• Title/Summary/Keyword: asymmetric encryption

Search Result 45, Processing Time 0.018 seconds

Randomized Block Size (RBS) Model for Secure Data Storage in Distributed Server

  • Sinha, Keshav;Paul, Partha;Amritanjali, Amritanjali
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.15 no.12
    • /
    • pp.4508-4530
    • /
    • 2021
  • Today distributed data storage service are being widely used. However lack of proper means of security makes the user data vulnerable. In this work, we propose a Randomized Block Size (RBS) model for secure data storage in distributed environments. The model work with multifold block sizes encrypted with the Chinese Remainder Theorem-based RSA (C-RSA) technique for end-to-end security of multimedia data. The proposed RBS model has a key generation phase (KGP) for constructing asymmetric keys, and a rand generation phase (RGP) for applying optimal asymmetric encryption padding (OAEP) to the original message. The experimental results obtained with text and image files show that the post encryption file size is not much affected, and data is efficiently encrypted while storing at the distributed storage server (DSS). The parameters such as ciphertext size, encryption time, and throughput have been considered for performance evaluation, whereas statistical analysis like similarity measurement, correlation coefficient, histogram, and entropy analysis uses to check image pixels deviation. The number of pixels change rate (NPCR) and unified averaged changed intensity (UACI) were used to check the strength of the proposed encryption technique. The proposed model is robust with high resilience against eavesdropping, insider attack, and chosen-plaintext attack.

Comparison of encryption algorithm performance between low-spec IoT devices (저 사양 IoT 장치간의 암호화 알고리즘 성능 비교)

  • Park, Jung Kyu;Kim, Jaeho
    • Journal of Internet of Things and Convergence
    • /
    • v.8 no.1
    • /
    • pp.79-85
    • /
    • 2022
  • Internet of Things (IoT) connects devices with various platforms, computing power, and functions. Due to the diversity of networks and the ubiquity of IoT devices, demands for security and privacy are increasing. Therefore, cryptographic mechanisms must be strong enough to meet these increased requirements, while at the same time effective enough to be implemented in devices with long-range specifications. In this paper, we present the performance and memory limitations of modern cryptographic primitives and schemes for different types of devices that can be used in IoT. In addition, detailed performance evaluation of the performance of the most commonly used encryption algorithms in low-spec devices frequently used in IoT networks is performed. To provide data protection, the binary ring uses encryption asymmetric fully homomorphic encryption and symmetric encryption AES 128-bit. As a result of the experiment, it can be seen that the IoT device had sufficient performance to implement a symmetric encryption, but the performance deteriorated in the asymmetric encryption implementation.

Public key broadcast encryption scheme using new converting method

  • Jho, Nam-Su;Yoo, Eun-Sun;Rhee, Man-Young
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.18 no.6B
    • /
    • pp.199-206
    • /
    • 2008
  • Broadcast encryption is a cryptographical primitive which is designed for a content provider to distribute contents to only privileged qualifying users through an insecure channel. Anyone who knows public keys can distribute contents by means of public key broadcast encryption whose technique can also be applicable to many other applications. In order to design public key broadcast encryption scheme, it should devise some methods that convert a broadcast encryption scheme based on symmetric key cryptosystem to a public key broadcast encryption. Up to this point, broadcast encryption scheme on trial for converting from symmetric key setting to asymmetric public key setting has been attempted by employing the Hierarchical Identity Based Encryption (HIBE) technique. However, this converting method is not optimal because some of the properties of HIBE are not quite fitting for public key broadcast schemes. In this paper, we proposed new converting method and an efficient public key broadcast encryption scheme Pub-PI which is obtained by adapting the new converting method to the PI scheme [10]. The transmission overhead of the Pub-PI is approximately 3r, where r is the number of revoked users. The storage size of Pub-PI is O($c^2$), where c is a system parameter of PI and the computation cost is 2 pairing computations.

Incorporating RSA with a New Symmetric-Key Encryption Algorithm to Produce a Hybrid Encryption System

  • Prakash Kuppuswamy;Saeed QY Al Khalidi;Nithya Rekha Sivakumar
    • International Journal of Computer Science & Network Security
    • /
    • v.24 no.1
    • /
    • pp.196-204
    • /
    • 2024
  • The security of data and information using encryption algorithms is becoming increasingly important in today's world of digital data transmission over unsecured wired and wireless communication channels. Hybrid encryption techniques combine both symmetric and asymmetric encryption methods and provide more security than public or private key encryption models. Currently, there are many techniques on the market that use a combination of cryptographic algorithms and claim to provide higher data security. Many hybrid algorithms have failed to satisfy customers in securing data and cannot prevent all types of security threats. To improve the security of digital data, it is essential to develop novel and resilient security systems as it is inevitable in the digital era. The proposed hybrid algorithm is a combination of the well-known RSA algorithm and a simple symmetric key (SSK) algorithm. The aim of this study is to develop a better encryption method using RSA and a newly proposed symmetric SSK algorithm. We believe that the proposed hybrid cryptographic algorithm provides more security and privacy.

A Design for Network Security System via Non-security Common Network (일반망과 보안망을 연계한 네트워크 보안체계 설계)

  • Cho, Chang-Bong;Lee, Sang-Guk;Dho, Kyeong-Cheol
    • Journal of the Korea Institute of Military Science and Technology
    • /
    • v.12 no.5
    • /
    • pp.609-614
    • /
    • 2009
  • In this paper, we have proposed a design for security network system passing through the non-security network which is commonly used for various networking services. Based on the security requirements which are assumed that the large classified data are bi-transmitted between a server and several terminals remotely located, some application methods of security techniques are suggested such as the network separation technique, the scale-down application technique of certification management system based on the PKI(Public Key Infrastructure), the double encryption application using the crypto-equipment and the asymmetric keys encryption algorithm, unrecoverable data deleting technique and system access control using USB device. It is expected that the application of this design technique for the security network causes to increase the efficiency of the existing network facilities and reduce the cost for developing and maintaining of new and traditional network security systems.

