• Convergence Security Journal
• /
• v.7 no.2
• /
• pp.65-71
• /
• 2007

Recently, security softwares are the program that is to protect the users from hackers in using electronic financial services. However heackers commit financial crimes to extort asserts using known hacking skills. In our paper, we analyse vulnerability that can be used to hook financial information in user application area and explain end-to-end encryption which is able to be provided by interacting keyboard security program and PKI application program.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.20 no.4
• /
• pp.145-154
• /
• 2010

End-to-End(E2E) encryption is to encrypt private and important financial information such as user's secret access numbers and account numbers from user's terminal to financial institutions. There has been found significant security vulnerabilities by various hacking in early E2E encryption system since early E2E encryption is not satisfied the basic security requirement which is that there does not exist user's financial information on plaintext in user's terminal. Extensional E2E encryption which is to improve early E2E encryption provides confidentiality and integrity to protect user's financial information from vulnerabilities such as alteration, forgery and leakage of confidential information. In this paper, we explain the extensional E2E encryption technology and present considerable security issues when the extensional E2E encryption technology is applied to financial systems.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.13 no.5
• /
• pp.2313-2318
• /
• 2012

With the widely applications of tactical radio networks, end-to-end secure speech communication in the heterogeneous network has become a very significant security issue. High-grade end-to-end speech security can be achieved using encryption algorithms at user ends. However, the use of encryption techniques results in a problem that encrypted speech data cannot be directly transmitted over heterogeneous tactical networks. That is, the decryption and re-encryption process must be fulfilled at the gateway between two different networks. In this paper, in order to solve this problem and to achieve optimal end-to-end speech security for heterogeneous tactical environments, we propose a novel mechanism for end-to-end secure speech transmission over ultra high frequency (UHF) and public switched telephone network (PSTN) and evaluate against the performance of conventional mechanism. Our proposed mechanism has advantages of no decryption and re-encryption at the gateway, no processing delay at the gateway, and good inter-operability over UHF and PSTN.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.6
• /
• pp.1113-1120
• /
• 2022

Recently, the investigation has been difficult due to the emergence of messengers that encrypt and store data for the purpose of protecting personal information and provide services such as end-to-end encryption with a focus on security. Accordingly, the number of crime cases using security messengers is increasing, but research on data decoding for security messengers is needed. Element security messengers provide end-to-end encryption functions so that only conversation participants can check conversation history, but research on decoding them is insufficient. Therefore, in this paper, we analyze the instant messenger Element, which provides end-to-end encryption, and propose a plaintext verification of the history of encrypted secure chat rooms using decryption keys stored in the Windows Credential Manager service without user passwords. In addition, we summarize the results of analyzing significant general and secure chat-related artifacts from a digital forensics investigation perspective.

• International Journal of Computer Science & Network Security
• /
• v.22 no.6
• /
• pp.57-62
• /
• 2022

The recent past has seen a tremendous amount of advancement in the field of Internet of Things (IoT), allowing the influx of a variety of devices into the market. IoT devices are present in almost every aspect of our daily lives. While this increase in usage has many advantages, it also comes with many problems, including and not limited to, the problem of security. There is a need for better measures to be put in place to ensure that the users' data is protected. In particular, fitness trackers used by a vast number of people, transmit important data regarding the health and location of the user. This data is transmitted from the fitness device to the phone and from the phone onto a cloud server. The transmission from device to phone is done over Bluetooth and the latest version of Bluetooth Light Energy (BLE) is fairly advanced in terms of security, it is susceptible to attacks such as Man-in-the-Middle attack and Denial of Service attack. Additionally, the data must be stored in an encrypted form on the cloud server; however, this proves to be a problem when the data must be decrypted to use for running computations. In order to ensure protection of data, measures such as end-to-end encryption may be used. Homomorphic encryption is a class of encryption schemes that allow computations on encrypted data. This paper explores the application of homomorphic encryption for fitness trackers.

