• Journal of information and communication convergence engineering
• /
• 제15권4호
• /
• pp.212-216
• /
• 2017

In this paper, we introduce novel techniques to improve the high performance of AE functions on modern high-end IoT platforms (ARM-NEON), which support SIMD and cryptography instruction sets. For the Sophie Germain Counter Mode of operation (SGCM), counter modes of encryption and prime field multiplication are required. We chose the Montgomery multiplication for modular multiplication. We perform Montgomery multiplication in a parallel way by exploiting both the ARM and NEON instruction sets. Specifically, the NEON instruction performed 128-bit integer multiplication and the ARM instruction performed Montgomery reduction, simultaneously. This approach hides the latency for ARM in the NEON instruction set. For a high-speed counter mode of encryptions for both AE functions, we introduced two-level computations. When the tasks were large volume, we switched to the NEON instruction to execute the encryption operations. Otherwise, we performed the encryptions on the ARM module.

• 디지털산업정보학회논문지
• /
• 제14권2호
• /
• pp.49-59
• /
• 2018

Encryption of digital images has been requested various fields. In the meantime, many algorithms based on a text - based encryption algorithm have been proposed. In this paper, we propose a method of encryption in wavelet transform domain to utilize the characteristics of digital image. In particular, wavelet transform is used to reduce the association between the encrypted image and the original image. Wavelet packet transformations can be decomposed into more subband images than wavelet transform, and various position permutation, numerical transformation, and visual transformation are performed on the coefficients of this subband image. As a result, this paper proposes a method that satisfies the characteristics of high encryption strength than the conventional wavelet transform and reversibility. This method also satisfies the lossless symmetric key encryption and decryption algorithm. The performance of the proposed method is confirmed by visual and quantitative. Experimental results show that the visually encrypted image is seen as a completely different signal from the original image. We also confirmed that the proposed method shows lower values of cross correlation than conventional wavelet transform. And PSNR has a sufficiently high value in terms of decoding performance of the proposed method. In this paper, we also proposed that the degree of correlation of the encrypted image can be controlled by adjusting the number of wavelet transform steps according to the characteristics of the image.

• Journal of information and communication convergence engineering
• /
• 제12권4호
• /
• pp.252-256
• /
• 2014

Traditional block cipher Advanced Encryption Standard (AES) is widely used in the field of network security, but it has high overhead on each operation. In the 15th international workshop on information security applications, a novel lightweight and low-power encryption algorithm named low-power encryption algorithm (LEA) was released. This algorithm has certain useful features for hardware and software implementations, that is, simple addition, rotation, exclusive-or (ARX) operations, non-Substitute-BOX architecture, and 32-bit word size. In this study, we further improve the LEA encryptions for cloud computing. The Web-based implementations include JavaScript and assembly codes. Unlike normal implementation, JavaScript does not support unsigned integer and rotation operations; therefore, we present several techniques for resolving this issue. Furthermore, the proposed method yields a speed-optimized result and shows high performance enhancements. Each implementation is tested using various Web browsers, such as Google Chrome, Internet Explorer, and Mozilla Firefox, and on various devices including personal computers and mobile devices. These results extend the use of LEA encryption to any circumstance.

• Journal of Communications and Networks
• /
• 제13권5호
• /
• pp.518-524
• /
• 2011

