• Journal of Internet Computing and Services
• /
• v.21 no.3
• /
• pp.11-19
• /
• 2020

In this paper, a merged TEA block cipher processor which unifies Tiny Encryption Algorithm(TEA), extended Tiny Encryption Algorithm(XTEA) and corrected block TEA(XXTEA) is designed. After TEA cipher algorithm was first designed, XTEA and XXTEA cipher algorithms were designed to correct security weakness. Three types of cipher algorithm uses a 128-bit master key. The designed cipher processor can encrypt or decrypt 64-bit message block for TEA/XTEA and variable-length message blocks up to 256-bit for XXTEA. The maximum throughput for 64-bit message blocks is 137Mbps and that of 256-bit message blocks is 369Mbps. The merged TEA block cipher designed in this paper has a 16% gain on the area side compared to a lightweight LEA cipher. The cryptographic IP of this paper is applicable in security module of the mobile areas such as smart card, internet banking, and e-commerce.

• Journal of Internet Computing and Services
• /
• v.8 no.6
• /
• pp.1-8
• /
• 2007

The Mobile Ad-hoc network does environmental information which an individual collects in nodes which are many as the kernel of the USN technology based on the radio communication. And it is the latest network description delivering critical data to the destination location desiring through a multi-hop. Recently, the Ad-hoc network relative technique development and service are activated. But the security function implementation including an authentication and encoding about the transmitted packets, and etc, is wirelessly the insufficient situation on the Ad-hoc network. This paper provides the security service of key exchange, key management. entity authentication, data enciphering, and etc on the Mobile Ad-hoc network. It implements with the Ad-hoc network security management server system design which processes the security protocol specialized in the Ad-hoc network and which it manages.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2022.05a
• /
• pp.115-117
• /
• 2022

Whitebox encryption technique is a method of preventing exposure of encryption keys by mixing encryption key information with a software-based encryption algorithm. Whitebox encryption technique is attracting attention as a technology that replaces conventional hardware-based security encryption techniques by making it difficult to infer confidential data and keys by accessing memory with unauthorized reverse engineering analysis. However, in the encryption and decryption process, a large lookup table is used to hide computational results and encryption keys, resulting in a problem of slow encryption and increased memory size. In particular, it is difficult to apply whitebox cryptography to low-cost, low-power, and light-weight Internet of Things products due to limited memory space and battery capacity. In addition, in a network environment that requires real-time service support, the response delay time increases due to the encryption/decryption speed of the whitebox encryption, resulting in deterioration of communication efficiency. Therefore, in this paper, we analyze whether the AES-based whitebox(WBC-AES) proposed by S.Chow can satisfy the speed and memory requirements based on the experimental results.

• Journal of the Korea Society of Computer and Information
• /
• v.16 no.4
• /
• pp.149-157
• /
• 2011

Passive tags are inferior to active tags in processing efficiency, so they have difficulty in largevolume processing. The proposed protocol reduces the volume of computation in passive tags and, at the same time, improves authentication for enhanced safety and security. That is, different from existing RFID protocols that return the same value even if an error happens when the reader reads a tag, the improved RFID security protocol returns a new value using a re-counter and processes the computation part of a tag in the reader or in a back.end system. Even if the information of a tag is acquired by an malicious way, it is not actual information but encrypted information that is not usable. In addition, even if tag information is read in sequence, it is changed in each read, so the protocol is safe from Location Tracking.

• The Journal of the Korea Contents Association
• /
• v.9 no.5
• /
• pp.33-39
• /
• 2009

As the usage of computers and mobile handsets is popularized, the processing and storing of private and business data are increased. Hence we note that these sensitive data should never be transferred out of these personal devices without user's permission. In this paper, we propose a simple method to prevent transferring the sensitive data out of personal computing devices through their networking interfaces. The proposed method determines which processes invoke open system call related to the sensitive data, and then traces them within a specific duration. The proposed scheme has advantage over the existing ones using authentication or encryption because it could be still working well independent upon the new attack technologies or the latest vulnerabilities of hardware and software. In order to verify the proposed algorithm, we test it by implementing the necessary codes at the user and kernel spaces of Linux.

• Journal of Software Assessment and Valuation
• /
• v.15 no.2
• /
• pp.111-119
• /
• 2019

The existing smart grid device authentication system is concentrated on DCU, meter reading FEP and MDMS, and the authentication system for smart meters is not established. Although some cryptographic chips have been developed at present, it is difficult to complete the PKI authentication scheme because it is at the low level of simple encryption. Unlike existing power grids, smart grids are based on open two-way communication, increasing the risk of accidents as information security vulnerabilities increase. However, PKI is difficult to apply to smart meters, and there is a possibility of accidents such as system shutdown by sending manipulated packets and sending false information to the operating system. Issuing an existing PKI certificate to smart meters with high hardware constraints makes authentication and certificate renewal difficult, so an ultra-lightweight password authentication protocol that can operate even on the poor performance of smart meters (such as non-IP networks, processors, memory, and storage space) was designed and implemented. As a result of the experiment, lightweight cryptographic authentication protocol was able to be executed quickly in the Cortex-M3 environment, and it is expected that it will help to prepare a more secure authentication system in the smart grid industry.

• Journal of Digital Contents Society
• /
• v.19 no.4
• /
• pp.837-844
• /
• 2018

Recently, the cloud technology has made dynamical network changes by enabling the construction of a logical network without building a physical network. Despite recent research on the cloud, it is necessary to study security functions for the identification of fake virtual network functions and the encryption of communication between entities. Because the VNFs are open to subscribers and able to implement service directly, which can make them an attack target. In this paper, we propose a virtual public key infrastructure mechanism that detects a fake VNFs and guarantees data security through mutual authentication between VNFs. To evaluate the virtual PKI, we built a management and orchestration environment to test the performance of authentication and key generation for data security. And we test the detection of a distributed denial of service by using several AI algorithms to enhance the security in NFV.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.6
• /
• pp.869-879
• /
• 2023

Sparkle is one of the finalists in the Lightweight Cryptography Standardization Process conducted by NIST. It is a nonlinear permutation and serves as a core component for the authenticated encryption algorithm Schwaemm and the hash function Esch. In this paper, we provide specific forms of input and output differences for 6 rounds of Sparkle384 and 7 rounds of Sparkle512, and make formulas for the complexity of finding input pairs that satisfy these differentials. Due to the significantly lower complexity compared to similar tasks for random permutations with the same input and output sizes, they can be valid distinguishing attacks. The numbers(6 and 7) of attacked rounds are very close to the minimum numbers(7 and 8) of really used rounds.