• Journal of Advanced Information Technology and Convergence
• /
• v.9 no.2
• /
• pp.115-123
• /
• 2019

White-box cryptography is an implementation technique in order to protect secret keys of cryptographic algorithms in the white-box attack model, which is the setting that an adversary has full access to the implementation of the cryptographic algorithm and full control over their execution. This concept was introduced in 2002 by Chow et al., and since then, there have been many proposals for secure implementations. While there have been many approaches to construct a secure white-box implementation for the ciphers with SPN structures, there was no notable result about the white-box implementation for the block ciphers with Feistel structure after white-box DES implementation was broken. In this paper, we propose a secure white-box implementation for a block cipher SEED with Feistel structure, which can prevent the previous known attacks for white-box implementations. Our proposal is simple and practical: it is performed by only 3,376 table lookups during each execution and the total size of tables is 762.5 KB.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2008.11a
• /
• pp.1397-1400
• /
• 2008

본 논문에서는 디지털 TRS 시스템(TETRA)의 종단간 암호화에 사용되는 스마트카드의 성능 요구조건을 만족하는 상용 암호 알고리즘의 구현 가능성에 대하여 2가지 스마트카드에서 다룬다. 삼성전자의 16비트와 32비트 프로세서를 탑재한 스마트카드에서 각 알고리즘의 동작시간을 측정하였다. 성능 비교에 사용된 알고리즘들은 AES, ARIA, 3DES, SEED이다. 32비트 스마트카드에서는 알고리즘의 동작시간이 1.5ms에서 2.3ms사이에 존재하는 반면, 16비트 스마트카드에서는 2.8ms에서 8.2ms사이의 큰 차이로 존재한다. 단말기와 스마트카드의 통신 속도, 프로세서 계산 능력 등을 고려하여 상용스마트카드의 채택 가능한 칩과 알고리즘의 선정에 본 실험 결과는 참고자료가 될 수 있다.

• Journal of Internet Computing and Services
• /
• v.13 no.2
• /
• pp.59-71
• /
• 2012

PKI-based public key scheme is outstanding in terms of authenticity and privacy. Nevertheless its application brings big burden due to the certificate/key management. It is difficult to apply it to limited computing devices in WSN because of its high encryption complexity. The Bilinear Pairing emerged from the original IBE to eliminate the certificate, is a future significant cryptosystem as based on the DDH(Decisional DH) algorithm which is significant in terms of computation and secure enough for authentication, as well as secure and faster. The practical EC Weil Pairing presents that its encryption algorithm is simple and it satisfies IND/NM security constraints against CCA. The Random Oracle Model based IBE PKG is appropriate to the structure of our target system with one secret file server in the operational perspective. Our work proposes modification of the Weil Pairing as proper to the closed network for secret file distribution[2]. First we proposed the improved one computing both encryption and message/user authentication as fast as O(DES) level, in which our scheme satisfies privacy, authenticity and integrity. Secondly as using the public key ID as effective as PKI, our improved IBE variant reduces the key exposure risk.

• Journal of KIISE:Software and Applications
• /
• v.32 no.12
• /
• pp.1238-1246
• /
• 2005

This thesis is written with web security module for safe data transmission between heterogeneous systems(ex. OS). Web system has allowed users to have great convenience and a lot of information. Though web service business has been progressed much, because of the limitation of it's own system, lots of loss, derived from data spillage which is the weakest point of security, has also followed. Suggested security module is realized by two module. One for server security module for web server, the other is client security module for client. The security structure, suggested on this thesis guarantee safe data transmission by only simple installation of modules in clients and servers. for speed sensitive transmission between web server and browser, Triple-DES, symmetric encryption system suitable for fast encryption communication, is adapted. To solve problems caused from key management, Diffie-Hellman's key exchange algorithm is adapted. By this method, all symmetric encryption troubles from key distribution and management, speed could be work out a solution. And Diffie-Hellman type algorithm secures Authentication for safe data Protection.

• Journal of Korea Multimedia Society
• /
• v.20 no.12
• /
• pp.1913-1927
• /
• 2017

Encryption technology is to hide information in a cyberspace built using a computer and to prevent third parties from changing it. If a malicious user accesses unauthorized device or application services on the Internet of objects, it may be exposed to various security threats such as data leakage, denial of service, and privacy violation. One way to deal with these security threats is to encrypt and deliver the data generated by a user. Encrypting data must be referred to a technique of changing data using a complicated algorithm so that no one else knows the content except for those with special knowledge. As computers process computations that can be done at a very high speed, current cryptographic techniques are vulnerable to future computer performance improvements. We designed and implemented a new encryption program that combines ancient and modern cryptography so that the user never knows about data management, and transmission. The significance of this paper is that it is the safest method to combine various kinds of encryption methods to secure the weaknesses of the used cryptographic algorithms.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.5
• /
• pp.27-33
• /
• 2011

