• The Transactions of the Korea Information Processing Society
• /
• v.6 no.1
• /
• pp.134-147
• /
• 1999

The DNS provides naming services which are the basis for the application of the Internet and the security of the DNS should be provided for the security of the Internet. Recently IETF proposed a method which guarantees the integrity of DNS database contents and DNS queries/replies and distributes host public keys. In this paper we describe the design and implementation of the secure DNS which is built based on the IETF proposal and extended to facilitate its sue and management. In the extended secure DNS, DNS servers are used ad the directory system in a public key infrastructure and stores/distributes user public key certificates. The Web-based management interface and security log functions are added and the extended secure DNS is being built so that new cryptographic algorithms can be easily added.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2002.05a
• /
• pp.257-260
• /
• 2002

This paper describes a design of cryptographic processor that implements the AES (Advanced Encryption Standard) block cipher algorithm“Rijndael”. To achieve high throughput rate, a sub-pipeline stage is inserted into the round transformation block, resulting that the second half of current round function and the first half of next round function are being simultaneously operated. For area-efficient and low-power implementation the round transformation block is designed to share the hardware resources in encryption and decryption. An efficient scheme for on-the-fly key scheduling, which supports the three master-key lengths of 128-b/192-b/256-b, is devised to generate round keys in the first sub-pipeline stage of each round processing. The cryptoprocessor designed in Verilog-HDL was verified using Xilinx FPGA board and test system. The core synthesized using 0.35-${\mu}{\textrm}{m}$ CMOS cell library consists of about 25,000 gates. Simulation results show that it has a throughput of about 520-Mbits/sec with 220-MHz clock frequency at 2.5-V supply.

• Journal of Digital Convergence
• /
• v.13 no.5
• /
• pp.169-176
• /
• 2015

Virtual Private Network is a method which can use as a private network using private line. The quality of security of virtual private network is influenced by security auditability, cryptographic support, user data protection, access control, etc., and efficiency is influenced by throughput, latency, the number of cession, etc. In this paper, we constructed a evaluation model based on CC(ISO/IEC 15408) and the quality evaluation standard ISO/IEC 25000 series to evaluate the quality level about efficiency with security performance of virtual private network. We think that this study will contribute to construct the system which can evaluate the quality of virtual private network based on CC and ISO quality evaluation standard.

• Journal of the Institute of Electronics Engineers of Korea SD
• /
• v.39 no.11
• /
• pp.33-43
• /
• 2002

This paper describes a design of cryptographic processor that implements the AES (Advanced Encryption Standard) block cipher algorithm "Rijndael". To achieve high throughput rate, a sub-pipeline stage is inserted into a round transformation block, resulting that two consecutive round functions are simultaneously operated. For area-efficient and low-power implementation, the round transformation block is designed to share the hardware resources for encryption and decryption. An efficient on-the-fly key scheduler is devised to supports the three master-key lengths of 128-b/192-b/256-b, and it generates round keys in the first sub-pipeline stage of each round processing. The Verilog-HDL model of the cryptoprocessor was verified using Xilinx FPGA board and test system. The core synthesized using 0.35-${\mu}m$ CMOS cell library consists of about 25,000 gates. Simulation results show that it has a throughput of about 520-Mbits/sec with 220-MHz clock frequency at 2.5-V supply.

• Journal of the Korea Society of Computer and Information
• /
• v.25 no.2
• /
• pp.11-19
• /
• 2020

Modern GPU can execute general purpose computation on the graphic processing unit, and provide high performance by exploiting many core on GPU. To run AES algorithm efficiently, parallel computational resources are required. However, computational resource of CPU architecture are not enough to cryptographic algorithm such as AES whereas GPU architecture has mass parallel computation resources. Therefore, this paper reduce the time to execute AES by employing parallel computational resource on GPGPU. Unfortunately, AES cannot utilize computational resource on GPGPU since it isn't suitable to GPGPU architecture. In this paper, IPC based dynamic SM management technique are proposed to efficiently execute AES on GPGPU. IPC based dynamic SM management can increase and decrease the number of active SMs by using IPC in run-time. According to simulation results, proposed technique improve the performance by increasing resource utilization compared to baseline GPGPU architecture. The results show that AES improve the performance by 41.2% on average.

