• Proceedings of the KIEE Conference
• /
• 2004.11c
• /
• pp.123-125
• /
• 2004

The importance for Internet security has being increased and the Internet Protocol Security (IPSec) standard, which incorporates cryptographic algorithms, has been developed as one solution to this problem. IPSec provides security services in IP-Layer using IP Authentication Header (AH) and IP Encapsulation Security Payload (ESP). In this paper, we propose IPSec cryptographic processor design based AMBA architecture. Our design which is comprised Rijndael cryptographic algorithm and HAMC-SHA-1 authentication algorithm supports the cryptographic requirements of IP AH, IP ESP, and any combination of these two protocols. Also, our IPSec cryptographic processor operates as AMBA AHB Slave. We designed IPSec cryptographic processor using Xilinx ISE 5.2i and VHDL, and implemented our design using Xilinx's FPGA Vertex XCV600E.

• Journal of Information Processing Systems
• /
• v.8 no.1
• /
• pp.119-132
• /
• 2012

Recently, a fast and secure hash function SFHA - 256 has been proposed and claimed as more secure and as having a better performance than the SHA - 256. In this paper an improved version of SFHA - 256 is proposed and analyzed using two parameters, namely the avalanche effect and uniform deviation. The experimental results and further analysis ensures the performance of the newly proposed and improved SFHA-256. From the analysis it can be concluded that the newly proposed algorithm is more secure, efficient, and practical.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.6A
• /
• pp.17-25
• /
• 2008

The differential power attack (DPA)[8] is a very powerful side-channel attack tool against various cryptosystems and the masking method[10] is known to be one of its algorithmic countermeasures. But it is non-trivial to apply the masking method to non-linear functions, especially, to arithmetic adders. This paper proposes simple and efficient masking methods applicable to arithmetic adders. For this purpose, we use the fact that every combinational logic circuit (including the adders) can be decomposed into basic logic gates (AND, OR, NAND, NOR, XOR, XNOR, NOT) and try to devise efficient masking circuits for these basic gates. The resulting circuits are then applied to the arithmetic adders to get their masking algorithm. As applications, we applied the proposed masking methods to SEED and SHA-1 in hardware.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.17 no.6
• /
• pp.19-25
• /
• 2017

This paper deals with integer factorization of two prime p,q of SHA-256 secure hash value n for Bit coin mining. This paper proposes an algorithm that greatly reduces the execution time of Pollard's rho integer factorization algorithm. Rho(${\rho}$) algorithm computes $x_i=x^2_{i-1}+1(mod\;n)$ and $y_i=[(y^2_{i-1}+1)^2+1](mod\;n)$ for intial values $(x_0,y_0)=(2,2)$ to find the factor 1 < $gcd({\mid}x_i-y_i{\mid},n)$ < n. It however fails to factorize some particular composite numbers. The algorithm proposed in this paper applies multiple initial values $(x_0,y_0)=(2^k,2^k)$ and ($2^k,2$), $2{\leq}k{\leq}10$ to the existing Pollard's Rho algorithm. As a results, the proposed algorithm achieves both the factorization of all the composite numbers and the reduction of the execution time of Pollard's Rho by 67.94%.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.5
• /
• pp.27-33
• /
• 2011

At FDTC'05 and CISC-W'10, the authors showed that if they decrease the number of rounds of AES and Triple-DES by using the fault injections, it is possible to recover the secret key of the target algorithms, respectively. In this paper, we propose a key recovery attack on HMAC by using the main idea of these attacks. This attack is applicable to HMAC based on MD-family hash functions and can recover the secret key with the negligible computational complexity. Particularly, the attack result on HMAC-SHA-2 is the first known key recovery attack result on this algorithm.

