• Title/Summary/Keyword: Function encryption

Search Result 260, Processing Time 0.02 seconds

The cryptographic module design requirements of Flight Termination System for secure cryptogram delivery (안전한 보안명령 전달을 위한 비행종단시스템용 암호화 장치 설계 요구사항)

  • Hwang, Soosul;Kim, Myunghwan;Jung, Haeseung;Oh, Changyul;Ma, Keunsu
    • Journal of Satellite, Information and Communications
    • /
    • v.10 no.3
    • /
    • pp.114-120
    • /
    • 2015
  • In this paper, we show the design requirements of the cryptographic module and its security algorithm designed to prevent the exposure of the command signal applied to Flight Termination System. The cryptographic module consists of two separate devices that are Command Insertion Device and Command Generation Device. The cryptographic module designed to meet the 3 principles(Confidentiality, Integrity and Availability) for the information security. AES-256 block encryption algorithm and SHA-256 Hash function were applied to the encrypted symmetric key encryption method. The proposed cryptographic module is expected to contribute to the security and reliability of the Flight Termination System for Space Launch Vehicle.

Ciphertext policy attribute-based encryption supporting unbounded attribute space from R-LWE

  • Chen, Zehong;Zhang, Peng;Zhang, Fangguo;Huang, Jiwu
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.11 no.4
    • /
    • pp.2292-2309
    • /
    • 2017
  • Ciphertext policy attribute-based encryption (CP-ABE) is a useful cryptographic technology for guaranteeing data confidentiality but also fine-grained access control. Typically, CP-ABE can be divided into two classes: small universe with polynomial attribute space and large universe with unbounded attribute space. Since the learning with errors over rings (R-LWE) assumption has characteristics of simple algebraic structure and simple calculations, based on R-LWE, we propose a small universe CP-ABE scheme to improve the efficiency of the scheme proposed by Zhang et al. (AsiaCCS 2012). On this basis, to achieve unbounded attribute space and improve the expression of attribute, we propose a large universe CP-ABE scheme with the help of a full-rank differences function. In this scheme, all polynomials in the R-LWE can be used as values of an attribute, and these values do not need to be enumerated at the setup phase. Different trapdoors are used to generate secret keys in the key generation and the security proof. Both proposed schemes are selectively secure in the standard model under R-LWE. Comparison with other schemes demonstrates that our schemes are simpler and more efficient. R-LWE can obtain greater efficiency, and unbounded attribute space means more flexibility, so our research is suitable in practices.

Attribute-Based Data Sharing with Flexible and Direct Revocation in Cloud Computing

  • Zhang, Yinghui;Chen, Xiaofeng;Li, Jin;Li, Hui;Li, Fenghua
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.8 no.11
    • /
    • pp.4028-4049
    • /
    • 2014
  • Attribute-based encryption (ABE) is a promising cryptographic primitive for implementing fine-grained data sharing in cloud computing. However, before ABE can be widely deployed in practical cloud storage systems, a challenging issue with regard to attributes and user revocation has to be addressed. To our knowledge, most of the existing ABE schemes fail to support flexible and direct revocation owing to the burdensome update of attribute secret keys and all the ciphertexts. Aiming at tackling the challenge above, we formalize the notion of ciphertext-policy ABE supporting flexible and direct revocation (FDR-CP-ABE), and present a concrete construction. The proposed scheme supports direct attribute and user revocation. To achieve this goal, we introduce an auxiliary function to determine the ciphertexts involved in revocation events, and then only update these involved ciphertexts by adopting the technique of broadcast encryption. Furthermore, our construction is proven secure in the standard model. Theoretical analysis and experimental results indicate that FDR-CP-ABE outperforms the previous revocation-related methods.

A LEA Implementation study on UICC-16bit (UICC 16bit 상에서의 LEA 구현 적합성 연구)

  • Kim, Hyun-Il;Park, Cheolhee;Hong, Dowon;Seo, Changho
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.24 no.4
    • /
    • pp.585-592
    • /
    • 2014
  • In this paper, we study the LEA[1] block cipher system in UICC-16bit only. Also, we explain a key-schedule function and encryption/decryption structures, propose an advanced modified key-scheduling, and perform LEA in UICC-16bit that we proposed advanced modified key-scheduling. Also, we compare LEA with ARIA that proposed domestic standard block cipher, and we evaluate the efficiency on the LEA algorithm.

A Study on the Wireless Door Lock System with Advanced Encryption Standard(AES) in Design (암호화기술을 적용한 무선 도어락시스템 디자인에 대한 연구)

  • 유보현
    • Archives of design research
    • /
    • v.17 no.1
    • /
    • pp.179-190
    • /
    • 2004
  • The human effort to make personal privacy and safety from outer environment has brought the improvement of security system through the technological development. Especially as a apartment dwelling and lifestyle is general, the role and function of door lock system is more important than ever. The research for user-centered approach and design on the door lock system should be implemented under the circumstances. This study has focused on the development of making safety as well as easy interface to design door lock system. The price also is competitive as compared with other door lock products. The goal of this study is to propose the alternatives not only to develop door lock design but also to search the innovative way of locking system design.

