• International Journal of Computer Science & Network Security
• /
• v.22 no.2
• /
• pp.209-213
• /
• 2022

Key exchange protocol (KEP) is an essential setup to secure authenticates transmission among two or more users in cyberspace. Digital files protected and transmitted by the encryption of the files over public channels, a single key communal concerning the channel parties and utilized for both to encrypt the files as well as decrypt the files. If entirely done, this impedes unauthorized third parties from imposing a key optimal on the authorized parties. In this article, we have suggested a new KEP term as isokey interchange protocol based on generalization of modern mathematics term as isomathematics by utilizing isonumbers for corresponding isounits over the Block Upper Triangular Isomatrices (BUTI) which is secure, feasible and extensible. We also were utilizing arithmetic operations like Isoaddition, isosubtraction, isomultiplication and isodivision from isomathematics to build iso-key interchange protocol for network communication. The execution of our protocol is for two isointegers corresponding two elements of the group of isomatrices and cryptographic performance of products eachother. We demonstrate the protection of suggested isokey interchange protocol against Brute force attacks, Menezes et al. algorithm and Climent et al. algorithm.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.6
• /
• pp.1237-1246
• /
• 2021

This paper is about Asynchronous Transfer Mode (ATM) cell security in which an Output Feedback (OFB) mode is applied to an AES block ciphers. ATM cells are divided into user data cells and maintenance cells, and each cell is 53 octets in size and consists of a header of 5 octets and a payload of 48 octets. In order to encrypt/decrypt ATM cells, the boundaries of cells must be detected, which is possible using the Header Error Control (HEC) field in the header. After detecting the boundary of the cell, the type of payload is detected using a payload type (PT) code to encrypt only the user cell. In this paper, a security method for ATM cells that satisfies the requirements of ISO 9160 is presented.

• International Journal of Computer Science & Network Security
• /
• v.21 no.11
• /
• pp.354-362
• /
• 2021

The device to device (D2D) communication is an important and emerging area for future cellular networks. It is concerned about all aspect of secure data transmission between end devices along with originality of the data. In this paradigm, the major concerns are about how keys are delivered between the devices when the devices require the cryptographic keys. Another major concern is how effectively the receiver device verifies the data sent by the sender device which means that the receiver checks the originality of the data. In order to fulfill these requirements, the proposed system able to derive a cryptographic key using a single secret key and these derived keys are securely transmitted to the intended receiver with procedure called mutual authentication. Initially, derived keys are computed by applying robust procedure so that any adversary feel difficulties for cracking the keys. The experimental results shows that both sender and receiver can identify themselves and receiver device will decrypt the data only after verifying the originality of the data. Only the devices which are mutually authenticated each other can interchange the data so that entry of the intruder node at any stage is not possible.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.17 no.2
• /
• pp.591-608
• /
• 2023

With the emergence of advanced encryption technologies such as Quantum Cryptography and Full Disk Encryption, an era of strengthening information security has begun. Users respond positively to the advancement of privacy-enhancing technology, on the other hand, investigative agencies have difficulty unveiling the actual truth as they fail to decrypt devices. In particular, unlike past ciphers, encryption methods using biometric information such as fingerprints, iris, and faces have become common and have faced technical limitations in collecting digital evidence. Accordingly, normative solutions have emerged as a major issue. The United States enacted the CLOUD Act with the legal mechanism of 'Contempt of court' and in 2016, the United Kingdom substantiated the Compelled Decryption through the Investigatory Powers Act (IPA). However, it is difficult to enforce Compelled Decryption on individuals in Korea because Korean is highly sensitive to personal information. Therefore, in this paper, we sought a method of introducing a Compelled Decryption that does not contradict the people's legal sentiment through a perception survey of 95 people on the Compelled Decryption. We tried to compare and review the Budapest Convention with major overseas laws such as the United States and the United Kingdom, and to suggest a direction of legislation acceptable to the people in ways to minimize infringement of privacy. We hope that this study will be an effective legal response plan for law enforcement agencies that can normatively overcome the technical limitations of decoding.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.4
• /
• pp.601-608
• /
• 2023

