• Title/Summary/Keyword: secure hash algorithm

Search Result 46, Processing Time 0.021 seconds

Secure Digital Signature Scheme regardless of the level of Security of the Hash Algorithm In Public Key Infrastructure Environment (공개키 구조 환경에서 해쉬 알고리즘의 안전성 정도에 상관없는 안전한 디지털 서명 방식)

  • 송성근;윤희용;이호재;이형수
    • Proceedings of the Korean Information Science Society Conference
    • /
    • 2003.10a
    • /
    • pp.754-756
    • /
    • 2003
  • 많은 디지털 서명 알고리즘들이 제안되었지만, 내제된 위험 요소들은 여전히 해결되지 않고 있다. 그 중 해쉬 함수의 충돌(Collision)문제가 있는데, 중요한 것은 이 문제로 인해 메시지가 일단 위조되면 어느 누구도 그 메시지의 위법성을 증명할 수 없다는 것이다. 따라서, 본 논문에서는 이 문제를 해결하는 방법에 대해 연구하고 새로운 디지털 서명 방식을 제안한다. 제안된 디지털 서명 방식은 해쉬(Hash) 알고리즘의 안전성 정도에 상관없고 오직 공개키 암호의 안전성에 연관되기 때문에 계산 속도가 빠른 해쉬 알고리즘을 사용할 수 있다. 또한, 이 방식은 기존 디지털 서명 알고리즘과 함께 사용될 수 있어서 E-commerce를 더욱 활성화시킬 것으로 예상된다.

  • PDF

Image Deduplication Based on Hashing and Clustering in Cloud Storage

  • Chen, Lu;Xiang, Feng;Sun, Zhixin
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.15 no.4
    • /
    • pp.1448-1463
    • /
    • 2021
  • With the continuous development of cloud storage, plenty of redundant data exists in cloud storage, especially multimedia data such as images and videos. Data deduplication is a data reduction technology that significantly reduces storage requirements and increases bandwidth efficiency. To ensure data security, users typically encrypt data before uploading it. However, there is a contradiction between data encryption and deduplication. Existing deduplication methods for regular files cannot be applied to image deduplication because images need to be detected based on visual content. In this paper, we propose a secure image deduplication scheme based on hashing and clustering, which combines a novel perceptual hash algorithm based on Local Binary Pattern. In this scheme, the hash value of the image is used as the fingerprint to perform deduplication, and the image is transmitted in an encrypted form. Images are clustered to reduce the time complexity of deduplication. The proposed scheme can ensure the security of images and improve deduplication accuracy. The comparison with other image deduplication schemes demonstrates that our scheme has somewhat better performance.

Cryptft+ : Python/Pyqt based File Encryption & Decryption System Using AES and HASH Algorithm (Crypft+ : Python/PyQt 기반 AES와 HASH 알고리즘을 이용한 파일 암복호화 시스템)

  • Shin, Dongho;Bae, Woori;Shin, Hyeonggyu;Nam, Seungjin;Lee, Hyung-Woo
    • Journal of Internet of Things and Convergence
    • /
    • v.2 no.3
    • /
    • pp.43-51
    • /
    • 2016
  • In this paper, we have developed Crypft+ as an enhanced file encryption/decryption system to improve the security of IoT system or individual document file management process. The Crypft+ system was developed as a core security module using Python, and designed and implemented a user interface using PyQt. We also implemented encryption and decryption function of important files stored in the computer system using AES based symmetric key encryption algorithm and SHA-512 based hash algorithm. In addition, Cx-Freezes module is used to convert the program as an exe-based executable code. Additionally, the manual for understanding the Cryptft+ SW is included in the internal program so that it can be downloaded directly.

