• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.1
• /
• pp.5-15
• /
• 2016

Power analysis attacks are techniques to analyze power signals to find out the secrets when cryptographic algorithm is performed. One of the most famous countermeasure against power analysis attacks is masking methods. Masking types are largely classified into two types which are boolean masking and arithmetic masking. For the cryptographic algorithm to be used with boolean and arithmetic masking at the same time, the converting algorithm can switch between boolean and arithmetic masking. In this paper we propose an algorithm for switching from boolean to arithmetic masking using storage size at less cost than ones. The proposed algorithm is configured to convert using the look-up table without the least significant bit(LSB), because of equal the bit of boolean and arithmetic masking. This makes it possible to design a converting algorithm compared to the previous algorithm at a lower cost without sacrificing performance. In addition, by applying the technique at the LEA it showed up to 26 percent performance improvement over existing techniques.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.2
• /
• pp.299-305
• /
• 2013

Physical One-way Transfer, one of network Separating Network Technologies, shut off intrusion possibilities by removing data transfer line from external network to internal network. Physical One-way Transfer technology can not support legacy services based duplex transmission. Legacy services operating need agent for extra service with the support. But, Agent development have problems with adding cost and open internal protocols. In this papers, We analyzed legacy services between Control network and OA network in working SCADA systems, and based on the results obtained from the analysis, categorized the legacy services into three forms. We propose an agent generation method of the three service categories for Physical One-Way Transfer System. In addition, we design an automatic generation tool using the proposed method.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.15 no.9
• /
• pp.1939-1946
• /
• 2011

Expander graphs are useful in the design and analysis of communication networks. Mukhopadhyay et. al introduced a method to generate a family of expander graphs based on nongroup two predecessor single attractor CA(Cellular Automata). In this paper we propose a method to generate a family of expander graphs based on 60/102 Null boundary CA(NBCA) which is a group CA. The spectral gap generated by our method is larger than that of Mukhopadhyay et. al [12]. As an application we give an algorithm which generate one-way functions whose security lies on the combinatorial properties of our expander graphs. the one-way function using d-regular graph generated by the 60/102 NBCA is based on the Goldreich's construction [5].

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.19 no.4
• /
• pp.800-806
• /
• 2015

WAVE(Wireless Access in Vehicular Environments) system is wireless communication technology that vehicle sends and receives packets between vehicles or between vehicles and infrastructure in a high-speed mobile environment. In this study, we have designed and implemented a CRL(Certificate Revocation List) download protocol that is used to verify certificate revocation status of the other party when the vehicles communicate with WAVE system. This protocol operates over UDP. And to support security features, also, ECDSA(Elliptic Curve Digital Signature Algorithm) is used for mutual authentication and ECIES(Elliptic Curve Integrated Encryption Scheme) is used to ensure the confidentiality. Moreover, this protocol ensures the integrity of data by adding MAC(Message Authentication Code) to the end of packet and support the error and flow control mechanisms.

• The KIPS Transactions:PartC
• /
• v.18C no.2
• /
• pp.79-88
• /
• 2011

It is necessary for us to enhance the security service on smart phone by using voice data on authentication procedure. In this study, a voice data based one-time password generation mechanism is designed and implemented for enhancing user authentication on smart phone. After receiving a PIN value from the server, a user inputs his/her own voice biometric data using mike device on smart phone. And then this captured a voice biometric data will be used to generate one-time token on server side after verification procedures. Based on those mutual authentication steps, a voice data based one-time password(V-OTP) will be generated by client module after receiving the one-time token from the server finally. Using proposed voice one-time password mechanism, it is possible for us to provide more secure user authentication service on smart phone.

