• 한국ITS학회:학술대회논문집
• /
• 2005.11a
• /
• pp.177-179
• /
• 2005

• Journal of the Korea Society of Computer and Information
• /
• v.13 no.6
• /
• pp.173-180
• /
• 2008

Certified e-Document Authority keep it with protection legal as a system a guarantee and identifies originality of an e-Record, It presume to be authenticity e-Records and contents of an e-Record prove what was not changed. But, e-Records has high medium degree of dependence and loss danger of information has very high problems. In addition, Because correction(attachment and deletion) and a revision of information are easy, a problem for integrity and the originality of an e-Record is caused. Existing system show the following inefficient. For the originality guarantee, an existing e-Documents encryption method accomplishes a encrypted process of a whole document with a symmetric key, if the information revised midway, the whole documents content must accomplish re-scanning and re-encryption process again. To get over such inefficient, this paper maximize efficiency which occurred at the time of partial information revision request by encryption and managing using the link information based on the linkage characteristics of the each page on the registered requested e-Documents, It was able to increase security configuration by minimizing problems on an information exposure through increasing complicated of the key management.

• Journal of information and communication convergence engineering
• /
• v.10 no.3
• /
• pp.248-252
• /
• 2012

The sensor network standard DASH7 was proposed to improve transmission quality and low power communication. Specifications for the standard are currently being developed, so the security specification has not been firmly implemented. However, without a security specification, a network cannot work due to threats from malicious users. Thus we must ensure confidentiality and authentication of data packets by using a cryptography method. To contribute to the DASH7 security specification, this paper shows the implementation results of network and data link layer security by using advanced encryption standard (AES) counter with CBC-MAC (CCM) over CC430 sensor nodes.

• Journal of Communications and Networks
• /
• v.13 no.5
• /
• pp.518-524
• /
• 2011

A high assurance IP encryption (HAIPE) compliant protocol accelerator is proposed for military networks consisting of red (or classified) networks and black (or unclassified) networks. The boundary between red and black sides is assumed to be protected via a HAIPE device. However, the IP layer encryption introduces challenges for bandwidth on demand satellite communication. The problems experienced by transmission control protocol (TCP) over satellites are well understood: While standard modems (on the black side) employ TCP performance enhancing proxy (PEP) which has been shown to work well, the HAIPE encryption of TCP headers renders the onboard modem's PEP ineffective. This is attributed to the fact that under the bandwidth-on-demand environment, PEP must use traditional TCP mechanisms such as slow start to probe for the available bandwidth of the link (which eliminates the usefulness of the PEP). Most implementations recommend disabling the PEP when a HAIPE device is used. In this paper, we propose a novel solution, namely broadband HAIPE-embeddable satellite communications terminal (BHeST), which utilizes dynamic network performance enhancement algorithms for high latency bandwidth-on-demand satellite links protected by HAIPE. By moving the PEP into the red network and exploiting the explicit congestion notification bypass mechanism allowed by the latest HAIPE standard, we have been able to regain PEP's desired network enhancement that was lost due to HAIPE encryption (even though the idea of deploying PEP at the modem side is not new). Our BHeST solution employs direct video broadcast-return channel service (DVB-RCS), an open standard as a means of providing bandwidth-on-demand satellite links. Another issue we address is the estimation of current satellite bandwidth allocated to a remote terminal which is not available in DVBRCS. Simulation results show that the improvement of our solution over FIX PEP is significant and could reach up to 100%. The improvement over the original TCP is even more (up to 500% for certain configurations).

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.11 no.4
• /
• pp.55-66
• /
• 2001

In this paper, we analyze the security of OFB encryption mode which is one of the basic modes of operation for the block cipher and the security of 3GPP f8 encryption mode used to provide the data confidentiality over a radio access link of W-CDMA IMT-2000. We provide the lower bound and the upper bound on security of both modes in random function model and random permutation model, respectively, by means of the left-or-right security notion, and prove the security of both modes using a pseudorandom function and a pseudorandom permutation, respectively.

