• ETRI Journal
• /
• v.43 no.3
• /
• pp.561-570
• /
• 2021

This paper presents master key identifier based protocol steganography (MKIPS), a new approach toward creating a covert channel within the Secure Real-time Transfer Protocol, also known as SRTP. This can be achieved using the ability of the sender of Voice-over-Internet Protocol packets to select a master key from a pre-shared list of available cryptographic keys. This list is handed to the SRTP sender and receiver by an external key management protocol during session initiation. In this work, by intelligent utilization of the master key identifier field in the SRTP packet creation process, a covert channel is created. The proposed covert channel can reach a relatively high transfer rate, and its capacity may vary based on the underlying SRTP channel properties. In comparison to existing data embedding methods in SRTP, MKIPS can convey a secret message without adding to the traffic overhead of the channel and packet loss in the destination. Additionally, the proposed covert channel is as robust as its underlying user datagram protocol channel.

• International Journal of Computer Science & Network Security
• /
• v.21 no.12
• /
• pp.53-60
• /
• 2021

Many standard methods are used for secret text files and secrete short messages cryptography, these methods are efficient when the text to be encrypted is small, and the efficiency will rapidly decrease when increasing the text size, also these methods sometimes have a low level of security, this level will depend on the PK length and sometimes it may be hacked. In this paper, a new method will be introduced to improve the data protection level by using a changeable secrete speech file to generate PK. Highly Secure Data Encryption (HSDE) method will be implemented and tested for data quality levels to ensure that the HSDE destroys the data in the encryption phase, and recover the original data in the decryption phase. Some standard methods of data cryptography will be implemented; comparisons will be done to justify the enhancements provided by the proposed method.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.13 no.7
• /
• pp.3778-3793
• /
• 2019

Image steganography is one of the key types of steganography where a message to be sent is hidden inside the cover image. The most commonly used techniques for image steganography rely on LSB steganography. In this paper, a novel image steganography technique based on blocks matrix determinant method is proposed. Under this method, a cover image is divided into blocks of size $2{\times}2$ pixels and the determinant of each block is calculated. The comparison of the determinant values and corresponding data bits yields a delicate way for the embedment of data bits. The main aim of the proposed technique is to ensure concealment of secret data inside an image without affecting the cover image quality. When the proposed steganography method is compared with other existing LSB steganography methods, it is observed that it not only provides higher PSNR, lower MSE but also guarantees better quality of the stego image.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.4
• /
• pp.727-738
• /
• 2015

Until recently, power analysis is one of the most popular research issues among various side channel analyses. Since Differential Power Analysis had been first proposed by Kocher et al., various practical power analyses correspond with software/hardware cryptographic devices have been proposed. In this paper, we analyze vulnerability of countermeasure against power analysis exploiting single power trace of public cryptographic algorithm. In ICICS 2010, Clavier et al. proposed Horizontal Correlation Analysis which can recover secret information from a single exponentiation trace and corresponding countermeasures. "Blind operands in LIM", one of their countermeasures, exploits additive blinding in order to prevent leakage of intermediate value related to secret information. However, this countermeasure has vulnerability of having power leakage that is dependant with the message known by an adversary. In this paper, we analyzed vulnerabilities by three attack scenarios and proved them by practical correlation power analysis experiments.

• Journal of KIISE:Computer Systems and Theory
• /
• v.34 no.11
• /
• pp.589-598
• /
• 2007

In the group communication which has multiple data streams and various access privileges, it is necessary to provide group access control. The group members having the same access privilege are classified into one class, and the classes form a hierarchy based on the access relations. Then each class is assigned to a secret key. In the previous schemes, a single logical key graph is constructed from the hierarchy and each member always holds all secret keys of the classes he can access in the proactive manner. Thus, higher-privileged members hold more keys then lower-privileged members. However, if the hierarchy is large, each member manages too many keys and the size of multicast message in rekeying increases in proportion to the size of the hierarchy. Moreover, most of the members access a small portion of multiple data streams simultaneously. Therefore, it is redundant to receive rekeying message and update the keys in which he is not currently interested. In this paper, we present a new key management scheme that takes a reactive approach in which each member obtains the key of a data stream only when he wants to access the stream. Each member holds and updates only the key of the class he belongs. If he wants to get the key of other class, he derives it from his key and the public parameter. Proposed scheme considerable reduces the costs for rekeying, especially in the group where access relations are very complex and the hierarchy is large. Moreover, the scheme has another advantage that it easily reflects the change of access relations.

