• Journal of the Korea Convergence Society
• /
• v.11 no.1
• /
• pp.1-7
• /
• 2020

Recently 5G technology is one of the technologies that has been receiving much positive responses from users as it is integrated with virtual technology. However, 5G's security issues have not been fully resolved and more security is soon required. In this paper, an approach technique is proposed as a probability-based hierarchy to provide personal privacy for 5G-based IoT users more safely. The proposed technique is aimed at not exposing the privacy of IoT users to third parties by using two random keys created personally by IoT users. In order to satisfy both safety and efficiency, the proposed technology divides the privacy of IoT users into two layers. In the first stage, IoT users will control access to intermediate media using anonymous keys generated by IoT users, and in the second stage, information of IoT users registered with servers will be darkened and replicated. The proposed technique has improved the accuracy of the privacy protection of IoT users as they assign weights to layered information after layering users' privacy information on a probabilistic basis.

• Journal of the Institute of Electronics Engineers of Korea CI
• /
• v.46 no.1
• /
• pp.64-77
• /
• 2009

A proxy re-encryption scheme allows Alice to temporarily delegate the decryption rights to Bob via a proxy. Alice gives the proxy a re-encryption key so that the proxy can convert a ciphertext for Alice into the ciphertext for Bob. Recently, ID-based proxy re-encryption schemes are receiving considerable attention for a variety of applications such as distributed storage, DRM, and email-forwarding system. And a non-interactive identity-based proxy re-encryption scheme was proposed for achieving CCA-security by Green and Ateniese. In the paper, we show that the identity-based proxy re-encryption scheme is unfortunately vulnerable to a collusion attack. The collusion of a proxy and a malicious user enables two parties to derive other honest users' private keys and thereby decrypt ciphertexts intended for only the honest user. To solve this problem, we propose two ID-based proxy re-encryption scheme schemes, which are proved secure under CPA and CCA in the random oracle model. For achieving CCA-security, we present self-authentication tag based on short signature. Important features of proposed scheme is that ciphertext structure is preserved after the ciphertext is re-encrypted. Therefore it does not lead to ciphertext expansion. And there is no limitation on the number of re-encryption.

• Journal of Broadcast Engineering
• /
• v.18 no.5
• /
• pp.758-770
• /
• 2013

In a Broadcast Encryption System, a sender sends an encrypted message to a large set of receivers at once over an insecure channel and it enables only users in a target set to decrypt the message with their private keys. In 2005, Boneh et al. proposed a fully collusion-resistant public key broadcast encryption in which the ciphertext and the privatekey sizes are constant. In general, pairing-based broadcast encryption system is efficient in bandwidth and storing aspects than non-pairing based broadcast encryption system, however, it requires many computational costs that resource-constrained devices is not suit to be applied. In this paper, we propose a Broadcast Encryption scheme(called BEWD) that user can decrypt a ciphertext more efficiently. The scheme is based on Boneh et al.scheme. More precisely, it reduces receiver's computational costs by delegating pairing computation to a proxy server which computation is required to receiver in Boneh et al.scheme. Furthermore, the scheme enables a user to check if the proxy server compute correctly. We show that our scheme is secure against selective IND-RCCA adversaries under l-BDHE assumption.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.12 no.1
• /
• pp.249-256
• /
• 2012

ePUB is one of the most pervasive eBook formats since it was announced as a 2009 standard in IDPF(International Digital Publishing Forum). ePUB is compressed as a ZIP Archive format and structured as a standard format of OCF. Domestically and internationally, eBook services applying DRM into ePUB have currently been active, while it does not satisfy various needs from business because it does not support preview service which is due to the encryption of the whole ePUB as a single key. This study suggests a way to apply diverse business models by providing eBook content based on ePUB multiple key encryption method, not by encrypting it simply as a single key. The encryption method which applies a multiple key encryption method is suggested as a practically appliable form together with licence issuing and delivery method and decryption method in eBook readers. The multiple key encryption method suggested in this study will make it possible to support partial preview services of ePUB based eBook content. It will be applied to diverse service models and enhance the security level better then single key based encryption method.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.4
• /
• pp.625-634
• /
• 2014

Tactical networks is being operated in configuration that consisting of a variety of characteristics communication equipments and heterogeneous networks. In this configurations, end-to-end communication can be achieved using interworking gateway for converting the data format of the network and using encryption algorithm of the networks. The use of mechanism results in a problem that secure data cannot be transferred directly, reprocessing and processing delay of communication in heterogeneous tactical networks. That is, for encoding and decoding of data, the decryption of encrypted data and re-encryption processing must be required at the gateway between different networks. In this paper proposes to mechanism for end-to-end secure communication in heterogeneous tactical networks. Using the proposed method, end-to-end secure communication between heterogeneous tactical networks(PSTN-UHF networks) which removes the necessity of a gateway for converting data into data formats suitable for network to remove a transmission delay factor and enable real-time voice and data communication and achieve end-to-end security for heterogeneous tactical networks. we propose a novel mechanism for end-to-end secure communication over PSTN and UHF networks and evaluate against the performance of conventional mechanism. Our proposal is confirmed removal of security vulnerabilities, end-to-end secure communication in heterogeneous tactical networks.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.22 no.1
• /
• pp.100-108
• /
• 2018

