• Title/Summary/Keyword: symmetric key

Search Result 346, Processing Time 0.021 seconds

Modified AES having same structure in encryption and decryption (암호와 복호가 동일한 변형 AES)

  • Cho, Gyeong-Yeon;Song, Hong-Bok
    • Journal of Korea Society of Industrial Information Systems
    • /
    • v.15 no.2
    • /
    • pp.1-9
    • /
    • 2010
  • Feistel and SPN are the two main structures in a block cipher. Feistel is a symmetric structure which has the same structure in encryption and decryption, but SPN is not a symmetric structure. In this paper, we propose a SPN which has a symmetric structure in encryption and decryption. The whole operations of proposed algorithm are composed of the even numbers of N rounds where the first half of them, 1 to N/2 round, applies a right function and the last half of them, (N+1)/2 to N round, employs an inverse function. And a symmetry layer is located in between the right function layer and the inverse function layer. In this paper, AES encryption and decryption function are selected for the right function and the inverse function, respectively. The symmetric layer is composed with simple matrix and round key addition. Due to the simplicity of the symmetric SPN structure in hardware implementation, the proposed modified AES is believed to construct a safe and efficient cipher in Smart Card and RFID environments where electronic chips are built in.

A Study on the Certification System in Electromic Commerce (전자상거래(電子商去來)의 인증체계(認證體系)에 관한 고찰(考察))

  • Ha, Kang Hun
    • Journal of Arbitration Studies
    • /
    • v.9 no.1
    • /
    • pp.367-390
    • /
    • 1999
  • The basic requirements for conducting electronic commerce include confidentiality, integrity, authentication and authorization. Cryptographic algorithms, make possible use of powerful authentication and encryption methods. Cryptographic techniques offer essential types of services for electronic commerce : authentication, non-repudiation. The oldest form of key-based cryptography is called secret-key or symmetric encryption. Public-key systems offer some advantages. The public key pair can be rapidly distributed. We don't have to send a copy of your public key to all the respondents. Fast cryptographic algorithms for generating message digests are known as one-way hash function. In order to use public-key cryptography, we need to generate a public key and a private key. We could use e-mail to send public key to all the correspondents. A better, trusted way of distributing public keys is to use a certification authority. A certification authority will accept our public key, along with some proof of identity, and serve as a repository of digital certificates. The digital certificate acts like an electronic driver's license. The Korea government is trying to set up the Public Key Infrastructure for certificate authorities. Both governments and the international business community must involve archiving keys with trusted third parties within a key management infrastructure. The archived keys would be managed, secured by governments under due process of law and strict accountability. It is important that all the nations continue efforts to develop an escrowed key in frastructure based on voluntary use and international standards and agreements.

  • PDF

The Analysis of New Video Conference System Based Secure Authentication

  • Jung Yong Deug;Kim Gil Choon;Jun Moon Seog
    • Proceedings of the IEEK Conference
    • /
    • 2004.08c
    • /
    • pp.600-607
    • /
    • 2004
  • The paper describes the implementation of the video conferencing system using public key infrastructure which is used for user authentication and media stream encryption. Using public key infrastructure, we are able to reinforce the authentication for conference participant and block several malicious hacking while protecting conference control information. The paper shows the implementation of the transportation layer secure protocol in conformity with Korea public key authentication algorithm standard and symmetric key encryption algorithm (RC2, SEED, DES and 3DES) for media stream encryption. The feature of the paper is transportation layer secure protocol that is implemented for protection of information on a user authentication and video conference and the media streaming encryption algorithm also can be envisioned with another block encryption algorithm. The key for media streaming encryption may be safely distributed by the transportation layer secure protocol.

  • PDF

A Survey on Face-based Cryptographic Key Generation

  • Dang, Thao;Choi, Deokjai
    • Smart Media Journal
    • /
    • v.9 no.2
    • /
    • pp.39-50
    • /
    • 2020
  • Derivation cryptographic keys from human biometrics opens a new promising research area when it can be used efficiently for not only verification or recognition tasks, but also symmetric-key based applications. Among existing biometric traits, face is considered as the most popular biometrics since facial features are informative and discriminative. In this paper, we present a comprehensive survey of Face-based key generation (FKGS). First, we summarize the trend of FKGS researches and sum up the methods which play important roles in the proposed key generation systems. Then we present the evaluation and the general performance analysis; from that, we give a discussion about the advantages and disadvantages of surveyed studies to clarify the fundamental requirements and the main challenges when implementing FKGS in practice. Finally, an outlook on future prospects is given.

Realization of the Biba Security Model in an OSI-distributed (OSI-분산 시스템에서의 Biba Security 모델의 구현)

  • Park, Chong-Hwa
    • The Journal of Information Technology
    • /
    • v.5 no.2
    • /
    • pp.35-45
    • /
    • 2002
  • This paper discusses a distributed implementation of the Biba security policy model. Implementation of an service in the OSI-RM is not sufficient for enforcing the Biba model. Also confidentiality services are necessary. Public Key Systems(PKSs) are considered for the realization of these security services. In this paper symmetric & asymmetric cryptographic systems are considered for the realization of these security service. It is investigated how key-distributions can be found resulting in a minimum number of key.

