• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.19 no.9
• /
• pp.2056-2063
• /
• 2015

Recently, as the service scale of cloud service is expanded, an anxiety due to concerns on new vulnerabilities and security related incidents and accidents are also increasing. This paper proposes a certification scheme for multiple session management of security sessions which are generated after the user authentication. The proposed session multiplexing scheme enables the independent management of security sessions in the level of virtualization (hypervisor) within the service provider. As a result of performance analysis, providing a strong safety due to session multiplexing and mutual authentication, and the superiority of performance was proven by comparing it with the existing mutual authentication encryption algorithms.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2017.10a
• /
• pp.575-577
• /
• 2017

In public key cryptography such as RSA, modular exponentiation is the most time-consuming operation. RSA's modular exponentiation can be computed by repeated modular multiplication. To attain high efficiency for RSA, fast modular multiplication algorithms have been proposed to speed up decryption/encryption. Montgomery multiplication is limited by the carry propagation delay from the addition of long operands. In this paper, we propose a hardware structure that reduces the area of the Montgomery multiplication implementation for lightweight applications of RSA. Experimental results showed that the new design can achieve higher performance and reduce hardware area. A frequency of 884.9MHz and 250MHz were achieved with 84K and 56K gates respectively using the 90nm technology.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2017.10a
• /
• pp.326-329
• /
• 2017

Most modern computer communications and storage media support encryption technology. Many of the Ping Pong algorithms are stream ciphers that generate random numbers in the LFSR core structure. The LFSR has a structure that guarantees the maximum period of a given size, but it has a linear structure and can be predicted. Therefore, the Ping Pong algorithm has a feature of making the linearity of the LFSR into a nonlinear structure through variable clocks and functions. In this paper, we try to improve the existing linearity by replacing the linear disadvantages of LFSR with logistic maps.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2015.10a
• /
• pp.613-616
• /
• 2015

최근 스마트폰 기기의 보급 및 소셜 서비스 산업의 고도화로 인해, 빅데이터가 등장하였다. 한편 빅데이터에서 효율적으로 정보를 분석하는 대표적인 플랫폼으로 하둡이 존재한다. 하둡은 클러스터 환경에 기반한 우수한 확장성, 장애 복구 기능 및 사용자가 기능을 정의할 수 있는 맵리듀스 프레임워크 등을 지원한다. 아울러 하둡은 개인정보나 위치 데이터 등의 민감한 정보를 보호하기 위해 Kerberos를 통한 사용자 인증 기법을 제공하고, HDFS 압축 코덱을 활용한 AES 코덱 기반 데이터 암호화를 지원하고 있다. 그러나 하둡 기반 소프트웨어를 사용하고 있는 국내 기관 및 기업은 국내 ARIA 데이터 암호화를 적용하지 못하고 있다. 이를 해결하기 위해 본 논문에서는 하둡을 기반으로 ARIA 암호화를 지원하는 HDFS 데이터 암호화 기법을 제안한다.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2014.05a
• /
• pp.221-223
• /
• 2014

Power analysis attack on cryptographic hardware device aims to study the power consumption while performing operations using secrets keys. Power analysis is a form of side channel attack which allow an attacker to compute the key encryption from algorithm using Simple Power Analysis (SPA), Differential Power Analysis (DPA) or Correlation Power Analysis (CPA). The theoretical weaknesses in algorithms or leaked informations from physical implementation of a cryptosystem are usually used to break the system. This paper describes how power analysis work and we provide an overview of countermeasures against power analysis attacks.

• International Journal of Computer Science & Network Security
• /
• v.21 no.4
• /
• pp.264-271
• /
• 2021

From an information security perspective, protecting sensitive data requires utilizing algorithms which resist theoretical attacks. However, treating an algorithm in a purely mathematical fashion or in other words abstracting away from its physical (hardware or software) implementation opens the door to various real-world security threats. In the modern age of electronics, cryptanalysis attempts to reveal secret information based on cryptosystem physical properties, rather than exploiting the theoretical weaknesses in the implemented cryptographic algorithm. The correlation power attack (CPA) is a Side-Channel Analysis attack used to reveal sensitive information based on the power leakages of a device. In this paper, we present a power Hacking technique to demonstrate how a power analysis can be exploited to reveal the secret information in AES crypto-core. In the proposed case study, we explain the main techniques that can break the security of the considered crypto-core by using CPA attack. Using two cryptographic devices, FPGA and 8051 microcontrollers, the experimental attack procedure shows that the AES hardware implementation has better resistance against power attack compared to the software one. On the other hand, we remark that the efficiency of CPA attack depends statistically on the implementation and the power model used for the power prediction.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.16 no.9
• /
• pp.3087-3103
• /
• 2022

