• Korean Journal of Optics and Photonics
• /
• v.16 no.4
• /
• pp.326-333
• /
• 2005

Phase-only encryption scheme using exclusive-OR rules in Fourier plane and a single path decryption system are presented. A zero-padded original image, multiplied by a random phase image, is Fourier transformed and its real-valued data is encrypted with key data by using XOR rules. A decryption is simply performed based on 2-1 setup with spatial filter by Fourier transform for multiplying phase-only encrypted data by phase-only key data, which are obtained by phase-encoding process, and spatial filtering for zero-order elimination in inverse-Fourier plane. Since the encryption process is peformed in Fourier plane, proposed encryption scheme is more tolerant to loss of key information by scratching or cutting than previous XOR encryption method in space domain. Compare with previous phase-visualization systems, due to the simple architecture without a reference wave, our system is basically robust to mechanical vibrations and fluctuations. Numerical simulations have confirmed the proposed technique as high-level encryption and simple decryption architecture.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.3
• /
• pp.511-525
• /
• 2023

As awareness of personal data protection increases, various Full Disk Encryption (FDE)-based applications are being developed that real-time encryption or use virtual drive volumes to protect data on user's PC. FDE-based applications encrypt and protect the volume containing user's data. However, as disk encryption technology advances, some users are abusing FDE-based applications to encrypt evidence associated with criminal activities, which makes difficulties in digital forensic investigations. Thus, it is necessary to analyze the encryption process used in FDE-based applications and decrypt the encrypted data. In this paper, we analyze Cryptomator and Norton Ghost, which provide volume encryption and backup functions. We analyze the encrypted data structure and encryption process to classify the main data of each application and identify the encryption algorithm used for data decryption. The encryption algorithms of these applications are recently emergin gor customized encryption algorithms which are analyzed to decrypt data. User password is essential to generate a data encryption key used for decryption, and a password acquisition method is suggested using the function of each application. This supplemented the limitations of password investigation, and identifies user data by decrypting encrypted data based on the acquired password.

• Journal of IKEEE
• /
• v.28 no.3
• /
• pp.271-278
• /
• 2024

An encryption and decryption method using phase mapping of a gray scale image based on a phase-shifting interferometry principle is proposed in which an encrypted image is formed into complex digital hologram function by symmetric security key in the proposed encryption system.. The gray scale image to be encrypted is converted to phase mapped function that is mixed with a randomly generated binary security encryption key and is used as an input. Decryption of phase information is performed by complex digital hologram and security encryption key, which reconstructs the original gray scale image by phase unmapping. The proposed method confirms that correlation coefficient of the decrypted image is 0.995 when quantization level of CCD is 8-bits(2⁸=256 levels).

• Journal of KIISE:Information Networking
• /
• v.36 no.4
• /
• pp.263-274
• /
• 2009

Decentralized group key management mechanisms offer beneficial solutions to enhance the scalability and reliability of a secure multicast framework by confining the impact of a membership change in a local area. However, many of the previous decentralized solutions reveal the plaintext to the intermediate relaying proxies, or require the key distribution center to coordinate secure group communications between subgroups. In this study, we propose a decentralized group key management scheme that features a mechanism allowing a service provider to deliver the group key to valid members in a distributed manner using the proxy cryptography. In the proposed scheme, the key distribution center is eliminated while data confidentiality of the transmitted message is provided during the message delivery process. The proposed scheme can support a secure group communication in dynamic network environments where there is no trusted central controller for the whole network and the network topology changes frequently.

• Journal of the Korea Society for Simulation
• /
• v.24 no.4
• /
• pp.153-161
• /
• 2015

We propose a privacy-preserving location-based service (LBS) which supports top-k search service. The previous schemes hurt the privacy of either the user and the location of the objects because they are sent to the LBS server in a plaintext form. In the proposed method, by encrypting them with the fully-homomorphic encryption, we achieved the top-k search is possible while the information on them is not given to the LBS server. We performed a simulation on the proposed scheme with 16 locations where k is 3. The required time is 270 hours in a conventional desktop machine, which seems infeasible to be used in practice. However, as the progress of the hardware, the performance will be improved.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.5
• /
• pp.781-793
• /
• 2020

