• Journal of the Korea Institute of Military Science and Technology
• /
• v.14 no.3
• /
• pp.482-491
• /
• 2011

The purpose of this study is to design and implement a 2-level secret information transmission system which can be used for information hiding of images transmitted over various IT communication media. To increase the robustness of the hiding power, we combined the steganography method which inserts secret object into cover object to hide the very fact of information hiding itself, and the preprocessing stage to encrypt the secret object before the stego-insertion stage. As a result, even when the stego-image is broken by an attacker, the secret image is protected by encryption. We implemented the 2-level image insertion and extraction algorithm by using C++ programming language. Experiment shows that the PSNR values of stego-images of ours exceed 30.00db which is the threshold of human recognition. The methodology of this study can be applied broadly to the information hiding and protection of the military secret images.

• Journal of the Korea Society of Computer and Information
• /
• v.16 no.5
• /
• pp.73-78
• /
• 2011

The DES encryption algorithm employed in information security has a strong avalanche effect, and the processing speed to encrypt is also fast. However, due to the H/W advances, the secret key length of DES having 56bits is not enough so that it is easily exposed to brute force attack. In this paper, we present a new method to significantly increase the secret key length in the DES by integration of digital holography and DES algorithm. In addition, we evaluate the encryption performance of the proposed method by measuring the avalanche effect and verify the possibility of it.

• Journal of the Institute of Electronics Engineers of Korea TE
• /
• v.39 no.2
• /
• pp.51-59
• /
• 2002

In this paper, we studied the voice cryptograph system designed by the SEED algorithm for the safe transmission and receipt on the voice communication. Voice band signal converts to digital signal by the CODEC and DSP that applied the improved SEED algorithm encrypt the digital signal. The CODEC convert Encryption signal into analog voice signal. This voice signal is transmitted safely because of encryption signal even if someone wiretap. Receiver can hear the source voice, because the encryption signal decrypted using the SEED algorithm. In this paper, We designed the 32 round key instead of 16 round key in the SEED algorithm so that we improve the truncated differential probability from $2^{-143.1}$ to $2^{-286.6}$. 

• Convergence Security Journal
• /
• v.2 no.1
• /
• pp.99-107
• /
• 2002

This paper proposes a group key management protocol for a secure of all the multicast user in PIM-SM multicast group communication under electronic commerce. Each subgroup manager gives a secure key to it's own transmitter and the transmitter compress the data with it's own secure key from the subgroup manager. Before the transmitter send the data to receiver, the transmitter prepares to encrypt a user's service by sending a encryption key to the receiver though the secure channel, after checking the user's validity through the secure channel. As the transmitter sending a data after then, the architecture is designed that the receiver will decode the received data with the transmitter's group key. Therefore, transmission time is shortened because there is no need to data translation by the group key on data sending and the data transmition is possible without new key distribution at path change to shortest path of the router characteristic.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.10 no.2
• /
• pp.338-343
• /
• 2006

This paper describes about the design concept and the architecture of an economic VPN system which can perform fast crypto operations with cheap cost. The essence of the proposed system architecture is consisting of the system with two companion chips dedicated to VPN: one chip is a multi-purpose network processor for security machine and the other is a crypto acceleration chip which encrypt and decrypt network packets in a high speed. This study also addresses about some realizations that is required for fast prototyping such as the porting of an operating system, the establishment of compiler tool chain, the implementation of device drivers and the design of IPSec security engine. Especially, the second chip supports the most time consuming block cipher algorithms including 3DES, AES, and SEED and its performance was evaluated.

• The KIPS Transactions:PartC
• /
• v.12C no.2 s.98
• /
• pp.201-206
• /
• 2005

This paper designs Cryptography File System to support encrypting function. The CFS is supported in Solaris Kernel to encrypt or decrypt a plaintext or an encrypted text by using the dynamic linking mechanism. The Cryptography File System supports safe use of computer system even if an intruder gets a file by connecting with network. If he/she does not have a Cryptography File System module in the Solaris Kernel, he/she cannot read that file. The Cryptography File System was experimented into the Solaris kernel.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2017.10a
• /
• pp.565-568
• /
• 2017

The security protocols such as SSH and SSL/TLS operate over TCP and encrypt all data from the application layer. However, this method has unnecessary performance degradation because it encrypts even data which does not require confidentiality. In this paper, we propose TCP OENC(TCP Optional Encryption) which optionally encrypts only confidential data by the application user. The proposed TCP OENC is in accordance with TCP standard operation, and it operates if application user demand on encrypting data. Before the TCP OENC sends first encrypted data, performs the key agreement, and then encrypts and sends data which application user is desired by using shared key obtained from the key agreement.

• Journal of Information Processing Systems
• /
• v.14 no.3
• /
• pp.666-679
• /
• 2018

The discrete wavelet transform (DWT) has good multi-resolution decomposition characteristic and its low frequency component contains the basic information of an image. Based on this, a fragile watermarking using the local binary pattern (LBP) and DWT is proposed for image authentication. In this method, the LBP pattern of low frequency wavelet coefficients is adopted as a feature watermark, and it is inserted into the least significant bit (LSB) of the maximum pixel value in each block of host image. To guarantee the safety of the proposed algorithm, the logistic map is applied to encrypt the watermark. In addition, the locations of the maximum pixel values are stored in advance, which will be used to extract watermark on the receiving side. Due to the use of DWT, the watermarked image generated by the proposed scheme has high visual quality. Compared with other state-of-the-art watermarking methods, experimental results manifest that the proposed algorithm not only has lower watermark payloads, but also achieves good performance in tamper identification and localization for various attacks.

• Journal of Internet Computing and Services
• /
• v.5 no.2
• /
• pp.33-40
• /
• 2004

PKI(Public Key Infrastructure) issues a certificate for providing Integrity of public key. and it Inspects the validity by downloading CRL(Certificate Revocation List) for checking the validity of certificate. But. it imposes a burden on processing of certificate due to Increase of user and the size of CRL, Lately, OCSP(Online Certificate Status Protocol), which examines the validity on online, is published as an alternative plan. But, it makes a problem due to concentration of just one certificate repository, Accordingly we propose the scheme that OCSP server is arranged in distributed area and then the information is safely transmitted to OCSP server.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.10 no.10
• /
• pp.5153-5170
• /
• 2016

The benefit of the scalability and flexibility inherent in cloud computing motivates clients to upload data and computation to public cloud servers. Because data is placed on public clouds, which are very likely to reside outside of the trusted domain of clients, this strategy introduces concerns regarding the security of sensitive client data. Thus, to provide sufficient security for the data stored in the cloud, it is essential to encrypt sensitive data before the data are uploaded onto cloud servers. Although data encryption is considered the most effective solution for protecting sensitive data from unauthorized users, it imposes a significant amount of overhead during the query processing phase, due to the limitations of directly executing operations against encrypted data. Recently, substantial research work that addresses the execution of SQL queries against encrypted data has been conducted. However, there has been little research on top-k join query processing over encrypted data within the cloud computing environments. In this paper, we develop an efficient algorithm that processes a top-k join query against encrypted cloud data. The proposed top-k join processing algorithm is, at an early phase, able to prune unpromising data sets which are guaranteed not to produce top-k highest scores. The experiment results show that the proposed approach provides significant performance gains over the naive solution.