• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2014.10a
• /
• pp.359-362
• /
• 2014

With recent growing of application service, servers are required to sustain great amount of data and to handle them quickly: besides, data must be processed securely. The main security algorithm used in security services of server is AES(Advanced Encryption Standard - 2001 published by NIST), which is widely accepted in the world market for superiority of performance. In Korea, NSRI(National Security Research Institute) has developed ARIA(Academy, Research Institute, Agency) algorithm in 2004 and LEA(Lightweight Encryption Algorithm) algorithm in 2012. In this paper, we show advantage of LEA by comparing performance with AES and ARIA in various servers.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.25 no.4B
• /
• pp.700-707
• /
• 2000

In this paper, we address vulnerabilities of legacy VOD system and implement secure-VOD system to protect security holes of it. Our secure-VOD system provide user authentication using one-time password, message authentication and encryption/decryption for video server information. To improve security of existing fixed password system, our secure-VOD system use one-time password. Also, our secure-VOD system provides integrity for video server information by generating and verifying message authentication code using HMAC-HAS 160 algorithm. Finally, our secure-VOD system uses RC5 encryption algorithm to guarantee confidentiality for video server information.

• Journal of the Korea Society of Computer and Information
• /
• v.3 no.4
• /
• pp.91-96
• /
• 1998

In this paper we designed a secure client-server system to be able to protect messages between client and server using cryptography We authenticated each other using a asymmetric encryption algorithm on the logon procedure and minimized the time to encrypt and decrypt messages using a symmetric encryption algorithm on exchanging messages. We proved that it is possible to make a digital signature on our secure client-server system. And we suggested the efficient key management method to generate and distribute cryptograpic key securely.

• Journal of the Korea Convergence Society
• /
• v.2 no.2
• /
• pp.13-19
• /
• 2011

When the existing mail system is attacked by the third party, its content is exposed fully. To solve this problem, designed is the mail encryption system which can send and receive mail safely by the sessionkey. The mail receiver opens encrypted mail with the session key. In the traditional mail system, the server administrator can view mail content. However, in the proposed protocol, the server can only save mail as encryption/decryption is applied. Also, the ARIA encryption algorithm is used in encryption/decryption for better safety, and fast XOR operations are used to reduce the amount of operations.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.27 no.7C
• /
• pp.653-663
• /
• 2002

The signature-then-encryption based on RSA scheme provides forward secrecy, but requires 4 modulo exponentiation operations in total, and the signcryption scheme proposed by Zheng simultaneously fulfills both the functions of digital signature and symmetric key encryption in a logically single step, and with a computational cost significantly smaller than that required by the current standard signature-then-encryption, but it can not provide forward secrecy. In this paper, we propose an enhanced signcryption scheme which can provide forward secrecy with lower computational cost and lower communication overhead comparing with those of the signature-then-encryption based on RSA, and with a similar communication overhead of Zheng's scheme. The proposed scheme can be also easily modified to the direct signature verification scheme by the recipient without using the recipient's private key. Additionally, we suggest a new design protocol with server-supported signatures which solves the CRLs(Certificate Revocation Lists) burden and provides non-repudiation of origin. This protocol with server-supported signatures also can be applied to the original signcryption scheme proposed by Zheng in order to improve security.

• The KIPS Transactions:PartC
• /
• v.18C no.6
• /
• pp.369-378
• /
• 2011

To ensure data confidentiality and fine-grained access control in business environment, system model using KP-ABE(Key Policy-Attribute Based Encryption) and PRE(Proxy Re-Encryption) has been proposed recently. However, in previous study, data confidentiality has been effected by decryption right concentrated on cloud server. Also, Yu's work does not consider a access privilege management, so existing work become dangerous to collusion attack between malicious user and cloud server. To resolve this problem, we propose secure system model against collusion attack through dividing data file into header which is sent to privilege manager group and body which is sent to cloud server. And we construct the model of access privilege management using AONT based XOR threshold Secret Sharing, In addition, our scheme enable to grant weight for access privilege using XOR Share. In chapter 4, we differentiate existing scheme and proposed scheme.

• Journal of KIISE:Information Networking
• /
• v.29 no.6
• /
• pp.635-644
• /
• 2002

We propose the PBSM(Protocol-Based Security Module) system which guarantees the secure data transmission under web environments. There are two modules in the PBSM architecture. One is Web Server Security Module(WSSM) which is working on a web server, the other is the Winsock Client Security Module(WSCSM) which is working on a client. The WSCSM security module decrypts the encrypted HTML document that is received from the security web server. The decrypted HTML document is displayed on the screen of a client. The WSSM module contains the encryption function for HTML file and the decryption function for CGI(Common Gateway Interface). The formal analysis methodology is imported from format theory for analyzing the data flow of the PBSM system. The formal analysis methodology is based on the order theory.

• The KIPS Transactions:PartD
• /
• v.11D no.2
• /
• pp.423-434
• /
• 2004

This paper presents the software system that protects illegal installation and use of the commercial software. The server computer in this system stores the compressed versions for all software, while client computers install all software by downloading them from the server. Also the client computers periodically report to the server whether they have illegally installed software. This system introduces authentication and encryption/decryption using the session key under Windows Operating System to prevent interception of the software package from outside world and malicious modification of the transfer message between the server and the client. The proposed system in this Paper has several advantages such as providing real-time control of license and easy maintenance of the software as well as protecting illegal use of the software.

• Journal of the Korea Society of Computer and Information
• /
• v.23 no.9
• /
• pp.73-80
• /
• 2018

In this paper, we propose a new type of client server environment to improve the architecture vulnerable to hacking in an existing client server environment. On the server side, move the existing Web server to the client side and This is a way for clients to communicate only the data they need and suggests a structure that completely blocks the web attack itself to the server. This can completely prevent a server from being hacked, spreading malicious code and hacking data on a server. It also presents a new paradigm that will not affect servers even if malware is infected with client PCs. This paper validates the proposed environment through BBS (Big Bad Stick) hardware in the form of USB on the client side. This study proof that secure services are provided through encryption communication with server-side security equipment, indicating that this study is a system with new security.

• IEMEK Journal of Embedded Systems and Applications
• /
• v.5 no.3
• /
• pp.168-174
• /
• 2010

User authentication is an important requirement to provide secure network service. Therefore, many authentication schemes have been proposed to provide secure authentication, such as key agreement and anonymity. However, authority of scheme is limited to one's self. It is inefficient when authenticated users grant a certification to other users who are in an organization which has a hierarchical structure, such as a company or school. In this paper, we propose the first authentication scheme to use Attributes-Based Re-encryption that creates a certification to other users with specified attributes. The scheme, which has expanded from Rhee et al. scheme, has optimized computation performance on a smart card, ensuring the user's anonymity and key agreement between users and server.