• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 1995.11a
• /
• pp.200-210
• /
• 1995

Almost all hash functions suggested up till now provide security by using complicated operations on fixed size blocks, but still the security isn't guaranteed mathematically. The difficulty of making a secure hash function lies in the collision freeness, and this can be obtained from permutation polynomials. If a permutation polynomial has the property of one-wayness, it is suitable for a hash function. We have chosen Dickson polynomial for our hash algorithm, which is a kind of permutation polynomials. When certain conditions are satisfied, a Dickson polynomial has the property of one-wayness, which makes the resulting hash code mathematically secure. In this paper, a message digest algorithm will be designed using Dickson polynomial.

• Journal of Convergence Society for SMB
• /
• v.4 no.4
• /
• pp.19-23
• /
• 2014

Group communication is becoming increasingly popular in Internet applications such as videoconferences, online chatting programs, games, and gambling. For secure communications, the integrity of messages, member authentication, and confidentiality must be provided among group members. To maintain message integrity, all group members use the Group Key (GK) for encrypting and decrypting messages while providing enough security to protect against passive attacks. Tree-based Group Diffie-Hellman (TGDH) is an efficient group key agreement protocol to generate the GK. TGDH assumes all members have an equal computing power. One of the characteristics of distributed computing and grid environments is heterogeneity; the member can be at a workstation, a laptop or even a mobile computer. Member reordering in the TDGH protocol could potentially lead to an improved protocol; such reordering should capture the heterogeneity of the network as well as latency. This research investigates dynamic reordering mechanisms to consider not only the overhead involved but also the scalability of the proposed protocol.

• ETRI Journal
• /
• v.41 no.4
• /
• pp.465-472
• /
• 2019

The major challenge in wireless body area networks (WBAN) is setting up a protected communication between data consumers and a body area network controller while meeting the security and privacy requirements. This paper proposes efficient and secure data communication in WBANs using a Twofish symmetric algorithm and ciphertext-policy attribute-based encryption with constant size ciphertext; in addition, the proposed scheme incorporates policy updating to update access policies. To the best of the author's knowledge, policy updating in WBAN has not been studied in earlier works. The proposed scheme is evaluated in terms of message size, energy consumption, and computation cost, and the results are compared with those of existing schemes. The result shows that the proposed method can achieve higher efficiency than conventional methods.

• The KIPS Transactions:PartC
• /
• v.18C no.5
• /
• pp.303-316
• /
• 2011

Data aggregation is important in wireless sensor networks. However, it also introduces many security problems, one of which is that a compromised node may inject false data or drop a message during data aggregation. Most existing solutions rely on encryption, which however requires high computation and communication cost. But they can only detect the occurrence of an attack without finding the attacking node. This makes sensor nodes waste their energy in sending false data if attacks occur repeatedly. Even an existing work can identify the location of a false data injection attack but it has a limitation that at most 50% of total sensor nodes can participate in data transmission. Therefore, a novel approach is required such that it can identify an attacker and also increase the number of nodes which participate in data transmission. In this paper, we propose a monitoring-based secure data aggregation protocol to prevent against a compromised aggregator which injects false data or drops a message. The proposed protocol consists of aggregation tree construction and secure data aggregation. In secure data aggregation, we use integration of abnormal data detection with monitoring and a minimal cryptographic technique. The simulation results show the proposed protocol increases the number of participating nodes in data transmission to 95% of the total nodes. The proposed protocol also can identify the location of a compromised node which injects false data or drops a message. A communication overhead for tracing back a location of a compromised node is O(n) where n is the total number of nodes and the cost is the same or better than other existing solutions.

• The Journal of Korea Institute of Information, Electronics, and Communication Technology
• /
• v.11 no.5
• /
• pp.507-513
• /
• 2018

Steganography is a technique that uses hidden messages to prevent anyone apart from knowing the existence of a secret message, except the sender and trusted recipients. This paper applies 24 bit color image as cover medium. And a 24-bit color image has three components corresponding to red, green and blue. This paper proposes an image steganography method that uses Triple-A algorithm to hide the secret (Hangul) message by arbitrarily selecting the number of LSB bits and the color channel to be used. This paper divides the secret character into the chosung, jungsung and jongsung, and applies crossover, encryption and arbitrary insertion positions to enhance robustness and confidentiality. Experimental results of the proposed method show that insertion capacity and correlation are excellent and acceptable image quality level. Also, considering the image quality, it was confirmed that the size of LSB should be less than 2.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.5
• /
• pp.3-13
• /
• 2011

In 2004, Boneh et.al. proposed a public key encryption with keyword search (PEKS) scheme which enables a server to test whether a keyword used in generating a ciphertext by a sender is identical to a keyword used in generating a query by a receiver or not. Yang et. al. proposed a probabilistic public key encryption with equality test (PEET) scheme which enables to test whether one message of ciphertext generated by one public key is identical to the other message generated by the other public key or not. If the message is replaced to a keyword, PEET is not secure against keyword guessing attacks and does not satisfy IND-CP A security which is generally considered in searchable encryption schemes. In this paper, we propose a public key encryption with equality test with designated tester (dPEET) which is secure against keyword guessing attacks and achieves IND-CPA security.