• The KIPS Transactions:PartC
• /
• v.16C no.4
• /
• pp.417-422
• /
• 2009

Implementation of DPI(Deep Packet Inspection) system on a general purpose multiprocessor platform is an attractive option from the implementation cost point of view, since it does not require high-cost customized hardware. Load balancing has been considered as a primary means to achieve high performance in multi processor systems. We claim, however, that in case of DPI system design simply balancing the load of each processor does not necessarily yield the highest system performance. Instead, we propose a method in which tasks are allocated to processors based on their functions. We implemented the proposed method in dual processor Linux system and compare its performance with the existing load balancing methods. Under the proposed method, one processor is dedicated to deal with interrupt handling and generic packet processing, while another processor is dedicated to DPI processing. According to experimental results, the proposed scheme outperforms the existing schemes by 60%, mainly because of the reduction of cache miss and spin lock occurrences.

• The Journal of the Korea Contents Association
• /
• v.10 no.9
• /
• pp.57-67
• /
• 2010

Smart grid technology can expand energy efficiency into the home by monitoring consumer energy usage in real time and communicating with household devices that respond to demands to shut off during periods of non-use, allowing individual consumers to control their electricity usage more effectively. But, the information collected on a smart grid will form a library of personal information, the mishandling of which could be highly invasive of consumer privacy. There will be major concerns if consumer-focused principles of transparency and control are not treated as essential design principles from beginning to end. In this paper, using. All-Or-Nothing Transform encryption mode for providing smart grid security, we propose efficient distributed data Management based on XOR operation. The contribution of this paper is to provide a secure algorithm that manages efficiently distributed data in the field of private data in smart grid environment.

• Journal of the Korean Society for Aeronautical & Space Sciences
• /
• v.42 no.7
• /
• pp.594-600
• /
• 2014

In modern warfare, securing communication channel by combatting opponents' electromagnetic attack is a crucial factor to win the war. Military satellite digital transponder is a communication payload of the next generation military satellite that maintains warfare networks operational in the presence of interfering signals by securely relaying signals between ground terminals. The transponder in this paper is classified as a partial processing transponder which performs cost effective secure relaying in satellite communication links. The control functions of transmission security achieve immunity to hostile interferences which may cause malicious effects on the link. In this paper, we present an efficient architecture for implementing the control mechanism. Two major ideas of pipelined processing in per-group control and software processing of blocked band information dramatically reduce the complexity of the hardware. A control code sequence showing its randomness with uniform distribution is exemplified and qualification test results are briefly presented.

• Journal of the Korea Computer Industry Society
• /
• v.4 no.4
• /
• pp.547-552
• /
• 2003

In this thesis, interference phenomena of bluetooth networks requiring Security were minimized; strengthened security of piconet by assigning an identical PIN code to bluetooth devices, which was establishing a specific piconet during authentication stage. To establish a bluetooth piconet system. an unique ID was assigned to each bluetooth device, communication algorithms having different data formats between devices was designed, and an embedded hardware module using ARM processor and uCOS-II RTOS was implemented. About 30% of CPU efficiency in the module was increased by modifying functions including block parameters to work as nonblocking; by the increased efficiency of total piconet, the module could be used as an access point. The module could transmit maximum 10 frames of image and also audio signal by switching the packet effectively according to channel condition. By above-mentioned process, video, audio, and data could be well transmitted by the bluetooth managing program and the possibility of a commercial remote control system using bluetooth technology was suggested.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.10 no.10
• /
• pp.2733-2740
• /
• 2009

An advanced and proactive response mechanism against diverse attacks on All-IP network should be proposed for enhance its security and reliability on open network. There are two main research works related to this study. First one is the SPIE system with hash function on Bloom filter and second one is the Sinkhole routing mechanism using BGP protocol for verifying its transmission path. In this study, we proposed an advanced IP Tracing mechanism based on Bloom filter and Sinkhole routing mechanism. Proposed mechanism has a Manager module for controlling the regional router with using packet monitoring and filtering mechanism to trace and find the attack packet's real transmission path. Additionally, proposed mechanism provides advanced packet aggregation and monitoring/control module based on existing Sinkhole routing method. Therefore, we can provide an optimized one in All-IP network by combining the strength on existing two mechanisms. And the Tracing performance also can be enhanced compared with previously suggested mechanism.