• Title/Summary/Keyword: Encrypted Data

Search Result 386, Processing Time 0.021 seconds

Development of a Key Recovery System for Recovery of Encrypted Data (암호화된 정보의 복구를 위한 키복구 시스템 개발)

  • Kang, Sang-Seung;Lim, Shin-Young;Ko, Jeong-Ho;Jun, Eun-Ah;Lee, Gang-Soo
    • Journal of KIISE:Computing Practices and Letters
    • /
    • v.7 no.4
    • /
    • pp.324-335
    • /
    • 2001
  • Information systems, which support information security functions such as CALS and EC systems, should have cryptographic functions for information in order to storage and communicate securely. Additionally, including recovery of lost keys, lots of cryptographic keys should be securely managed. In this paper, we present some results of development of a key recovery system for recovery of encrypted data. The proposed system, in a type of key encapsulation approach, confirms to NIST's RKRP(Requirements for Key Recovery Products) that is a defecto international key recovery standard, as well as CC 2.0 that is a international security evaluation criteria. A message sender secretly choices two or more key recovery agents from a pool of key recovery agents. The key recovery information is generated by using the recovering key, random keys and public keys of the chosen agents. A message receiver can not know which key recovery agents are involved in his key recovery service. We have developed two versions of prototype of key recovery system such as C/Unix and Java/NT versions. Our systems can be used for recovery of communicating informations as well as storing informations, and as a new security service solution for electronic commerce service infrastructures.

  • PDF

A Study on the Cryptography Technology for Computing Stored and Encrypted Information without Key Leakage (키 유출 없이 저장되고 암호화된 정보를 계산할 수 있는 암호기술에 관한 연구)

  • Mun, Hyung-Jin;Hwang, Yoon-Cheol
    • Journal of Industrial Convergence
    • /
    • v.17 no.1
    • /
    • pp.1-6
    • /
    • 2019
  • Various cryptographic technologies have been proposed from ancient times and are developing in various ways to ensure the confidentiality of information. Due to exponentially increasing computer power, the encryption key is gradually increasing for security. Technology are being developed; however, security is guaranteed only in a short period of time. With the advent of the 4th Industrial Revolution, encryption technology is required in various fields. Recently, encryption technology using homomorphic encryption has attracted attention. Security threats arise due to the exposure of keys and plain texts used in the decryption processing for the operation of encrypted information. The homomorphic encryption can compute the data of the cipher text and secure process the information without exposing the plain text. When using the homomorphic encryption in processing big data like stored personal information in various services, security threats can be avoided because there is no exposure to key usage and decrypted information.

Memory-efficient Public Key Encryption with Keyword Search in Server (서버에서 효율적인 메모리 사용량을 제공하는 공개키 기반 검색 암호 시스템)

  • Kwon, Eun-Jeong;Seo, Jae-Woo;Lee, Pil-Joong;Park, Young-Man;Lee, Hae-Gyu;Kim, Yeong-Heon;Chong, Hak-Jin
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.18 no.4
    • /
    • pp.3-15
    • /
    • 2008
  • In 2000, Song. et. al. firstly proposed the Searchable Keyword Encryption System that treated a problem to search keywords on encrypted data. Since then, various Searchable Keyword Encryption Systems based on symmetric and asymmetric methods have been proposed. However, the Searchable Keyword Encryption Systems based on public key system has a problem that the index size for searching keywords on encrypted data increases linearly according to the number of keyword. In this paper, we propose the method that reduces the index size of Searchable Keyword Encryption based on public key system using Bloom Filter, apply the proposed method to PEKS(Public key Encryption with Keyword Search) that was proposed by Boneh. et. al., and analyze efficiency for the aspect of storage.

Public Key Encryption with Keyword Search for Restricted Testability (검증 능력이 제한된 검색 가능한 공개키 암호시스템)

  • Eom, Ji-Eun;Rhee, Hyun-Sook;Lee, Dong-Hoon
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.21 no.4
    • /
    • pp.3-10
    • /
    • 2011
  • To provide efficient keyword search on encrypted data, a public key encryption with keyword search (PEKS) was proposed by Boneh et al. A sender encrypts an e-mail and keywords with receiver's public key, respectively and uploads them on a server. Then a receiver generates a trapdoor of w with his secret key to search an e-mail related with some keyword w. However, Byun et al. showed that PEKS and some related schemes are not secure against keyword guessing attacks. In this paper, we propose a public key encryption with keyword search for restricted testability (PEKS-RT) scheme and show that our scheme is secure against keyword guessing attacks.

A Design of Hadoop Security Protocol using One Time Key based on Hash-chain (해시 체인 기반 일회용 키를 이용한 하둡 보안 프로토콜 설계)

  • Jeong, Eun-Hee;Lee, Byung-Kwan
    • The Journal of Korea Institute of Information, Electronics, and Communication Technology
    • /
    • v.10 no.4
    • /
    • pp.340-349
    • /
    • 2017
  • This paper is proposed Hadoop security protocol to protect a reply attack and impersonation attack. The proposed hadoop security protocol is consists of user authentication module, public key based data node authentication module, name node authentication module, and data node authentication module. The user authentication module is issued the temporary access ID from TGS after verifing user's identification on Authentication Server. The public key based data node authentication module generates secret key between name node and data node, and generates OTKL(One-Time Key List) using Hash-chain. The name node authentication module verifies user's identification using user's temporary access ID, and issues DT(Delegation Token) and BAT(Block Access Token) to user. The data node authentication module sends the encrypted data block to user after verifing user's identification using OwerID of BAT. Therefore the proposed hadoop security protocol dose not only prepare the exposure of data node's secret key by using OTKL, timestamp, owerID but also detect the reply attack and impersonation attack. Also, it enhances the data access of data node, and enforces data security by sending the encrypted data.

