• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.1
• /
• pp.5-14
• /
• 2014

Searchable encryption systems provide search on encrypted data while preserving the privacy of the data and the search keywords used in queries. Recently, interest on data outsourcing has increased due to proliferation of cloud computing services. Many researches are on going to minimize the trust put on external servers and searchable encryption is one of them. However, most of previous searchable encryption schemes provide only a single keyword boolean search. Although, there have been proposals to provide conjunctive keyword search, most of these works use a fixed field which limit their application. In this paper, we propose a field-free conjunctive keyword searchable encryption that also provides rank information of search results. Our system uses prime tables and greatest common divisor operation, making our system very efficient. Moreover, our system is practical and can be implemented very easily since it does not require sophisticated cryptographic module.

• The KIPS Transactions:PartC
• /
• v.11C no.2
• /
• pp.163-170
• /
• 2004

The additional mechanism Is required to set up a secure connection among the communication subjects in the internet environment. Each entity should transfer and receive the encrypted and hashed data to guarantee the data integrity. Also, the mutual authentication procedure should be processed using a secure communication protocol. The SSL/TLS is a protocol which creates the secure communication channel among the communication subjects and sends/receives a data. Although the OpenSSL which implements the TLS is using by many developers and its stability and performance are proved, it has a difficulty in using because of its large size. So, this Paper designs and implements the secure communication which the users can use easily by modification works of OpenSSL library API. We proved the real application results using the DRM client/server case which supports a secure communication using the implemented API.

• Journal of Korea Multimedia Society
• /
• v.15 no.3
• /
• pp.299-311
• /
• 2012

Recently, H.264 SE(scalable extension) has become a standard of next generation multimedia service which is one source, multi-user service in the telecommunication environment of different kinds of networks and terminal equipments. But existing DRM schemes for multimedia service are not fit for H.264 SE system. Because the amount of transmitted multimedia data is changed considering network environment and terminal equipments' performance by the system, but in the existing DRM schemes, the amount of handled multimedia data are not variable according to network environment and terminal equipments' performance. In this paper, an information security scheme combined video watermarking and encryption is presented for H.264 SE. Amount of watermarks and embedding positions are calculated by the frame number of enhancement layers which are created according to the state of networks and terminal equipments. In order to minimize delayed time by video watermarking and encryption, the video data are watermarked and encrypted in the H.264 SE compression process. In the experimental results, we confirmed that proposed scheme is robust against video compression, general signal processing and geometric processing.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.20 no.4
• /
• pp.769-776
• /
• 2016

TELNET is vulnerable to network attack because it was designed without considering security. SSL/TLS and SSH are used to solve this problem. However it needs additional secure protocol and has no backward compatibility with existing TELNET in this way. In this paper, we have suggested STELNET(Secured Telnet) which supports security functionalities internally so that has a backward compatibility. STELNET supports a backward compatibility with existing TELNET through option negotiation. On STELNET, A client authenticates server by a certificate or digital signature generated by using ECDSA. After server is authenticated, two hosts generate a session key by ECDH algorithm. And then by using the key, they encrypt data with AES and generate HMAC by using SHA-256. After then they transmit encrypted data and generated HMAC. In conclusion, STELNET which has a backward compatibility with existing TELNET defends MITM(Man-In-The-Middle) attack and supports security functionalities ensuring confidentiality and integrity of transmitted data.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.14 no.6
• /
• pp.139-147
• /
• 2014

The ballast water may be discharged into another sea area with marine organisms, it caused problems to disturb the marine ecosystem. So, in order to remove these environmental risk factors, the IMO has mandated the installation of BWTS to the all ships. Our monitoring system diagnose and predict a failure of BWTS by analyzing the sensor information of BWTS collected from which the ships scattered in the ocean of several. This paper presents the design and implementation of communication modules for BWTS remote monitoring considering the satellite communication charge fee. In the our study, we implemented the safety and cost-saving communication modules by LabVIEW program. The collected sensor informations is encrypted and compressed by LabVIEW modules running on RIO. Then they will be transfer to the land server and will be decrypt to enable monitoring in the land server. For the verification, we build the test modules which can verify from collecting the sensor data to consuming them in the monitoring server. We carried out 20 times for the data pattern in all of case. So, we verified the excellent functionality and reliability through the experimental result.

