• Proceedings of the Korea Information Processing Society Conference
• /
• 2003.05c
• /
• pp.1937-1940
• /
• 2003

정보보호 평가는 크게 시스템 평가인 CC(Common Criteria)평가와 암호모듈 평가인 CMVP(Cryptographic Module Validation Program)평가로 나눌 수 있다. 본 논문은 국내 표준 암호 알고리즘 SEED를 북미의 CMVP의 3가지 블록 알고리즘 시험방법인 KAT(Known Answer Test), MCT(Monte C미개 Test), MMT(Multi-block Message Test)를 JAVA환경에 적용하여 시범 구현하였다. 테스트 방법으로 CMVP의 MOVS, TMOVS, AESAVS를 선정하여 FIPS 표준을 적용하였다. 구현 환경으로는 JCE기반의 Cryptix를 채택하여 CMVP의 블록 암호 알고리즘 테스트 시스템 중 일부를 구현하였다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.17 no.2
• /
• pp.83-92
• /
• 2007

In connectionless packet network, if a sender encrypts packets by block chaining mode and send it to receiver, the receiver should decrypt packets in encrypted order that is not received order. Therefore, the performance and efficiency are lowered for crypto communication system. To solve this problem, we propose packet encryption scheme for connectionless packet network that can decrypt the packets independently, even if the received order of packets are changed or packets are missed. The scheme makes new IV(Initial Vector) using IV that created by key exchange process and salt that made by random number. We propose extended Cryptoki API that added packet encryption/decryption functions and mechanism for improving convenience and performance. We implement the scheme and get result that the performance increased about $1.5{\sim}l5.6$ times compare with in case of implementing using Cryptoki API in the test environment.

• Journal of Korea Society of Industrial Information Systems
• /
• v.12 no.1
• /
• pp.28-38
• /
• 2007

In this paper, we implement Microsoft COM software modules for elliptic curve cryptographic applications and analyze its performance. The implemented COM software modules support all elliptic curve key exchange protocols and elliptic curve digital signature algorithm in IEEE 1363 finite fields GF(p) and GF(2m). Since the implemented software modules intend to focus on a component-based software development method, and thus it have a higher productivity and take systematic characteristics to be open outward and to be standardized. Accordingly, it enable a software to be developed easier and faster rather than a method using C library. In addition it support the Microsoft COM interface, we can easily implement secure software applications based on elliptic curve cryptographic algorithms.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2018.10a
• /
• pp.162-165
• /
• 2018

암호 알고리즘은 세계적으로 표준화가 진행되고 있으며, 암호 알고리즘의 안전성은 충분히 입증되어 왔다. 하지만, 기존 검증 방법으로 사용되는 테스트벡터 방식으로는 전수조사를 시행할 수 없어 구현상의 취약점을 완벽하게 발견할 수 없기 때문에 심각한 피해를 야기할 수 있다. 그래서 개발한 혹은 현재 존재하고 있는 암호 알고리즘이 표준에 따라 올바르게 구현되었는지에 대한 개선된 검증 방법이 필요하다. 본 논문에서는 KISA에서 개발한 LSH 해시함수 모듈을 미국의 Galois사와 NSA가 함께 공동 개발한 Cryptol을 이용하여 암호 모듈이 올바르게 구현되었는지 검증하였다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.9 no.1
• /
• pp.135-146
• /
• 1999

Most public key cryptosystems are constructed based on a modular exponentiation, which is further decomposed into a series of modular multiplications. We design a new systolic array multiplier to speed up modular multiplication using Montgomery algorithm. This multiplier with simple circuit for each processing element will save about 14% logic gates of hardware and 20% execution time compared with previous one.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2013.05a
• /
• pp.231-233
• /
• 2013

A lot of information is exchanged using data communications in today's modern society. Nowadays many important communications are susceptible to interception and theft for malicious purposes, and is under threat from hackers. Crackers are able to hack into data flows even if the data is encrypted. To ensure strong encryption properties, these cryptographic algorithms are often a burden on devices used for authentication such as a PC or smart phone. This paper proposes an authentication system using the Arduino module. Implementation and application of the communication scheme is designed to minimize the burden of delivering data communication between devices especially where password and encryption is concerned.

• Convergence Security Journal
• /
• v.12 no.6
• /
• pp.39-50
• /
• 2012

Battlefield management systems are operated by the Public Key Infrastructure (PKI) and cryptographic equipment is distributed through the personal delivery to the enemy has deodorizing prone to structure. In addition, Per person each battlefield management system (C4I) encryption key operate and authentication module to manage multiple encryption so, encryption key operating is restrictions. Analysis of the problems of this public key infrastructure(PKI), Identity-Based Cryptosystem(IBC) and Attribute-Based Cryptosystem(ABC) to compare construct the future of encrypt ion and authentication system were studied. Authentication method for the connection between the system that supports data encryption and secure data communication, storage, and communication scheme is proposed.

• Communications of the Korean Institute of Information Scientists and Engineers
• /
• v.25 no.5 s.216
• /
• pp.29-32
• /
• 2007

• Journal of Digital Contents Society
• /
• v.18 no.5
• /
• pp.1001-1008
• /
• 2017

Because cyber attacks on industrial control systems can lead to massive financial loss or loss of lives, the standardization and the research on cyber security of industrial control systems are actively under way. As a related system, the industrial control system of social infrastructures must be equipped with the verified cryptographic module according to the e-government law and appropriate security control should be implemented in accordance with the security requirements of the industrial control system. However, the industrial control system consisting of the operation layer, the control layer, and the field device layer may cause a problem in performing the main function in each layer due to the security control implementation. In this paper, we propose things to check when performing security control in accordance with the security control requirements for each layer of the industrial control system and proper application.

• Information and Communications Magazine
• /
• v.32 no.8
• /
• pp.62-68
• /
• 2015

본고에서는 차세대 보안통신 기술로 주목 받고 있는 양자암호시스템의 핵심 모듈인 단일광자 검출기의 최신 연구동향과 KIST 연구개발 내용에 대해 기술한다. 현재 상용화 수준으로까지 발전한 유선 양자암호 시스템에서는 성능, 소형화, 가격 등의 장점으로 인해 주로 InGaAs/InP avalanche photo diode (APD)를 이용한 단일광자검출기가 사용되고 있다. 유선 양자암호에서 사용하는 1550nm 통신 파장대의 단일광자가 갖는 에너지는 0.8 eV로 매우 미약한 수준이기 때문에 신호 검출을 위해 APD소자를 내부 증폭 이득이 무한대인 가이거모드(Geiger mode)에서 동작시킨다. 매우 높은 증폭비는 신호 검출뿐만 아니라 노이즈에도 동일하게 영향을 미치기 때문에 주변환경 노이즈에 의한 검출기 오동작 문제가 심각하게 발생한다. 따라서 단일광자검출기 구현에서 가장 중요한 기술은 소자 및 검출기 모듈에서 발생하는 노이즈의 영향을 최소화 시켜주는 것이다. 전세계적으로 검출기의 대표적인 노이즈인 after pulse를 저감 시키기 위한 연구가 매우 활발히 이루어지고 있는데 대표적으로 self-differencing, auxiliary signal, integrating, double balanced 등의 방법이 제시되고 있다. 본고에서는 각각의 최신 기술들에 대한 비교 분석 및 이를 바탕으로 현재 KIST에서 진행하고 있는 양자암호시스템을 위한 단일광자검출기 기술 개발에 대해 서술한다.