• Convergence Security Journal
• /
• v.19 no.1
• /
• pp.97-101
• /
• 2019

If the operating system's core file contains an Intel PT, the debugger can not only check the program state at the time of the crash, but can also reconfigure the control flow that caused the crash. We can also extend the execution trace scope to the entire system to debug kernel panics and other system hangs. The second-generation PT, the WinIPT library, includes an Intel PT driver with additional code to run process and core-specific traces through the IOCTL and registry mechanisms provided by Windows 10 (RS5). In other words, the PT trace information, which was limited access only by the first generation PT, can be executed by process and core by the IOCTL and registry mechanism provided by the operating system in the second generation PT. In this paper, we compare and describe methods for collecting, storing, decoding and detecting malicious codes of data packets in a window environment using 1/2 generation PT.

• Convergence Security Journal
• /
• v.18 no.5_1
• /
• pp.19-24
• /
• 2018

For a long time now, general-purpose processors have provided dedicated hardware / software tracing modules to provide developers with tools to fix bugs. A hardware tracer generates its enormous data into a log that is used for both performance analysis and debugging. Processor Trace (PT) is a new hardware-based tracing feature for Intel CPUs that traces branches executing on the CPU, which allows the reconstruction of the control flow of all executed code with minimal labor. Hardware tracer has been integrated into the operating system, which allows tight integration with its profiling and debugging mechanisms. However, in the Windows environment, existing studies related to PT focused on decoding only one flow in sequence. In this paper, we propose an extended PT decoder structure that provides basic data for real-time trace and malicious code detection using the functions provided by PT in Windows environment.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.20 no.6
• /
• pp.1163-1170
• /
• 2016

A hardware implementation of ultra-lightweight block cipher algorithm PRESENT which was specified as a standard for lightweight cryptography ISO/IEC 29192-2 is described. The PRESENT crypto-processor supports two key lengths of 80 and 128 bits, as well as four modes of operation including ECB, CBC, OFB, and CTR. The PRESENT crypto-processor has on-the-fly key scheduler with master key register, and it can process consecutive blocks of plaintext/ciphertext without reloading master key. In order to achieve a lightweight implementation, the key scheduler was optimized to share circuits for key lengths of 80 bits and 128 bits. The round block was designed with a data-path of 64 bits, so that one round transformation for encryption/decryption is processed in a clock cycle. The PRESENT crypto-processor was verified using Virtex5 FPGA device. The crypto-processor that was synthesized using a $0.18{\mu}m$ CMOS cell library has 8,100 gate equivalents(GE), and the estimated throughput is about 908 Mbps with a maximum operating clock frequency of 454 MHz.

• Journal of Digital Convergence
• /
• v.11 no.4
• /
• pp.215-220
• /
• 2013

The super computer calls usually as the super computer in case the computing power of the computer is 20 G flops (GFLOPS) or greater. In the past, the computer equipped with the vector processor (the instrument processing the order having the logic operation and maximum value or minimum value besides the common computer instruction) processing the scientific calculation with the super high speed was installed as the super computer. Recently, cyber attack focuses on supercomputer because if it is being infected, then it will affect hundreds of client PC. Therefore, our research paper analyzed super computer security issues and biometric countermeasure to develop the level of security on super computer.

• The Journal of the Korea Contents Association
• /
• v.7 no.2
• /
• pp.92-99
• /
• 2007

This paper presented a low power design of a 32bit block cypher processor reduced from the original 128bit architecture. The primary purpose of this research is to evaluate physical implementation results rather than theoretical aspects. The data path and diffusion function of the processor were reduced to accommodate the smaller hardware size. As a running example demonstrating the design approach, we employed a modified ARIA algorithm having four S-boxes. The proposed 32bit ARIA processor comprises 13,893 gates which is 68.25% smaller than the original 128bit structure. The design was synthesized and verified based on the standard cell library of the MagnaChip's 0.35um CMOS Process. A transistor level power simulation shows that the power consumption of the proposed processor reduced to 61.4mW, which is 9.7% of the original 128bit design. The low power design of the block cypher Processor would be essential for improving security of battery-less wireless sensor networks or RFID.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.27 no.1C
• /
• pp.112-121
• /
• 2002