A high assurance IP encryption (HAIPE) compliant protocol accelerator is proposed for military networks consisting of red (or classified) networks and black (or unclassified) networks. The boundary between red and black sides is assumed to be protected via a HAIPE device. However, the IP layer encryption introduces challenges for bandwidth on demand satellite communication. The problems experienced by transmission control protocol (TCP) over satellites are well understood: While standard modems (on the black side) employ TCP performance enhancing proxy (PEP) which has been shown to work well, the HAIPE encryption of TCP headers renders the onboard modem's PEP ineffective. This is attributed to the fact that under the bandwidth-on-demand environment, PEP must use traditional TCP mechanisms such as slow start to probe for the available bandwidth of the link (which eliminates the usefulness of the PEP). Most implementations recommend disabling the PEP when a HAIPE device is used. In this paper, we propose a novel solution, namely broadband HAIPE-embeddable satellite communications terminal (BHeST), which utilizes dynamic network performance enhancement algorithms for high latency bandwidth-on-demand satellite links protected by HAIPE. By moving the PEP into the red network and exploiting the explicit congestion notification bypass mechanism allowed by the latest HAIPE standard, we have been able to regain PEP's desired network enhancement that was lost due to HAIPE encryption (even though the idea of deploying PEP at the modem side is not new). Our BHeST solution employs direct video broadcast-return channel service (DVB-RCS), an open standard as a means of providing bandwidth-on-demand satellite links. Another issue we address is the estimation of current satellite bandwidth allocated to a remote terminal which is not available in DVBRCS. Simulation results show that the improvement of our solution over FIX PEP is significant and could reach up to 100%. The improvement over the original TCP is even more (up to 500% for certain configurations).

• Journal of Information Processing Systems
• /
• 제9권2호
• /
• pp.271-286
• /
• 2013

Recently, a pixel-chaotic-shuffling (PCS) method has been proposed by Huang et al. for encrypting color images using multiple chaotic systems like the Henon, the Lorenz, the Chua, and the Rossler systems. All of which have great encryption performance. The authors claimed that their pixel-chaotic-shuffle (PCS) encryption method has high confidential security. However, the security analysis of the PCS method against the chosen-plaintext attack (CPA) and known-plaintext attack (KPA) performed by Solak et al. successfully breaks the PCS encryption scheme without knowing the secret key. In this paper we present an improved shuffling pattern for the plaintext image bits to make the cryptosystem proposed by Huang et al. resistant to chosen-plaintext attack and known-plaintext attack. The modifications in the existing PCS encryption method are proposed to improve its security performance against the potential attacks described above. The Number of Pixel Change Rate (NPCR), Unified Average Changed Intensity (UACI), information entropy, and correlation coefficient analysis are performed to evaluate the statistical performance of the modified PCS method. The simulation analysis reveals that the modified PCS method has better statistical features and is more resistant to attacks than Huang et al.'s PCS method.

• 한국위성정보통신학회논문지
• /
• 제10권4호
• /
• pp.39-45
• /
• 2015

위성통신은 상공에 있는 인공위성으로 통신하는 방식으로 고속 대용량 전송이 가능하며, 통신 구역이 넓다는 장점이 있는 반면 정보의 보안성이 없다는 단점이 있다. 이를 보완하기 위해 AES 암호화를 CTR과 CBC 모드를 적용하였다. 또한, 송신기와 수신기 사이에 나무나 건물 등의 장애물로 인해 발생하는 영향을 알아보기 위해 Markov chain을 이용하여 Blockage channel을 Urban과 Open 환경으로 구성하였다. 위성통신 고속링크 기반의 시뮬레이션을 통해 성능을 분석해 본 결과, 암호화를 적용한 경우 보안성은 보완되나 BER의 성능이 악화됨을 보였고, 장애물이 적은 Open 환경에서 장애물이 많은 Urban 환경보다 BER 성능이 향상됨을 확인하였다.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제17권11호
• /
• pp.3182-3203
• /
• 2023

