• Journal of Industrial Convergence
• /
• v.16 no.1
• /
• pp.15-20
• /
• 2018

Along with the increase of internet shopping, crimes that exploited personal information on the invoice of goods are becoming more and more advanced and becoming more and more classified from the interception of goods through voice phishing attack, injury, sexual offense. Therefore, in order to guarantee the anonymity of the customer's delivery information, there is a need for a delivery tracking prevention system which keeps the route information of the product's destination secret among delivery companies. For this purpose, We suggest that delivery tracing protect model based smart contract for guaranteed anonymity to protect the anonymity by encrypting delivery information and by separation of payment and personal information using the anonymity technique of block chain-based cryptography. Our proposed model contributes to expansion of internet shopping based on block chaining by providing information about product sales to company and guaranteeing anonymity of customer's delivery information to customer.

• Journal of the Korean Society of Systems Engineering
• /
• v.14 no.2
• /
• pp.73-82
• /
• 2018

In this work, a hardware based cryptographic module for the cyber security of nuclear power plant is developed using a system engineering approach. Nuclear power plants are isolated from the Internet, but as shown in the case of Iran, Man-in-the-middle attacks (MITM) could be a threat to the safety of the nuclear facilities. This FPGA-based module does not have an operating system and it provides protection as a firewall and mitigates the cyber threats. The encryption equipment consists of an encryption module, a decryption module, and interfaces for communication between modules and systems. The Advanced Encryption Standard (AES)-128, which is formally approved as top level by U.S. National Security Agency for cryptographic algorithms, is adopted. The development of the cyber security module is implemented in two main phases: reverse engineering and re-engineering. In the reverse engineering phase, the cyber security plan and system requirements are analyzed, and the AES algorithm is decomposed into functional units. In the re-engineering phase, we model the logical architecture using Vitech CORE9 software and simulate it with the Enhanced Functional Flow Block Diagram (EFFBD), which confirms the performance improvements of the hardware-based cryptographic module as compared to software based cryptography. Following this, the Hardware description language (HDL) code is developed and tested to verify the integrity of the code. Then, the developed code is implemented on the FPGA and connected to the personal computer through Recommended Standard (RS)-232 communication to perform validation of the developed component. For the future work, the developed FPGA based encryption equipment will be verified and validated in its expected operating environment by connecting it to the Advanced power reactor (APR)-1400 simulator.

• Journal of Internet Computing and Services
• /
• v.20 no.5
• /
• pp.9-18
• /
• 2019

Android Application Package (APK) is vulnerable to repackaging attacks. Therefore, obfuscation technology was applied inside the Android APK file to cope with repackaging attack. However, as more advanced reverse engineering techniques continue to be developed, fake Android APK files to be released. A new approach is needed to solve this problem. A blockchain is a continuously growing list of records, called blocks, which are linked and secured using cryptography. Each block typically contains a cryptographic hash of theprevious block, a timestamp and transaction data. Once recorded, the data inany given block cannot be altered retroactively without the alteration of all subsequent blocks. Therefore, it is possible to check whether or not theAndroid Mobile APK is forged by applying the blockchain technology. In this paper, we construct a discrimination DApp (Decentralized Application) against forgery Android Mobile APK by recording and maintaining the legitimate APK in the consortium blockchain framework like Hyperledger Fabric by Composer. With proposed DApp, we can prevent the forgery and modification of the appfrom being installed on the user's Smartphone, and normal and legitimate apps will be widely used.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.15 no.1
• /
• pp.41-55
• /
• 2005

A group key agreement protocol allows a group of user to share a key which may later be used to achieve certain cryptographic goals. In this paper, we propose a new scalable two-round ID-based group key agreement protocol which would be well fit to a Pay-TV system, additionally. to the fields of internet stock quotes, audio and music deliveries, software updates and the like. Our protocol improves the three round poop key agreement protocol of Nam et al., resulting in upgrading the computational efficiency by using the batch verification technique in pairing-based cryptography. Also our protocol simplifies the key agreement procedures by utilizing ID-based system. We prove the security of our protocol under the Computational Diffie-Hellman assumption and the Bilinear Decisional Diffie-Hellman assumption. Also we analyze its efficiency.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.15 no.3
• /
• pp.77-89
• /
• 2005

