• Title/Summary/Keyword: Cryptography Technology

Search Result 290, Processing Time 0.019 seconds

Efficient Post-Processing for Quantum Communication Systems (양자 통신 시스템의 효율적 후처리 방식)

  • Lee, Sun Yui;Jung, Kuk Hyun;Kim, Jin Young
    • Journal of Satellite, Information and Communications
    • /
    • v.9 no.4
    • /
    • pp.7-12
    • /
    • 2014
  • Quantum cryptography is one of the most feasible fields using quantum mechanics. Therefore, quantum cryptography has consistently been researched, and a variety of cryptographic exchange method has been developed, such as BB84, etc. This paper explains a basic concept of quantum communications and quantum key distribution systems using quantum mechanics. Also, it introduces a reason of the development of quantum cryptography and attack scenarios which threaten the security of QKD. Finally, the experiment of this paper simulates quantum key attack by estimating qubit phases through a modeled quantum channel, and discusses needs of post-processing methods for overcoming eavesdropping.

An Improved Lightweight Two-Factor Authentication and Key Agreement Protocol with Dynamic Identity Based on Elliptic Curve Cryptography

  • Qiu, Shuming;Xu, Guosheng;Ahmad, Haseeb;Xu, Guoai;Qiu, Xinping;Xu, Hong
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.13 no.2
    • /
    • pp.978-1002
    • /
    • 2019
  • With the rapid development of the Internet of Things, the problem of privacy protection has been paid great attention. Recently, Nikooghadam et al. pointed out that Kumari et al.'s protocol can neither resist off-line guessing attack nor preserve user anonymity. Moreover, the authors also proposed an authentication supportive session initial protocol, claiming to resist various vulnerability attacks. Unfortunately, this paper proves that the authentication protocols of Kumari et al. and Nikooghadam et al. have neither the ability to preserve perfect forward secrecy nor the ability to resist key-compromise impersonation attack. In order to remedy such flaws in their protocols, we design a lightweight authentication protocol using elliptic curve cryptography. By way of informal security analysis, it is shown that the proposed protocol can both resist a variety of attacks and provide more security. Afterward, it is also proved that the protocol is resistant against active and passive attacks under Dolev-Yao model by means of Burrows-Abadi-Needham logic (BAN-Logic), and fulfills mutual authentication using Automated Validation of Internet Security Protocols and Applications (AVISPA) software. Subsequently, we compare the protocol with the related scheme in terms of computational complexity and security. The comparative analytics witness that the proposed protocol is more suitable for practical application scenarios.

A Study on the E-Document Encrypted using the Effective key Management Method (효율적 키 관리 방식 적용을 통한 전자문서 암호화에 관한 연구)

  • Kim, Tae-Wook;Sung, Kyung-Sang;Oh, Hae-Seok
    • Journal of the Korea Academia-Industrial cooperation Society
    • /
    • v.10 no.5
    • /
    • pp.1000-1008
    • /
    • 2009
  • It also increases the competitive power of the nation. With all these merits of electronic documents, there exist threats to the security such as illegal outflow, destroying, loss, distortion, etc. Currently, the techniques to protect the electronic documents against illegal forgery, alteration or removal are not enough. Until now, various security technologies have been developed for electronic documents. However, most of them are limited to prevention of forgery or repudiation. Cryptography for electronic documents is quite heavy that direct cryptography is not in progress. Additionally, key management for encryption/decryption has many difficulties that security has many weak points. Security has inversely proportional to efficiency. It is strongly requested to adopt various cryptography technologies into the electronic document system to offer more efficient and safer services. Therefore, this paper presents some problems in cryptography technologies currently used in the existing electronic document systems, and offer efficient methods to adopt cryptography algorithms to improve and secure the electronic document systems. To validate performance of proposed method compare with the existing cryptographies, critical elements have been compared, and it has been proved that the proposed method gives better results both in security and efficiency.

