• Title/Summary/Keyword: partial encryption

Search Result 59, Processing Time 0.026 seconds

A Dynamic ID Allocation Protocol for High-Performance RFID Tag (고기능 RFID 태그를 위한 동적 ID 할당 프로토콜)

  • Park Jin-Sung;Choi Myung-Ryul
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.15 no.6
    • /
    • pp.49-58
    • /
    • 2005
  • In this paper, we have proposed a secure dynamic ID allocation protocol using mutual authentication on the RFID tag. Currently, there are many security protocols focused on the low-price RFID tag. The conventional low-price tags have limitation of computing power and rewritability of memory. The proposed secure dynamic ID allocation protocol targets to the high-performance RFID tags which have more powerful performance than conventional low-price tag by allocating dynamic ID to RFID using mutual authentication based on symmetric encryption algorithm. This protocol can be used as a partial solution for ID tracing and forgery.

Design and Evaluation of DRM Model with Strong Security Based on Smart Card (스마트카드 기반의 강한 보안을 갖는 DRM 모델의 설계 및 평가)

  • Park, Jong-Yong;Kim, Young-Hak;Choe, Tae-Young
    • Journal of Digital Contents Society
    • /
    • v.12 no.2
    • /
    • pp.165-176
    • /
    • 2011
  • Recently, digital rights management (DRM) related researches are widely spreading with prosperity of IT industries. The DRM technology protects proprietor of copyright by preventing mischanneling and illegal copy. In this paper, we propose a new DRM model that has an enhanced and efficient protocol based on certificate using smart card. The proposed model overcomes weaknesses of WCDRM model and has following additional advantages: first, copy protection is enhanced by hiding user's specific information from attacker by storing the information within smart card; second, server load for contents encryption is reduced by making clear protocols among author, distributer, certificate authority, and users; third, offline user authentication is guaranteed by combining partial secret values in media players and smart card. Exposure of core information also is minimized by storing them in smart card. In addition, we show that the proposed system is more secure than WCDRM model by comparing various factors of anonymous attackers.

Design and Implementation of ACM-based Web Security Access Control System for Intranet Security (인트라넷 보안을 위한 ACM기반 웹 보안 접근 제어 시스템의 설계 및 구현)

  • Cho Nam-Deok;Park Hyun-Gun
    • The KIPS Transactions:PartC
    • /
    • v.12C no.5 s.101
    • /
    • pp.643-648
    • /
    • 2005
  • Intranet system for use within an organization, usually a corporation, is to basically pass through user authentication, but information can be leaked, modified, and deleted by malevolent users who disguise an authorized user or due to user's mistakes in using various functions of web browser. Thus, there is a need for measures to protect the information from illegal use, transformation through partial modification, and illegal leakage such as fraudulent use. This paper presents a flexible Web Security Access Control system based ACM which Provide efficient suity Policy to Protect information in intranet. This Web Security Access Control system not only enhances security by Performing encryption/decryption of information in intranet but also, for sharing confidential information among departments, performs effective and useful access control by assigning different authority to the secured web page. And, by controlling the functions of client PC in various ways, information leakage on malicious purpose or by mistake can be prevented.

Security Mechanism of Agent for Effective Agro-Foods Mobile Commerce (농산물 모바일 상거래를 위한 효과적인 에이전트 보안 메커니즘)

  • Jung Chang-Ryul;Song Jin-Kook;Koh Jin-Gwang
    • Journal of the Korea Institute of Information and Communication Engineering
    • /
    • v.10 no.9
    • /
    • pp.1573-1581
    • /
    • 2006
  • To utilize actively the agent which is one of the elements of revitalization of Agro-Foods Mobile I-commerce, an essential prerequisite is agent security. IF using partial PKI(Public Key Infrastructure)-based confirmation mechanism providing security for the agent, the size of agent is becoming larger, the result of the transmission speed is slow, and the confirmation speed is tardy as well because of performing calculation of public keys such as RSA and needing linkage with the CA for the valid examination of certificates. This paper suggests a mechanism that can cross certification and data encryption of each host in the side of improving the problems of key distribution on agent by shaping key chain relationship. This mechanism can guarantee the problem of ky distribution by using agent cipher key(ACK) module and generating random number to fit mobile surroundings and to keep the secret of the agent. Suggested mechanism is a thing that takes into consideration security and efficiency to secure agent for the revitalization of M-Commerce, and is a code skill to make the agent solid and is a safe mechanism minimizing the problems of memory overflow.

Design of High-Speed VPN for Large HD Video Contents Transfer (대용량 HD 영상콘텐츠 고속전송 VPN(Virtual Private Network)의 설계)

  • Park, Hyoungy-Ill;Shin, Yong-Tae
    • The Journal of the Institute of Internet, Broadcasting and Communication
    • /
    • v.12 no.4
    • /
    • pp.111-118
    • /
    • 2012
  • When broadcasters want immediately a variety of VOD files in a distributed server of them data centers and away contents provider, CPs of different platform to exchange high-quality HD, 3DTV video and other video files over the IP networks of high-performance that can be transferred quickly and must be configured quickly. This paper, by using an optional encryption method to complement a QoS and security of public network, suggests high speed and secure content transmission protocol such as VPN(Virtual Private Network) for large video files and big data. As configured high performance VPN, end to end devices use the best of available resources over public network by parallel transfer protocol and the secure content delivery network.