Frame security method in physical layer using OFB over Gigabit Ethernet Network (기가비트 이더넷 망에서 OFB 방식을 이용한 물리 계층 프레임 보안 기법)

  • Im, Sung-yeal
    • Journal of Internet Computing and Services
    • /
    • v.22 no.5
    • /
    • pp.17-26
    • /
    • 2021
  • This paper is about a physical layer frame security technique using OFB-style encryption/decryption with AES algorithms on Gigabit Ethernet network. We propose a data security technique at the physical layer that performs OFB-style encryption/decryption with AES algorithm with strong security strength when sending and receiving data over Gigabit Ethernet network. Generally, when operating Gigabit Ethernet network, there is no security features, but data security is required, additional devices that apply this technique can be installed to perform security functions. In the case of data transmission over Gigabit Ethernet network, the Ethernet frames conform to IEEE 802.3 specification, which includes several fields to ensure proper reception of data at the receiving node in addition to the data field. When encrypting, only the data field should be encrypted and transmitted in real time. In this paper, we show that only the data field of the IEEE802.3 frame is encrypted and transmitted on the sending node, and only the data field is decrypted to show the plain text on the receiving node, which shows that the encryption/decryption is carried out correctly. Therefore, additional installation of devices that apply this technique can increase the reliability of the system when security for data is required in Ethernet network operating without security features.

Countermeasures of Privacy Disclosure Vulnerability in Data Transfer Section (데이터 전송 구간에서 개인정보노출 취약점과 대응방안)

  • Heo, Geon Il;Kang, Ji Won;Park, Won Hyung
    • Journal of Information Technology Services
    • /
    • v.12 no.1
    • /
    • pp.163-171
    • /
    • 2013
  • As the kind of IT service on the internet is more and more diversifying and increasing, IT service's adverse effects also consistently occurring. Among them the incident of private information exposure is becoming social issues, especially the exposure of private information entered on-line resume is very serious. This paper investigates whether or not data is encrypted in data transfer section of major on-line job-search sites of Korea by using the packet analyzer such as "Wireshark." This paper judges whether or not the vulnerability, private information exposure, exists from the result of the investigation above and suggests countermeasures.

A Novel Cryptosystem Based on Steganography and Automata Technique for Searchable Encryption

  • Truong, Nguyen Huy
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.14 no.5
    • /
    • pp.2258-2274
    • /
    • 2020
  • In this paper we first propose a new cryptosystem based on our data hiding scheme (2,9,8) introduced in 2019 with high security, where encrypting and hiding are done at once, the ciphertext does not depend on the input image size as existing hybrid techniques of cryptography and steganography. We then exploit our automata approach presented in 2019 to design two algorithms for exact and approximate pattern matching on secret data encrypted by our cryptosystem. Theoretical analyses remark that these algorithms both have O(n) time complexity in the worst case, where for the approximate algorithm, we assume that it uses ⌈(1-ε)m)⌉ processors, where ε, m and n are the error of our string similarity measure and lengths of the pattern and secret data, respectively. In searchable encryption, our cryptosystem is used by users and our pattern matching algorithms are performed by cloud providers.

TDES CODER USING SSE2 TECHNOLOGY

  • Koo, In-Hoi;Kim, Tae-Hoon;Ahn, Sang-Il
    • Proceedings of the KSRS Conference
    • /
    • 2007.10a
    • /
    • pp.114-117
    • /
    • 2007
  • DES is an improvement of the algorithm Lucifer developed by IBM in the 1977. IBM, the National Security Agency (NSA) and the National Bureau of Standards (NBS now National Institute of Standards and Technology NIST) developed the DES algorithm. The DES has been extensively studied since its publication and is the most widely used symmetric algorithm in the world. But nowadays, Triple DES (TDES) is more widely used than DES especially in the application in case high level of data security is required. Even though TDES can be implemented based on standard algorithm, very high speed TDES codec performance is required to process when encrypted high resolution satellite image data is down-linked at high speed. In this paper, Intel SSE2 (Streaming SIMD (Single-Instruction Multiple-Data) Extensions 2 of Intel) is applied to TDES Decryption algorithm and proved its effectiveness in the processing time reduction by comparing the time consumed for two cases; original TDES Decryption and TDES Decryption with SSE2

  • PDF

Research on the Image Encryption Method using a Linear-structure Chaos System (선형구조 혼돈계를 이용한 이미지 암호와 방법 연구)

  • Cho, Chang Ho;Yim, Geo Su
    • Journal of Korea Society of Digital Industry and Information Management
    • /
    • v.7 no.4
    • /
    • pp.75-79
    • /
    • 2011
  • With the rapid growth of digital communication and the internet, the importance of conducting research on data encryption methods is increasing. Some of the pertinent researches that have been conducted so far introduced data encryption methods using chaos systems, and numerous researches are currently being conducted on such methods. The signals produced by the chaos systems are called "determined noise," and if this is applied to data encryption, very effective results can be obtained. Using the Henon map, the relationship between the non-linearity of the chaos system and the strength of encryption was analyzed, and a linear-structure chaos system that uses non-linearity as a variable for encryption strength was constructed. Using the constructed chaos system, an image was encrypted and decoded, and the correlation coefficient of the linear-structure chaos system's performance was calculated and then analyzed.