• Journal of KIISE
• /
• v.43 no.11
• /
• pp.1245-1258
• /
• 2016

Cryptographic technologies providing confidentiality and integrity such as encryption algorithms and message authentication codes (MACs) are necessary for preventing security threats in the Internet of Things (IoT) where various kinds of devices are interconnected. As a number of encryption schemes that have passed security verification are not necessarily suitable for low-power and low-performance IoT devices, various lightweight cryptographic schemes have been proposed. However, a study of lightweight MACs is not sufficient in comparison to that of lightweight block ciphers. Therefore, in this paper, we reviewed various kinds of MACs for their classification and analysis and then, we presented a new way for future MAC development. We also implemented major MAC algorithms and performed experiments to investigate their performance degradation on low-end micro-controllers.

• The Journal of the Korea Contents Association
• /
• v.9 no.8
• /
• pp.91-98
• /
• 2009

This paper presents a solution to error avalanche of deciphering where radio noise brings random bit errors in encrypted image data under ubiquitous environment. The image capturing module is to be made comprising data compression and encryption features to reduce data traffic volume and to protect privacy. Block cipher algorithms may experience error avalanche: multiple pixel defects due to single bit error in an encrypted message. The new fault tolerant scheme addresses error avalanche effect exploiting a three-dimensional data shuffling process, which disperses error bits on many frames resulting in sparsely isolated errors. Averaging or majority voting with neighboring pixels can tolerate prominent pixel defects without increase in data volume due to error correction. This scheme has 33% lower data traffic load with respect to the conventional Hamming code based approach.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.6 no.1
• /
• pp.111-117
• /
• 2011

In this paper, proposed client virtualization technology to minimize degradation of the local computing environment, efficient and qualified users in the area of virtual functions needed to enable the user to provide important information in the local computing environment protection and performance, stability and continuity was important to keep. As well as the local computing environment from malicious code attacks such as methods for protecting virtualized domain also can not be overlooked as a major problem area in a virtualized, virtualized data through the encryption of user-space security, maximized. In addition, through virtualization using local computing resources efficiently while still a local computing system separate from the computing resources to a single user can get the same effect.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.15 no.6
• /
• pp.119-125
• /
• 2005

We propose a new code-based publick key encryption scheme. It is obtained by modifying the Augot and Finiasz scheme proposed at Eurocrypt 2003. We replace the Reed-Solomon codes with general algebraic-geometry codes and employ Guruswami-Sudan decoding algorithm for decryption. The scheme is secure against Colon's attack or Kiayias and Yung's attack to which the Augot and Finiasz scheme is vulnerable. Considering basic attacks aprlied to the Augot and Finiasz scheme, we claim that the proposed scheme provides similar security levels as the Augot and Finiasz scheme was claimed to provide for given key lengths.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.2
• /
• pp.357-367
• /
• 2018

As information technology of modern society develops, various malicious codes with the purpose of seizing or destroying important system information are developing together. Among them, ransomware is a typical malicious code that prevents access to user's resources. Although researches on detecting ransomware performing encryption have been conducted a lot in recent years, no additional methods have been proposed to recover damaged files after an attack. Also, because the similarity comparison technique was used without considering the repeated encryption, it is highly likely to be recognized as a normal behavior. Therefore, this paper implements a filter driver to control the file system and performs a similarity comparison method that is verified based on the analysis of the encryption pattern of the ransomware. We propose a system to detect the malicious process of the accessed process and recover the damaged file based on the cloud storage.