A Secure Mobile Message Authentication Over VANET (VANET 상에서의 이동성을 고려한 안전한 메시지 인증기법)

  • Seo, Hwa-Jeong;Kim, Ho-Won
    • Journal of the Korea Institute of Information and Communication Engineering
    • /
    • v.15 no.5
    • /
    • pp.1087-1096
    • /
    • 2011
  • Vehicular Ad Hoc Network(VANET) using wireless network is offering the communications between vehicle and vehicle(V2V) or vehicle and infrastructure(V2I). VANET is being actively researched from industry field and university because of the rapid developments of the industry and vehicular automation. Information, collected from VANET, of velocity, acceleration, condition of road and environments provides various services related with safe drive to the drivers, so security over network is the inevitable factor. For the secure message authentication, a number of authentication proposals have been proposed. Among of them, a scheme, proposed by Jung, applying database search algorithm, Bloom filter, to RAISE scheme, is efficient authentication algorithm in a dense space. However, k-anonymity used for obtaining the accurate vehicular identification in the paper has a weak point. Whenever requesting the righteous identification, all hash value of messages are calculated. For this reason, as the number of car increases, a amount of hash operation increases exponentially. Moreover the paper does not provide a complete key exchange algorithm while the hand-over operation. In this paper, we use a Received Signal Strength Indicator(RSSI) based velocity and distance estimation algorithm to localize the identification and provide the secure and efficient algorithm in which the problem of hand-over algorithm is corrected.

A JTAG Protection Method for Mobile Application Processors (모바일 애플리케이션 프로세서의 JTAG 보안 기법)

  • Lim, Min-Soo;Park, Bong-Il;Won, Dong-Ho
    • The Transactions of The Korean Institute of Electrical Engineers
    • /
    • v.57 no.4
    • /
    • pp.706-714
    • /
    • 2008
  • In this paper, we suggest a practical and flexible system architecture for JTAG(Joint Test Action Group) protection of application processors. From the view point of security, the debugging function through JTAG port can be abused by malicious users, so the internal structures and important information of application processors, and the sensitive information of devices connected to an application processor can be leak. This paper suggests a system architecture that disables computing power of computers used to attack processors to reveal important information. For this, a user authentication method is used to improve security strength by checking the integrity of boot code that is stored at boot memory, on booting time. Moreover for user authorization, we share hard wired secret key cryptography modules designed for functional operation instead of hardwired public key cryptography modules designed for only JTAG protection; this methodology allows developers to design application processors in a cost and power effective way. Our experiment shows that the security strength can be improved up to $2^{160}{\times}0.6$second when using 160-bit secure hash algorithm.

Privacy Preserving and Relay Attack Preventing Multi-Context RFID Mutual Authentication Protocol (프라이버시를 제공하고 중계 공격에 안전한 다중-컨텍스트 RFID 상호 인증 프로토콜)

  • Ahn, Hae-Soon;Yoon, Eun-Jun;Nam, In-Gil
    • The Journal of Korean Institute of Communications and Information Sciences
    • /
    • v.36 no.8B
    • /
    • pp.1028-1037
    • /
    • 2011
  • Recently, Selim et al proposed public key cryptography based privacy preserving multi-context RFID authentication protocol. However Selim et al's proposed protocol not only doesn't fit into passive tag based RFID system because it uses public key based encryption algorithm to perform authentication between reader and tag, but also is insecure to an impersonation attack because it doesn't provide mutual authentication. In order to eliminate the above described efficiency problem and security vulnerabilities, this paper proposes a new multi-context RFID mutual authentication protocol that can prevent privacy invasion and tag impersonation attack through providing mutual authentication between single passive tag which is located different application space and readers which provide multi-context purposes and can secure against relay attack and denial-of-service attack. As a result, the proposed protocol performs secure mutual authentication based on the collected space and time information from the RFID reader and provides strong security and high computation efficiency because if performs secure one-way hash function and symmetric encryption operations suitable to the environments of passive RFID tags.

The Design of Improved Information Security Mechanism based on SSL(Secure Socket Layer) (SSL(Secure Socket Layer) 기반에서 향상된 정보보호 메커니즘의 설계)

  • Choi, Seong;You, Seong-Jin;Kim, Seong-Yeol;Chung, Il-Yong
    • Annual Conference of KIPS
    • /
    • 2000.04a
    • /
    • pp.318-323
    • /
    • 2000
  • The SSL(Secure Socket Layer) protocol is one of the mechanism widely used in the recent network system. The improved information security mechanism based on the SSL is designed in this paper. There are important four information security services. The first is the authentication service using the Certificate offered from the SSL(Secure Socket Layer), the second is the message confidentiality service using the DES encryption algorithm, the third is the message integrity service using Hash function, and the fourth is Non-repudiation service. Therefore, information could be transferred securely under the information security mechanism including Non-repudiation service especially designed in this paper.

