• Journal of Broadcast Engineering
• /
• v.20 no.6
• /
• pp.807-817
• /
• 2015

This paper is to propose an encryption method for only an allowed user to see the content for a digital hologram, that is a high value-added content. This paper uses a characteristic of Fresnel transform that the object region is concentrated to a relatively small part of the diffraction plane. By encrypting the concentrated part only the region to be encrypted and in turn the amount of data to be encrypted is reduced a lot, which results in an high efficiency with low encryption rate. As the methodology, a digital hologram is first Fresnel transformed for reconstruction and the result is secondly Fresnel transformed to concentrate the energy into the center of the diffraction plane to encrypt the concentrated region only. For the 2nd transform, energy concentration degree is determined by adjusting the diffraction distance and encryption strength is determined by adjusting the scaling factor. For this we analyze the optimal encryption area according to the diffraction distance and the scaling factor. When applying the proposed method with diffraction distance of 20m the object information was visually unrecognizable with the encryption ratio only 0.005% ~ 0.02%.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.5
• /
• pp.845-853
• /
• 2022

As the memory capacity of smartphone increases, the type and amount of privacy stored in the smartphone is also increasing. but recently there is an increasing possibility that various personal information such as photos and videos of smartphones may be leaked due to malicious apps by malicious attackers or other people such as repair technicians. This paper analyzed and studied the security and vulnerability of these vault apps by analyzing the cryptography algorithm and data protection function. We analyzed 5.3.7(June 13, 2022) and 3.3.2(December 30, 2020) versions of AppLock, the most downloaded information-hidding apps registered with Google Play, and found various vulnerabilities. In the case of access control, there was a vulnerability in that values for encrypting patterns entered by users were hardcoded into plain text in the source code, and encrypted pattern values were stored in xml files. In addition, in the case of the vault function, there was a vulnerability in that the files and log files for storing in the vault were not encrypted.

• Journal of Korea Multimedia Society
• /
• v.23 no.2
• /
• pp.262-273
• /
• 2020

This paper analyzes the existing copyright management and copyright sharing model and discusses the limitations. It then proposes a consortium Blockchain-based copyright management model in which the service platform participates as a node, and discusses how to combine the My Data concept with Blockchain and smart contracts. Also, Blockchain-based CP-ABE is introduced and applied to the proposed model as a way for users to define access policies and store copyright data in encrypted form on the storage of the online service providers (OSP). Compared with the existing copyright management model, the proposed model allows the copyright holder to focus on copyright registration, license content design, and sharing, as the data subject. And it is expected to be able to transparently manage the usage records and the basis for the settlement of the copyrighted data that are shared and used on each platform.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2013.05a
• /
• pp.231-233
• /
• 2013

A lot of information is exchanged using data communications in today's modern society. Nowadays many important communications are susceptible to interception and theft for malicious purposes, and is under threat from hackers. Crackers are able to hack into data flows even if the data is encrypted. To ensure strong encryption properties, these cryptographic algorithms are often a burden on devices used for authentication such as a PC or smart phone. This paper proposes an authentication system using the Arduino module. Implementation and application of the communication scheme is designed to minimize the burden of delivering data communication between devices especially where password and encryption is concerned.

• Smart Media Journal
• /
• v.4 no.4
• /
• pp.33-38
• /
• 2015

Cloud storage server do not detect duplication of conventionally encrypted data. To solve this problem, Convergent Encryption has been proposed. Recently, various client-side deduplication technology has been proposed. However, this propositions still cannot solve the security problem. In this paper, we suggest a secure source-based deduplication technology, which encrypt data to ensure the confidentiality of sensitive data and apply proofs of ownership protocol to control access to the data, from curious cloud server and malicious user.

• Journal of Digital Convergence
• /
• v.14 no.2
• /
• pp.175-181
• /
• 2016

Cloud storage servers do not detect duplication of conventionally encrypted data. To solve this problem, convergent encryption has been proposed. Recently, various client-side deduplication technology has been proposed. However, this propositions still cannot solve the security problem. In this paper, we suggest a secure source-based deduplication technology, which encrypt data to ensure the confidentiality of sensitive data and apply proofs of ownership protocol to control access to the data, from curious cloud server and malicious user.