• International Journal of Computer Science & Network Security
• /
• v.21 no.1
• /
• pp.143-151
• /
• 2021

The enormous prevalence of transferring official confidential digital documents via the Internet shows the urgent need to deliver confidential messages to the recipient without letting any unauthorized person to know contents of the secret messages or detect there existence . Several Steganography techniques such as the least significant Bit (LSB), Secure Cover Selection (SCS), Discrete Cosine Transform (DCT) and Palette Based (PB) were applied to prevent any intruder from analyzing and getting the secret transferred message. The utilized steganography methods should defiance the challenges of Steganalysis techniques in term of analysis and detection. This paper presents a novel and robust framework for color image steganography that combines Linear Congruential Generator (LCG), simulated annealing (SA), Cesar cryptography and LSB substitution method in one system in order to reduce the objection of Steganalysis and deliver data securely to their destination. SA with the support of LCG finds out the optimal minimum sniffing path inside a cover color image (RGB) then the confidential message will be encrypt and embedded within the RGB image path as a host medium by using Cesar and LSB procedures. Embedding and extraction processes of secret message require a common knowledge between sender and receiver; that knowledge are represented by SA initialization parameters, LCG seed, Cesar key agreement and secret message length. Steganalysis intruder will not understand or detect the secret message inside the host image without the correct knowledge about the manipulation process. The constructed system satisfies the main requirements of image steganography in term of robustness against confidential message extraction, high quality visual appearance, little mean square error (MSE) and high peak signal noise ratio (PSNR).

• Journal of Internet Computing and Services
• /
• v.2 no.3
• /
• pp.51-62
• /
• 2001

Recently, as computers and networks become popular, distributing information on the Internet is common In our daily life. also, the explosion of the Internet. of wireless digital communication and data exchange on Internet has rapidly changed the way we connect with other people. The e-mail has been commonly used by users as well recognizing It as the standard of manners among users on the Internet. In the past, e-mail has been the primary choice of exchanging Information, but secure mail is gaining popularity abroad and domestically because of their nature of providing security. That is. it has been used a variety of fields such as general mail and e-mail for advertisement. But, As the data transmitted on network can be easily opened or forged with simple operations. most of existing e-mail system don't have any security on the transmitted information. Thus. security mail system need to provide security including message encryption, content Integrity, message origin authentication, and non-repudiation. In this paper, we design implement secure mail system with non-repudiation service and encryption capability to provide services for certification of delivery and certification of content as well as the basic security services. API.

• The KIPS Transactions:PartC
• /
• v.16C no.1
• /
• pp.37-50
• /
• 2009

The SCADA(Supervisory Control And Data Acquisition) system is a control system for infrastructure of nation. In the past, the SCADA system was designed without security function because of its closed operating environment. However, the security of the SCADA system has become an issue with connection to the open network caused by improved technology. In this paper we review the constraints and security requirements for SCADA system and propose advanced key management architecture for secure SCADA communications. The contributions of the present work are that our scheme support both message broadcasting and secure communications, while the existing key management schemes for SCADA system don't support message broadcasting. Moreover, by evenly spreading much of the total amount of computation across high power nodes (MTU or SUB-MTU), our protocol avoids any potential performance bottleneck of the system while keeping the burden on low power (RTU) nodes at minimal.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.10 no.1
• /
• pp.136-141
• /
• 2006

The IEEE 802.1x can be using various user authentication mechanisms: One-Time Password, Certificate-Based TLS, Challenge/Response and Keberos through EAP(Extended Authentication Protocol). But, IEEE 802.1x also has vulnerabilities about the DoS, the session hijacking and the Man in the Middle attack due to the absence of AP authentication. In this paper, we propose a WLAN secure system which can offer a safety secure communication and a user authentications by intensified the vulnerability of spoofing and DoS attacks. The suppose system offers a safe secure communication because it offers sending message of integrity service and also it prevents DoS attack at authentication initial phase.