• The KIPS Transactions:PartC
• /
• v.11C no.5
• /
• pp.683-688
• /
• 2004

NAT is a very useful IP address translation technique that allows two connected networks using different and incompatible IP address schemes. But it is impractical to use NAT for an application which uses the encrypted IP packet, embedding IP addresses inside of data payloads, to guarantee End-to-End Security such as IPSec. In addition to rewriting the source/destination IP addresses in the packet, NAT must modify IP checksum every time, which could lead to considerable performance decrease of the overall system in the process of the address translation. RSIP is an alternative to solve these disadvantages of NAT and the address shortage problems. Both NAT and RSIP divide networks into inside and outside addressing realms. NAT translates addresses between internal network and external network, but RSIP uses a borrowed external address for outside communications. RSIP server assigns a routable public address to a RSIP client temporarily to communicate with public net-work outside of the private network. In this paper, RSIP gateway for intranet environment is designed and its performance is evaluated. From the results of performance evaluation, we knew that RSIP is operated less sensitive to the data traffic. Also, the experiment shows that RSIP performs better than NAT when the transmission data grows larger.

• The Journal of the Korea Contents Association
• /
• v.8 no.4
• /
• pp.10-16
• /
• 2008

Quantity of encrypted data that transmitted through the network are increasing by development of encipherment technology. We have many problems; it is caused by technical development and service increase of user requests. It is necessary that create a many encryption key in one web application system. As a result, service quality comes to be low because of increased network traffic and system overload. There must be a system. That should be improved in secure service quality to process data. This paper describes a new approach for design and implementation of distributed encryption key processing for web application system. In this paper, it is based on distributed encipherment key, for the purpose of confidentially, integrity and authentication. It can prevent system degradation from server's data bottleneck and can improve service quality. For distributed encipherment system, we use java object activation technology. It can service while some distributed server are fail.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.17 no.1
• /
• pp.13-18
• /
• 2017

With the advancement of internet technology, the importance of data protection is gaining more attention. As a possible data protection solution, we propose a novel video encryption method using complemented maximum-length cellular automata (C-MLCA). The first step for encryption is to use 90/150 CA rule to generate a transition matrix T of a C-MLCA state followed by a 2D C-MLCA basis image. Then, we divide the video into multiple frames. Once, we perform exclusive-OR operation with the split frames and the 2D basis image, the final encrypted video can be obtained. By altering values of pixel, the fundamental information in visualizing image data, the proposed method provides improved security. Moreover, we carry out some computational experiments to further evaluate our method where the results confirm its feasibility.

• Journal of the Korea Society of Computer and Information
• /
• v.16 no.2
• /
• pp.201-206
• /
• 2011

With the development and supply of digital displayers, there has been a heightened interest of late in digital photo frames, eclipsing the existing print frames. This digital photo frame was developed into a new LCD digital photo frame that can be used not only for data display but also as a surveillance monitoring equipment when combined with a CCD camera. The developed photo frame uses a one-way communication encryption method that replaces the existing two-way communication encryption method to ensure the security of the surveillance image data. This method uses the chaotic signal's one-way synchronization phenomenon, where synchronization is made for a certain amount of time, after which the synchronized data can be encrypted and decoded at any point. It can yield the same results as the two-way communication encryption method. Moreover, if the proposed method is applied to the close-range communication methods of ubiquitous devices, it will be able to obtain more efficient results.

• Journal of the Korean Society for Aeronautical & Space Sciences
• /
• v.31 no.10
• /
• pp.89-96
• /
• 2003

In this paper, a CCSDS(Consultative Committee for Space Data Systems) telecommand(TC) decryptor for the security of geostationary communications satellite was implemented. For the confidentiality of CCSDS TC datalink security, Option-A which implements the security services below the transfer sublayer was selected. Also CFB(Cipher Feedback) operation mode of DES(Data Encryption Standard) was used for the encryption of 56-bit data bits in 64-bit codeblock. To verify Decryptor function, the DES CFB logic implemented on A54SX32 FPGA(Field Programmable Gate Array) was integrated with interface and control logics in a PCB(Printed Circuit Board). Using a function test PC, the encrypted codeblocks were generated, transferred into the decryptor, decrypted, and the decrypted codeblocks were transmitted to the function test PC, and then compared with the source codeblocks. Through LED(Light Emitting Diode) ON operation by driving the relay related to Op-code decoded and the comparison between the codeblock output waveforms measured and those simulated, the telecommand decryptor function was verified.