Lightweight AES-based Whitebox Cryptography for Secure Internet of Things (안전한 사물인터넷을 위한 AES 기반 경량 화이트박스 암호 기법)

  • Lee, Jin-Min;Kim, So-Yeon;Lee, Il-Gu
    • Journal of the Korea Institute of Information and Communication Engineering
    • /
    • v.26 no.9
    • /
    • pp.1382-1391
    • /
    • 2022
  • White-box cryptography can respond to white-box attacks that can access and modify memory by safely hiding keys in the lookup table. However, because the size of lookup tables is large and the speed of encryption is slow, it is difficult to apply them to devices that require real-time while having limited resources, such as IoT(Internet of Things) devices. In this work, we propose a scheme for collecting short-length plaintexts and processing them at once, utilizing the characteristics that white-box ciphers process encryption on a lookup table size basis. As a result of comparing the proposed method, assuming that the table sizes of the Chow and XiaoLai schemes were 720KB(Kilobytes) and 18,000KB, respectively, memory usage reduced by about 29.9% and 1.24% on average in the Chow and XiaoLai schemes. The latency was decreased by about 3.36% and about 2.6% on average in the Chow and XiaoLai schemes, respectively, at a Traffic Load Rate of 15 Mbps(Mega bit per second) or higher.

Montgomery Multiplier with Very Regular Behavior

  • Yoo-Jin Baek
    • International Journal of Internet, Broadcasting and Communication
    • /
    • v.16 no.1
    • /
    • pp.17-28
    • /
    • 2024
  • As listed as one of the most important requirements for Post-Quantum Cryptography standardization process by National Institute of Standards and Technology, the resistance to various side-channel attacks is considered very critical in deploying cryptosystems in practice. In fact, cryptosystems can easily be broken by side-channel attacks, even though they are considered to be secure in the mathematical point of view. The timing attack(TA) and the simple power analysis attack(SPA) are such side-channel attack methods which can reveal sensitive information by analyzing the timing behavior or the power consumption pattern of cryptographic operations. Thus, appropriate measures against such attacks must carefully be considered in the early stage of cryptosystem's implementation process. The Montgomery multiplier is a commonly used and classical gadget in implementing big-number-based cryptosystems including RSA and ECC. And, as recently proposed as an alternative of building blocks for implementing post quantum cryptography such as lattice-based cryptography, the big-number multiplier including the Montgomery multiplier still plays a role in modern cryptography. However, in spite of its effectiveness and wide-adoption, the multiplier is known to be vulnerable to TA and SPA. And this paper proposes a new countermeasure for the Montgomery multiplier against TA and SPA. Briefly speaking, the new measure first represents a multiplication operand without 0 digits, so the resulting multiplication operation behaves in a very regular manner. Also, the new algorithm removes the extra final reduction (which is intrinsic to the modular multiplication) to make the resulting multiplier more timing-independent. Consequently, the resulting multiplier operates in constant time so that it totally removes any TA and SPA vulnerabilities. Since the proposed method can process multi bits at a time, implementers can also trade-off the performance with the resource usage to get desirable implementation characteristics.

A Secure and Efficient Remote User Authentication Scheme for Multi-server Environments Using ECC

  • Zhang, Junsong;Ma, Jian;Li, Xiong;Wang, Wendong
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.8 no.8
    • /
    • pp.2930-2947
    • /
    • 2014
  • With the rapid growth of the communication technology, intelligent terminals (i.e. PDAs and smartphones) are widely used in many mobile applications. To provide secure communication in mobile environment, in recent years, many user authentication schemes have been proposed. However, most of these authentication schemes suffer from various attacks and cannot provide provable security. In this paper, we propose a novel remote user mutual authentication scheme for multi-server environments using elliptic curve cryptography (ECC). Unlike other ECC-based schemes, the proposed scheme uses ECC in combination with a secure hash function to protect the secure communication among the users, the servers and the registration center (RC). Through this method, the proposed scheme requires less ECC-based operations than the related schemes, and makes it possible to significantly reduce the computational cost. Security and performance analyses demonstrate that the proposed scheme can solve various types of security problems and can meet the requirements of computational complexity for low-power mobile devices.

