• Journal of Convergence for Information Technology
• /
• v.7 no.4
• /
• pp.105-111
• /
• 2017

With the emergence of the fourth industrial revolution, more and more attempts have been made to apply IoT technology to the manufacturing process and launch the product. In this paper, we propose IoT authentication scheme based on hash chain which can easily apply IoT device to small and medium enterprises in Korea. In the proposed method, the companies that installed IoT devices suitable for the manufacturing environment are selected to maintain the linkage between IoT devices so that product information and release information can be efficiently collected and managed during the entire manufacturing process. In addition, the proposed scheme is characterized in that it does not require an additional encryption / decryption algorithm because the authentication information of the IoT device is constructed based on a hash chain. As a result of the performance evaluation, the efficiency of the manufacturing process was improved by 18.5% and the processing of the manufacturing process with the IoT device was shortened by 20.1% on the average according to the application of the IoT device. In addition, the labor cost reduction costs in the manufacturing process decreased by an average of 30.7%.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.19 no.9
• /
• pp.2197-2204
• /
• 2015

In recent times, the high-tech society has become the most important issue by IT technology and publication network. Today such flows have also been the case in the e-book field. Today's electronic publication is changing day by day. But there are some problems according to the prevalence of e-book. E-book is similar to p-book(paper-book). There is a limit to have perfect feeling of a texture of p-book. In order to purchase an e-book, people use online. People having malicious intent could copy and distribute it illegally. It leads to cyber abuses. This paper aims at the copyright protection of e-book ePub writers. The proposed e-book copyright protection system is designed using e-book production Sigil environment and C program environment. This system uses client-server communication through e-book ePub as authentication information. It discerns whether to permit or not for a client to read the e-book using authentication information. Authentication information includes ID, password, IP address, limited time of authentication information, GUID(Globally Unique Identifier). If authentication information about e-book meets requirements, people can use it. But if not, it blocks people's approach by quitting program.

• Journal of KIISE
• /
• v.42 no.1
• /
• pp.97-106
• /
• 2015

Recently, research on database encryption for data protection and query result authentication methods has been performed more actively in the database outsourcing environment. Existing database encryption schemes are vulnerable to order matching and counting attack of intruders who have background knowledge of the original database domain. Existing query result integrity auditing methods suffer from the transmission overhead of verification object. To resolve these problems, we propose a group-order preserving encryption index and a query result authentication method based on the encryption index. Our group-order preserving encryption index groups the original data for data encryption and support query processing without data decryption. We generate group ids by using the Hilbert-curve so that we can protect the group information while processing a query. Finally, our periodic function based data grouping and query result authentication scheme can reduce the data size of the query result verification. Through performance evaluation, we show that our method achieves better performance than an existing bucket-based verification scheme, it is 1.6 times faster in terms of query processing time and produces verification data that is 20 times smaller.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.13 no.2
• /
• pp.13-29
• /
• 2003

Web-mail system is worthy of note as a next generation e-mail system for its mobility and easiness. But many web-mail system does not have any kind of security mechanism. Even if web-mail system provides security services, its degree of strength is too low. Using these web-mail systems, the e-mail is tabbed, modified or forged by attacker easily. To solve these problems, we design and implement secure web-mail system based on the international e-mail security standard S/MIME in this thesis. This secure web-mail system is composed of server system and client system The server system performs basic mail functions - sending/receiving the mails, storing the mails, and management of user information, etc. And the client system performs cryptographic functions - encryption/decryption of the mails, digital signing and validation, etc. Because client system performs cryptographic functions this secure web-mail system gives its reliability and safety, and provides end-to-end security between mail users. Also, this secure web-mail system increase system efficiency by minimize server load.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.19 no.2
• /
• pp.11-21
• /
• 2009

The NTRU cryptosystem proposed by Hoffstein et al. in 1990s is a public key cryptosystem based on hard lattice problems. NTRU has many advantages compared to other public key cryptosystems such as RSA and elliptic curve cryptosystems. For example, it guarantees high speed encryption and decryption with the same level of security, and there is no known quantum computing algorithm for speeding up attacks against NTRD. In this paper, we analyze the security of NTRU against the simple power analysis (SPA) attack and the statistical power analysis (STPA) attack such as the correlation power analysis (CPA) attack First, we implement NTRU operations using NesC on a Telos mote, and we show how to apply CPA to recover a private key from collected power traces. We also suggest countermeasures against these attacks. In order to prevent SPA, we propose to use a nonzero value to initialize the array which will store the result of a convolution operation. On the other hand, in order to prevent STPA, we propose two techniques to randomize power traces related to the same input. The first one is random ordering of the computation sequences in a convolution operation and the other is data randomization in convolution operation.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.19 no.5
• /
• pp.35-44
• /
• 2009