• Journal of the Institute of Electronics Engineers of Korea SP
• /
• v.42 no.2 s.302
• /
• pp.27-36
• /
• 2005

This thesis proposed an effective encryption method for the DCT-based image/video contents and made it possible to operate in a high speed by implementing it as an optimized hardware. By considering the increase in the amount of the calculation in the image/video compression, reconstruction and encryption, an partial encryption was performed, in which only the important information (DC and DPCM coefficients) were selected as the data to be encrypted. As the result, the encryption cost decreased when all the original image was encrypted. As the encryption algorithm one of the multi-mode AES, DES, or SEED can be used. The proposed encryption method was implemented in software to be experimented with TM-5 for about 1,000 test images. From the result, it was verified that to induce the original image from the encrypted one is not possible. At that situation, the decrease in compression ratio was only $1.6\%$. The hardware encryption system implemented in Verilog-HDL was synthesized to find the gate-level circuit in the SynopsysTM design compiler with the Hynix $0.25{\mu}m$ CMOS Phantom-cell library. Timing simulation was performed by Verilog-XL from CadenceTM, which resulted in the stable operation in the frequency above 100MHz. Accordingly, the proposed encryption method and the implemented hardware are expected to be effectively used as a good solution for the end-to-end security which is considered as one of the important problems.

• Journal of the Institute of Electronics Engineers of Korea SP
• /
• v.41 no.4
• /
• pp.9-21
• /
• 2004

In this paper, we proposed the image hiding method which decreases calculation amount by encrypt partial data using discrete wavelet transform and linear scale quantization which were adopted as the main technique for frequency transform in JPEG2000 standard. Also we used the chaotic system which has smaller calculation amount than other encryption algorithms and then dramatically decreased calculation amount. This method operates encryption process between quantization and entropy coding for preserving compression ratio of images and uses the subband selection method and the random changing method using the chaotic system. For ciphering the quantization index we use a novel image encryption algerian of cyclically shifted in the right or left direction and encrypts two quantization assignment method (Top-down/Reflection code), made change of data less. Also, suggested encryption method to JPEG2000 progressive transmission. The experiments have been performed with the proposed methods implemented in software for about 500 images. consequently, we are sure that the proposed are efficient image encryption methods to acquire the high encryption effect with small amount of encryption. It has been shown that there exits a relation of trade-off between the execution time and the effect of the encryption. It means that the proposed methods can be selectively used according to the application areas. Also, because the proposed methods are performed in the application layer, they are expected to be a good solution for the end-to-end security problem, which is appearing as one of the important problems in the networks with both wired and wireless sections.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2006.05a
• /
• pp.183-186
• /
• 2006

It is studied the implementation possibility of some encryption algorithms which meet the performance requirements in the smart card used in the TETRA system End-to-End Encryption. It is measured the operation time of the algorithm in the smart card which has 32 bit smart card controller made by Samsung Electronics. The algorithms used in the performance comparison are AES, ARIA, 3DES, SEED, IDEA which are the domestic or international standards. The input and output time of the smart card are measured using the smart card protocol analyzer. The pure algorithm operation time is calculated by the repeated algorithm operations. This measurement results can be used as the criteria for the selection of algorithm which will be used in the TETRA End-to-End encryption system. The algorithm which has better performance can be used for the implementation of additional functions in the smart lard, because of the enough time margin.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.4
• /
• pp.625-634
• /
• 2014

Tactical networks is being operated in configuration that consisting of a variety of characteristics communication equipments and heterogeneous networks. In this configurations, end-to-end communication can be achieved using interworking gateway for converting the data format of the network and using encryption algorithm of the networks. The use of mechanism results in a problem that secure data cannot be transferred directly, reprocessing and processing delay of communication in heterogeneous tactical networks. That is, for encoding and decoding of data, the decryption of encrypted data and re-encryption processing must be required at the gateway between different networks. In this paper proposes to mechanism for end-to-end secure communication in heterogeneous tactical networks. Using the proposed method, end-to-end secure communication between heterogeneous tactical networks(PSTN-UHF networks) which removes the necessity of a gateway for converting data into data formats suitable for network to remove a transmission delay factor and enable real-time voice and data communication and achieve end-to-end security for heterogeneous tactical networks. we propose a novel mechanism for end-to-end secure communication over PSTN and UHF networks and evaluate against the performance of conventional mechanism. Our proposal is confirmed removal of security vulnerabilities, end-to-end secure communication in heterogeneous tactical networks.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.19 no.5
• /
• pp.1-8
• /
• 2019

Internet of Things (IoT) is proliferating to provide more intelligent services by interconnecting various Internet devices, and TCP based MQTT is being used as a standard communication protocol of the IoT. Although it is recommended to use TLS/SSL security protocol for TCP with MQTT-based IoT devices, encryption and decryption performance degenerates when applied to low-specification / low-capacity IoT devices. In this paper, we propose an end-to-end message security protocol using elliptic curve cryptosystem, a lightweight encryption algorithm, which improves performance on both sides of the client and server, based on the simulation of TLS/SSL and the proposed protocol.