• Journal of KIISE:Computer Systems and Theory
• /
• v.37 no.4
• /
• pp.226-238
• /
• 2010

OpenSSL is an open-source library implementing SSL that is a secure communication protocol. However, the library has a severe vulnerability that its security information can be easily exposed to malicious software when the library is used in a form of shared library on Linux and UNIX operating systems. We propose a scheme to attack the vulnerability of the OpenSSL library. The scheme injects codes into a running client program to execute the following attacks on the vulnerability in a SSL handshake. First, when a client sends a server a list of cryptographic algorithms that the client is willing to support, our scheme replaces all algorithms in the list with a specific algorithm. Such a replacement causes the server to select the specific algorithm. Second, the scheme steals a key for data encryption and decryption when the key is generated. Then the key is sent to an outside attacker. After that, the outside attacker decrypts encrypted data that has been transmitted between the client and the server, using the specified algorithm and the key. To show that our scheme is realizable, we perform an experiment of collecting encrypted login data that an ftp client using the OpenSSL shared library sends its server and then decrypting the login data.

• Korean Journal of Optics and Photonics
• /
• v.16 no.4
• /
• pp.326-333
• /
• 2005

Phase-only encryption scheme using exclusive-OR rules in Fourier plane and a single path decryption system are presented. A zero-padded original image, multiplied by a random phase image, is Fourier transformed and its real-valued data is encrypted with key data by using XOR rules. A decryption is simply performed based on 2-1 setup with spatial filter by Fourier transform for multiplying phase-only encrypted data by phase-only key data, which are obtained by phase-encoding process, and spatial filtering for zero-order elimination in inverse-Fourier plane. Since the encryption process is peformed in Fourier plane, proposed encryption scheme is more tolerant to loss of key information by scratching or cutting than previous XOR encryption method in space domain. Compare with previous phase-visualization systems, due to the simple architecture without a reference wave, our system is basically robust to mechanical vibrations and fluctuations. Numerical simulations have confirmed the proposed technique as high-level encryption and simple decryption architecture.

• Journal of the Korea Society of Computer and Information
• /
• v.18 no.11
• /
• pp.115-124
• /
• 2013

In this paper, we suggest a secure data dissemination by Lightweight Individual Encryption Multicast scheme over wireless sensor networks using the individual encryption method with Forward Error Correction instead of the group key encryption method. In wireless sensor networks, a sink node disseminates multicast data to the number of sensor nodes to update the up to date software such as network re-programming and here the group key encryption method is the general approach to provide a secure transmission. This group key encryption approach involves re-key management to provide a strong secure content distribution, however it is complicated to provide group key management services in wireless sensor networks due to limited resources of computing, storage, and communication. Although it is possible to control an individual node, the cost problem about individual encryption comes up and the individual encryption method is difficult to apply in multicast data transmission on wireless sensor networks. Therefore we only use 0.16% of individually encrypted packets to securely transmit data with the unicast to every node and the rest 99.84% non-encrypted encoded packets is transmitted with the multicast for network performance.

• Convergence Security Journal
• /
• v.23 no.3
• /
• pp.13-20
• /
• 2023

This study conducted a digital forensic analysis of Signal and Telegram, two secure messengers widely used in the Android environment. As mobile messengers currently play an important role in daily life, data management and security within these apps have become very important issues. Signal and Telegram, among others, are secure messengers that are highly reliable among users, and they safely protect users' personal information based on encryption technology. However, much research is still needed on how to analyze these encrypted data. In order to solve these problems, in this study, an in-depth analysis was conducted on the message encryption of Signal and Telegram and the database structure and encryption method in Android devices. In the case of Signal, we were able to successfully decrypt encrypted messages that are difficult to access from the outside due to complex algorithms and confirm the contents. In addition, the database structure of the two messenger apps was analyzed in detail and the information was organized into a folder structure and file format that could be used at any time. It is expected that more accurate and detailed digital forensic analysis will be possible in the future by applying more advanced technology and methodology based on the analyzed information. It is expected that this research will help increase understanding of secure messengers such as Signal and Telegram, which will open up possibilities for use in various aspects such as personal information protection and crime prevention.