• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.3
• /
• pp.477-487
• /
• 2017

Multiparty computation (MPC) is a computation technique where many participants provide their data and jointly compute operations to get a computation result. Earlier MPC protocols were mostly depended on communication between the users. Several schemes have been presented that mainly work by delegating operations to two non-colluding servers. Peter et al. propose a protocol that perfectly eliminates the need of users' participation during the whole computation process. However, the drawback of their scheme is the excessive dependence on the server communication. To cater this issue, we propose a protocol that reduce server communication overhead using the proxy re-encryption (PRE). Recently, some authors have put forward their efforts based on the PRE. However, these schemes do not achieve the desired goals and suffer from attacks that are based on the collusion between users and server. This paper, first presents a comprehensive analysis of the existing schemes and then proposes a secure and efficient MPC protocol. The proposed protocol completely eliminates the need of users' participation, incurs less communication overhead and does not need to solve the discrete logarithm problem (DLP) in order to get the computation results.

• Journal of Platform Technology
• /
• v.6 no.4
• /
• pp.69-77
• /
• 2018

In the case of personal information files containing personal information, there is insufficient awareness of personal information protection in end-point areas such as personal computers, smart terminals, and personal storage devices. In this study, we use Diffie-Hellman method to securely retrieve personal information files generated by web crawler. We designed SEED and ARIA using hybrid slicing to protect against attack on personal information file. The encryption performance of the personal information file collected by the Web crawling method is compared with the encryption decryption rate according to the key generation and the encryption decryption sharing according to the user key level. The simulation was performed on the personal information file delivered to the external agency transmission process. As a result, we compared the performance of existing methods and found that the detection rate is improved by 4.64 times and the information protection rate is improved by 18.3%.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.11 no.1
• /
• pp.64-72
• /
• 2001

This paper is on a design of the high-speed cipher IC using IDEA algorithm. The chip is consists of six functional blocks. The principal blocks are encryption and decryption key generator, input data circuit, encryption processor, output data circuit, operation mode controller. In subkey generator, the design goal is rather decrease of its area than increase of its computation speed. On the other hand, the design of encryption processor is focused on rather increase of its computation speed than decrease of its area. Therefore, the pipeline architecture for repeated processing and the modular multiplier for improving computation speed are adopted. Specially, there are used the carry select adder and modified Booth algorithm to increase its computation speed at modular multiplier. To input the data by 8-bit, 16-bit, 32-bit according to the operation mode, it is designed so that buffer shifts by 8-bit, 16-bit, 32-bit. As a result of simulation by 0.25 $\mu\textrm{m}$ process, this IC has achieved the throughput of 1Gbps in addition to its small area, and used 12,000gates in implementing the algorithm.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.20 no.6
• /
• pp.3-13
• /
• 2010

Differential Fault Analysis (DFA) is widely known for one of the most efficient method analyzing block cipher. In this paper, we propose a new type of DFA on DES (Data Encryption Standard). DFA on DES was first introduced by Biham and Shamir, then Rivain recently introduced DFA on DES middle rounds (9-12 round). However previous attacks on DES can only be applied to the encryption process. Meanwhile, we first propose the DFA on DES key-schedule. In this paper, we proposed a more efficient DFA on DES key schedule with random fault. The proposed DFA method retrieves the key using a more practical fault model and requires fewer faults than the previous DFA on DES.

• Journal of the Korea Society of Computer and Information
• /
• v.27 no.4
• /
• pp.53-60
• /
• 2022

Recently, as the amount of data collected by drones has rapidly increased, it is necessary to support cloud computing technology that can securely and efficiently store and process data. However, various security threats such as stealing, leaking, or tampering with data communicated by drones can occur due to attackers. Therefore, there is a need for security technology to provide secure communication of data collected from drones. Among various security technologies, the KP-ABE scheme, which is attribute-based encryption, is a security technology that satisfies two characteristics: data encryption and user access control. This paper researched the KP-ABE scheme and proposed a secure data access control scheme to the drone environment. This proposed scheme provides confidentiality and integrity of data communicated in a drone environment and secure access control and availability. In addition, it provides a fast ciphertext search and constant size ciphertext among the requirements to be provided in the KP-ABE scheme.

