• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.12 no.1
• /
• pp.255-262
• /
• 2011

The advancement of information and communication technology has caused a few dysfunction such as hacking. To keep an organization from a harmful hacking, demands for cryptographic modules have been increased. However, the evaluation criteria of cryptographic modules in Korea have been less firmly established. It is difficult for the consumers of cryptographic module to choose an appropriate cryptographic module, and to establish interoperability between applications and cryptographic modules. This study analyzes evaluation criteria, evaluation processes and evaluation policy of CMVP(Cryptographic Module Verification Program) in the advanced countries. The paper suggests a policy for Korea CMVP, in resulting a provision of foundations for international standard and cooperations for international cryptographic policies and systems.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.6
• /
• pp.1279-1289
• /
• 2020

To securely protect users' sensitive information and national secrets, the importance of cryptographic modules has been emphasized. Currently, many companies and national organizations are actively using cryptographic modules. In Korea, To ensure the security of these cryptographic modules, the cryptographic module has been verified through the Korea Certificate Module Validation Program(KCMVP). Most of the domestic cryptographic modules are CPU-based software (S/W). However, CPU-based cryptographic modules are difficult to use in servers that need to process large amounts of data. In this paper, we propose an S/W cryptographic module that provides a high-speed operation using GPU. We describe the configuration and operation of the S/W cryptographic module using GPU and present the changes in the cryptographic module security requirements by using GPU. In addition, we present the performance improvement compared to the existing CPU S/W cryptographic module. The results of this paper can be used for cryptographic modules that provide cryptography in servers that manage IoT (Internet of Things) or provide cloud computing.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.5
• /
• pp.985-996
• /
• 2019

This paper analyzes the source code of FIPS-OpenSSL cryptographic module approved as FIPS cryptographic module in USA and shows how the selftest requirements are implemented as software cryptographic library with respect to pre-operational test and conditional tests. Even though FIPS-OpenSSL follows FIPS 140-2 standard, lots of security requirements are similar between FIPS 140-2 and Korean cryptographic module validation standards. Therefore, analysis from this paper contributes to help Korean cryptographic module vendors develop correct and secure selftest functions on their own cryptographic modules, which results in reducing the test period.

• Journal of Satellite, Information and Communications
• /
• v.10 no.3
• /
• pp.114-120
• /
• 2015

In this paper, we show the design requirements of the cryptographic module and its security algorithm designed to prevent the exposure of the command signal applied to Flight Termination System. The cryptographic module consists of two separate devices that are Command Insertion Device and Command Generation Device. The cryptographic module designed to meet the 3 principles(Confidentiality, Integrity and Availability) for the information security. AES-256 block encryption algorithm and SHA-256 Hash function were applied to the encrypted symmetric key encryption method. The proposed cryptographic module is expected to contribute to the security and reliability of the Flight Termination System for Space Launch Vehicle.

• The Magazine of the IEIE
• /
• v.30 no.6
• /
• pp.624-637
• /
• 2003

CMVP(Cryptographic Module Validation Program) validates cryptographic modules to FIPS 140-1, 2, and other FIPS cryptography based standards. This paper gives an overview of the CMVP, cryptographic modules, cryptographic algorithms, and the applicable standards. This provides a brief overview of the security requirements that must be met by each cryptographic module that is submitted to a CMT laboratory for conformance testing and describes the Cryptographic Algorithm Testing.

• Journal of Information Processing Systems
• /
• v.5 no.4
• /
• pp.187-196
• /
• 2009

This paper presents compact cryptographic hardware architecture suitable for the Mobile Trusted Module (MTM) that requires low-area and low-power characteristics. The built-in cryptographic engine in the MTM is one of the most important circuit blocks and contributes to the performance of the whole platform because it is used as the key primitive supporting digital signature, platform integrity and command authentication. Unlike personal computers, mobile platforms have very stringent limitations with respect to available power, physical circuit area, and cost. Therefore special architecture and design methods for a compact cryptographic hardware module are required. The proposed cryptographic hardware has a chip area of 38K gates for RSA and 12.4K gates for unified SHA-1 and SHA-256 respectively on a 0.25um CMOS process. The current consumption of the proposed cryptographic hardware consumes at most 3.96mA for RSA and 2.16mA for SHA computations under the 25MHz.

• Convergence Security Journal
• /
• v.14 no.4
• /
• pp.55-60
• /
• 2014

In this study, we propose a cryptographic module quality evaluation system referenced by ISO/IEC 9000 quality system with Quality, Quality Factor, Quality Subfactor, Metric. Practical application process encryption algorithm based on the encryption algorithm to encrypt the pros and cons valuation of diagnosis, point selection algorithm, analysis, and quality items(quality factor), eliciting constraints derived, such as the cryptographic module design quality evaluation system is set to step 5. The five steps are examples of field-based diagnostic tool for cryptographic operations, the most essential work to be done in order to derive one will work. 2-Factor encryption module for connection between indicator items(quality factor) to identify and ensure the quality of the item the constraints of the environment are two kinds of cryptographic operations. This study is an encryption module and a practical field application system, it presents the standardized model. We have to meet the rapid changes in information technology. The environment, development and the encryption algorithm applied to model a wide variety of on-site development encryption will be able to expect the efficiency.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2014.10a
• /
• pp.398-401
• /
• 2014

Due to recent arise of cybercrime, importance of cyber security is highlighted more than ever. Korean government has been running Korea Cryptographic Module Validation Program, namely KCMVP, to validate security level of cryptographic modules for public organizations: indeed, many are achieving the validation. According to the program, operating environments for any specific cryptographic module are fixed. In other words, running validated module in other software environment is strictly prohibited. However, this paper asserts that it is possible for a C language based module to operate in Java based environment as long as the module is running on a validated environment. We expect this paper to help saving great amount of money and time for developing another cryptographic modules for the same operating environment. Also, this method will provide an idea for developing faster modules.

• International journal of advanced smart convergence
• /
• v.13 no.2
• /
• pp.69-79
• /
• 2024

AI technology is a central focus of the 4th Industrial Revolution. However, compared to some existing non-artificial intelligence technologies, new AI adversarial attacks have become possible in learning data management, input data management, and other areas. These attacks, which exploit weaknesses in AI encryption technology, are not only emerging as social issues but are also expected to have a significant negative impact on existing IT and convergence industries. This paper examines various cases of AI adversarial attacks developed recently, categorizes them into five groups, and provides a foundational document for developing security guidelines to verify their safety. The findings of this study confirm AI adversarial attacks that can be applied to various types of cryptographic modules (such as hardware cryptographic modules, software cryptographic modules, firmware cryptographic modules, hybrid software cryptographic modules, hybrid firmware cryptographic modules, etc.) incorporating AI technology. The aim is to offer a foundational document for the development of standardized protocols, believed to play a crucial role in rejuvenating the information security industry in the future.

• Convergence Security Journal
• /
• v.7 no.3
• /
• pp.61-70
• /
• 2007

In Windows operating system, CSPs(Cryptographic Service Providers) are provided for offering a easy and convenient way of using an various cryptographic algorithms to applications. The applications selectively communicate with various CSPs through a set of functions known as the Crypto API(Cryptographic Application Program Interface). During this process, a secure method, accessing data using a handle, is used in order to prevent analysis of the passing parameters to function between CryptoAPI and CSPs. In this paper, our experiment which is using a novel memory traceback method proves that still there is a vulnerability of private key and secret key disclosure in spite of the secure method above-mentioned.