• Journal of KIISE:Information Networking
• /
• v.29 no.5
• /
• pp.583-594
• /
• 2002

Assuring the security of group communications such as tole-conference and software distribution requires a common group key be shared among the legal members in a secure manner. Especially for large groups with frequent membership change, efficient rekey mechanism is essential for scalability. One of the most popular ways to provide sealable rekey is to partition the group into several subgroups. In this paper, we propose a two-layered key management scheme which combines DEP and CBT, a protocol in which subgroup manager cannot access the multicast data and another that has a multi-core, respectively. We also select sub-group key management protocols suitable for our structure and design new rekey protocols to exclude the subgroup managers from the multicast data. Compared to previous protocols based on CBT, our scheme provides forward secrecy, backward secrecy and scalability. This would reduce the number of encryption and decryption for a rekey message and would improve the efficiency number of rekey messages and the amount of information related to group members that group managers must maintain compared to DEP.

• The Journal of the Korea Contents Association
• /
• v.4 no.1
• /
• pp.55-66
• /
• 2004

Recently, as the personal computers are supplied rapidly, they formed the nucleus of the computer system. But, because of the easiness that anyone uses them to go near easily, it is the fact that the security of personal computer is weakness. So, in the paper, 1 propose the technical method that minimizes the loss and leakage of important data. This paper implemented a crypto system for security of data file on personal computer and assistance storage medium. The way of encryption/decryption is applied by complexity method which mixed Diffie-Hellman key exchange protocol, a typical RC4(Rivest Cipher version 4) algorithm of stream cipher and a typical MD5(Message Digest version 5) of Hash Function. For valuation implemented crypto system, three criteria is presented, which are crypto complexity, processing time and pattern matching. And according to analysis the three criteria the crypto system is verified the security, efficiency and usefulness. The crypto system is programmed with Visual C++ language of Microsoft. And so, as this is software system, we shall have a technical security system at a minimum cost for all personal computer.

• Journal of the Korea Convergence Society
• /
• v.11 no.1
• /
• pp.1-7
• /
• 2020

Recently 5G technology is one of the technologies that has been receiving much positive responses from users as it is integrated with virtual technology. However, 5G's security issues have not been fully resolved and more security is soon required. In this paper, an approach technique is proposed as a probability-based hierarchy to provide personal privacy for 5G-based IoT users more safely. The proposed technique is aimed at not exposing the privacy of IoT users to third parties by using two random keys created personally by IoT users. In order to satisfy both safety and efficiency, the proposed technology divides the privacy of IoT users into two layers. In the first stage, IoT users will control access to intermediate media using anonymous keys generated by IoT users, and in the second stage, information of IoT users registered with servers will be darkened and replicated. The proposed technique has improved the accuracy of the privacy protection of IoT users as they assign weights to layered information after layering users' privacy information on a probabilistic basis.

• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.43 no.7 s.349
• /
• pp.32-40
• /
• 2006

It is very important to establish a pairwise key securely in wireless sensor networks. Because sensor networks consist of devices with weak physical security, they are likely to be compromised by an attacker. However, some approaches using key pre-distribution and other approaches using one hop local keys are known to be very vulnerable to threats caused by compromised nodes, even a small number. This paper proposes a scheme where each node establishes three hop local keys and employs them for a later pairwise key establishment. When any two nodes agree a pairwise key, all nodes on the route between two nodes contribute to the agreement of the pairwise key. Here, the initial three hop local keys are employed for encrypting a secret key delivered from a node to other nodes. Therefore, the proposed scheme bothers attackers to compromise much more nodes than the scheme using one hop local keys only. The simulation results have proven that the proposed scheme provides better performance and higher security than the scheme using one hop local keys in terms of message exchange, the number of encryption and decryption, and pairwise key exposure rate.

• Journal of Convergence for Information Technology
• /
• v.7 no.4
• /
• pp.105-111
• /
• 2017

With the emergence of the fourth industrial revolution, more and more attempts have been made to apply IoT technology to the manufacturing process and launch the product. In this paper, we propose IoT authentication scheme based on hash chain which can easily apply IoT device to small and medium enterprises in Korea. In the proposed method, the companies that installed IoT devices suitable for the manufacturing environment are selected to maintain the linkage between IoT devices so that product information and release information can be efficiently collected and managed during the entire manufacturing process. In addition, the proposed scheme is characterized in that it does not require an additional encryption / decryption algorithm because the authentication information of the IoT device is constructed based on a hash chain. As a result of the performance evaluation, the efficiency of the manufacturing process was improved by 18.5% and the processing of the manufacturing process with the IoT device was shortened by 20.1% on the average according to the application of the IoT device. In addition, the labor cost reduction costs in the manufacturing process decreased by an average of 30.7%.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.19 no.9
• /
• pp.2197-2204
• /
• 2015