At FDTC'05 and CISC-W'10, the authors showed that if they decrease the number of rounds of AES and Triple-DES by using the fault injections, it is possible to recover the secret key of the target algorithms, respectively. In this paper, we propose a key recovery attack on HMAC by using the main idea of these attacks. This attack is applicable to HMAC based on MD-family hash functions and can recover the secret key with the negligible computational complexity. Particularly, the attack result on HMAC-SHA-2 is the first known key recovery attack result on this algorithm.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.5
• /
• pp.751-763
• /
• 2022

With the recent increase in spending growth in the IoT sector worldwide, the importance of lightweight block ciphers to encrypt them is also increasing. The lightweight block cipher PIPO algorithm proposed in ICISC 2020 is an SPN-structured cipher using an unbalanced bridge structure. The white box attack model refers to a state in which an attacker may know the intermediate value of the encryption operation. As a technique to cope with this, Chow et al. proposed a white box implementation technique and applied it to DES and AES in 2002. In this paper, we propose a white box PIPO applying a white box implementation to a lightweight block cipher PIPO algorithm. In the white box PIPO, the size of the table decreased by about 5.8 times and the calculation time decreased by about 17 times compared to the white box AES proposed by Chow and others. In addition, white box PIPO was used for mobile security products, and experimental results for each test case according to the scope of application are presented.

• Journal of the Institute of Electronics Engineers of Korea SP
• /
• v.42 no.2 s.302
• /
• pp.27-36
• /
• 2005

This thesis proposed an effective encryption method for the DCT-based image/video contents and made it possible to operate in a high speed by implementing it as an optimized hardware. By considering the increase in the amount of the calculation in the image/video compression, reconstruction and encryption, an partial encryption was performed, in which only the important information (DC and DPCM coefficients) were selected as the data to be encrypted. As the result, the encryption cost decreased when all the original image was encrypted. As the encryption algorithm one of the multi-mode AES, DES, or SEED can be used. The proposed encryption method was implemented in software to be experimented with TM-5 for about 1,000 test images. From the result, it was verified that to induce the original image from the encrypted one is not possible. At that situation, the decrease in compression ratio was only $1.6\%$. The hardware encryption system implemented in Verilog-HDL was synthesized to find the gate-level circuit in the SynopsysTM design compiler with the Hynix $0.25{\mu}m$ CMOS Phantom-cell library. Timing simulation was performed by Verilog-XL from CadenceTM, which resulted in the stable operation in the frequency above 100MHz. Accordingly, the proposed encryption method and the implemented hardware are expected to be effectively used as a good solution for the end-to-end security which is considered as one of the important problems.

• 제어로봇시스템학회:학술대회논문집
• /
• 2003.10a
• /
• pp.1480-1484
• /
• 2003

This paper presents the design and development of network for housing estate security system. The system can cover up to 961 houses which can be up to 1,200 meters long transfer rate of 9,600 bps. This system uses checking and warning the abnormal situation. More over this system has ability to control switch on/off the electrical equipment in the house via AC line control system. The system consists of 4 parts. The first part is a security system of each house using MCS-51 microcontroller as a central processing unit scan 32 sensors and control 8 appliances and send alarm. The MCS-51 microcontroller received control signal via telephone used DTMF circuit. The second part is distributed two levels master/slave network implementing after RS-485 serial communication standard. The protocol its base on the OSI (Open Systems Interconnection) 7 layers protocol model design focus on speed, reliability and security of data that is transferred. The network security using encrypt by DES algorithm, message sequence, time stamp checking and authentication system when user to access and when connect new device to this system. Flow control in system is Poll/Select and Stop-and-Wait method. The third part is central server that using microcomputer which its main function are storing event data into database and can check history event. The final part is internet system which users can access their own homes via the Internet. This web service is based on a combination of SOAP, HTTP and TCP/IP protocols. Messages are exchanged using XML format [6]. In order to save the number of IP address, the system uses 1 IP address for the whole village in which all homes and appliance in this village are addressed using internal identification numbers. This proposed system gives the data transfer accuracy over 99.8% and maximum polling time is 1,120 ms.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.1
• /
• pp.17-30
• /
• 2015

Unlike existing widely used bytecode-centric Android application code obfuscation methodology, our scheme in this paper makes encrypted file i.e. DEX file self-extracted arbitrary Android application. And then suggests a method regarding making the loader app to execute encrypted file's code after saving the file in arbitrary folder. Encrypted DEX file in the loader app includes original code and some of Manifest information to conceal event treatment information. Loader app's Manifest has original app's Manifest information except included information at encrypted DEX. Using our scheme, an attacker can make malicious code including obfuscated code to avoid anti-virus software at first. Secondly, Software developer can make an application with hidden main algorithm to protect copyright using suggestion technology. We implement prototype in Android 4.4.2(Kitkat) and check obfuscation capacity of malicious code at VirusTotal to show effectiveness.