Nearest neighbor query in location-based services has become a popular application. Aiming at the shortcomings of the privacy protection algorithms of traditional ciphertext nearest neighbor query having the high system overhead because of the usage of the double Hilbert curves and having the inaccurate query results in some special circumstances, a privacy protection algorithm of ciphertext nearest neighbor query which is based on the single Hilbert curve has been proposed. This algorithm uses a single Hilbert curve to transform the two-dimensional coordinates of the points of interest into Hilbert values, and then encrypts them by the order preserving encryption scheme to obtain the one-dimensional ciphertext data which can be compared in numerical size. Then stores the points of interest as elements composed of index value and the ciphertext of the other information about the points of interest on the server-side database. When the user needs to use the nearest neighbor query, firstly calls the approximate nearest neighbor query algorithm proposed in this paper to query on the server-side database, and then obtains the approximate nearest neighbor query results. After that, the accurate nearest neighbor query result can be obtained by calling the precision processing algorithm proposed in this paper. The experimental results show that this privacy protection algorithm of ciphertext nearest neighbor query which is based on the single Hilbert curve is not only feasible, but also optimizes the system overhead and the accuracy of ciphertext nearest neighbor query result.

• Journal of KIISE
• /
• v.43 no.12
• /
• pp.1437-1457
• /
• 2016

In outsourced databases, the cloud provides an authorized user with querying services on the outsourced database. However, sensitive data, such as financial or medical records, should be encrypted before being outsourced to the cloud. Meanwhile, k-Nearest Neighbor (kNN) query is the typical query type which is widely used in many fields and the result of the kNN query is closely related to the interest and preference of the user. Therefore, studies on secure kNN query processing algorithms that preserve both the data privacy and the query privacy have been proposed. However, existing algorithms either suffer from high computation cost or leak data access patterns because retrieved index nodes and query results are disclosed. To solve these problems, in this paper we propose a new kNN query processing algorithm on the encrypted database. Our algorithm preserves both data privacy and query privacy. It also hides data access patterns while supporting efficient query processing. To achieve this, we devise an encrypted index search scheme which can perform data filtering without revealing data access patterns. Through the performance analysis, we verify that our proposed algorithm shows better performance than the existing algorithms in terms of query processing times.

• Asia-pacific Journal of Multimedia Services Convergent with Art, Humanities, and Sociology
• /
• v.8 no.5
• /
• pp.437-445
• /
• 2018

Devices have a lot of small breakdowns rather than big breakdowns. But it often wastes time and increases cost of maintenance, such as calling a service technician for small breakdowns. So, if we use remote control and monitoring service using Internet of Things, we can minimize the time period and cost for the maintenance. However, security is important because remote control and monitoring services contain personal information which when leaked, may be dangerous. There are many types of Internet based monitoring devices that are in use, but it is difficult to expect a high level of security because there are many cases in which the performance is minimal. Therefore, in this paper, we classify remote control and monitoring services based on Internet of Things type and derive encryption requirement for four types. We also compared and analyzed the lightweight cryptographic algorithms that can be expected to use high performance even on the Internet of Things. And it is derived that LED is used as a equipment management type, DESLX as a environment management type, CLEFIA as a healthcare management type and LEA as a security management type are the optimal lightweight cryptographic algorithms for each type.

• Journal of KIISE:Computing Practices and Letters
• /
• v.12 no.3
• /
• pp.192-207
• /
• 2006

Today, the SSL protocol has been used as core part in various computing environments or security systems. But, the SSL protocol has several problems, because of the rigidity on operating. First, SSL protocol brings considerable burden to the CPU utilization so that performance of the security service in encryption transaction is lowered because it encrypts all data which is transferred between a server and a client. Second, SSL protocol can be vulnerable for cryptanalysis due to the key in fixed algorithm being used. Third, it is difficult to add and use another new cryptography algorithms. Finally. it is difficult for developers to learn use cryptography API(Application Program Interface) for the SSL protocol. Hence, we need to cover these problems, and, at the same time, we need the secure and comfortable method to operate the SSL protocol and to handle the efficient data. In this paper, we propose the SSL component which is designed and implemented using CBD(Component Based Development) concept to satisfy these requirements. The SSL component provides not only data encryption services like the SSL protocol but also convenient APIs for the developer unfamiliar with security. Further, the SSL component can improve the productivity and give reduce development cost. Because the SSL component can be reused. Also, in case of that new algorithms are added or algorithms are changed, it Is compatible and easy to interlock. SSL Component works the SSL protocol service in application layer. First of all, we take out the requirements, and then, we design and implement the SSL Component, confidentiality and integrity component, which support the SSL component, dependently. These all mentioned components are implemented by EJB, it can provide the efficient data handling when data is encrypted/decrypted by choosing the data. Also, it improves the usability by choosing data and mechanism as user intend. In conclusion, as we test and evaluate these component, SSL component is more usable and efficient than existing SSL protocol, because the increase rate of processing time for SSL component is lower that SSL protocol's.