With the growing adoption of cloud-based technologies, maintaining the privacy and security of cloud data has become a pressing issue. Privacy-preserving encryption schemes are a promising approach for achieving cloud data security, but they require careful design and implementation to be effective. The integrated approach to cloud data security that we suggest in this work uses CogniGate: the orchestrated permissions protocol, index trees, blockchain key management, and unique Opacus encryption. Opacus encryption is a novel homomorphic encryption scheme that enables computation on encrypted data, making it a powerful tool for cloud data security. CogniGate Protocol enables more flexibility and control over access to cloud data by allowing for fine-grained limitations on access depending on user parameters. Index trees provide an efficient data structure for storing and retrieving encrypted data, while blockchain key management ensures the secure and decentralized storage of encryption keys. Performance evaluation focuses on key aspects, including computation cost for the data owner, computation cost for data sharers, the average time cost of index construction, query consumption for data providers, and time cost in key generation. The results highlight that the integrated approach safeguards cloud data while preserving privacy, maintaining usability, and demonstrating high performance. In addition, we explore the role of differential privacy in our integrated approach, showing how it can be used to further enhance privacy protection without compromising performance. We also discuss the key management challenges associated with our approach and propose a novel blockchain-based key management system that leverages smart contracts and consensus mechanisms to ensure the secure and decentralized storage of encryption keys.

• Journal of Information Processing Systems
• /
• 제20권1호
• /
• pp.24-37
• /
• 2024

To address the requirement for high-speed encryption of large amounts of data, this study improves the widely adopted cipher block chaining (CBC) mode and proposes a controllable parallel cipher block chaining (CPCBC) block cipher mode of operation. The mode consists of two phases: extension and parallel encryption. In the extension phase, the degree of parallelism n is determined as needed. In the parallel encryption phase, n cipher blocks generated in the expansion phase are used as the initialization vectors to open n parallel encryption chains for parallel encryption. The security analysis demonstrates that CPCBC mode can enhance the resistance to byte-flipping attacks and padding oracle attacks if parallelism n is kept secret. Security has been improved when compared to the traditional CBC mode. Performance analysis reveals that this scheme has an almost linear acceleration ratio in the case of encrypting a large amount of data. Compared with the conventional CBC mode, the encryption speed is significantly faster.

• Journal of Information Processing Systems
• /
• 제13권1호
• /
• pp.68-82
• /
• 2017

Nowadays, geographic information system (GIS) is developed and implemented in many areas. A huge volume of vector map data has been accessed unlawfully by hackers, pirates, or unauthorized users. For this reason, we need the methods that help to protect GIS data for storage, multimedia applications, and transmission. In our paper, a selective encryption method is presented based on vertex randomization and hybrid transform in the GIS vector map. In the proposed algorithm, polylines and polygons are focused as the targets for encryption. Objects are classified in each layer, and all coordinates of the significant objects are encrypted by the key sets generated by using chaotic map before changing them in DWT, DFT domain. Experimental results verify the high efficiency visualization by low complexity, high security performance by random processes.

• 전기전자학회논문지
• /
• 제24권2호
• /
• pp.543-549
• /
• 2020

산업의 발전과 인터넷의 발전으로 보안의 중요성이 증가하면서 암호화에 필수적인 요소인 암호화 키의 생성에 사용되는 난수 발생기의 연구가 활발하게 이루어지고 있다. 외부 공격으로부터 안전한 고성능의 암호화 키를 생성하기 위해서는 예측하기 어려운 품질 좋은 난수 발생기가 필수적이다. 일반적으로 사용되는 의사 난수 발생기는 충분한 성능의 난수를 발생하기 위해서 많은 양의 하드웨어 리소스가 요구됨에도 외부에서 암호화 키를 외부에서 알아낼 가능성이 존재한다. 그러므로, 다양한 잡음을 통해 난수를 발생시켜 외부에서 예측 불가능하며 품질 좋은 진 난수 발생기에 대한 요구가 증가하고 있다. 본 논문은 진 난수 생성기술로 대표적인 준안정성 및 발진기를 통한 진 난수 발생기의 최신구조가 랜덤소스를 생성하는 방식을 조사 및 비교한다. 또한, NIST에서 제공하는 난수 검증용 도구인 SP 800-22 테스트를 통해 발진기 기반 진 난수 발생기 성능을 검증한 자료를 분석한다.