• Journal of Korea Society of Industrial Information Systems
• /
• v.18 no.2
• /
• pp.1-12
• /
• 2013

Information Security System is implemented in software, hardware and FPGA device. Implementation of S/W provides high flexibility about various information security algorithm, but it has very vulnerable aspect of speed, power, safety, and performing ASIC is really excellent aspect of speed and power but don't support various security platform because of feature's realization. To improve conflict of these problems, implementation of recent FPGA device is really performed. The goal of this thesis is to design and develop a FPGA hardware accelerator for information security system. It performs as AES, SHA-256 and ECC and is controlled by the Integrated Interface. Furthermore, since the proposed Security Information System can satisfy various requirements and some constraints, it can be applied to numerous information security applications from low-cost applications and high-speed communication systems.

• Journal of Satellite, Information and Communications
• /
• v.10 no.3
• /
• pp.114-120
• /
• 2015

In this paper, we show the design requirements of the cryptographic module and its security algorithm designed to prevent the exposure of the command signal applied to Flight Termination System. The cryptographic module consists of two separate devices that are Command Insertion Device and Command Generation Device. The cryptographic module designed to meet the 3 principles(Confidentiality, Integrity and Availability) for the information security. AES-256 block encryption algorithm and SHA-256 Hash function were applied to the encrypted symmetric key encryption method. The proposed cryptographic module is expected to contribute to the security and reliability of the Flight Termination System for Space Launch Vehicle.

• Journal of Electrical Engineering and Technology
• /
• v.7 no.3
• /
• pp.443-450
• /
• 2012

As power grids are integrated into one big umbrella (i.e., Smart Grid), communication network plays a key role in reliable and stable operation of power grids. For successful operation of smart grid, interoperability and security issues must be resolved. Security means providing network system integrity, authentication, and confidentiality service. For a cyber-attack to a power grid system, which may jeopardize the national security, vulnerability of communication infrastructure has a serious impact on the power grid network. While security aspects of power grid network have been studied much, security mechanisms are rarely adopted in power gird communication network. For security issues, strict timing requirements are defined in IEC 61850 for mission critical messages (i.e., GOOSE). In this paper, we apply security algorithms (i.e., MD-5, SHA-1, and RSA) and measure their processing time and transmission delay of secured mission critical messages. The results show the algorithms satisfying the timing requirements defined in IEC 61850 and we observer the algorithm that is optimal for secure communication of mission critical messages. Numerical analysis shows that SHA-1 is preferable for secure GOOSE message sending.

• Journal of the Institute of Electronics and Information Engineers
• /
• v.50 no.3
• /
• pp.179-186
• /
• 2013

PACS is a medical system for digital medical images, and PACS expand to web-based service using public network, DICOM files should be protected from the man-in-the-middle attack because they have personal medical record. To solve the problem, we designed flexible secure transmission system using IPSec and adopted to a web-based three-dimensional medical image system. And next, we performed the performance evaluation changing integrity and encryption algorithm using DICOM volume dataset. At that time, combinations of the algorithm was 'DES-MD5', 'DES-SHA1', '3DES-MD5', and '3DES-SHA1, and the experiment was performed on our test-bed. In experimental result, the overall performance was affected by encryption algorithms than integrity algorithms, DES was approximately 50% of throughput degradation and 3DES was about to 65% of throughput degradation. Also when DICOM volume dataset was transmitted using secure transmission system, the network performance degradation had shown because of increased packet overhead. As a result, server and network performance degradation occurs for secure transmission system by ensuring the secure exchange of messages. Thus, if the secure transmission system adopted to the medical images that should be protected, it could solve server performance gradation and compose secure web PACS.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.39B no.4
• /
• pp.242-250
• /
• 2014

Conventional researches of standard tool validating cryptographic algorithm have been studied for the internet environment, for the mobile internet. It is important to develop the validation tool for establishment of interoperability and convenience of users in the information systems. Therefore, this paper presents the validation tool of Elliptic Curve Cryptography algorithm that can test if following X9.62 technology standard specification. The validation tool can be applied all information securities using DES, SEED, AES, SHA-1/256/384/512, RSA-OAEP V2.0, V2.1, ECDSA, ECKCDSA, ECDH, etc. Moreover, we can enhance the precision of validation through several experiments and perform the validation tool in the online environment.