanisms are appropriate for the secure electronic payment system for ITS services under the DSRC wireless environment in aspects of constrained computational resource use and processing speed.

• Journal of the Korea Society of Computer and Information
• /
• v.10 no.2 s.34
• /
• pp.39-47
• /
• 2005

This paper proposes and analyzes the MAC(Message Authentication Code) algorithm that is used for the transition integrity and the entity authentication of message. The MAC algorithm uses the DES algorithm which has 64-bit block and 56-bit key and we compare the security according to 64-bit and 32-bit length of MAC value. Moreover, we use the SEED algorithm which has 128-bit block and 128-bit key and compare the security according to 128-bit and 64-bit length of MAC value. We analyze the security the forgery attack according to length of message and length of MAC value. this paper, a coarse-to-fine optical flow detection method is proposed. Provided that optical flow gives reliable approximation to two-dimensional image motion, it can be used to recover the three-dimensional motion. but usually to get the reliable optical flows are difficult. The proposed algorithm uses Horn's algorithm (or detecting initial optical flow, then Thin Plate Spline is introduced to warp a image frame of the initial optical flow to the next image frame. The optical flow for the warped image frame is again used iteratively until the mean square error between two image sequence frames is lowered. The proposed method is experimented for the real moving Picture image sequence. The proposed algorithm gives dense optical flow vectors.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.6
• /
• pp.1225-1236
• /
• 2020

Fuzzing is an automated software testing methodology that dynamically tests the security of software by inputting randomly generated input values outside of the expected range. KISA is releasing open source for standard cryptographic algorithms, and many crypto module developers are developing crypto modules using this source code. If there is a vulnerability in the open source code, the cryptographic library referring to it has a potential vulnerability, which may lead to a security accident that causes enormous losses in the future. Therefore, in this study, an appropriate security policy was established to verify the safety of block cipher source codes such as SEED, HIGHT, and ARIA, and the safety was verified using differential fuzzing. Finally, a total of 45 vulnerabilities were found in the memory bug items and error handling items, and a vulnerability improvement plan to solve them is proposed.

• Journal of the Institute of Electronics Engineers of Korea SD
• /
• v.45 no.6
• /
• pp.80-88
• /
• 2008

In this paper, the block cipher algorithms, 3-DES(Triple Data Encryption Standard), AES(Advanced Encryption Standard), SEED, HASH(SHA-1), which are domestic and international standards, have been implemented as an integrated cryptographic engine for smart card applications. For small area and low power design which are essential requirements for portable devices, arithmetic resources are shared for iteration steps in each algorithm, and a two-level clock gating technique was used to reduce the dynamic power consumption. The integrated cryptographic engine was verified with ALTERA Excalbur EPXA10F1020C device, requiring 7,729 LEs(Logic Elements) and 512 Bytes ROM, and its maximum clock speed was 24.83 MHz. When designed by using Samsung 0.18 um STD130 standard cell library, the engine consisted of 44,452 gates and had up to 50 MHz operation clock speed. It was estimated to consume 2.96 mW, 3.03 mW, 2.63 mW, 7.06 mW power at 3-DES, AES, SEED, SHA-1 modes respectively when operating at 25 MHz clock. We found that it has better area-power optimized structure than other existing designs for smart cards and various embedded security systems.