  • PDF

Development of field programmable gate array-based encryption module to mitigate man-in-the-middle attack for nuclear power plant data communication network

  • Elakrat, Mohamed Abdallah;Jung, Jae Cheon
    • Nuclear Engineering and Technology
    • /
    • v.50 no.5
    • /
    • pp.780-787
    • /
    • 2018
  • This article presents a security module based on a field programmable gate array (FPGA) to mitigate man-in-the-middle cyber attacks. Nowadays, the FPGA is considered to be the state of the art in nuclear power plants I&C systems due to its flexibility, reconfigurability, and maintainability of the FPGA technology; it also provides acceptable solutions for embedded computing applications that require cybersecurity. The proposed FPGA-based security module is developed to mitigate information-gathering attacks, which can be made by gaining physical access to the network, e.g., a man-in-the-middle attack, using a cryptographic process to ensure data confidentiality and integrity and prevent injecting malware or malicious data into the critical digital assets of a nuclear power plant data communication system. A model-based system engineering approach is applied. System requirements analysis and enhanced function flow block diagrams are created and simulated using CORE9 to compare the performance of the current and developed systems. Hardware description language code for encryption and serial communication is developed using Vivado Design Suite 2017.2 as a programming tool to run the system synthesis and implementation for performance simulation and design verification. Simple windows are developed using Java for physical testing and communication between a personal computer and the FPGA.

CDMA Digital Mobile Communications and Message Security

  • Rhee, Man-Young
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.6 no.4
    • /
    • pp.3-38
    • /
    • 1996
  • The mobile station shall convolutionally encode the data transmitted on the reverse traffic channel and the access channel prior to interleaving. Code symbols output from the convolutional encoder are repeated before being interleaved except the 9600 bps data rate. All the symbols are then interleaved, 64-ary orthogonal modulation, direct-sequence spreading, quadrature spreading, baseband filtering and QPSK transmission. The sync, paging, and forward traffic channel except the pilot channel in the forward CDMA channel are convolutionally encoded, block interleaved, spread with Walsh function at a fixed chip rate of 1.2288 Mcps to provide orthogonal channelization among all code channels. Following the spreading operation, the I and Q impulses are applied to respective baseband filters. After that, these impulses shall be transmitted by QPSK. Authentication in the CDMA system is the process for confirming the identity of the mobile station by exchanging information between a mobile station and the base station. The authentication scheme is to generate a 18-bit hash code from the 152-bit message length appended with 24-bit or 40-bit padding. Several techniques are proposed for the authentication data computation in this paper. To protect sensitive subscriber information, it shall be required enciphering ceratin fields of selected traffic channel signaling messages. The message encryption can be accomplished in two ways, i.e., external encryption and internal encryption.

Signcryption Schemes with Forward Secrecy (Forward Secrecy를 제공하는 Signcryption 기법들)

  • 정희윤;이동훈;임종인
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.11 no.5
    • /
    • pp.43-52
    • /
    • 2001
  • Y. Zheng introduced a new type of cryptograghic primitive as \"signcryption\", which combines a function of digital signature scheme with a symmetric key encryption algorithm. Signcryption doesn\`t only provide authenticity and confidentiality in a single step, but also give more efficient computation than the traditional \"signature-then-encryption\". And C. Gamage proposed a proxy-signcryption that efficiently combines a proxy signature with the signcryption. But, in the proposed signcryption schemes, one who obtains the sender\`s private key can recover the original message of a signcrypted text. That is, forward secrecy is not offered by the signcryption scheme with respect to the sender\`s private key. In this paper, we will propose a modified signcryption of Zheng\`s signcryption and a variant of proxy-signcryption with forward secrecy.ith forward secrecy.

Design of Security Module using Key Exchange Protocol in Digital Contents (키 교환 프로토콜을 이용한 디지털콘텐츠 보호 모듈 설계)

  • 권도윤;이경원;김정호
    • The Journal of the Korea Contents Association
    • /
    • v.3 no.3
    • /
    • pp.40-46
    • /
    • 2003
  • In the paper, designed digital contents security module to check unlawfulness reproduction and distribution of digital contents. This paper applied Diffie-Hellman algorithm that use discrete logarithm and random number as primary for public key application to create encryption key that agree each other through communication channel between DCPS and HOST, and applied Triple DES repeat DES 3 times through 2 different encryption key that is selecting ANSI X9.17 that is key management standard, ISO 8732 and PEM(Privacy-Enhanced Mail) etc. by secondary protection for safe transmission of digital contents in transmission line. Designed security module consist of key exchange module, key derivation module and copy protection processing module. Digital contents security module that design in this thesis checks reproduction and distribution of digital contents by unauthenticated user through user certification function and digital contents encryption function, and protect digital contents transmission line.

  • PDF