In this paper, we propose a new RLWE-based scheme named μ-Hope that exploits Error Correcting Code(ECC) on NewHope. The previous parameters of NewHope uses 12289 as a prime modulus, and the size of the public key, private key, and ciphertext is 928-byte, 1888-byte, and 1120-byte respectively, which can be said to be larger than other RLWE based algorithms. In this paper, we propose μ-Hope, which changes modulus 12289 to 769 to reduce the size of the public key, private key, and ciphertext. Also, we adopts XE1 as an Error Correcting Code(ECC) to solve the increased decryption failure rate caused by using a small prime modulus. As a result, the size of the public key, private key, and ciphertext decreased by 38%, 37%, and 37% respectively. As the computational efficiency caused by using a small prime modulus exceeds the performance degradation by exploiting ECC, this result in 25% performance improvement for a single key exchange.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.11 no.6
• /
• pp.77-87
• /
• 2001

This paper describes a design of cryptographic processor that implements the Rijndael cipher algorithm, the Advanced Encryption Standard algorithm. It can execute both encryption and decryption, and supports only 128-bit block and 128-bit keys. As the processor is implemented only one round, it must iterate 11 times to perform an encryption/decryption. We implemented the ByteSub and InvByteSub transformation using the algorithm for minimizing the increase of area which is caused by different encryption and decryption. It could reduce the memory size by half than implementing, with only ROM. We estimate that the cryptographic processor consists of about 15,000 gates, 32K-bit ROM and 1408-bit RAM, and has a throughput of 1.28 Gbps at 110 MHz clock based on Samsung 0.5um CMOS standard cell library. To our knowledge, this offers more reduced memory size compared to previously reported implementations with the same performance.

• Proceedings of the Korea Contents Association Conference
• /
• 2005.05a
• /
• pp.107-111
• /
• 2005

As Internet grows rapidly and next electronic commerce applications increase, the security is getting more important. Information security to provide secure and reliable information transfer is based on cryptography technique. The proposed ISEED(Improved SEED) algorithm based on block cryptography algorithm which belongs to secret-key algorithm. In terms of efficiency, the round key generation algorithm has been proposed to reduces the time required in encryption and decryption. The algorithm has been implemented as follow. 128-bit key is divided into two 64-bit group to rotate each of them 8-bit on the left side and right side, and then basic arithmetic operation and G function have been applied to 4-word outputs. In the process of converting encryption key which is required in decryption and encryption of key generation algorithm into sub key type, the conversion algorithm is analyzed. As a result, the time consumed to encryption and decryption is reduced by minimizing the number of plain text required differential analysis.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.13 no.5
• /
• pp.2313-2318
• /
• 2012

With the widely applications of tactical radio networks, end-to-end secure speech communication in the heterogeneous network has become a very significant security issue. High-grade end-to-end speech security can be achieved using encryption algorithms at user ends. However, the use of encryption techniques results in a problem that encrypted speech data cannot be directly transmitted over heterogeneous tactical networks. That is, the decryption and re-encryption process must be fulfilled at the gateway between two different networks. In this paper, in order to solve this problem and to achieve optimal end-to-end speech security for heterogeneous tactical environments, we propose a novel mechanism for end-to-end secure speech transmission over ultra high frequency (UHF) and public switched telephone network (PSTN) and evaluate against the performance of conventional mechanism. Our proposed mechanism has advantages of no decryption and re-encryption at the gateway, no processing delay at the gateway, and good inter-operability over UHF and PSTN.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2017.10a
• /
• pp.549-551
• /
• 2017

There are currently various file encryption systems and applications for encryption and storage of file on disk. However, the existing file encryption solutions handle encryption and decryption all at once by file or directory. In this study, we propose a system call supporting partial encryption function of the file. The user sets the partial encryption of the file by using system call interface, and writes the contents. And then the data is encrypted and stored on the disk. Also if the user sets the decryption and reads the data, the necessary part of data is decrypted by applying the user setting. According to the user setting, only the necessary part is encrypted and stored on a storage medium. As a result, the information in a secret level can be saved efficiently and securely.