Efficient Key Management Protocol for Secure RTMP Video Streaming toward Trusted Quantum Network

  • Pattaranantakul, Montida;Sanguannam, Kittichai;Sangwongngam, Paramin;Vorakulpipat, Chalee
    • ETRI Journal
    • /
    • v.37 no.4
    • /
    • pp.696-706
    • /
    • 2015
  • This paper presents an achievable secure videoconferencing system based on quantum key encryption in which key management can be directly applied and embedded in a server/client videoconferencing model using, for example, OpenMeeting. A secure key management methodology is proposed to ensure both a trusted quantum network and a secure videoconferencing system. The proposed methodology presents architecture on how to share secret keys between key management servers and distant parties in a secure domain without transmitting any secrets over insecure channels. The advantages of the proposed secure key management methodology overcome the limitations of quantum point-to-point key sharing by simultaneously distributing keys to multiple users; thus, it makes quantum cryptography a more practical and secure solution. The time required for the encryption and decryption may cause a few seconds delay in video transmission, but this proposed method protects against adversary attacks.

Proposed CCPS model for comprehensive security management of CCTV (영상정보처리기기(CCTV)의 포괄적 보안관리를 위한 암호·인증·보호·체계(CCPS) 모델 제안)

  • Song, Won-Seok;Cho, Jun-Ha;Kang, Seong-Moon;Lee, MinWoo
    • Proceedings of the Korean Institute of Information and Commucation Sciences Conference
    • /
    • 2021.05a
    • /
    • pp.657-660
    • /
    • 2021
  • A video information processing system (CCTV) requires comprehensive administrative, physical, and technical security management to collect, transmit and store sensitive information. However, there are no regulations related to video information processing, certification methods for the technology used, and application standards suitable for security technology. In this paper, we propose a cryptography, certification, protection, system (CCPS) model that can protect the system by including encryption technology for application to the video information processing system and authentication measures for the technology used in the system configuration.

  • PDF

A Security SoC embedded with ECDSA Hardware Accelerator (ECDSA 하드웨어 가속기가 내장된 보안 SoC)

  • Jeong, Young-Su;Kim, Min-Ju;Shin, Kyung-Wook
    • Journal of the Korea Institute of Information and Communication Engineering
    • /
    • v.26 no.7
    • /
    • pp.1071-1077
    • /
    • 2022
  • A security SoC that can be used to implement elliptic curve cryptography (ECC) based public-key infrastructures was designed. The security SoC has an architecture in which a hardware accelerator for the elliptic curve digital signature algorithm (ECDSA) is interfaced with the Cortex-A53 CPU using the AXI4-Lite bus. The ECDSA hardware accelerator, which consists of a high-performance ECC processor, a SHA3 hash core, a true random number generator (TRNG), a modular multiplier, BRAM, and control FSM, was designed to perform the high-performance computation of ECDSA signature generation and signature verification with minimal CPU control. The security SoC was implemented in the Zynq UltraScale+ MPSoC device to perform hardware-software co-verification, and it was evaluated that the ECDSA signature generation or signature verification can be achieved about 1,000 times per second at a clock frequency of 150 MHz. The ECDSA hardware accelerator was implemented using hardware resources of 74,630 LUTs, 23,356 flip-flops, 32kb BRAM, and 36 DSP blocks.

A Security-Enhanced Identity-Based Batch Provable Data Possession Scheme for Big Data Storage

  • Zhao, Jining;Xu, Chunxiang;Chen, Kefei
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.12 no.9
    • /
    • pp.4576-4598
    • /
    • 2018
  • In big data age, flexible and affordable cloud storage service greatly enhances productivity for enterprises and individuals, but spontaneously has their outsourced data susceptible to integrity breaches. Provable Data Possession (PDP) as a critical technology, could enable data owners to efficiently verify cloud data integrity, without downloading entire copy. To address challenging integrity problem on multiple clouds for multiple owners, an identity-based batch PDP scheme was presented in ProvSec 2016, which attempted to eliminate public key certificate management issue and reduce computation overheads in a secure and batch method. In this paper, we firstly demonstrate this scheme is insecure so that any clouds who have outsourced data deleted or modified, could efficiently pass integrity verification, simply by utilizing two arbitrary block-tag pairs of one data owner. Specifically, malicious clouds are able to fabricate integrity proofs by 1) universally forging valid tags and 2) recovering data owners' private keys. Secondly, to enhance the security, we propose an improved scheme to withstand these attacks, and prove its security with CDH assumption under random oracle model. Finally, based on simulations and overheads analysis, our batch scheme demonstrates better efficiency compared to an identity based multi-cloud PDP with single owner effort.