• Title/Summary/Keyword: secret key cryptography

Search Result 70, Processing Time 0.027 seconds

A Scalable and Practical Authentication Protocol in Mobile IP (Mobile IP에서 확장성과 실용성 있는 인증 프로토콜 제안 및 분석)

  • Lee, Yong;Lee, Goo-Yeon
    • Journal of the Institute of Electronics Engineers of Korea TC
    • /
    • v.42 no.11
    • /
    • pp.35-44
    • /
    • 2005
  • In Mobile IP protocol, because a mobile node still uses its home IP address even though it moves to foreign network from home network, authentication among mobile node, foreign network and home network is critical issue. Many researches about this issue have been based on shared secret, for example mobile node and home agent authenticate each other with pre-shared symmetry key. And they missed several security issues such as replay attack. Although public key scheme could be applied to this issue easily, since the public key cryptography is computationally complicated, it still has the problem that it is not practical to realistic environment. In this paper, we describe several security issues in Mobile IP protocol. And we propose new Mobile IP authentication protocol that is applicable to realistic environment using public key algorithm based on certificate. It has scalability for mobile nodes and is applicable to the original Mobile IP protocol without any change. Finally we prove security of the proposed protocol and that it might not affect performance of the original Mobile IP protocol.

Study of Document Distribution System Architecture for Digital Secret Document Leakage Prevention (전자기밀문서 유출봉쇄 유통시스템 구조 연구)

  • Choi, Cheong-Hyeon
    • Journal of Internet Computing and Services
    • /
    • v.11 no.4
    • /
    • pp.143-158
    • /
    • 2010
  • The illegal leakage of enterprise digital confidential information will threaten the enterprise with bankruptcy. Today since most small-and-medium companies have no capability to fight against illegally compromising their critically confidential documents in spite of knowing the leakage of them, strongly safe distribution system of the digital confidential documents should be designed so in secure as to prevent any malicious intent of embezzlement from accessing the critical information. Current DRM-based protection system is not always perfect to protect the digital secrets, even seems to leave the secrets open. Therefore our study has analyzed the illegal leakage paths that hackers attack against and the vulnerability of the current protection systems. As result, we study the group communication based system architecture satisfying the security conditions to make even legitimate working employee keep out of the confidential documents, without performance degradation. The main idea of this architecture is to stay every secrets in encrypted form; to isolate the encrypted documents from the crypto-key; to associate every entity with one activity and to authenticate every entity with DSA-based public key system; multiple authentication method make hackers too busy to get a privilege to access the secrets with too many puzzle pieces. This paper deal with the basic architectural structure for the above issues.

Fixing Security Flaws of URSA Ad hoc Signature Scheme (URSA 애드혹 서명 알고리즘의 오류 수정)

  • Yi, Jeong-Hyun
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.17 no.4
    • /
    • pp.131-136
    • /
    • 2007
  • Ad hoc networks enable efficient resource aggregation in decentralized manner, and are inherently scalable and fault-tolerant since they do not depend on any centralized authority. However, lack of a centralized authority prompts many security-related challenges. Moreover, the dynamic topology change in which network nodes frequently join and leave adds a further complication in designing effective and efficient security mechanism. Security services for ad hoc networks need to be provided in a scalable and fault-tolerant manner while allowing for membership change of network nodes. In this paper, we investigate distributed certification mechanisms using a threshold cryptography in a way that the functions of a CA(Certification Authority) are distributed into the network nodes themselves and certain number of nodes jointly issue public key certificates to future joining nodes. In the process, we summarize one interesting report [5] in which the recently proposed RSA-based ad hoc signature scheme, called URSA, contains unfortunate yet serious security flaws. We then propose new scheme by fixing their security flaws.

Quantum Secure Direct Community using Time Lag (시간지연을 이용한 양자비밀직접통신)

  • Rim, Kwang-cheol;Lim, Dong-ho
    • Journal of the Korea Institute of Information and Communication Engineering
    • /
    • v.21 no.12
    • /
    • pp.2318-2324
    • /
    • 2017
  • Quantum cryptography, which is emerging as a next generation password, is being studied by quantum cryptographic transfer protocols and quantum secret communication. Quantum key transfer protocol can be used in combination with the modern password because of the inefficiency of the use of the password, or the use of OTP(one time password). In this paper an algorithm for direct communication by means of direct cryptographic communications rather than quantum keys. The method of implementing quantum secure direct community was adopted using 2-channel methods using Einstein gravity field. Two channels were designed to adopt a quantum secret communication protocol that applies time delay between 2-channels of channel to apply time difference between 2-channels. The proposed time delay effect reflects the time delay by reflecting the gravitational lensing phenomenon. Gravity generator with centrifugal acceleration is incorporated in the viscometer, and the time delay using this implies the correlation between the variance of the metametry.

A fingerprint Alignment with a 3D Geometric Hashing Table based on the fuzzy Fingerprint Vault (3차원 기하학적 해싱을 이용한 퍼지볼트에서의 지문 정합)

  • Lee, Sung-Ju;Moon, Dae-Sung;Kim, Hak-Jae;Yi, Ok-Yeon;Chung, Yong-Wha
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.18 no.1
    • /
    • pp.11-21
    • /
    • 2008
  • Biometrics-based user authentication has several advantages over traditional password-based systems for standalone authentication applications. This is also true for new authentication architectures known as crypto-biometric systems, where cryptography and biometrics are merged to achieve high security and user convenience at the same time. Recently, a cryptographic construct, called fuzzy vault, has been proposed for crypto-biometric systems. This construct aims to secure critical data(e.g., secret key) with the fingerprint data in a way that only the authorized user can access the secret by providing the valid fingerprint, and some implementations results for fingerprint have been reported. However, the previous results had some limitation of the provided security due to the limited numbers of chaff data fer hiding real fingerprint data. In this paper, we propose an approach to provide both the automatic alignment of fingerprint data and higher security by using a 3D geometric hash table. Based on the experimental results, we confirm that the proposed approach of using the 3D geometric hash table with the idea of the fuzzy vault can perform the fingerprint verification securely even with more chaff data included.