In recent times, the high-tech society has become the most important issue by IT technology and publication network. Today such flows have also been the case in the e-book field. Today's electronic publication is changing day by day. But there are some problems according to the prevalence of e-book. E-book is similar to p-book(paper-book). There is a limit to have perfect feeling of a texture of p-book. In order to purchase an e-book, people use online. People having malicious intent could copy and distribute it illegally. It leads to cyber abuses. This paper aims at the copyright protection of e-book ePub writers. The proposed e-book copyright protection system is designed using e-book production Sigil environment and C program environment. This system uses client-server communication through e-book ePub as authentication information. It discerns whether to permit or not for a client to read the e-book using authentication information. Authentication information includes ID, password, IP address, limited time of authentication information, GUID(Globally Unique Identifier). If authentication information about e-book meets requirements, people can use it. But if not, it blocks people's approach by quitting program.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.13 no.2
• /
• pp.13-29
• /
• 2003

Web-mail system is worthy of note as a next generation e-mail system for its mobility and easiness. But many web-mail system does not have any kind of security mechanism. Even if web-mail system provides security services, its degree of strength is too low. Using these web-mail systems, the e-mail is tabbed, modified or forged by attacker easily. To solve these problems, we design and implement secure web-mail system based on the international e-mail security standard S/MIME in this thesis. This secure web-mail system is composed of server system and client system The server system performs basic mail functions - sending/receiving the mails, storing the mails, and management of user information, etc. And the client system performs cryptographic functions - encryption/decryption of the mails, digital signing and validation, etc. Because client system performs cryptographic functions this secure web-mail system gives its reliability and safety, and provides end-to-end security between mail users. Also, this secure web-mail system increase system efficiency by minimize server load.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.19 no.2
• /
• pp.11-21
• /
• 2009

The NTRU cryptosystem proposed by Hoffstein et al. in 1990s is a public key cryptosystem based on hard lattice problems. NTRU has many advantages compared to other public key cryptosystems such as RSA and elliptic curve cryptosystems. For example, it guarantees high speed encryption and decryption with the same level of security, and there is no known quantum computing algorithm for speeding up attacks against NTRD. In this paper, we analyze the security of NTRU against the simple power analysis (SPA) attack and the statistical power analysis (STPA) attack such as the correlation power analysis (CPA) attack First, we implement NTRU operations using NesC on a Telos mote, and we show how to apply CPA to recover a private key from collected power traces. We also suggest countermeasures against these attacks. In order to prevent SPA, we propose to use a nonzero value to initialize the array which will store the result of a convolution operation. On the other hand, in order to prevent STPA, we propose two techniques to randomize power traces related to the same input. The first one is random ordering of the computation sequences in a convolution operation and the other is data randomization in convolution operation.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.12 no.2
• /
• pp.21-34
• /
• 2002

In this paper we propos a new hardware architecture of modular exponentiation using a division chain method which has been proposed in (2). Modular exponentiation using the division chain is performed by receding an exponent E as a mixed form of multiplication and addition with divisors d=2 or $d=2^I +1$ and respective remainders r. This calculates the modular exponentiation in about $1.4log_2$E multiplications on average which is much less iterations than $2log_2$E of conventional Binary Method. We designed a linear systolic array multiplier with pipelining and used a horizontal projection on its data dependence graph. So, for k-bit key, two k-bit data frames can be inputted simultaneously and two modular multipliers, each consisting of k/2+3 PE(Processing Element)s, can operate in parallel to accomplish 100% throughput. We propose a new encoding scheme to represent divisors and remainders of the division chain to keep regularity of the data path. When it is synthesized to ASIC using Samsung 0.5 um CMOS standard cell library, the critical path delay is 4.24ns, and resulting performance is estimated to be abort 140 Kbps for a 1024-bit data frame at 200Mhz clock In decryption process, the speed can be enhanced to 560kbps by using CRT(Chinese Remainder Theorem). Futhermore, to satisfy real time requirements we can choose small public exponent E, such as 3,17 or $2^{16} +1$, in encryption and verification process. in which case the performance can reach 7.3Mbps.

• KIPS Transactions on Computer and Communication Systems
• /
• v.11 no.6
• /
• pp.167-174
• /
• 2022

PIPO lightweight block ciphers were announced in ICISC'20. In this paper, a single-block optimization implementation and parallel optimization implementation of PIPO lightweight block cipher ECB, CBC, and CTR operation modes are performed on a 32-bit RISC-V processor. A single block implementation proposes an efficient 8-bit unit of Rlayer function implementation on a 32-bit register. In a parallel implementation, internal alignment of registers for parallel implementation is performed, and a method for four different blocks to perform Rlayer function operations on one register is described. In addition, since it is difficult to apply the parallel implementation technique to the encryption process in the parallel implementation of the CBC operation mode, it is proposed to apply the parallel implementation technique in the decryption process. In parallel implementation of the CTR operation mode, an extended initialization vector is used to propose a register internal alignment omission technique. This paper shows that the parallel implementation technique is applicable to several block cipher operation modes. As a result, it is confirmed that the performance improvement is 1.7 times in a single-block implementation and 1.89 times in a parallel implementation compared to the performance of the existing research implementation that includes the key schedule process in the ECB operation mode.