Homomorphic encryption is a promising technology that has been extensively researched in recent years. It allows computations to be performed on encrypted data, without the need to decrypt it. In this paper, we perform bibliometric analysis to objectively and quantitatively analyze the research trends of homomorphic encryption technology using 6,047 homomorphic encryption papers from the Scopus database. Specifically, we analyze the number of papers by year, keyword co-occurrence, topic clustering, changes in related keywords over time, and country of homomorphic encryption research institutions. Our analysis results provide strategic directions for research and application of homomorphic encryption and can be a great help for subsequent research and industrial applications.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.34 no.1
• /
• pp.61-70
• /
• 2024

As users use various services along with the rapid increase in Internet services, it may be difficult to manage accounts. To solve these difficulties, various password management applications are emerging. From a forensic point of view, password management applications can provide clues to obtain criminal evidence. The purpose of this paper is to acquire the data stored by the user in the password management application. To this end, we propose a better way to decrypt the encrypted data through reverse engineering, evaluate the security of the application to be analyzed, and safely store the data.

• The KIPS Transactions:PartC
• /
• v.10C no.5
• /
• pp.541-548
• /
• 2003

A fair exchange protocol enable two parties to exchange secrets with fairness, so that neither can gain any information advantage by quitting prematurely or otherwise misbehaving. Therefore a fair exchange is the most important for electronic transactions between untrusted parties. To design new fair exchange, after describing basic concepts, definitions and existing protocols and designing a non-interactive OT protocol using ELGamal's public key system, I will design new protocol to support fair exchange. In my designed new protocol, untrusted parties exchange secrets obliviously and verify that their received secrets are true by using transformed Zero Knowledge Interactive Proof extended to duplex. At this time, concerned two parties can't decrypt the other's ciphertext. .After all of the steps, two parties can do it. It is the most important to provide perfect fairness and anonymity to untrusted parties in this protocol.

• Journal of the Institute of Electronics and Information Engineers
• /
• v.49 no.9
• /
• pp.55-64
• /
• 2012

Until now, Side Channel Attack has been known to be effective to crack decrypt key such as smart cards, electronic passports and e-ID card based on Chip. Combination of Masking and shuffling methods have been proposed practical countermeasure. Newly, S.Tillich suggests biased-mask using template attack(TA) to attack AES with masking and shuffling. However, an additional assumption that is acquired template information previously for masking value is necessary in order to apply this method. Moreover, this method needs to know exact time position of the target masking value for higher probability of success. In this paper, we suggest new practical method called Biasing Power Analysis(BPA) to find a secret key of AES based on masking-shuffling method. In BPA, we don't use time position and template information from masking value. Actually, we do experimental works of BPA attack to 128bit secret key of AES based on masking-shuffling method performed MSP430 Chip and we succeed in finding whole secret key. The results of this study will be utilized for next-generation ID cards to verify physical safety.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.20 no.1
• /
• pp.55-60
• /
• 2020

In this paper, we propose an access control system using cryptography as a method to protect personal data in public blockchain. The proposed system is designed to encrypt data according to the access policy, store it in the blockchain, and decrypt only the person who satisfy the access policy. In order to improve performance and scalability, an encryption mechanism is implemented outside the blockchain. Therefore, data access performance could be preserved while cryptographic operations executed Furthermore it can also improve the scalability by adding new access control modules while preserving the current configuration of blockchain network. The encryption scheme is based on the attribute-based encryption (ABE). However, unlike the traditional ABE, the "retention period", is incorporated into the access structure to ensure the right to be forgotten. In addition, symmetric key cryptograpic algorithms are used for the performance of ABE. We implemented the proposed system in a public blockchain and conducted the performance evaluation.

• Journal of Internet Computing and Services
• /
• v.21 no.3
• /
• pp.11-19
• /
• 2020

In this paper, a merged TEA block cipher processor which unifies Tiny Encryption Algorithm(TEA), extended Tiny Encryption Algorithm(XTEA) and corrected block TEA(XXTEA) is designed. After TEA cipher algorithm was first designed, XTEA and XXTEA cipher algorithms were designed to correct security weakness. Three types of cipher algorithm uses a 128-bit master key. The designed cipher processor can encrypt or decrypt 64-bit message block for TEA/XTEA and variable-length message blocks up to 256-bit for XXTEA. The maximum throughput for 64-bit message blocks is 137Mbps and that of 256-bit message blocks is 369Mbps. The merged TEA block cipher designed in this paper has a 16% gain on the area side compared to a lightweight LEA cipher. The cryptographic IP of this paper is applicable in security module of the mobile areas such as smart card, internet banking, and e-commerce.