Two Attribute-based Broadcast Encryption Algorithms based on the Binary Tree (이진트리 기반의 속성기반 암호전송 알고리즘)

  • Lee, Moon Sik;Kim, HongTae;Hong, Jeoung Dae
    • Journal of the Korea Institute of Military Science and Technology
    • /
    • v.17 no.3
    • /
    • pp.358-363
    • /
    • 2014
  • In this paper, we present two constructions of the attribute-based broadcast encryption(ABBE) algorithm. Attribute-based encryption(ABE) algorithm enables an access control mechanism over encrypted data by specifying access policies among private keys and ciphertexts. ABBE algorithm can be used to construct ABE algorithm with revocation mechanism. Revocation has a useful property that revocation can be done without affecting any non-revoked uers. The main difference between our algorithm and the classical ones derived from the complete subtree paradigm which is apt for military hierarchy. Our algorithm improve the efficiency from the previously best ABBE algorithm, in particular, our algorithm allows one to select or revoke users by sending ciphertext of constant size with respect to the number of attributes and by storing logarithm secret key size of the number of users. Therefore, our algorithm can be an option to applications where computation cost is a top priority and can be applied to military technologies in the near future.

Distributed Secure Mail System For Roaming User (이동 사용자를 위한 분산 보안 메일 시스템)

  • Yang, Jong-Phil;Sur, Chul;Lee, Kyung-Hyune
    • The KIPS Transactions:PartC
    • /
    • v.10C no.6
    • /
    • pp.825-834
    • /
    • 2003
  • In this paper, we propose a new certified e-mail system which reduces user's computational overhead and distributes confidentiality of TTP(Trusted Third Partty). Based on the traditional cryptographic schemes and server-supported signiture for fairness and confidentiality of message, we intend to minimize to computation overhead of mobile device on public key algorithm. Therefore, our proposal becomes to be suitable for mail user sho uses mobile devices such as cellular phone and PDA. Moreover, the proposed system is fault-tolerant, secure against mobile adversary and conspiracy attack, since it is based on the threshold cryptography on server-side.

An Improved HORS for Stream Authentication (스트림 인증에 적합한 개선된 HORS기법)

  • 박용수;조유근
    • Journal of KIISE:Computer Systems and Theory
    • /
    • v.30 no.7_8
    • /
    • pp.417-425
    • /
    • 2003
  • We propose an efficient one-time signature scheme for stream authentication by improving HORS. When one-time signatures are used for authenticating live streams, one of the most serious drawbacks is that its large signature size yields high communication overhead. Compared with the previous one-time signature schemes, proposed scheme has the smallest signature size. Moreover, verification overhead is very low. Compared with the previous schemes for stream authentication, signing overhead of our scheme is larger than that of HORS but much lower than those of BiBa or Powerball. Moreover, signing operation can be trivially parallelized without any additional risk because it does not require sharing of the secret key between distributed servers.

A Study on the Throughput Enhancement in Software Implementation of Ultra Light-Weight Cryptography PRESENT (초경량 암호 PRESENT의 소프트웨어 구현 시 처리량 향상에 대한 연구)

  • Park, Won-kyu;Cebrian, Guillermo Pallares;Kim, Sung-joon;Lee, Kang-hyun;Lim, Dae-woon;Yu, Ki-soon
    • The Journal of Korean Institute of Communications and Information Sciences
    • /
    • v.42 no.2
    • /
    • pp.316-322
    • /
    • 2017
  • This paper suggests an efficient software implementation of lightweight encryption algorithm PRESENT which supports for secret key lengths of 80-bits. Each round of PRESENT is composed of the round key addition, substitution, and permutation and is repeated 31 times. Bo Zhu suggested combined substitution and permutation for efficient operation so that encryption throughput has been increased 2.6 times than processing substitution and permutation at separate times. The scheme that suggested in this paper improved the scheme of Bo Zhu to reduce the number of operation for the round key addition, substitution, and permutation. The scheme that suggested in this paper has increased encryption throughput up to 1.6 times than the scheme of Bo Zhu but memory usage has been increased.

A Study on CPA Performance Enhancement using the PCA (주성분 분석 기반의 CPA 성능 향상 연구)

  • Baek, Sang-Su;Jang, Seung-Kyu;Park, Aesun;Han, Dong-Guk;Ryou, Jae-Cheol
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.24 no.5
    • /
    • pp.1013-1022
    • /
    • 2014
  • Correlation Power Analysis (CPA) is a type of Side-Channel Analysis (SCA) that extracts the secret key using the correlation coefficient both side-channel information leakage by cryptography device and intermediate value of algorithms. Attack performance of the CPA is affected by noise and temporal synchronization of power consumption leaked. In the recent years, various researches about the signal processing have been presented to improve the performance of power analysis. Among these signal processing techniques, compression techniques of the signal based on Principal Component Analysis (PCA) has been presented. Selection of the principal components is an important issue in signal compression based on PCA. Because selection of the principal component will affect the performance of the analysis. In this paper, we present a method of selecting the principal component by using the correlation of the principal components and the power consumption is high and a CPA technique based on the principal component that utilizes the feature that the principal component has different. Also, we prove the performance of our method by carrying out the experiment.