• Title/Summary/Keyword: File Encryption

Search Result 124, Processing Time 0.024 seconds

Design and Implementation of a System Call Interface for Supporting File Partial Encryption (파일 부분 암호화 지원을 위한 시스템 호출의 설계 및 구현에 관한 연구)

  • Seo, Hye-In;Kim, Eun-Gi
    • Journal of the Korea Institute of Information and Communication Engineering
    • /
    • v.22 no.3
    • /
    • pp.557-567
    • /
    • 2018
  • There are currently various file encryption solutions for encrypting and storing files on disk. However, the existing file encryption solutions handle encryption and decryption all at once by file or directory. In this paper, we propose a system call supporting partial encryption function of the file. The user sets the encryption information with the system call interface at a portion where encryption of the file data is desired. And then the user writes file data, the data is encrypted and stored. Also if the user sets decryption information and reads the file data, the necessary part is decrypted by applying the set information. For the proposed system call, It consists of inspection module, management module, encryption module, decryption module, and HMAC module as per required system call. And it was implemented on the Linux environment. Also the operation of implemented system call was verified on the development board, and the performance was analyzed by measuring performance speed.

Key Management Server Design in Multiuser Environment for Critical File Protection

  • Sung-Hwa Han
    • Journal of information and communication convergence engineering
    • /
    • v.22 no.2
    • /
    • pp.121-126
    • /
    • 2024
  • In enterprise environments, file owners are often required to share critical files with other users, with encryption-based file delivery systems used to maintain confidentiality. However, important information might be leaked if the cryptokey used for encryption is exposed. To recover confidentiality, the file owner must then re-encrypt and redistribute the file along with its new encryption key, which requires considerable resources. To address this, we propose a key management server that minimizes the distribution of encryption keys when critical files are compromised, with unique encryption keys assigned for each registered user to access critical files. While providing the targeted functions, the server employs a level of system resources comparable to that of legacy digital rights management. Thus, when implemented in an enterprise environment, the proposed server minimizes cryptokey redistribution while maintaining accessibility to critical files in the event of an information breach.

Development and Evaluation of Key Recovery System for Secure Recovery of Cryptographic Files in PC (PC상의 암호파일의 안전한 복구를 위한 키복구 시스템의 개발 및 평가)

  • 장수진;고정호;이강수
    • The Journal of Society for e-Business Studies
    • /
    • v.7 no.1
    • /
    • pp.167-186
    • /
    • 2002
  • The encryption of a file on a PC before saving can maintain security of the file. However, if the key for the encrypted file is lost or damaged, the encrypted file can not be decrypted, resulting in serious economical loss to the user or the user group. In order to minimize the economical loss a secure and reliable key recovery technology is required. Presented in this paper is the development and evaluation of PKRS (PC based Key Recovery System) which supports encryption and decryption of file and recovery of the encrypted file in emergency. The encapsulating method, which attaches key recovery information to encrypted file, is applied to the PKRS. In addition, the PKRS is developed and evaluated according to the requirements of Requirements for Key Recovery Products proposed by NIST and requirements of Common Criteria 2.0 to prove the safety and reliability of the information security system. This system is applicable to a PC and can be further extended to internet or intranet environment information system where in encryption and recovery of file is possible.

  • PDF

A study of a System Call Interface for Supporting File Partial Encryption (파일 부분 암호화 지원을 위한 시스템 호출에 관한 연구)

  • Seo, Hye-in;Seong, Jeong-gi;Kim, Eun-gi
    • Proceedings of the Korean Institute of Information and Commucation Sciences Conference
    • /
    • 2017.10a
    • /
    • pp.549-551
    • /
    • 2017
  • There are currently various file encryption systems and applications for encryption and storage of file on disk. However, the existing file encryption solutions handle encryption and decryption all at once by file or directory. In this study, we propose a system call supporting partial encryption function of the file. The user sets the partial encryption of the file by using system call interface, and writes the contents. And then the data is encrypted and stored on the disk. Also if the user sets the decryption and reads the data, the necessary part of data is decrypted by applying the user setting. According to the user setting, only the necessary part is encrypted and stored on a storage medium. As a result, the information in a secret level can be saved efficiently and securely.

  • PDF

An Efficient Encryption/Decryption Approach to Improve the Performance of Cryptographic File System in Embedded System (내장형 시스템에서 암호화 파일 시스템을 위한 효율적인 암복호화 기법)

  • Heo, Jun-Young;Park, Jae-Min;Cho, Yoo-Kun
    • Journal of KIISE:Computer Systems and Theory
    • /
    • v.35 no.2
    • /
    • pp.66-74
    • /
    • 2008
  • Since modem embedded systems need to access, manipulate or store sensitive information, it requires being equipped with cryptographic file systems. However, cryptographic file systems result in poor performance so that they have not been widely adapted to embedded systems. Most cryptographic file systems degrade the performance unnecessarily because of system architecture. This paper proposes ISEA (Indexed and Separated Encryption Approach) that supports for encryption/decryption in system architecture and removes redundant performance loss. ISEA carries out encryption and decryption at different layers according to page cache layer. Encryption is carried out at lower layer than page cache layer while decryption at upper layer. ISEA stores the decrypted data in page cache so that it can be reused in followed I/O request without decryption. ISEA provides page-indexing which divides page cache into cipher blocks and manages it by a block. It decrypts pages partially so that it can eliminate unnecessary decryption. In synthesized experiment of read/write with various cache hit rates, it gives results suggesting that ISEA has improved the performance of encryption file system efficiently.