  • PDF

A Probabilistic Load Balancing Scheme for Improving Service Quality of a Wireless Mesh Network (무선 메쉬 망의 서비스 품질 향상을 위한 확률적 부하 분담 기법)

  • Park, Jae-Sung;Lim, Yu-Jin;Ahn, Sang-Hyun
    • The KIPS Transactions:PartC
    • /
    • v.15C no.5
    • /
    • pp.375-382
    • /
    • 2008
  • As the use of Internet and information communication technology is being generalized, the SSL protocol is essential in Internet because the important data should be transferred securely. While the SSL protocol is designed to defend from active attack such as message forgery and message alteration, the cipher suite setting can be easily modified. If the attacker draw on a malfunction of the client system and modify the cipher suite setting to the symmetric key algorithm which has short key length, he should eavesdrop and cryptanalysis the encrypt data. In this paper, we examine the domestic web site whether they generate the security session in the symmetric key algorithm which has short key length and propose the solution of the cipher suite setting problem.

Design and Implementation of a Secure E-Document Transmission System based Certificate for CEDA (Certified E-Document Authority) (공인전자문서보관소를 위한 인증서 기반의 안전한 전자문서 전송시스템 설계 및 구현)

  • Kim, Dae-Jung;Kim, Jung-Jae;Lee, Seung-Min;Jun, Moon-Seog
    • Journal of the Korea Academia-Industrial cooperation Society
    • /
    • v.9 no.2
    • /
    • pp.370-378
    • /
    • 2008
  • The CEDA(Certified E-Document Authority) is a reliable third party that deposit electronic document having legal effects securely, and verify contents of document or transmission. This paper focuses on a function of secure transmission among several important functions, and implements public key encryption system for secure transmission when server and user communicate for image transmission. This paper follows a standard fundamental rule of X.509 in ITU-T, and it uses symmetric encryption algorithm to raise speed of a large data operation. A key of symmetric encryption algorithm is encrypted by private key in public key system, it protects to be modified using digital signature for data integrity. Also it uses certificates for mutual authentication.

Initial Authentication Protocol of Hadoop Distribution System based on Elliptic Curve (타원곡선기반 하둡 분산 시스템의 초기 인증 프로토콜)

  • Jeong, Yoon-Su;Kim, Yong-Tae;Park, Gil-Cheol
    • Journal of Digital Convergence
    • /
    • v.12 no.10
    • /
    • pp.253-258
    • /
    • 2014
  • Recently, the development of cloud computing technology is developed as soon as smartphones is increases, and increased that users want to receive big data service. Hadoop framework of the big data service is provided to hadoop file system and hadoop mapreduce supported by data-intensive distributed applications. But, smpartphone service using hadoop system is a very vulnerable state to data authentication. In this paper, we propose a initial authentication protocol of hadoop system assisted by smartphone service. Proposed protocol is combine symmetric key cryptography techniques with ECC algorithm in order to support the secure multiple data processing systems. In particular, the proposed protocol to access the system by the user Hadoop when processing data, the initial authentication key and the symmetric key instead of the elliptic curve by using the public key-based security is improved.

A Study on Secure Kerberos Authentication using Trusted Authority in Network Structure (네트웍 환경에서 안전한 Kerberos 인증 메커니즘에 관한 연구)

  • 신광철;정진욱
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.12 no.2
    • /
    • pp.123-133
    • /
    • 2002
  • In Network Environment, Kerberos certification mechanism to require Kerberos server in other area unconditionally belief. Also, Kerberos server in cooperation area must be share server of other area and secret key. To solve these two problems, this paper proposed safe security mechanism of doing to ably IETF CAT's PKINIT/PKCROSS a1gorithm with Public Key Infrastructure and use Directory System and service between realms do trust and prove each Kerberos trust center base. Also, Although Kerberos server of each area must be foreknowing each server's secret key and public key, Obtain through Trust center and acquire each area's public key and common symmetric key, Application server excluded process that must register key in Key Distribution Center.

The cryptographic module design requirements of Flight Termination System for secure cryptogram delivery (안전한 보안명령 전달을 위한 비행종단시스템용 암호화 장치 설계 요구사항)

  • Hwang, Soosul;Kim, Myunghwan;Jung, Haeseung;Oh, Changyul;Ma, Keunsu
    • Journal of Satellite, Information and Communications
    • /
    • v.10 no.3
    • /
    • pp.114-120
    • /
    • 2015
  • In this paper, we show the design requirements of the cryptographic module and its security algorithm designed to prevent the exposure of the command signal applied to Flight Termination System. The cryptographic module consists of two separate devices that are Command Insertion Device and Command Generation Device. The cryptographic module designed to meet the 3 principles(Confidentiality, Integrity and Availability) for the information security. AES-256 block encryption algorithm and SHA-256 Hash function were applied to the encrypted symmetric key encryption method. The proposed cryptographic module is expected to contribute to the security and reliability of the Flight Termination System for Space Launch Vehicle.