Outsourcing decryption algorithm of Verifiable transformed ciphertext for data sharing

  • Guangwei Xu;Chen Wang;Shan Li;Xiujin Shi;Xin Luo;Yanglan Gan
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.18 no.4
    • /
    • pp.998-1019
    • /
    • 2024
  • Mobile cloud computing is a very attractive service paradigm that outsources users' data computing and storage from mobile devices to cloud data centers. To protect data privacy, users often encrypt their data to ensure data sharing securely before data outsourcing. However, the bilinear and power operations involved in the encryption and decryption computation make it impossible for mobile devices with weak computational power and network transmission capability to correctly obtain decryption results. To this end, this paper proposes an outsourcing decryption algorithm of verifiable transformed ciphertext. First, the algorithm uses the key blinding technique to divide the user's private key into two parts, i.e., the authorization key and the decryption secret key. Then, the cloud data center performs the outsourcing decryption operation of the encrypted data to achieve partial decryption of the encrypted data after obtaining the authorization key and the user's outsourced decryption request. The verifiable random function is used to prevent the semi-trusted cloud data center from not performing the outsourcing decryption operation as required so that the verifiability of the outsourcing decryption is satisfied. Finally, the algorithm uses the authorization period to control the final decryption of the authorized user. Theoretical and experimental analyses show that the proposed algorithm reduces the computational overhead of ciphertext decryption while ensuring the verifiability of outsourcing decryption.

Adaptive Data Hiding Techniques for Secure Communication of Images (영상 보안통신을 위한 적응적인 데이터 은닉 기술)

  • 서영호;김수민;김동욱
    • The Journal of Korean Institute of Communications and Information Sciences
    • /
    • v.29 no.5C
    • /
    • pp.664-672
    • /
    • 2004
  • Widespread popularity of wireless data communication devices, coupled with the availability of higher bandwidths, has led to an increased user demand for content-rich media such as images and videos. Since such content often tends to be private, sensitive, or paid for, there exists a requirement for securing such communication. However, solutions that rely only on traditional compute-intensive security mechanisms are unsuitable for resource-constrained wireless and embedded devices. In this paper, we propose a selective partial image encryption scheme for image data hiding , which enables highly efficient secure communication of image data to and from resource constrained wireless devices. The encryption scheme is invoked during the image compression process, with the encryption being performed between the quantizer and the entropy coder stages. Three data selection schemes are proposed: subband selection, data bit selection and random selection. We show that these schemes make secure communication of images feasible for constrained embed-ded devices. In addition we demonstrate how these schemes can be dynamically configured to trade-off the amount of ded devices. In addition we demonstrate how these schemes can be dynamically configured to trade-off the amount of data hiding achieved with the computation requirements imposed on the wireless devices. Experiments conducted on over 500 test images reveal that, by using our techniques, the fraction of data to be encrypted with our scheme varies between 0.0244% and 0.39% of the original image size. The peak signal to noise ratios (PSNR) of the encrypted image were observed to vary between about 9.5㏈ to 7.5㏈. In addition, visual test indicate that our schemes are capable of providing a high degree of data hiding with much lower computational costs.

Design and Hardware Implementation of High-Speed Variable-Length RSA Cryptosystem (가변길이 고속 RSA 암호시스템의 설계 및 하드웨어 구현)

  • 박진영;서영호;김동욱
    • The Journal of Korean Institute of Communications and Information Sciences
    • /
    • v.27 no.9C
    • /
    • pp.861-870
    • /
    • 2002
  • In this paper, with targeting on the drawback of RSA of operation speed, a new 1024-bit RSA cryptosystem has been proposed and implemented in hardware to increase the operational speed and perform the variable-length encryption. The proposed cryptosystem mainly consists of the modular exponentiation part and the modular multiplication part. For the modular exponentiation, the RL-binary method, which performs squaring and modular multiplying in parallel, was improved, and then applied. And 4-stage CSA structure and radix-4 booth algorithm were applied to enhance the variable-length operation and reduce the number of partial product in modular multiplication arithmetic. The proposed RSA cryptosystem which can calculate at most 1024 bits at a tittle was mapped into the integrated circuit using the Hynix Phantom Cell Library for Hynix 0.35㎛ 2-Poly 4-Metal CMOS process. Also, the result of software implementation, which had been programmed prior to the hardware research, has been used to verify the operation of the hardware system. The size of the result from the hardware implementation was about 190k gate count and the operational clock frequency was 150㎒. By considering a variable-length of modulus number, the baud rate of the proposed scheme is one and half times faster than the previous works. Therefore, the proposed high speed variable-length RSA cryptosystem should be able to be used in various information security system which requires high speed operation.

(An HTTP-Based Application Layer Security Protocol for Wireless Internet Services) (무선 인터넷 서비스를 위한 HTTP 기반의 응용 계층 보안 프로토콜)

  • 이동근;김기조;임경식
    • Journal of KIISE:Information Networking
    • /
    • v.30 no.3
    • /
    • pp.377-386
    • /
    • 2003
  • In this paper, we present an application layer protocol to support secure wireless Internet services, called Application Layer Security(ALS). The drawbacks of the two traditional approaches to secure wireless applications motivated the development of ALS. One is that in the conventional application-specific security protocol such as Secure HyperText Transfer Protocol(S-HTTP), security mechanism is included in the application itself. This gives a disadvantage that the security services are available only to that particular application. The other is that a separate protocol layer is inserted between the application and transport layers, as in the Secure Sockets Layer(SSL)/Transport Layer Security(TLS). In this case, all channel data are encrypted regardless of the specific application's requirements, resulting in much waste of network resources. To overcome these problems, ALS is proposed to be implemented on top of HTTP so that it is independent of the various transport layer protocols, and provides a common security interface with security applications so that it greatly improves the portability of security applications. In addition, since ALS takes advantages of well-known TLS mechanism, it eliminates the danger of malicious attack and provides applications with various security services such as authentication, confidentiality integrity and digital signature, and partial encryption. We conclude this paper with an example of applying ALS to the solution of end-to-end security in a present commercial wireless protocol stack, Wireless Application Protocol.