To protect sensitive personal information, data will be stored in encrypted form. However in order to retrieve these encrypted data without decryption, there need efficient search methods to enable the retrieval of the encrypted data. Until now, a number of searchable encryption schemes have been proposed but these schemes are not suitable when dynamic users who have the permission to access the data share the encrypted data. Since, in previous searchable encryption schemes, only specific user who is the data owner in symmetric key settings or has the secret key corresponding to the public key for the encrypted data in asymmetric key settings can access to the encrypted data. To solve this problem, Stephen S. Yau et al. firstly proposed the controlled privacy preserving keyword search scheme which can control the search capabilities of users according to access policies of the data provider. However, this scheme has the problem that the privacy of the data retrievers can be breached. In this paper, we firstly analyze the weakness of Stephen S. Yau et al.'s scheme and propose privacy preserving keyword search with access control. Our proposed scheme preserves the privacy of data retrievers.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.12 no.2
• /
• pp.21-34
• /
• 2002

In this paper we propos a new hardware architecture of modular exponentiation using a division chain method which has been proposed in (2). Modular exponentiation using the division chain is performed by receding an exponent E as a mixed form of multiplication and addition with divisors d=2 or $d=2^I +1$ and respective remainders r. This calculates the modular exponentiation in about $1.4log_2$E multiplications on average which is much less iterations than $2log_2$E of conventional Binary Method. We designed a linear systolic array multiplier with pipelining and used a horizontal projection on its data dependence graph. So, for k-bit key, two k-bit data frames can be inputted simultaneously and two modular multipliers, each consisting of k/2+3 PE(Processing Element)s, can operate in parallel to accomplish 100% throughput. We propose a new encoding scheme to represent divisors and remainders of the division chain to keep regularity of the data path. When it is synthesized to ASIC using Samsung 0.5 um CMOS standard cell library, the critical path delay is 4.24ns, and resulting performance is estimated to be abort 140 Kbps for a 1024-bit data frame at 200Mhz clock In decryption process, the speed can be enhanced to 560kbps by using CRT(Chinese Remainder Theorem). Futhermore, to satisfy real time requirements we can choose small public exponent E, such as 3,17 or $2^{16} +1$, in encryption and verification process. in which case the performance can reach 7.3Mbps.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.6
• /
• pp.999-1012
• /
• 2020

As the utilize of personal health records increases in recent years, research on cryptographic protocol for protecting personal information of personal health records has been actively conducted. Currently, personal health records are commonly encrypted and outsourced to the cloud. However, this method is limited in verifying the integrity of personal health records, and there is a problem with poor data availability because it is essential to use it in decryption. To solve this problem, this paper proposes a verifiable cloud-based personal health record management scheme using Redactable signature scheme and zero-knowledge proof. Verifiable cloud-based personal health record management scheme can be used to verify the integrity of the original document while preserving privacy by deleting sensitive information by using Redactable signature scheme, and to verify that the redacted document has not been deleted or modified except for the deleted part of the original document by using the zero-knowledge proof. In addition, it is designed to increase the availability of data than the existing management schemes by designing to recover deleted parts only when necessary through the Redact Recovery Authority. And we propose a verifiable cloud-based personal health record management model using the proposed scheme, and analysed its efficiency by implementing the proposed scheme.

• Journal of the Korea Society of Computer and Information
• /
• v.27 no.11
• /
• pp.1-11
• /
• 2022

In this paper, we propose an NFT(Non-Fungible Token)-based access control method for safely sharing data between users in blockchain environment. Since all data stored in the blockchain can be accessed by anyone due to the nature of the technology, it is necessary to control access except for authorized users when sharing sensitive data. For that, we generate each data as NFT and controls access to the data through the smart contract. In addition, in order to overcome the limitations of single ownership of the existing NFT, we separated the NFT into ownership and use rights, so that data can be safely shared between users. Ownership is represented as an original NFT, use rights is represented as a copied NFT, and all data generated as NFT is encrypted and uploaded, so data can be shared only through the smart contract with access control. To verify this approach, we set up a hypothetical scenario called Building Information Modeling (BIM) data trade, and deployed a smart contract that satisfies 32 function call scenarios that require access control. Also, we evaluated the stability in consideration of the possibility of decryption through brute-force attack. Through our approach, we confirmed that the data can be safely shared between users in blockchain environment.

• Convergence Security Journal
• /
• v.23 no.3
• /
• pp.13-20
• /
• 2023

This study conducted a digital forensic analysis of Signal and Telegram, two secure messengers widely used in the Android environment. As mobile messengers currently play an important role in daily life, data management and security within these apps have become very important issues. Signal and Telegram, among others, are secure messengers that are highly reliable among users, and they safely protect users' personal information based on encryption technology. However, much research is still needed on how to analyze these encrypted data. In order to solve these problems, in this study, an in-depth analysis was conducted on the message encryption of Signal and Telegram and the database structure and encryption method in Android devices. In the case of Signal, we were able to successfully decrypt encrypted messages that are difficult to access from the outside due to complex algorithms and confirm the contents. In addition, the database structure of the two messenger apps was analyzed in detail and the information was organized into a folder structure and file format that could be used at any time. It is expected that more accurate and detailed digital forensic analysis will be possible in the future by applying more advanced technology and methodology based on the analyzed information. It is expected that this research will help increase understanding of secure messengers such as Signal and Telegram, which will open up possibilities for use in various aspects such as personal information protection and crime prevention.