• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.12 no.8
• /
• pp.1441-1447
• /
• 2008

It is possible to transfer huge data in mobile device by advancing mobile technology, and so in this base, various services are offered. Especially, E-commerce service is offering on mobile environment, and this service is based on XML(eXtensible Markup Language) Signature. XML Signature assure that process integrity, message authentication, and/or signer authentication. And WIPI(Wireless Internet Protocol for Interoperability) that is mobile internet integration platform was proposed to integrate mobile device platform. However, because WIPI transmits and exchanges message by tort of XML base, encryption of XML document and necessity of XML signature are increasing because of weakness of security. Therefor in this paper, Encryption and XML signature module of XML document that satisfy standard requirement in WIPI platform base design and implementation. System that was proposed in this paper used standard encryption and XML signature algorithm and supports safe encryption and XML signature through doing security simulation applied various algorithm for XML document of mobile environment.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2012.05a
• /
• pp.827-828
• /
• 2012

WG-7 is a stream cipher based on WG Stream Cipher and is designed by Y. Luo, Q. Chai, G. Gong, and X. Lai in 2010. This cipher is designed to implement in low cost and lightweight application such as RFID tags. In this paper, we survey and compare cryptographic module such as stream and block cipher. We can estimate security performance suitable to system.

• Proceedings of the Korea Multimedia Society Conference
• /
• 2003.11a
• /
• pp.65-68
• /
• 2003

컴퓨팅 환경이 유리쿼터스 환경으로 변해가면서 다양한 컨텐츠와 다양한 디바이스들이 등장하게 되었고, 디지털 컨텐츠를 보호하기 위해 DRM(Digital Rights Management) 기술이 적용된 서비스가 제공되고 있다. 그러나 현재 DRM 기술의 디지털 컨텐츠 보안 정책은 일정한 키 길이에 동일한 암호 알고리즘을 사용함으로써 비효율적이고, 사용자의 다양한 요구를 만족시키지 못하고 있다. 본 논문에서는 디지털 컨텐츠에 보안 정책을 효율적으로 적용하고 디바이스의 성능과 디지털 컨텐츠의 가치에 따라 의사 결정 방법인 MAUT(Multi-Attribute Utility Theory) 알고리즘을 이용하여 최적의 보안 등급을 동적으로 결정하는 컨텐츠 암호화 모듈을 설계하고 구현한다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2002.04b
• /
• pp.939-942
• /
• 2002

중간 노드들에서 통신 데이터를 불법으로 획득하는 스니핑에 대한 대안으로 암호화 통신에 대한 요구가 증가하고 있다. 이를 위해 본 논문에서는 암호화 통신을 위해 블록 암호 알고리즘을 사용한 패킷 암/복호화 모듈을 제시하고, SEED 알고리즘을 이용하여 리눅스에 구현한 사례를 기술한다. 이 모듈은 기존의 네트워크와 응용 프로그램에 영향을 주지 않고 암호화 통신 기능을 제공하기 위해 IP 패킷의 헤더 정보를 변경하는 방법을 사용한다.

• ETRI Journal
• /
• v.33 no.4
• /
• pp.611-620
• /
• 2011

Since card-type one-time password (OTP) generators became available, power and area consumption has been one of the main issues of hardware OTPs. Because relatively smaller batteries and smaller chip areas are available for this type of OTP compared to existing token-type OTPs, it is necessary to implement power-efficient and compact dedicated OTP hardware modules. In this paper, we design and implement a low-power small-area hardware OTP generator based on the Advanced Encryption Standard (AES). First, we implement a prototype AES hardware module using a 350 nm process to verify the effectiveness of our optimization techniques for the SubBytes transform and data storage. Next, we apply the optimized AES to a real-world OTP hardware module which is implemented using a 180 nm process. Our experimental results show the power consumption of our OTP module using the new AES implementation is only 49.4% and 15.0% of those of an HOTP and software-based OTP, respectively.