Design of the File Security Function Using Encryption Algorithm in the Windows Operating System (윈도우 운영체제에서 암호화 알고리즘을 이용한 파일 보안 기능 설계)

  • Jang, Seung-Ju
    • Journal of the Korea Institute of Information and Communication Engineering
    • /
    • v.17 no.3
    • /
    • pp.612-618
    • /
    • 2013
  • The file security function, which this paper suggests, restricts the access of an unauthorized users by using password algorithm and saving file. Saved files that are encrypted are read by decrypting them with decryption algorithm. These features are user interface to design the program for user friendly. The security function implements both file encryption and decryption programs and tests whether the experiment works or not. In addition, when a decryption is progressed and the settings of between decryption and encryption are different each other, the security function also checks the possibility of decryption. We can enhance the security on important files stored in Windows servers or personal computers by developing this program.

3-Tire File Encryption algorithm using GSF (GSF(GrayScale File) 출력을 이용한 3-Tire 파일 암호화 알고리즘)

  • Kim Young-Shil;Kim Young-Mi;Kim Ryun-Ok;Baik Doo-Kwon
    • The Journal of Information Technology
    • /
    • v.5 no.4
    • /
    • pp.115-127
    • /
    • 2002
  • This paper proposes improved file encryption algorithm which represents image of grayscale type not using proper cover image for ciphertext. This method consists of 3-Tire encryption steps. 1-Tire and 2-Tire encrypt the information using existed stream algorithm and block algorithm with modyfied padding method. We propose the MBE method as 3-Tire, which hides structure and format of encrypted file. The proposed method outputs grayscale file as the result of encryption and since many GSF outputs resulted from different kinds plaintexts, have similar patterns. we obtain both file encryption and hiding the file information. Also, to solve the problem of padding in block algorithm, we propose the new padding algorithm called SELI(Select Insert) and apply 2-Tire block algorithm and MBE algorithm used 3-Tire.

  • PDF

DNA Sequences Compression using Repeat technique and Selective Encryption using modified Huffman's Technique

  • Syed Mahamud Hossein; Debashis De; Pradeep Kumar Das Mohapatra
    • International Journal of Computer Science & Network Security
    • /
    • v.24 no.8
    • /
    • pp.85-104
    • /
    • 2024
  • The DNA (Deoxyribonucleic Acid) database size increases tremendously transmuting from millions to billions in a year. Ergo for storing, probing the DNA database requires efficient lossless compression and encryption algorithm for secure communication. The DNA short pattern repetitions are of paramount characteristics in biological sequences. This algorithm is predicated on probing exact reiterate, substring substitute by corresponding ASCII code and engender a Library file, as a result get cumulating of the data stream. In this technique the data is secured utilizing ASCII value and engendering Library file which acts as a signature. The security of information is the most challenging question with veneration to the communication perspective. The selective encryption method is used for security purpose, this technique is applied on compressed data or in the library file or in both files. The fractional part of a message is encrypted in the selective encryption method keeping the remaining part unchanged, this is very paramount with reference to selective encryption system. The Huffman's algorithm is applied in the output of the first phase reiterate technique, including transmuting the Huffman's tree level position and node position for encryption. The mass demand is the minimum storage requirement and computation cost. Time and space complexity of Repeat algorithm are O(N2) and O(N). Time and space complexity of Huffman algorithm are O(n log n) and O(n log n). The artificial data of equipollent length is additionally tested by this algorithm. This modified Huffman technique reduces the compression rate & ratio. The experimental result shows that only 58% to 100% encryption on actual file is done when above 99% modification is in actual file can be observed and compression rate is 1.97bits/base.

Quantized DCT Coefficient Category Address Encryption for JPEG Image

  • Li, Shanshan;Zhang, Yuanyuan
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.10 no.4
    • /
    • pp.1790-1806
    • /
    • 2016
  • Digital image encryption is widely used for image data security. JPEG standard compresses image with great performance on reducing file size. Thus, to encrypt an image in JPEG format we should keep the quality of original image and reduced size. This paper proposes a JPEG image encryption scheme based on quantized DC and non-zero AC coefficients inner category scrambling. Instead of coefficient value encryption, the address of coefficient is encrypted to get the address of cipher text. Then 8*8 blocks are shuffled. Chaotic iteration is employed to generate chaotic sequences for address scrambling and block shuffling. Analysis of simulation shows the proposed scheme is resistant to common attacks. Moreover, the proposed method keeps the file size of the encrypted image in an acceptable range compared with the plain text. To enlarge the cipher text possible space and improve the resistance to sophisticated attacks, several additional procedures are further developed. Contrast experiments verify these procedures can refine the proposed scheme and achieve significant improvements.

A Study of Communications Security by Using Key Generation and File Encryption (파일 암호화와 키 생성을 이용한 통신보안 연구)

  • Lee, Jae-Hyun;Park, Dea-Woo
    • Proceedings of the Korean Institute of Information and Commucation Sciences Conference
    • /
    • 2010.05a
    • /
    • pp.316-319
    • /
    • 2010
  • File security is typically protected by encryption methods. The development of a network environment, such as the Internet according to the sharing of information between systems become commonplace, while providing convenience to users, individuals or organizations that facilitate access to sensitive information caused by hacking the system to attack the rapidly growing is a trend. This paper is the latest generation file system caused by the hacking attacks on the Sniffing for users using file encryption and key generation, Packet Sniffing Tool IP and data through the analysis are discussed. Through this study, the importance of protecting personal information by imprinting Proactive in the hacking incident, and what users will contribute to increase the level of security awareness.

  • PDF