This paper describes a design of scalable RSA public-key cryptography processor supporting four key lengths of 512/1,024/2,048/3,072 bits. The modular multiplier that is a core arithmetic block for RSA crypto-system was designed with 32-bit datapath, which is based on the CIOS (Coarsely Integrated Operand Scanning) Montgomery modular multiplication algorithm. The modular exponentiation was implemented by using L-R binary exponentiation algorithm. The scalable RSA crypto-processor was verified by FPGA implementation using Virtex-5 device, and it takes 456,051/3,496347/26,011,947/88,112,770 clock cycles for RSA computation for the key lengths of 512/1,024/2,048/3,072 bits. The RSA crypto-processor synthesized with a $0.18{\mu}m$ CMOS cell library occupies 10,672 gate equivalent (GE) and a memory bank of $6{\times}3,072$ bits. The estimated maximum clock frequency is 147 MHz, and the RSA decryption takes 3.1/23.8/177/599.4 msec for key lengths of 512/1,024/2,048/3,072 bits.

• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.43 no.7 s.349
• /
• pp.32-40
• /
• 2006

It is very important to establish a pairwise key securely in wireless sensor networks. Because sensor networks consist of devices with weak physical security, they are likely to be compromised by an attacker. However, some approaches using key pre-distribution and other approaches using one hop local keys are known to be very vulnerable to threats caused by compromised nodes, even a small number. This paper proposes a scheme where each node establishes three hop local keys and employs them for a later pairwise key establishment. When any two nodes agree a pairwise key, all nodes on the route between two nodes contribute to the agreement of the pairwise key. Here, the initial three hop local keys are employed for encrypting a secret key delivered from a node to other nodes. Therefore, the proposed scheme bothers attackers to compromise much more nodes than the scheme using one hop local keys only. The simulation results have proven that the proposed scheme provides better performance and higher security than the scheme using one hop local keys in terms of message exchange, the number of encryption and decryption, and pairwise key exposure rate.

• Journal of Convergence for Information Technology
• /
• v.7 no.4
• /
• pp.105-111
• /
• 2017

With the emergence of the fourth industrial revolution, more and more attempts have been made to apply IoT technology to the manufacturing process and launch the product. In this paper, we propose IoT authentication scheme based on hash chain which can easily apply IoT device to small and medium enterprises in Korea. In the proposed method, the companies that installed IoT devices suitable for the manufacturing environment are selected to maintain the linkage between IoT devices so that product information and release information can be efficiently collected and managed during the entire manufacturing process. In addition, the proposed scheme is characterized in that it does not require an additional encryption / decryption algorithm because the authentication information of the IoT device is constructed based on a hash chain. As a result of the performance evaluation, the efficiency of the manufacturing process was improved by 18.5% and the processing of the manufacturing process with the IoT device was shortened by 20.1% on the average according to the application of the IoT device. In addition, the labor cost reduction costs in the manufacturing process decreased by an average of 30.7%.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.19 no.9
• /
• pp.2197-2204
• /
• 2015

In recent times, the high-tech society has become the most important issue by IT technology and publication network. Today such flows have also been the case in the e-book field. Today's electronic publication is changing day by day. But there are some problems according to the prevalence of e-book. E-book is similar to p-book(paper-book). There is a limit to have perfect feeling of a texture of p-book. In order to purchase an e-book, people use online. People having malicious intent could copy and distribute it illegally. It leads to cyber abuses. This paper aims at the copyright protection of e-book ePub writers. The proposed e-book copyright protection system is designed using e-book production Sigil environment and C program environment. This system uses client-server communication through e-book ePub as authentication information. It discerns whether to permit or not for a client to read the e-book using authentication information. Authentication information includes ID, password, IP address, limited time of authentication information, GUID(Globally Unique Identifier). If authentication information about e-book meets requirements, people can use it. But if not, it blocks people's approach by quitting program.

• Journal of KIISE
• /
• v.42 no.1
• /
• pp.97-106
• /
• 2015

Recently, research on database encryption for data protection and query result authentication methods has been performed more actively in the database outsourcing environment. Existing database encryption schemes are vulnerable to order matching and counting attack of intruders who have background knowledge of the original database domain. Existing query result integrity auditing methods suffer from the transmission overhead of verification object. To resolve these problems, we propose a group-order preserving encryption index and a query result authentication method based on the encryption index. Our group-order preserving encryption index groups the original data for data encryption and support query processing without data decryption. We generate group ids by using the Hilbert-curve so that we can protect the group information while processing a query. Finally, our periodic function based data grouping and query result authentication scheme can reduce the data size of the query result verification. Through performance evaluation, we show that our method achieves better performance than an existing bucket-based verification scheme, it is 1.6 times faster in terms of query processing time and produces verification data that is 20 times smaller.