• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.10 no.10
• /
• pp.2750-2759
• /
• 2009

In this paper, we analyze vulnerabilities in a remote authentication protocol using smartcards which was proposed by Bindu et al. and propose an improved scheme. The proposed scheme can prevent from restricted replay attack and denial of service attack by replacing time stamp with random number. In addition, this protocol can guarantee user anonymity by transmitting encrypted user's ID using AES cipher algorithm. The computational load in our protocol is decreased by removing heavy exponentiation operations and user efficiency is enhanced due to addition of password change phase in which a user can freely change his password. Furthermore, we really implement the proposed authentication protocol using a STM smartcard and authentication server. Then we prove the correctness and effectiveness of the proposed remote authentication system.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.42 no.2
• /
• pp.307-315
• /
• 2017

Random number generator(RNG) is essential in cryptographic applications. As recently a system using small devices such as IoT, Sensor Network, SmartHome appears, the lightweight cryptography suitable for this system is being developed. However due to resource limitations and difficulties in collecting the entropy, RNG designed for the desktop computer are hardly applicable to lightweight environment. In this paper, we propose a lightweight RNG to produce cryptographically strong random number using sensors. Our design uses a Hankel matrix, block cipher as the structure and sensors values as noise source. Futhermore, we implement the lightweight RNG in Arduino that is one of the most popular lightweight devices and estimate the entropy values of sensors and random number to demonstrate the effectiveness and the security of our design.

• Journal of the Korean Society of Industry Convergence
• /
• v.20 no.2
• /
• pp.177-186
• /
• 2017

With the latest developments in ICT(Information Communication Technology) technology, research on Intelligent Car, Connected Car that support autonomous driving or services is actively underway. It is true that the number of inputs linked to external connections is likely to be exposed to a malicious intrusion. I studied possible security issues that may occur within the Connected Car. A variety of security issues may arise in the use of CAN, the most typical internal network of vehicles. The data can be encrypted by encrypting the entire data within the CAN network system to resolve the security issues, but can be time-consuming and time-consuming, and can cause the authentication process to be carried out in the event of a certification procedure. To resolve this problem, CAN network system can be used to authenticate nodes in the network to perform a unique authentication of nodes using nodes in the network to authenticate nodes in the nodes and By encoding the ID, identifying the identity of the data, changing the identity of the ID and decryption algorithm, and identifying the cipher and certification techniques of the external invader, the encryption and authentication techniques could be detected by detecting and verifying the external intruder. Add a monitoring node to the CAN network to resolve this. Share a unique ID that can be authenticated using the server that performs the initial certification of nodes within the network and encrypt IDs to secure data. By detecting external invaders, designing encryption and authentication techniques was designed to detect external intrusion and certification techniques, enabling them to detect external intrusions.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2019.05a
• /
• pp.251-253
• /
• 2019

This paper describes an implementation of a security SoC (System-on-Chip) prototype that interfaces a microprocessor with a block cipher crypto-core. The Cortex-M0 was used as a microprocessor, and a crypto-core implemented by integrating ARIA and AES into a single hardware was used as an intellectual property (IP). The integrated ARIA-AES crypto-core supports five modes of operation including ECB, CBC, CFB, CTR and OFB, and two master key sizes of 128-bit and 256-bit. The integrated ARIA-AES crypto-core was interfaced to work with the AHB-light bus protocol of Cortex-M0, and the crypto-core IP was expected to operate at clock frequencies up to 50 MHz. The security SoC prototype was verified by BFM simulation, and then hardware-software co-verification was carried out with FPGA implementation.

• The KIPS Transactions:PartD
• /
• v.10D no.6
• /
• pp.1059-1066
• /
• 2003

In this paper, the magnetic sensing system is designed and implemented for the safe security in internet commerce system. When the payment is required inthe internet commerce system, the magnetic sensing system will get the information from a credit card without keyboard input and then encrypt and transmit the information to server. The credit card sensing system, which is proposed in this paper, is safe from keyboard hacking because it encrypts card information immediately in its internal chip and sends the information to host system. For the protection of information, the magnetic sensing system is basically based on a synchronous stream cipher cryptosystem which is related to a group of matrices. The size of matrices and the bits of keys for the best performances are determined for various cases. It is shown that for credit card payments. matrices of size 2 have good performance even at most 128bits keys with the consideration of inverse matrices. For authentication of general-purpose data, the magnetic sensing system needs more than 1.5KB data and in this case, the optimum size of matrices is 2 or 3 at more 256bits keys with consideration of inverse matrices.

• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.49 no.7
• /
• pp.56-64
• /
• 2012

A smart grid is the next generation power grid which combines the existing power grid with information technology, so an energy efficient power grid can be provided. In this paper, in order to build an efficient smart grid an AMI system, which gears with the existing home network and provides an user friendly management function, is proposed. The proposed AMI system, which is based on an extended home network, consists of various functional units; smart meters, communication modules, home gateway, security modules, meter data management modules (MDMM), electric power application modules and so on. The proposed home network system, which can reduce electric power consumption and transmit data more effectively, is designed by using IEEE 802.15.4. The extended home gateway can exchange energy consumption information with the outside management system via web services. The proposed AMI system is designed to enable two-way communication between the home gateway and MDMM via the Internet. The AES(Advanced Encryption Standard) algorithm, which is a symmetric block cipher algorithm, is used to ensure secure information exchange. Even though the results in this study could be limited to our experimental environment, the result of the simulation test shows that the proposed system reduces electric power consumption by 4~42% on average compared to the case of using no control.

• Journal of the Korea Society of Computer and Information
• /
• v.12 no.2 s.46
• /
• pp.63-70
• /
• 2007

The Data Encryption Standard (DES) is a block cipher that encrypts a 64 bit block of plaintext into a 64 bit block of ciphertext. The DES has been a worldwide standard for 20 years since it was adopted in 1976. strong. But, due to the rapid development of hardware techniques and cryptanalysis, the DES with 64-bit key is considered to be not secure at the present time. Therefore it became necessary to increase the security of DES. The NG-DES(New Generation DES)[1] is an encryption system which upgrades the encryption security of DES by the key extension and the usage of non-linear f function. It extends not only the size of plaintext and ciphertext to 128 bit but also the Fiestel structure used in each round. This structure has a weak point that the change of each bit of plaintext does not affect all bits of ciphertext simultaneously. In this paper, we propose a modified Fiestel structure of DES and thus increased confusion and diffusion by effectively cross-connecting between outputs in a round and inputs in next round.

• Journal of the Institute of Electronics Engineers of Korea SD
• /
• v.39 no.11
• /
• pp.33-43
• /
• 2002

This paper describes a design of cryptographic processor that implements the AES (Advanced Encryption Standard) block cipher algorithm "Rijndael". To achieve high throughput rate, a sub-pipeline stage is inserted into a round transformation block, resulting that two consecutive round functions are simultaneously operated. For area-efficient and low-power implementation, the round transformation block is designed to share the hardware resources for encryption and decryption. An efficient on-the-fly key scheduler is devised to supports the three master-key lengths of 128-b/192-b/256-b, and it generates round keys in the first sub-pipeline stage of each round processing. The Verilog-HDL model of the cryptoprocessor was verified using Xilinx FPGA board and test system. The core synthesized using 0.35-${\mu}m$ CMOS cell library consists of about 25,000 gates. Simulation results show that it has a throughput of about 520-Mbits/sec with 220-MHz clock frequency at 2.5-V supply.

• International Journal of Computer Science & Network Security
• /
• v.21 no.12
• /
• pp.235-247
• /
• 2021

Today, the cloud computing has become a major demand of many organizations. The major reason behind this expansion is due to its cloud's sharing infrastructure with higher computing efficiency, lower cost and higher fle3xibility. But, still the security is being a hurdle that blocks the success of the cloud computing platform. Therefore, a novel Multi-tenant Decentralized Information Flow Control (MT-DIFC) model is introduced in this research work. The proposed system will encapsulate four types of entities: (1) The central authority (CA), (2) The encryption proxy (EP), (3) Cloud server CS and (4) Multi-tenant Cloud virtual machines. Our contribution resides within the encryption proxy (EP). Initially, the trust level of all the users within each of the cloud is computed using the proposed two-stage trust computational model, wherein the user is categorized bas primary and secondary users. The primary and secondary users vary based on the application and data owner's preference. Based on the computed trust level, the access privilege is provided to the cloud users. In EP, the cipher text information flow security strategy is implemented using the blowfish encryption model. For the data encryption as well as decryption, the key generation is the crucial as well as the challenging part. In this research work, a new optimal key generation is carried out within the blowfish encryption Algorithm. In the blowfish encryption Algorithm, both the data encryption as well as decryption is accomplishment using the newly proposed optimal key. The proposed optimal key has been selected using a new Self Improved Cat and Mouse Based Optimizer (SI-CMBO), which has been an advanced version of the standard Cat and Mouse Based Optimizer. The proposed model is validated in terms of encryption time, decryption time, KPA attacks as well.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.2
• /
• pp.151-164
• /
• 2023

Recently, the development of quantum computers means a great threat to existing public key system based on discrete algebra problems or factorization problems. Accordingly, NIST is currently in the process of contesting and screening PQC(Post Quantum Cryptography) that can be implemented in both the computing environment and the upcoming quantum computing environment. Among them, SIKE is the only Isogeny-based cipher and has the advantage of a shorter public key compared to other PQC with the same safety. However, like conventional cryptographic algorithms, all quantum-resistant ciphers must be safe for existing cryptanlysis. In this paper, we studied power analysis-based cryptographic analysis techniques for SIKE, and notably we analyzed SIKE through wavelet transformation and deep learning-based clustering power analysis. As a result, the analysis success rate was close to 100% even in SIKE with applied masking response techniques that defend the accuracy of existing clustering power analysis techniques to around 50%, and it was confirmed that was the strongest attack on SIKE.