• Journal of Internet Computing and Services
• /
• v.21 no.3
• /
• pp.11-19
• /
• 2020

In this paper, a merged TEA block cipher processor which unifies Tiny Encryption Algorithm(TEA), extended Tiny Encryption Algorithm(XTEA) and corrected block TEA(XXTEA) is designed. After TEA cipher algorithm was first designed, XTEA and XXTEA cipher algorithms were designed to correct security weakness. Three types of cipher algorithm uses a 128-bit master key. The designed cipher processor can encrypt or decrypt 64-bit message block for TEA/XTEA and variable-length message blocks up to 256-bit for XXTEA. The maximum throughput for 64-bit message blocks is 137Mbps and that of 256-bit message blocks is 369Mbps. The merged TEA block cipher designed in this paper has a 16% gain on the area side compared to a lightweight LEA cipher. The cryptographic IP of this paper is applicable in security module of the mobile areas such as smart card, internet banking, and e-commerce.

• Journal of the Institute of Electronics Engineers of Korea CI
• /
• v.49 no.4
• /
• pp.9-15
• /
• 2012

With the rise of internet and e-commerce, this is more applicable now than ever. People rely on computer networks to provide them with news, stock prices, e-mail and online shopping. People's credit card details, medical records and other personal information are stored on computer systems. Many companies have a web presence as an essential part of their business. The research community uses computer systems to undertake research and to disseminate findings. The integrity and availability of all these systems have to be protected against a number of threats. Amateur hackers, rival corporations, terrorists and even foreign governments have the motive and capability to carry out sophisticated attacks against computer systems. Therefore, the field of information and communication security has become vitally important to the safety and economic well being of society as a whole. This paper provides an overview of IDS and IPS, their functions, detection and analysis techniques. It also presents comparison of security capability and characteristics of IDPS techniques. This will make basis of IDPS(Intrusion Detection and Protection System) technology integration for a broad-based IDPS solutions

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.1
• /
• pp.41-51
• /
• 2018

Format preserving encryption(FPE) performs encryption with preserving the size and format of plain-text. Therefore, it is possible to minimize the structural change of the database before and after the encryption. For example, when encrypting data such as credit card number or social security number, it is possible to maintain the existing database structure because FPE outputs the same form of cipher-text as plain-text. Currently, the National Institute of Standards and Technology (NIST) recommends FF1 and FF3 as standards for FPE. Recently, in Korea, FEA, which is a very efficient FPE algorithm, has been adopted as the standard of FPE. In this paper, we analyze FEA and measure the performance of FEA by optimizing it in various environments.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.11 no.3
• /
• pp.1101-1107
• /
• 2010

DVR is widely used in the security monitoring system because it has excellent performance compared with VCR. In this paper, the new DVR interfaces and repeaters enhancing the performance of the existing DVR have been designed and implemented, which enables a large-scaled security monitoring system to be built economically. A repeater in this paper connects 8 monitoring terminals to 2 channels of DVR and a DVR interface manages 16 repeaters to be able to accommodate 128 monitoring terminals. Eventually, the implemented system has a quadruple scalability compared to the existing systems and can reduce the installation cost substantially by using cost-effective UTP cables instead of coaxial cables. And the system could be effectively used in various environments and conditions because various functions such as video transmission, audio communication, emergency call, and RFID card are integrated into the system.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2009.10a
• /
• pp.351-354
• /
• 2009

In the internet communication technology, authentication of the user is main task. So far, very popular researches have been proposed for user authentications based on user_id and password. These existing methods have some merits as well as demerits also. In this paper, we analyzed the existing authentication method problems and implement a secure PingPong-128 based key generator for internet technology. In our new scheme, we are using one time password and security card numbers to generate the secure tokens for the user and internet service provider.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.13 no.5
• /
• pp.129-136
• /
• 2003

A representative payment broker system is SET and one of its signature shcemes is a dual digital signature scheme. A dual digital signature scheme expose neither user's payment information(credit card number etc.) to merchandiser, nor user's order information to bank So it keeps user's Privacy safe. The digital signature scheme like this is being necessary as E-commerce is revitalized. But a dual digital signature of SET is not appropriate for wireless environments because it needs so many computations and communications. In this paper, we propose a signcryption scheme that generates a polynomial using a payment information for merchandiser and an order information for bank in order to reduce communications. We analyze the problem of existing signcryption schemes and dual digital signature schemes. Also we analyze the security properties of the proposed scheme.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.5 no.1
• /
• pp.17-24
• /
• 1995

In spite of the good security of the cryptosystem on an elliptic curve defined over finite field, the cryptosystem on an elliptic curve is slower than that on a finite field. To be practical, we need a better method to improve a speed of the cryptosystem on an elliptic curve defined over a finite field. In 1991, Koblitz suggested to use an anomalous curve over $F_2$, which is an elliptic curve with Frobenious map whose trace is 1, and reduced a speed of computation of mP. In this paper, we consider an elliptic curve defined over $F_4$ with Frobenious map whose trace is 3 and suggest an efficient algorithm to compute mP. On the proposed elliptic curve, we can compute multiples mP with ${\frac{3}{2}}log_2m$+1 addition in worst case.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.15 no.11
• /
• pp.2340-2346
• /
• 2011

This paper presents a user-friendly authentication system using a flexible USIM. In the proposed method and its system, the flexible USIM utilizes personalized data such as Mobile Directory Number(MDN) and social security number as the key to user authentication. The authentication method proposed in this paper permits limited times of use and/or limited duration of use. A simple simulation model shows that the proposed algorithm works well and shows high compatibility with existing authentication methods. In addition, an alternative or more advanced authentication system can be developed with the proposed flexible USIM card. It is seen that this simple alternative method will eventually be able to make wireless communication networks more easily accessible for subscribers, irrespective of user environments.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.15 no.7
• /
• pp.1501-1509
• /
• 2011

Current identity management 1.0 model, which is service provider-centric and isolated, has several problems such as low usability, high cost structure, difficulty in privacy protection, and lack of trust infrastructure. Though various SSO-based identity management 2.0 models including Passport/Live ID, Liberty Alliance/SAML, CardSpace, and OpenID have been recently developed in order to overcome those problems, they are not widely accepted in real Internet environment so as to replace the existing identity management 1.0 model. This paper firstly analyzes the widely-known identity 2.0 models in a comparative way, and then presents a perspective on the development direction of identity management 3.0 model for future Internet.

• Journal of Broadcast Engineering
• /
• v.14 no.3
• /
• pp.280-287
• /
• 2009

An IPTV (Internet Protocol Television) technology is the new convergence technology of the telecommunication and broadcasting which provides various bidirectional TV services. To provide these services only to legal subscribers, mutual authentication between set-top box connected with TV set and the smart card owned by a subscriber is needed. In this paper, we propose an attribute-based mutual authentication scheme that only someone who is satisfied with some attributes, such as titles or departments, can access the contents provided by the IPTV service in an organization. We also show that the proposed scheme is secure. Our proposed scheme has a virtue that user can access various services, provided by an organization where he/she belongs to, according to their attributes with only one time registration. As far as we know, this is the first attribute-based authentication scheme which can be applied to any organizations in IPTV environments.