• Journal of Industrial Convergence
• /
• v.18 no.5
• /
• pp.23-29
• /
• 2020

The Internet of things (IoT) is the extension of Internet connectivity into various devices and everyday objects. Embedded with electronics, Internet connectivity and other forms of hardware. The IoT poses significant risk to the entire digital ecosystem. This is because so many of these devices are designed without a built-in security system to keep them from being hijacked by hackers. This paper proposed a mutual authentication protocol for IoT Devices using symmetric-key algorithm. The proposed protocol use symmetric key cryptographic algorithm to securely encrypt data on radio channel. In addition, the secret key used for encryption is random number of devices that improves security by using variable secret keys. The proposed protocol blocked attacker and enabled legal deives to communicate because only authenticated devices transmit data by a mutual authentication protocol. Finally, our scheme is safe for attacks such as eavesdropping attack, location tracking, replay attack, spoofing attack and denial of service attack and we confirmed the safety by attack scenario.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.8 no.10
• /
• pp.1485-1490
• /
• 2013

The demonstration project of the electrical grid for Smart grid is progressed, the smart digital appliances AV technology, Smart home energy management technology charging the management function of complex energy for the automation management of air conditioning and heating, humidity and air, the health care technology charging the design of housing for the elderly and disabled and the measurement of individual bio information, and the Smart home security technology dealing with the biometric security and motion sensors, etc. have been studied. The power monitoring terminal which uses a variety of wired and wireless networks and protocol is the target additionally to be considered in addition to the security vulnerabilities that was occurred in the existing terminal. In this research paper, the author analyzes the cryptographic techniques corresponding to the smart meter occurred by the problems that are exposed on the outside which are vulnerable to physical attacks, and intends to propose the design of the security systems for the Smart meter terminal being able to maximize the efficiency of the terminal.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.13 no.3
• /
• pp.1502-1522
• /
• 2019

Leakage of secret keys may be the most devastating problem in public key cryptosystems because it means that all security guarantees are missing. The forward security mechanism allows users to update secret keys frequently without updating public keys. Meanwhile, it ensures that an attacker is unable to derive a user's secret keys for any past time, even if it compromises the user's current secret key. Therefore, it offers an effective cryptographic approach to address the private key leakage problem. As an extension of the forward security mechanism in certificate-based public key cryptography, forward-secure certificate-based signature (FS-CBS) has many appealing merits, such as no key escrow, no secure channel and implicit authentication. Until now, there is only one FS-CBS scheme that does not employ the random oracles. Unfortunately, our cryptanalysis indicates that the scheme is subject to the security vulnerability due to the existential forgery attack from the malicious CA. Our attack demonstrates that a CA can destroy its existential unforgeability by implanting trapdoors in system parameters without knowing the target user's secret key. Therefore, it is fair to say that to design a FS-CBS scheme secure against malicious CAs without lying random oracles is still an unsolved issue. To address this problem, we put forward an enhanced FS-CBS scheme without random oracles. Our FS-CBS scheme not only fixes the security weakness in the original scheme, but also significantly optimizes the scheme efficiency. In the standard model, we formally prove its security under the complexity assumption of the square computational Diffie-Hellman problem. In addition, the comparison with the original FS-CBS scheme shows that our scheme offers stronger security guarantee and enjoys better performance.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.5 no.1
• /
• pp.37-50
• /
• 1995

The smart card with the cryptography and VLSI technologies makes it possible to implement the electronic cash easily. A number of electronic each schemes have been proposed by many cryptographic researchers. In this paper, we propose a practical electronic cash system, using blind digital signature scheme. Schnorr's authentication scheme based on the discrete logarithm problem, and the hierarchical cash tree based on two one-way hash functions for dividable payment. Thisf electronic cash scheme has such properties as privacy of the payment, off-line payment, non-reuseability of cash, transferability of cash to another customer, and dividable payment of cash. This electronic cash protocol is well suited for implementing in smart card.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.11 no.6
• /
• pp.15-26
• /
• 2001

Visual cryptography is a simple method in which secret information can be directly decoded in human visual system without any cryptographic computations. When the secret image is scattered to n random shares(slides), this scheme has some week point such as pixel expansion and contrast degradation. Therefore, it is necessary to reduce the pixel expansion and improve the contrast in recovered image. In this paper, we propose a new construction method for (k, n) visual cryptography using the cumulative matrix. In case k is odd, we can construct the cumulative matrix perfectly. For even k, the contrast of special pair in decoded image can be achieved best by permitting multiple contract. The proposed method is more simple than that of S. Droste\`s in construction and the average contrast of decoded image is improved for the most part. Also, we show that the basis matrices depending on the cumulative matrix are able to be applied for the general access structure.