• Convergence Security Journal
• /
• v.24 no.2
• /
• pp.71-78
• /
• 2024

As the rapid development of quantum computing compromises current public key encryption methods, the National Institute of Standards and Technology (NIST) in the United States has initiated the Post-Quantum Cryptography(PQC) project to develop new encryption standards that can withstand quantum computer attacks. This project involves reviewing and evaluating various cryptographic algorithms proposed by researchers worldwide. The initially selected quantum-resistant cryptographic algorithms were developed based on lattices and hash functions. Currently, algorithms offering diverse technical approaches, such as BIKE, Classic McEliece, and HQC, are under review in the fourth round. CRYSTALS-KYBER, CRYSTALS-Dilithium, FALCON, and SPHINCS+ were selected for standardization in the third round. In 2024, a final decision will be made regarding the algorithms selected in the fourth round and those currently under evaluation. Strengthening the security of public key cryptosystems in preparation for the quantum computing era is a crucial step expected to have a significant impact on protecting future digital communication systems from threats. This paper analyzes the security and efficiency of quantum-resistant cryptographic algorithms, presenting trends in this field.

• Convergence Security Journal
• /
• v.24 no.2
• /
• pp.133-140
• /
• 2024

The spread of Direct-to-Consumer (DTC) genetic testing, where users request tests directly, has been increasing. With growing demand, certification systems have been implemented to grant testing qualifications to non-medical institutions, and the scope of tests has been expanded. However, unlike cases in less regulated foreign countries, disease-related tests are still excluded from the domestic regulations. The existing de-identification method does not adequately ensure the uniqueness and familial sharing of genomic information, limiting its practical utility. Therefore, this study proposes the application of fully homomorphic encryption in the analysis process to guarantee the usefulness of genomic information while minimizing the risk of leakage. Additionally, to safeguard the individual's right to self-determination, a privacy preservation model based on Opt-out is suggested. This aims to balance genomic information protection with maintainability of usability, ensuring the availability of information in line with the user's preferences.

• The KIPS Transactions:PartC
• /
• v.13C no.1 s.104
• /
• pp.83-94
• /
• 2006

This paper describes ATM cell encipherment method using Rijndael Algorithm adopted as an AES(Advanced Encryption Standard) by NIST in 2001. ISO 9160 describes the requirement of physical layer data processing in encryption/decryption. For the description of ATM cell encipherment method, we implemented ATM data encipherment equipment which satisfies the requirements of ISO 9160, and verified the encipherment/decipherment processing at ATM STM-1 rate(155.52Mbps). The DES algorithm can process data in the block size of 64 bits and its key length is 64 bits, but the Rijndael algorithm can process data in the block size of 128 bits and the key length of 128, 192, or 256 bits selectively. So it is more flexible in high bit rate data processing and stronger in encription strength than DES. For tile real time encryption of high bit rate data stream. Rijndael algorithm was implemented in FPGA in this experiment. The boundary of serial UNI cell was detected by the CRC method, and in the case of user data cell the payload of 48 octets (384 bits) is converted in parallel and transferred to 3 Rijndael encipherment module in the block size of 128 bits individually. After completion of encryption, the header stored in buffer is attached to the enciphered payload and retransmitted in the format of cell. At the receiving end, the boundary of ceil is detected by the CRC method and the payload type is decided. n the payload type is the user data cell, the payload of the cell is transferred to the 3-Rijndael decryption module in the block sire of 128 bits for decryption of data. And in the case of maintenance cell, the payload is extracted without decryption processing.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.17 no.7
• /
• pp.319-325
• /
• 2016

A variety of services for mobile payments by the activation of FinTech have been developed. Various payment methods were developed, and an authentication method was developed to improve the reliability of the payment. On the other hand, when mobile easy payment services are used, they have weak security because the authentication by phone number. Therefore, this paper proposes a technique for increasing the reliability of the authentication process using the unique device ID of the mobile device to improve the authentication process based on the telephone number. The core research contents are the architecture and process for the authentication of mobile payments based on the mobile device ID. The mobile payment architecture consists of a mobile device, authentication service, and mobile payment application. The mobile device consists of mobile device ID and phone number, and the authentication server consists of authentication module and encryption module. The mobile payment service consists of a pre-authentication module and decryption module. The process of mobile payment service is processed by the encrypted authentication information (device ID, phone number, and authentication number) among mobile devices, authentication server, and mobile payment application. The mobile device sends the telephone number and the device ID to the authentication server and the authentication server authenticates the user through an authentication process and encryption process. The mobile payment application performs the pre-authentication process by decrypting the received authentication number. This paper reports a difference that can prevent the risk of leakage of the authentication number in existing payment services through the authentication process of the authentication server and the pre-authentication process of the mobile payment service of this paper.

• Proceedings of the IEEK Conference
• /
• 2001.06b
• /
• pp.71-74
• /
• 2001

Optical visual cryptography was proposed by conjunction of the optical theory with the cryptography. However, it had some difficulties. The problems occurred in the process of transferring data processing system from visual to optics. Therefore, it is appropriate to approach these problems in terms of optics. The results show that the optical visual cryptography system has both the effectiveness and reliability as well as real-time implementation property.