A Deterministic Method of Large Prime Number Generation (결정론적인 소수 생성에 관한 연구)

  • Park, Jung-Gil;Park, Bong-Joo;Baek, Ki-Young;Chun, Wang-Sung;Ryou, Jae-Cheol
    • The Transactions of the Korea Information Processing Society
    • /
    • v.7 no.9
    • /
    • pp.2913-2919
    • /
    • 2000
  • It is essential to get large prime numbers in the design of asymmetric encryption algorithm. However, the pseudoprime numbers with high possibility to be primes have been generally used in the asymmetric encryption algorithms, because it is very difficult to find large deterministic prime numbers. In this paper, we propose a new method of deterministic prime number generation. The prime numbers generated by the proposed method have a 100% precise prime characteristic. They are also guaranteed reliability, security strength, and an ability of primitive element generation.

  • PDF

Memory-efficient Public Key Encryption with Keyword Search in Server (서버에서 효율적인 메모리 사용량을 제공하는 공개키 기반 검색 암호 시스템)

  • Kwon, Eun-Jeong;Seo, Jae-Woo;Lee, Pil-Joong;Park, Young-Man;Lee, Hae-Gyu;Kim, Yeong-Heon;Chong, Hak-Jin
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.18 no.4
    • /
    • pp.3-15
    • /
    • 2008
  • In 2000, Song. et. al. firstly proposed the Searchable Keyword Encryption System that treated a problem to search keywords on encrypted data. Since then, various Searchable Keyword Encryption Systems based on symmetric and asymmetric methods have been proposed. However, the Searchable Keyword Encryption Systems based on public key system has a problem that the index size for searching keywords on encrypted data increases linearly according to the number of keyword. In this paper, we propose the method that reduces the index size of Searchable Keyword Encryption based on public key system using Bloom Filter, apply the proposed method to PEKS(Public key Encryption with Keyword Search) that was proposed by Boneh. et. al., and analyze efficiency for the aspect of storage.

Implementation of the Extended Data Encryption Standard(EDES) (확장된 DES 구현)

  • Han, Seung-Jo;Kim, Pan-Koo
    • The Transactions of the Korea Information Processing Society
    • /
    • v.4 no.6
    • /
    • pp.1565-1575
    • /
    • 1997
  • A new encryption algorithm had been proposed as a replacement to the Data Encryption Standard (DES) in [1,2]. It called the Extended DES (EDES) has a key length of 112 bits. The plaintext data consists of 96 bits divided into 3 sub-blocks of 32 bits each. The EDES has a potentially higher resistance to differential cryptanalysis that the DES due to the asymmetric number of f functions performed on each of the 3 sub-blocks and due to the increase of S-boxes from 8 to 16. This paper propose a hardware design for the EDES and its implementation in VLSI. The VLSI chip implements data encryption and decryption in a single hardware unit. With a system clock frequency of 15Mhz the device permits a data conversion rate of about 90Mbit/sec. Therefore, the chip can be applied to on-line encryption in high-speed networking protocols.

  • PDF

New Techniques for Anonymous HIBE with Short Ciphertexts in Prime Order Groups

  • Lee, Kwang-Su;Lee, Dong-Hoon
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.4 no.5
    • /
    • pp.968-988
    • /
    • 2010
  • Anonymous hierarchical identity based encryption (HIBE) is an extension of identity based encryption (IBE) that can use an arbitrary string like an e-mail address for a public key, and it additionally provide the anonymity of identity in ciphertexts. Using the anonymous HIBE schemes, it is possible to construct anonymous communication systems and public key encryption with keyword search. This paper presents an anonymous HIBE scheme with constant size ciphertexts under prime order symmetric bilinear groups, and shows that it is secure under the selective security model. Previous anonymous HIBE schemes were constructed to have linear size ciphertexts, to use composite order bilinear groups, or to use asymmetric bilinear groups that is a special type of bilinear groups. Our construction is the first efficient anonymous HIBE scheme that has constant size ciphertexts and that uses prime order symmetric bilinear groups. Compared to the previous scheme of composite order bilinear groups, ours is ten times faster. To achieve our construction, we first devise a novel cancelable random blinding technique. The random blinding property of our technique provides the anonymity of our construction, and the cancellation property of our technique enables decryption.

Design of a Key Transfer System Using SOAP for Multimedia Contents Protection (멀티미디어 콘텐츠 보호를 위한 SOAP을 이용한 키 전송 시스템 설계)

  • Lee, Keun-Wang;Kim, Jeong-Jai
    • Journal of the Korea Academia-Industrial cooperation Society
    • /
    • v.9 no.1
    • /
    • pp.108-113
    • /
    • 2008
  • A proposed system can decrypt each contents block through a double buffer algorithm which can continually buffer contents by dividing a multimedia contents into some blocks and provides more improved method of encryption than existing system by being not capable of decrypting the whole multimedia contents if one key is exposed. Also, using digital signature and public encryption algorithm for mutual authentication between systems, this paper proposes the system which sends and encrypts symmetric keys for contents encryption through SOAP messages.