In this paper, we present a design of a hash processor for data security systems. Two standard hash algorithms, Sha-1(American) and HAS-1600(Korean), are implemented on a single hash engine to support real time processing of the algorithms. The hash processor can also be used as a PRNG(Pseudo-random number generator) by utilizing SHA-1 hash iterations, which is being used in the Intel software library. Because both SHA-1 and HAS-160 have the same step operation, we could reduce hardware complexity by sharing the computation unit. Due to precomputation of message variables and two-stage pipelined structure, the critical path of the processor was shortened and overall performance was increased. We estimate performance of the hash processor about 624 Mbps for SHA-1 and HAS-160, and 195 Mbps for pseudo-random number generation, both at 100 MHz clock, based on Samsung 0.5um CMOS standard cell library. To our knowledge, this gives the best performance for processing the hash algorithms.

• Journal of KIISE:Information Networking
• /
• v.33 no.2
• /
• pp.113-130
• /
• 2006

Recently with the explosive growth of Internet applications, the attacks of hackers on network are increasing rapidly and becoming more seriously. Thus information security is emerging as a critical factor in designing a network system and much attention is paid to Network Intrusion Detection System (NIDS), which detects hackers' attacks on network and handles them properly However, the performance of current intrusion detection system cannot catch the increasing rate of the Internet speed because most of the NIDSs are implemented by software. In this paper, we propose a new high performance network intrusion using Network Processor. To achieve fast packet processing and dynamic adaptation of intrusion patterns that are continuously added, a new high performance network intrusion detection system using Intel's network processor, IXP1200, is proposed. Unlike traditional intrusion detection engines, which have been implemented by either software or hardware so far, we design an optimized architecture and algorithms, exploiting the features of network processor. In addition, for more efficient detection engine scheduling, we proposed task allocation methods on multi-processing processors. Through implementation and performance evaluation, we show the proprieties of the proposed approach.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2009.10a
• /
• pp.913-916
• /
• 2009

This paper describes a hardware design of hash processor which implements HAS-160 algorithm adopted as a Korean standard. To achieve a high-speed operation with small-area, the arithmetic operation is implemented using a hybrid structure of 5:3 and 3:2 carry-save adders and a carry-select adder. The HAS-160 processor synthesized with $0.35-{\mu}m$ CMOS cell library has 17,600 gates. It computes a 160-bit hash code from a message block of 512 bits in 82 clock cycles, and has 312 Mbps throughput at 50 MHz@3.3-V clock frequency.

• Journal of Korea Multimedia Society
• /
• v.16 no.8
• /
• pp.914-926
• /
• 2013

Among the recent security systems, security system with fingerprint recognition gets many people's interests through the strengths such as exclusiveness, convenience, etc, in comparison with other security systems. The most important matters for fingerprint recognition system are reliability of matching between the fingerprint in database and user's fingerprint and rapid process of image processing algorithms used for fingerprint recognition. The existing fingerprint recognition system reduces the processing time by removing some processes in the feature extraction algorithms but has weakness of a reliability. This paper realizes the fingerprint recognition algorithm using MAMS(Multi-Access Memory System) for both the rapid processing time and the reliability in feature extraction and matching accuracy. Reliability of this process is verified by the correlation between serial processor's results and MAMS-PP64's results. The performance of the method using MAMS-PP64 is 1.56 times faster than compared serial processor.

• Journal of Internet Computing and Services
• /
• v.21 no.3
• /
• pp.11-19
• /
• 2020

In this paper, a merged TEA block cipher processor which unifies Tiny Encryption Algorithm(TEA), extended Tiny Encryption Algorithm(XTEA) and corrected block TEA(XXTEA) is designed. After TEA cipher algorithm was first designed, XTEA and XXTEA cipher algorithms were designed to correct security weakness. Three types of cipher algorithm uses a 128-bit master key. The designed cipher processor can encrypt or decrypt 64-bit message block for TEA/XTEA and variable-length message blocks up to 256-bit for XXTEA. The maximum throughput for 64-bit message blocks is 137Mbps and that of 256-bit message blocks is 369Mbps. The merged TEA block cipher designed in this paper has a 16% gain on the area side compared to a lightweight LEA cipher. The cryptographic IP of this paper is applicable in security module of the mobile areas such as smart card, internet banking, and e-commerce.