• The KIPS Transactions:PartC
• /
• v.12C no.4 s.100
• /
• pp.495-502
• /
• 2005

Cryptographic algorithm testing is performed to ensure that a specific algorithm implementation is implemented correctly and functions correctly. CMVP(Cryptographic Module Validation Program) of NIST in US is the well-known testing system that validates cryptographic modules to Federal Information Processing Standards (FIPS). There is no FIPS-approved stream cipher, and CMVP doesn't involve its validation testing procedure. In this paper we provide validation systems for three currently used light-weight stream ciphers: Bluetooth encryption algorithm E0, 3GPP encryption algorithm A5/3, and RC4 used for WEP and SSL/TLS Protocols. Moreover we describe our validation tools implemented by JAVA programing.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.20 no.4
• /
• pp.1-6
• /
• 2020

This paper proposes the design of an advanced S-Box for calculating multiplicative inverse in AES encryption process. In this approach, advanced S-box module is first designed based on composite field, and then the performance evaluation is performed for S-box with multi-stage pipelining architecture. In the proposed S-Box architecture, each module for multiplicative inverse is constructed using combinational logic for realizing both small-area and high-speed. Through logic synthesis result, the designed 3-stage pipelined S-Box shows speed improvement of about 28% compared to the conventional method. The proposed advanced AES S-Box is performed modelling at the mixed level using Verilog-HDL, and logic synthesis is also performed on Spartan 3s1500l FPGA using Xilinx ISE 14.7 tool.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.17 no.7
• /
• pp.319-325
• /
• 2016

A variety of services for mobile payments by the activation of FinTech have been developed. Various payment methods were developed, and an authentication method was developed to improve the reliability of the payment. On the other hand, when mobile easy payment services are used, they have weak security because the authentication by phone number. Therefore, this paper proposes a technique for increasing the reliability of the authentication process using the unique device ID of the mobile device to improve the authentication process based on the telephone number. The core research contents are the architecture and process for the authentication of mobile payments based on the mobile device ID. The mobile payment architecture consists of a mobile device, authentication service, and mobile payment application. The mobile device consists of mobile device ID and phone number, and the authentication server consists of authentication module and encryption module. The mobile payment service consists of a pre-authentication module and decryption module. The process of mobile payment service is processed by the encrypted authentication information (device ID, phone number, and authentication number) among mobile devices, authentication server, and mobile payment application. The mobile device sends the telephone number and the device ID to the authentication server and the authentication server authenticates the user through an authentication process and encryption process. The mobile payment application performs the pre-authentication process by decrypting the received authentication number. This paper reports a difference that can prevent the risk of leakage of the authentication number in existing payment services through the authentication process of the authentication server and the pre-authentication process of the mobile payment service of this paper.

• Journal of KIISE:Computer Systems and Theory
• /
• v.30 no.9
• /
• pp.494-503
• /
• 2003

In this paper, we propose the implementation techniques of IC card chipset that is compatible with international standard ISO-7816 and supports WindowsCE operating system to expropriate various electronic cash and credit card. This IC card interface chip set is composed with 32 bit ARM720T Core and AES(Advanced Encryption System) cryptography module for electronic commerce. Six IC card interfaces support T=0, T=1 protocol and two of them are used to interface with user card directly, the others are used for interface with SAM card. In addition, It supports a LCD controller and USB interface for host. We improved the performance about 70% than software based It card chip set and verified using Hynix 0.35um process.

• Proceedings of the Korea Institute of Convergence Signal Processing
• /
• 2003.06a
• /
• pp.276-279
• /
• 2003

본 논문에서는 블루투스 장비 간 암호화를 위해 사용되는 암호화 모듈의 설계 및 구현에 관한 내용을 다룬다. 암호화 모듈은 기저 대역내에 암호화 키 생성 모듈과 암호화 엔진 모듈로 구성된다. 암호화 키 생성 모듈은 Cylink사에서 제안한 공개 도메인인 SAFER+(Secure And Fast Encryption Routine) 알고리즘을 사용하여 128bit 키를 생성한다. 그 구성은 키 치환을 위한 치환 함수(key-controlled substitution)와 선형 변환을 위한 PHT(Pseudo-Hadamard Transform)와 Armenian Shuffle 변환기로 구성된다. 암호화 엔진 모듈은 전송 패킷내의 페이로드 데이터와 생성된 사이퍼 키 스트림 데이터와 XOR연산을 통하려 암호화를 행하며 그 구성은 LFSR (Linear Feedback Shift Register)와 합 결합기로 구성된다. 이 중 암호화 키 생성 모듈은 LM(Link Manager)의 PDU(Protocol Data Unit) 패킷을 통해 상호 정보가 교환되므로 암호화키를 생성하는데 있어 시간적 제약이 덜 하다. 따라서 본 논문에서는 변형된 SAFER+ 알고리즘 구현하는데 있어 치환 함수의 덧셈과 XOR, 로그, 지수연산을 바이트 단위의 순차 계산을 수행함으로써 소요되는 하드웨어 용량을 줄이도록 설계하였다. 본 논문에서 제시한 모듈은 블루투스 표준안 버전 1.1에 근거하여 구현하였으며 시뮬레이션 및 테스트는 Xilinx FPGA를 이용하여 검증하였다.