• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.4
• /
• pp.729-738
• /
• 2019

In this paper, we propose two-way authentication protocol between unmanned systems in tactical wireless networks in which long distance communications are not guaranteed due to a poor channel conditions. It is assumed that every unmanned systems have same random data set before they put into combat. The proposed protocol generates authentication code(AC) using random data that causes hash collision. The requester for authentication encrypts the materials such as their identifier, time-stamp, authentication code with the secret key. After then the requester transmits the encrypted message to the receiver. The receiver authenticates the requester by verifying the authentication code included in the request message. The performance analysis of the proposed protocol shows that it guarantees the security for various attack scenarios and efficiency in terms of communication overhead and computational cost. Furthermore, we analyzed the effect of the parameter values of the proposed protocol on the performance and suggest appropriate parameter value selection guide according to the level of security requirement.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.7 no.1
• /
• pp.132-148
• /
• 2013

Via the Internet, the information infrastructure of modern health care has already established medical information systems to share electronic health records among patients and health care providers. Data hiding plays an important role to protect medical images. Because modern medical devices have improved, high resolutions of medical images are provided to detect early diseases. The high quality medical images are used to recognize complicated anatomical structures such as soft tissues, muscles, and internal organs to support diagnosis of diseases. For instance, 16-bit depth medical images will provide 65,536 discrete levels to show more details of anatomical structures. In general, the feature of low utilization rate of intensity in 16-bit depth will be utilized to handle overflow/underflow problem. Nowadays, most of data hiding algorithms are still experimenting on 8-bit depth medical images. We proposed a novel reversible data hiding scheme testing on 16-bit depth CT and MRI medical image. And the peak point and zero point of a histogram are applied to embed secret message k bits without salt-and-pepper.

• Journal of Digital Contents Society
• /
• v.9 no.1
• /
• pp.125-130
• /
• 2008

User web service is increasing by development of internet technology. Quantity of encrypted data that transmitted through the network are increasing by development of encipherment technology. We have many problems; it is caused by technical development and service increase of user requests. It is like that, we have reliability of contents and illegality copy problem of internet contents in web application system. It is contents protection skills in web that encipherment technology, authentication and digital signature. We need message encoding and secret key for solve vulnerability of encipherment in web application system. In this paper, we propose a distributed secure system that can data confidentiality and user authentication. It prevent performance degradation from bottle neck in encipherment server, and improve service quality.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.5
• /
• pp.985-991
• /
• 2015

The user's secret key can be retrieved by various side channel leakage informations occurred during the execution of cryptographic RSA exponentiation algorithm which is embedded on a security device. The collision-based power analysis attack known as a serious side channel threat can be accomplished by finding some collision pairs on a RSA power consumption trace. Recently, an RSA exponentiation algorithm was proposed as a countermeasure which is based on the window method adopted combination of message blinding and exponent splitting. In this paper, we show that this countermeasure provides approximately $2^{53}$ attack complexity, much lower than $2^{98}$ insisted in the original article, when the window size is two.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.10 no.9
• /
• pp.4568-4584
• /
• 2016

Steganography based on text generation has become a hot research topic in recent years. However, current text-generation methods which generate texts of normal style have either semantic or syntactic flaws. Note that texts of special genre, such as poem, have much simpler language model, less grammar rules, and lower demand for naturalness. Motivated by this observation, in this paper, we propose a text steganography that utilizes Markov chain model to generate Ci-poetry, a classic Chinese poem style. Since all Ci poems have fixed tone patterns, the generation process is to select proper words based on a chosen tone pattern. Markov chain model can obtain a state transfer matrix which simulates the language model of Ci-poetry by learning from a given corpus. To begin with an initial word, we can hide secret message when we use the state transfer matrix to choose a next word, and iterating until the end of the whole Ci poem. Extensive experiments are conducted and both machine and human evaluation results show that our method can generate Ci-poetry with higher naturalness than former researches and achieve competitive embedding rate.