  • PDF

Computation and Communication Efficient Key Distribution Protocol for Secure Multicast Communication

  • Vijayakumar, P.;Bose, S.;Kannan, A.;Jegatha Deborah, L.
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.7 no.4
    • /
    • pp.878-894
    • /
    • 2013
  • Secure multimedia multicast applications involve group communications where group membership requires secured dynamic key generation and updating operations. Such operations usually consume high computation time and therefore designing a key distribution protocol with reduced computation time is necessary for multicast applications. In this paper, we propose a new key distribution protocol that focuses on two aspects. The first one aims at the reduction of computation complexity by performing lesser numbers of multiplication operations using a ternary-tree approach during key updating. Moreover, it aims to optimize the number of multiplication operations by using the existing Karatsuba divide and conquer approach for fast multiplication. The second aspect aims at reducing the amount of information communicated to the group members during the update operations in the key content. The proposed algorithm has been evaluated based on computation and communication complexity and a comparative performance analysis of various key distribution protocols is provided. Moreover, it has been observed that the proposed algorithm reduces the computation and communication time significantly.

Implementation of High-Throughput SHA-1 Hash Algorithm using Multiple Unfolding Technique (다중 언폴딩 기법을 이용한 SHA-1 해쉬 알고리즘 고속 구현)

  • Lee, Eun-Hee;Lee, Je-Hoon;Jang, Young-Jo;Cho, Kyoung-Rok
    • Journal of the Institute of Electronics Engineers of Korea SD
    • /
    • v.47 no.4
    • /
    • pp.41-49
    • /
    • 2010
  • This paper proposes a new high speed SHA-1 architecture using multiple unfolding and pre-computation techniques. We unfolds iterative hash operations to 2 continuos hash stage and reschedules computation timing. Then, the part of critical path is computed at the previous hash operation round and the rest is performed in the present round. These techniques reduce 3 additions to 2 additions on the critical path. It makes the maximum clock frequency of 118 MHz which provides throughput rate of 5.9 Gbps. The proposed architecture shows 26% higher throughput with a 32% smaller hardware size compared to other counterparts. This paper also introduces a analytical model of multiple SHA-1 architecture at the system level that maps a large input data on SHA-1 block in parallel. The model gives us the required number of SHA-1 blocks for a large multimedia data processing that it helps to make decision hardware configuration. The hs fospeed SHA-1 is useful to generate a condensed message and may strengthen the security of mobile communication and internet service.

Security Enhancing of Authentication Protocol for Hash Based RFID Tag (해쉬 기반 RFID 태그를 위한 인증 프로토콜의 보안성 향상)

  • Jeon, Jin-Oh;Kang, Min-Sup
    • Journal of Internet Computing and Services
    • /
    • v.11 no.4
    • /
    • pp.23-32
    • /
    • 2010
  • In this paper, we first propose the security enhancing of authentication protocol for Hash based RFID tag, and then a digital Codec for RFID tag is designed based on the proposed authentication protocol. The protocol is based on a three-way challenge response authentication protocol between the tags and a back-end server. In order to realize a secure cryptographic authentication mechanism, we modify three types of the protocol packets which defined in the ISO/IEC 18000-3 standard. Thus active attacks such as the Man-in-the-middle and Replay attacks can be easily protected. In order to verify effectiveness of the proposed protocol, a digital Codec for RFID tag is designed using Verilog HDL, and also synthesized using Synopsys Design Compiler with Hynix $0.25\;{\mu}m$ standard-cell library. Through security analysis and comparison result, we will show that the proposed scheme has better performance in user data confidentiality, tag anonymity, Man-in-the-middle attack prevention, replay attack, forgery resistance and location tracking.