• Proceedings of the Korea Information Processing Society Conference
• /
• 2013.05a
• /
• pp.157-158
• /
• 2013

Data privacy and access control policies in computer clouds are a prime concerns while talking about the sensitive data. Authorized access is ensured with the help of secret keys given to a range of valid users. Granting the role access is a trivial matter but revoking user access is tricky and compute intensive. To revoke a user and making his data access ineffective the data owner has to compute new set of keys for the rest of effective users. This situation is inappropriate where user revocation is a frequent phenomenon. Time based revocation is another way to deal this issue where key for data access expires automatically. This solution rests in a very strong assumption of time determination in advance. In this paper we have proposed a mutable encryption for oblivious data access in cloud storage where the access key becomes ineffective after defined number of threshold by the data owner. The proposed solution adds to its novelty by introducing mutable encryption while accessing the data obliviously.

• ETRI Journal
• /
• v.34 no.1
• /
• pp.66-75
• /
• 2012

This paper proposes a privacy-preserving database encryption scheme that provides access pattern hiding against a service provider. The proposed scheme uses a session key to permute indices of database records each time they are accessed. The proposed scheme can achieve access pattern hiding in situations in which an adversary cannot access the inside of the database directly, by separating the entity with an index table and data table and permuting both the index and position where the data are stored. Moreover, it is very efficient since only O(1) server computation and communication cost are required in terms of the number of the data stored. It can be applied to cloud computing, where the intermediate entities such as cloud computing service provider can violate the privacy of users or patients.

• International Journal of Internet, Broadcasting and Communication
• /
• v.4 no.2
• /
• pp.17-21
• /
• 2012

As an acronym for Supervisory Control and Data Acquisition, SCADA is a concept that is used to refer to the management and procurement of data that can be used in developing process management criteria. The use of the term SCADA varies, depending on location. Conventionally, SCADA is connected only in a limited private network. In current times, there are also demands of connecting SCADA through the internet. The internet SCADA facility has brought a lot of advantages in terms of control, data generation and viewing. With these advantages, come the security issues regarding web SCADA. In this paper, we discuss web SCADA and its connectivity along with the issues regarding security and suggests a web SCADA security solution using asymmetric-key encryption.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.14 no.5
• /
• pp.2258-2274
• /
• 2020

In this paper we first propose a new cryptosystem based on our data hiding scheme (2,9,8) introduced in 2019 with high security, where encrypting and hiding are done at once, the ciphertext does not depend on the input image size as existing hybrid techniques of cryptography and steganography. We then exploit our automata approach presented in 2019 to design two algorithms for exact and approximate pattern matching on secret data encrypted by our cryptosystem. Theoretical analyses remark that these algorithms both have O(n) time complexity in the worst case, where for the approximate algorithm, we assume that it uses ⌈(1-ε)m)⌉ processors, where ε, m and n are the error of our string similarity measure and lengths of the pattern and secret data, respectively. In searchable encryption, our cryptosystem is used by users and our pattern matching algorithms are performed by cloud providers.

• Journal of Korea Multimedia Society
• /
• v.8 no.5
• /
• pp.679-690
• /
• 2005

Business model in Web environments is usually provided by multimedia data. Information exchange between users and service providers should be made in encrypted data. Encrypted data are secure from being hacked. Application of DB encryption is a main technology for contents protection. We have applied the access control based on RBAC and prevented the unauthorized users from using the contents. In this paper, we propose a new DB encryption scheme which uses RHAC and digital signature based on PMI.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.8 no.4
• /
• pp.21-32
• /
• 1998

통신 및 컴퓨터 시스템의 처리 속도가 높아짐에 따라 정보 보호를 위해서 고속의 데이터처리가 반드시 요구되어진다. 따라서 본 논문에서는 국제 표준 암호알로기즘의 하나인ISDEA(International Data Encryption Algorithm)를 고속 연산을 위하여 알고리즘을 분석하고 암호화 수행시간을 감소하기 위하여 파이프라인 처리를 하며, 서브키 생성시의 연산회수를 줄이기 위하여 서브키 블록을 EEPROM 으로 구현하였다. 전체적인 시스템은 VHDL(VHSIC Hardware Description Language)을 사용하여 설계하였다. IDEA 알고리듬은 EDA tool인 Synopsys를 사용하여 Sunthesis하였으며, Xilinx의 FPGA XC4052XL을 이용하여 One CHip화 시켰다. 입력 클럭으로 20Mhz를 사용하였을 때, data arrival time은 687.07ns였으며, 109.01 Mbp의 속도로 동작하 였다.

• Journal of the Korean Mathematical Society
• /
• v.59 no.1
• /
• pp.35-51
• /
• 2022

We give secure parameter suggestions to use sparse secret vectors in LWE based encryption schemes. This should replace existing security parameters, because homomorphic encryption (HE) schemes use quite different variables from the existing parameters. In particular, HE schemes using sparse secrets should be supported by experimental analysis, here we summarize existing attacks to be considered and security levels for each attacks. Based on the analysis and experiments, we compute optimal scaling factors for CKKS.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.1
• /
• pp.3-14
• /
• 2011

In recent days, people used to store and share the data with other users through the web storage services. It is more convenient for using the data, but it raise problems such as access control of stored data and privacy exposure to untrusted server. Searchable encryption is used to share the data securely in multi-user setting. Especially in the multi-user setting, the revoked users should not be able to search the data and access the stored data. That is, it should be considered the security from revoked users. However in the existing schemes, the revoked users can decrypt the shared data by passive attack. Proposed scheme is the secure searchable encryption that resolves the problem and guarantees the security for revoked users.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.21 no.9
• /
• pp.1703-1710
• /
• 2017

This paper propose a 3D point clouds (depth) security technique for digital holographic display service. Image contents encryption is a method to provide only authorized right owners with the original image information by encrypting the entire image or a part of the image. The proposed method detected an edge from a depth and performed quad tree decomposition, and then performed encryption. And encrypts the most significant block among the divided blocks. The encryption effect was evaluated numerically and visually. The experimental results showed that encrypting only 0.43% of the entire data was enough to hide the constants of the original depth. By analyzing the encryption amount and the visual characteristics, we verified a relationship between the threshold for detecting an edge-map. As the threshold for detecting an edge increased, the encryption ratio decreased with respect to the encryption amount.

• The KIPS Transactions:PartB
• /
• v.15B no.6
• /
• pp.575-584
• /
• 2008

According to the network condition, the communication network overload could be occurred when media transmitting. Many researches are being carried out to lessen the network overload, such as the filtering, load distributing, frame dropping and many other methods. Among these methods, one of effective method is frame dropping that reduces specified video frames for bandwidth diminution. B frames are dropped and then I, P frames are dropped according to dependency among the frames in frame dropping. This paper proposes a scheme for protecting copyrights by encryption, when we apply frame dropping to reduce bandwidth of media following MPEG-4 file format. We designed two kinds of frame dropping: first one stores and then sends the dropped files and the other drops frames in real-time when transmitting. We designed three kinds of encryption methods in which DES algorithm is used to encrypt MPEG-4 data: macro block encryption in I-VOP, macro block and motion vector encryption in P-VOP, and macro block and motion vector encryption in I, P-VOP. Based on these three methods, we implemented a digital right management solution for MPEG-4 data streaming. We compared the results of dropping, encryption, decryption and quality of video sequences to select an optimal method, and there is no noticeable difference between the video sequences recovered after frame dropping and the ones recovered without frame dropping. The best performance in encryption and decryption of frames was obtained when we apply the macro block and motion vector encryption in I, P-VOP.