• Journal of Korea Multimedia Society
• /
• v.20 no.12
• /
• pp.1928-1939
• /
• 2017

Fog computing is another paradigm of the cloud computing, which extends the ubiquitous services to applications on many connected devices in the IoT (Internet of Things). In general, if we access a lot of IoT devices with existing cloud, we waste a huge amount of bandwidth and work efficiency becomes low. So we apply the paradigm called fog between IoT devices and cloud. The network architecture based on cloud and fog computing discloses the security and privacy issues according to mixed paradigm. There are so many security issues in many aspects. Moreover many IoT devices are connected at fog and they generate much data, therefore light and efficient security mechanism is needed. For example, with inappropriate encryption or authentication algorithm, it causes a huge bandwidth loss. In this paper, we consider issues related with data encryption and authentication mechanism in the network architecture for cloud and fog-based M2M (Machine to Machine) IoT services. This includes trusted encryption and authentication algorithm, and key generation method. The contribution of this paper is to provide efficient security mechanisms for the proposed service architecture. We implemented the envisaged conceptual security check mechanisms and verified their performance.

• Journal of Arbitration Studies
• /
• v.9 no.1
• /
• pp.367-390
• /
• 1999

The basic requirements for conducting electronic commerce include confidentiality, integrity, authentication and authorization. Cryptographic algorithms, make possible use of powerful authentication and encryption methods. Cryptographic techniques offer essential types of services for electronic commerce : authentication, non-repudiation. The oldest form of key-based cryptography is called secret-key or symmetric encryption. Public-key systems offer some advantages. The public key pair can be rapidly distributed. We don't have to send a copy of your public key to all the respondents. Fast cryptographic algorithms for generating message digests are known as one-way hash function. In order to use public-key cryptography, we need to generate a public key and a private key. We could use e-mail to send public key to all the correspondents. A better, trusted way of distributing public keys is to use a certification authority. A certification authority will accept our public key, along with some proof of identity, and serve as a repository of digital certificates. The digital certificate acts like an electronic driver's license. The Korea government is trying to set up the Public Key Infrastructure for certificate authorities. Both governments and the international business community must involve archiving keys with trusted third parties within a key management infrastructure. The archived keys would be managed, secured by governments under due process of law and strict accountability. It is important that all the nations continue efforts to develop an escrowed key in frastructure based on voluntary use and international standards and agreements.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.32 no.12C
• /
• pp.1188-1193
• /
• 2007

This paper proposes a secure data forwarding scheme on source routing-based ad-hoc networks. The scheme uses two hash-key chains generated from a trusted third party to generate Message Authentication Codes for data integrity The selected MAC keys are delivered to the ad-hoc node using a pre-shared secret between the trusted third party and a node. The proposed scheme does not require the PKI, or the provisioning of the pre-shared secrets among the ad-hoc nodes.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.12 no.9
• /
• pp.4527-4547
• /
• 2018

Signcryption is a cryptographic primitive that provides authentication (signing) and confidentiality (encrypting) simultaneously at a lower computational cost and communication overhead. With the proposition of certificateless public key cryptography (CLPKC), certificateless signcryption (CLSC) scheme has gradually become a research hotspot and attracted extensive attentions. However, many of previous CLSC schemes are constructed based on time-consuming pairing operation, which is impractical for mobile devices with limited computation ability and battery capacity. Although researchers have proposed pairing-free CLSC schemes to solve the issue of efficiency, many of them are in fact still insecure. Therefore, the challenging problem is to keep the balance between efficiency and security in CLSC schemes. In this paper, several existing CLSC schemes are cryptanalyzed and a new CLSC scheme without pairing based on elliptic curve cryptosystem (ECC) is presented. The proposed CLSC scheme is provably secure against indistinguishability under adaptive chosen-ciphertext attack (IND-CCA2) and existential unforgeability under adaptive chosen-message attack (EUF-CMA) resting on Gap Diffie-Hellman (GDH) assumption and discrete logarithm problem in the random oracle model. Furthermore, the proposed scheme resists the ephemeral secret leakage (ESL) attack, public key replacement (PKR) attack, malicious but passive KGC (MPK) attack, and presents efficient computational overhead compared with the existing related CLSC schemes.

• ETRI Journal
• /
• v.37 no.4
• /
• pp.696-706
• /
• 2015

This paper presents an achievable secure videoconferencing system based on quantum key encryption in which key management can be directly applied and embedded in a server/client videoconferencing model using, for example, OpenMeeting. A secure key management methodology is proposed to ensure both a trusted quantum network and a secure videoconferencing system. The proposed methodology presents architecture on how to share secret keys between key management servers and distant parties in a secure domain without transmitting any secrets over insecure channels. The advantages of the proposed secure key management methodology overcome the limitations of quantum point-to-point key sharing by simultaneously distributing keys to multiple users; thus, it makes quantum cryptography a more practical and secure solution. The time required for the encryption and decryption may cause a few seconds delay in video transmission, but this proposed method protects against adversary attacks.