As the ID-based public key cryptosystems become a very active research area, a number of ID-based key agreement protocols have been proposed, but unfortunately many of them were analyzed that there were some security flaws in the protocols. In addition to key agreement protocols, in recent, Liu et al. and Kim et al. proposed the key agreement protocols that multiple session keys are established at once among participated entities. In this paper, we propose an ID-based tripartite key agreement protocol that establishes 8 keys by improving the efficiency of the Liu et al's. Moreover, the proposed protocol can be used in the situation where multiple different private key generators(PKG) are involved. Therefore, because the private key issued by different PKGs belonging to each entity's domain can be used, our proposed scheme is more efficiently applicable to the practical applications.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.17 no.3
• /
• pp.17-25
• /
• 2007

Delegation of signing capability is a common practice in various applications. Mambo et al. proposed a proxy signatures as a solutions for delegation of signing capability. Proxy signatures allow a designated proxy signer to sign on behalf of an original signer. After the concept of proxy signature scheme is proposed, many variants are proposed to support more general delegation setting. To capture all possible delegation structures, the concept of delegation network was proposed by Aura. ID-based cryptography, which is suited for flexible environment, is desirable to construct a delegation network. Chow et al proposed an ID-based delegation network. In the computational point of view, their solution requires E pairing operations and N elliptic curve scalar multiplications where E and N are the number of edges and nodes in a delegation structure, respectively. In this paper, we proposed an efficient ID-based delegation network which requires only E pairing operations. Moreover, we can design a modified delegation network that requires only N pairing operations.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.1
• /
• pp.11-21
• /
• 2008

Biometrics-based user authentication has several advantages over traditional password-based systems for standalone authentication applications. This is also true for new authentication architectures known as crypto-biometric systems, where cryptography and biometrics are merged to achieve high security and user convenience at the same time. Recently, a cryptographic construct, called fuzzy vault, has been proposed for crypto-biometric systems. This construct aims to secure critical data(e.g., secret key) with the fingerprint data in a way that only the authorized user can access the secret by providing the valid fingerprint, and some implementations results for fingerprint have been reported. However, the previous results had some limitation of the provided security due to the limited numbers of chaff data fer hiding real fingerprint data. In this paper, we propose an approach to provide both the automatic alignment of fingerprint data and higher security by using a 3D geometric hash table. Based on the experimental results, we confirm that the proposed approach of using the 3D geometric hash table with the idea of the fuzzy vault can perform the fingerprint verification securely even with more chaff data included.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.3
• /
• pp.9-21
• /
• 2008

In this paper, we revisit a generally accepted opinion: implementing Elliptic Curve Cryptosystem (ECC) over GF$(2^m)$ on sensor motes using small word size is not appropriate because partial XOR multiplication over GF$(2^m)$ is not efficiently supported by current low-powered microprocessors. Although there are some implementations over GF$(2^m)$ on sensor motes, their performances are not satisfactory enough due to the redundant memory accesses that result in inefficient field multiplication and reduction. Therefore, we propose some techniques for reducing unnecessary memory access instructions. With the proposed strategies, the running time of field multiplication and reduction over GF$(2^{163})$ can be decreased by 21.1% and 24.7%, respectively. These savings noticeably decrease execution times spent in Elliptic Curve Digital Signature Algorithm (ECDSA) operations (Signing and verification) by around $15{\sim}19%$.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.6A
• /
• pp.85-96
• /
• 2008

Neighbor Discovery(ND) protocol is used to exchange an information of the neighboring nodes on the same link in the IPv6 protocol environment. For protecting the ND protocol, firstly utilizing Authentication Header(AH) of the IPsec protocol was proposed. But the method has some problems-uses of key exchange protocol is not available and it is hard to distribute manual keys. And then secondly the SEcure Neighbor Discovery(SEND) protocol which protects all of the ND message with digital signature was proposed. However, the digital signature technology on the basis of public key cryptography system is commonly known as requiring high cost, therefore it is expected that there is performance degradation in terms of the availability. In the paper, to improve performance of the SEND protocol, we proposed a modified CGA(Cryptographically Generated Address) which is made by additionally adding MAC(Media Access Control) address to the input of the hash function. Also, we proposed cache mechanism. We compared performance of the methods by experimentation.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.5 no.1
• /
• pp.37-50
• /
• 1995

The smart card with the cryptography and VLSI technologies makes it possible to implement the electronic cash easily. A number of electronic each schemes have been proposed by many cryptographic researchers. In this paper, we propose a practical electronic cash system, using blind digital signature scheme. Schnorr's authentication scheme based on the discrete logarithm problem, and the hierarchical cash tree based on two one-way hash functions for dividable payment. Thisf electronic cash scheme has such properties as privacy of the payment, off-line payment, non-reuseability of cash, transferability of cash to another customer, and dividable payment of cash. This electronic cash protocol is well suited for implementing in smart card.