• Journal of the Korean Society for Aeronautical & Space Sciences
• /
• v.31 no.10
• /
• pp.89-96
• /
• 2003

In this paper, a CCSDS(Consultative Committee for Space Data Systems) telecommand(TC) decryptor for the security of geostationary communications satellite was implemented. For the confidentiality of CCSDS TC datalink security, Option-A which implements the security services below the transfer sublayer was selected. Also CFB(Cipher Feedback) operation mode of DES(Data Encryption Standard) was used for the encryption of 56-bit data bits in 64-bit codeblock. To verify Decryptor function, the DES CFB logic implemented on A54SX32 FPGA(Field Programmable Gate Array) was integrated with interface and control logics in a PCB(Printed Circuit Board). Using a function test PC, the encrypted codeblocks were generated, transferred into the decryptor, decrypted, and the decrypted codeblocks were transmitted to the function test PC, and then compared with the source codeblocks. Through LED(Light Emitting Diode) ON operation by driving the relay related to Op-code decoded and the comparison between the codeblock output waveforms measured and those simulated, the telecommand decryptor function was verified.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.13 no.5
• /
• pp.195-201
• /
• 2013

The government has invested much budget for 5years to do the Smart-education and operate digital textbook services since 2011. The private enterprises also decided to focus on constructing Smart learning system by investing much budget. If these systems are constructed nationwide and therefore can access to cyber university by using smart devices, we can reduce the information gap and study online lectures to get a grade whenever, whoever and wherever we want to. However, these convenient systems can cause serious problems like falsifying grades by hacking if security systems are weak. In this paper, we formulated cyber university which is secured in terms of security. For this, we simulated the smart-learning system which strengthened the security, considering code algorithm and encryption technique.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.22 no.1
• /
• pp.211-220
• /
• 2018

The standard data link layer encryption provided by CCSDS has a structure that encodes HDLC frame into it using an AES algorithm. However, CCSDS is standard method has a structure in which the receiving side cannot request a re-activation when noise interference occurs over an unstable channel. SES Alarmed has a structure that enables the receiving side to additionally detect errors and perform re-activation requests in an operational structure similar to that of link encryption in CCSDS. The SES Alarmed related paper was intended to identify the optimum range of thresholds and identify data corruption due to channel noise. In this paper, the focus was on reducing the re-activation process if the HDLC frame, excluding the password Sync code, consistently exceeds any threshold levels. The HDLC frame order was changed and the results of using SES Alarmed were proposed and compared.

• Journal of KIISE
• /
• v.42 no.9
• /
• pp.1100-1108
• /
• 2015

Classes.dex, which is the executable file for android operation system, has Java bite code format, so that anyone can analyze and modify its source codes by using reverse engineering. Due to this characteristic, many android applications using classes.dex as executable file have been illegally copied and distributed, causing damage to the developers and software industry. To tackle such ill-intended behavior, this paper proposes a technique to encrypt classes.dex file using an AES(Advanced Encryption Standard) encryption algorithm and decrypts the applications encrypted in such a manner in order to prevent reverse engineering of the applications. To reinforce the file against reverse engineering attack, hash values that are obtained from substituting a hash equation through the combination of salt values, are used for the keys for encrypting and decrypting classes.dex. The experiments demonstrated that the proposed technique is effective in preventing the illegal duplication of classes.dex-based android applications and reverse engineering attack. As a result, the proposed technique can protect the source of an application and also prevent the spreading of malicious codes due to repackaging attack.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.15 no.11
• /
• pp.6849-6855
• /
• 2014

Recently, with the increasing use of smart phones, security issues, such as safety and reliability of the use of the Android application has become a topic to provide services in various forms. An Android application is performed using several important files in the form of an apk file. On the other hand, they may be subject to unauthorized use, such as the loss of rights and privileges due to the insertion of malicious source code of these apk files. This paper examines the Android environment to study ways to define the threats related to the unauthorized use of the application source code, and based on the results of the analysis, to prevent unauthorized use of the application source code. In this paper, a system is provided using a third body to prevent and detect applications that have been counterfeited or forged illegally and installed on Android devices. The application provides services to existing systems that are configured with only the service server that provides users and applications general, This paper proposes the use of a trusted third party for user registration and to verify the integrity of the application, add an institution, and provide a safe application.