• Journal of information and communication convergence engineering
• /
• v.9 no.5
• /
• pp.577-582
• /
• 2011

EMR(Electronic Medical Record) is an emerging technology that is highly-blended between non-IT and IT area. One of methodology to link non-IT and IT area is to construct databases. Nowadays, it supports before and after-treatment for patients and should satisfy all stakeholders such as practitioners, nurses, researchers, administrators and financial department and so on. In accordance with the database maintenance, DAS (Data as Service) model is one solution for outsourcing. However, there are some scalability and strategy issues when we need to plan to use DAS model properly. We constructed three kinds of databases such as plain-text, MS built-in encryption which is in-house model and custom AES (Advanced Encryption Standard) - DAS model scaling from 5K to 2560K records. To perform custom AES-DAS better, we also devised Bucket Index using Bloom Filter. The simulation showed the response times arithmetically increased in the beginning but after a certain threshold, exponentially increased in the end. In conclusion, if the database model is close to in-house model, then vendor technology is a good way to perform and get query response times in a consistent manner. If the model is DAS model, it is easy to outsource the database, however, some technique like Bucket Index enhances its utilization. To get faster query response times, designing database such as consideration of the field type is also important. This study suggests cloud computing would be a next DAS model to satisfy the scalability and the security issues.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.25 no.10B
• /
• pp.1744-1759
• /
• 2000

In this paper a synchronized stream cryptosystem for secure link layer communication on a radio channel is designed. We have proposed new interleaving schemes to randomize a burst error and experimented with different types of interleaving schemes. The proposed techniques of interleaving schemes are : (1) interleaving scheme based on frame(2) interleaving scheme based on group. The proposed schemes are very robust in randomizing

• Convergence Security Journal
• /
• v.15 no.5
• /
• pp.29-35
• /
• 2015

The network security encryption type is divided into two, one is point-to-point, second method is link type. The level of security quality attributes are a system security quality requirements in a networked environment. Quality attributes can be observed and should be able to be measured. If the quality requirements can be presented as exact figures, quality requirements are defined specifically setting quality objectives. Functional requirements in the quality attribute is a requirement for a service function which can be obtained through the encryption. Non-functional requirements are requirements of the service quality that can be obtained through the encryption. Encryption quality evaluation system proposed in this study is to derive functional requirements and non-functional requirements 2 groups. Of the calculating measure of the evaluation index in the same category, the associated indication of the quality measure of each surface should be created. The quality matrix uses 2-factor analysis of the evaluation for the associated surface quality measurements. The quality requirements are calculated based on two different functional requirements and non-functional requirements. The results are calculated by analyzing the trend of the average value assessment. When used this way, it is possible to configure the network security encryption based on quality management.

• Proceedings of the Korea Institute of Convergence Signal Processing
• /
• 2003.06a
• /
• pp.276-279
• /
• 2003

본 논문에서는 블루투스 장비 간 암호화를 위해 사용되는 암호화 모듈의 설계 및 구현에 관한 내용을 다룬다. 암호화 모듈은 기저 대역내에 암호화 키 생성 모듈과 암호화 엔진 모듈로 구성된다. 암호화 키 생성 모듈은 Cylink사에서 제안한 공개 도메인인 SAFER+(Secure And Fast Encryption Routine) 알고리즘을 사용하여 128bit 키를 생성한다. 그 구성은 키 치환을 위한 치환 함수(key-controlled substitution)와 선형 변환을 위한 PHT(Pseudo-Hadamard Transform)와 Armenian Shuffle 변환기로 구성된다. 암호화 엔진 모듈은 전송 패킷내의 페이로드 데이터와 생성된 사이퍼 키 스트림 데이터와 XOR연산을 통하려 암호화를 행하며 그 구성은 LFSR (Linear Feedback Shift Register)와 합 결합기로 구성된다. 이 중 암호화 키 생성 모듈은 LM(Link Manager)의 PDU(Protocol Data Unit) 패킷을 통해 상호 정보가 교환되므로 암호화키를 생성하는데 있어 시간적 제약이 덜 하다. 따라서 본 논문에서는 변형된 SAFER+ 알고리즘 구현하는데 있어 치환 함수의 덧셈과 XOR, 로그, 지수연산을 바이트 단위의 순차 계산을 수행함으로써 소요되는 하드웨어 용량을 줄이도록 설계하였다. 본 논문에서 제시한 모듈은 블루투스 표준안 버전 1.1에 근거하여 구현하였으며 시뮬레이션 및 테스트는 Xilinx FPGA를 이용하여 검증하였다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.11 no.1
• /
• pp.3-12
• /
• 2001

In this paper, a synchronized stream encryption system for secure link layer communication in a radio channel is designed. Interleaving scheme which is used to enhance the transmission performance over a fading channel is applied to the encrypted information. A designed synchronous scream cipher system consists of a keystream generator, a synchronization pattern generator and a session key generator. The structure of a synchronous stream cipher system with periodic synchronization is composed of the encrypted information which consists of a synchronization pattern, an error correcting coded session key, an encrypted data in a period of synchronization. In this paper, interleaving scheme using dynamic allocation a1gorithm(DAA) is applied the encrypted information. The BER of the DAA has been slightly higher than that of the SAA(static allocation algorithm).