• Journal of Internet Computing and Services
• /
• v.13 no.2
• /
• pp.59-71
• /
• 2012

PKI-based public key scheme is outstanding in terms of authenticity and privacy. Nevertheless its application brings big burden due to the certificate/key management. It is difficult to apply it to limited computing devices in WSN because of its high encryption complexity. The Bilinear Pairing emerged from the original IBE to eliminate the certificate, is a future significant cryptosystem as based on the DDH(Decisional DH) algorithm which is significant in terms of computation and secure enough for authentication, as well as secure and faster. The practical EC Weil Pairing presents that its encryption algorithm is simple and it satisfies IND/NM security constraints against CCA. The Random Oracle Model based IBE PKG is appropriate to the structure of our target system with one secret file server in the operational perspective. Our work proposes modification of the Weil Pairing as proper to the closed network for secret file distribution[2]. First we proposed the improved one computing both encryption and message/user authentication as fast as O(DES) level, in which our scheme satisfies privacy, authenticity and integrity. Secondly as using the public key ID as effective as PKI, our improved IBE variant reduces the key exposure risk.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.42 no.2
• /
• pp.349-357
• /
• 2017

Many Web sites adopt SMS(Short Message Service)-based user authentication when a user loses her password or approves an online payment. In SMS-based authentication, the authentication server sends a text in plaintext to a user's phone, and it allows an attacker who eavesdrops or intercepts the text to impersonate a valid user(victim). We propose a challenge-response scheme to prove to the authentication server that a user is in a certain place at the moment with her smartphone beside her. The proposed scheme generates a response using a challenge by the server, user's current location, and a secret on the user's smartphone all together. Consequently, the scheme is much more secure than SMS-based authentication that simply asks a user to send the same text arrived on her phone back to the server. In addition to entering the response, which substitutes the SMS text, the scheme also requests a user to input a passphrase to get the authentication process started. We believe, however, the additional typing should be tolerable to most users considering the enhanced security level of the scheme.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.11 no.1
• /
• pp.536-551
• /
• 2017

With the advancement and deployment of leading-edge telecommunication technologies for sensing and collecting, computing related information, Cloud of Things (CoTs) has emerged as a typical application platform that is envisioned to revolutionize the daily activities of human society, such as intelligent transportation, modern logistics, food safety, environmental monitoring, etc. To avoid any possible malicious attack and resource abuse, employing hash functions is widely recognized as one of the most effective approaches for CoTs to achieve message integrity and data authentication. The Whirlpool hash function has served as part of the joint ISO/IEC 10118-3 International Standard by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC). In this paper, we propose an effective differential fault analysis on Whirlpool in the byte-oriented random fault model. The mathematical analysis and experimental results show that 8 random faults on average are required to obtain the current 512-bit message input of whirlpool and the secret key of HMAC-Whirlpool. Our work demonstrates that Whirlpool and HMAC-Whirlpool are both vulnerable to the single byte differential fault analysis. It provides a new reference for the security analysis of the same structure of the hash functions in the CoTs.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.14 no.12
• /
• pp.2657-2662
• /
• 2010

Demand on information security in mobile devices based control system grows rapidly with a view to counteracting information hacking and leakage. Among these techniques, encryption and authentication are most common. This paper presents CBC-MAC (Cipher Block Chaining-Message Authentication Code) based mobile devices control system. The system is termed as Secure Mobile in Vehicle (SMIV)We use CBC-MAC that is one of the most efficient authentication modes to protect information against any malicious attacks. By sharing the secret key of CBC-MAC between the transmitter and receiver, it asserts authentic information. The proposed system is verified in such a way that we develop mobile devices control system, apply the CBC-MAC algorithm to the control system and validate the received data. Unlike conventional systems where the development of control mechanism in mobile devices based control systems is main concern, this proposed system offers a secure communication link of the data in mobile devices control system and therefore would be useful to the design and implementation of various mobile devices based control systems.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.39C no.3
• /
• pp.223-233
• /
• 2014

As a broadcast message authentication method in wireless sensor networks, ${\mu}$TESLA enables sensor nodes efficiently authenticate message from base station (BS). However, if we use ${\mu}$TESLA that has very short length of key slot in unattended wireless sensor network (UWSN), sensors may calculate a huge amount of hashs at once in order to verify the revealed secret key. In contrast, if we set the length of ${\mu}$TESLA's key slot too long in order to reduce the amount of hashs to calculate, BS should wait out the long slot time to release key. In this paper, we suggest variable key slot ${\mu}$TESLA in order to mitigate the problem. As showing experiment results, we prove that our suggestion improve sensor node's response time and decrease of number of hash function calculation.