• International Journal of Computer Science & Network Security
• /
• v.22 no.6
• /
• pp.57-62
• /
• 2022

The recent past has seen a tremendous amount of advancement in the field of Internet of Things (IoT), allowing the influx of a variety of devices into the market. IoT devices are present in almost every aspect of our daily lives. While this increase in usage has many advantages, it also comes with many problems, including and not limited to, the problem of security. There is a need for better measures to be put in place to ensure that the users' data is protected. In particular, fitness trackers used by a vast number of people, transmit important data regarding the health and location of the user. This data is transmitted from the fitness device to the phone and from the phone onto a cloud server. The transmission from device to phone is done over Bluetooth and the latest version of Bluetooth Light Energy (BLE) is fairly advanced in terms of security, it is susceptible to attacks such as Man-in-the-Middle attack and Denial of Service attack. Additionally, the data must be stored in an encrypted form on the cloud server; however, this proves to be a problem when the data must be decrypted to use for running computations. In order to ensure protection of data, measures such as end-to-end encryption may be used. Homomorphic encryption is a class of encryption schemes that allow computations on encrypted data. This paper explores the application of homomorphic encryption for fitness trackers.

• Journal of Internet of Things and Convergence
• /
• v.9 no.1
• /
• pp.1-7
• /
• 2023

Cases in which personal terminals or servers are infected by ransomware are rapidly increasing. Ransomware uses a self-developed encryption module or combines existing symmetric key/public key encryption modules to illegally encrypt files stored in the victim system using a key known only to the attacker. Therefore, in order to decrypt it, it is necessary to know the value of the key used, and since the process of finding the decryption key takes a lot of time, financial costs are eventually paid. At this time, most of the ransomware malware is included in a hidden form in binary files, so when the program is executed, the user is infected with the malicious code without even knowing it. Therefore, in order to respond to ransomware attacks in the form of binary files, it is necessary to identify the encryption module used. Therefore, in this study, we developed a mechanism that can detect and identify by reverse analyzing the encryption module applied to the malicious code hidden in the binary file.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2022.05a
• /
• pp.184-186
• /
• 2022

Recently, as interest in personal information protection has increased, various apps for personal information protection have emerged. These apps protect data in various formats, such as photos, videos, and documents containing personal information, using encryption and hide functions. These apps can have a positive effect on personal information protection, but in digital forensics, they act as anti-forensic because they can be difficult to analyze data during the investigation process. In this paper, finds out PIN, an access control function, through reverse engineering on Calculator - photo vault, one of the personal information protection apps, and files such as photos and documents to which encryption and hide were applied. In addition, the vulnerability to this app was analyzed by research decryption for database files where logs for encrypted and hide files are stored.

• Convergence Security Journal
• /
• v.22 no.3
• /
• pp.33-39
• /
• 2022

Recently, cyberattacks on infrastructure have been continuously occurring with the starting of neutralizing the user authentication function of information systems. Accordingly, the vulnerabilities of system are increasing day by day, such as the increase in the vulnerabilities of the encryption system. In this paper, an alternative technique for the symmetric key algorithm has been developed in order to build the encryption algorithm that is not easy for beginners to understand and apply. Vigenere Cipher is a method of encrypting alphabetic text and it uses a simple form of polyalphabetic substitution. The encryption application system proposed in this study uses the simple form of polyalphabetic substitution method to present an application model that integrates the three steps of encryption table creation, encryption and decryption as a framework. The encryption of the original text is done using the Vigenère square or Vigenère table. When applying to the automatic generation of secret keys on the information system this model is expected that integrated authentication work, and analysis will be possible on target system. ubstitution alphabets[3].

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.23 no.6
• /
• pp.27-32
• /
• 2023

Location sharing through apps is increasing, such as finding a friend's location or sharing delivery status on the Internet. However, location information is important personal information, and in some cases can be misused for crimes, and so encryption of location information is essential when developing such apps. This paper develops an app that encrypts and shares location information between friends for purposes such as finding friends and deciding meeting locations. To improve encryption performance, the symmetric key was encrypted and transmitted using an asymmetric key, and for location sharing, only the symmetric key was used to encrypt it. The proposed app was developed on iOS, and performance measurements showed that encryption of location information was at least 5,000 times faster when using a symmetric key than when using an asymmetric key.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.34 no.4
• /
• pp.629-639
• /
• 2024

CHAM is designed with an emphasis on encryption speed, considering that in the ISO/IEC standard block cipher operation mode, encryption functions are used more often than decryption functions. In the superscalar architecture of modern general-purpose processors, different ordering of operations can lead to different processing speeds, even if the computation configuration is the same. In this paper, we analyze the implementation efficiency and security of CHAM-like structures, which rearrange the order of operations in the ARX-based block cipher CHAM, for single-block and parallel implementations in a general-purpose processor environment. The proposed structures are at least 9.3% and at most 56.4%efficient in terms of encryption speed. The security analysis evaluates the resistance of the CHAM-like structures to differential and linear attacks. In terms of security margin, the difference is 3.4% for differential attacks and 6.8%for linear attacks, indicating that the security strength is similar compared to the efficiency difference. These results can be utilized in the design of ARX-based block ciphers.

• Journal of the Korea Society of Computer and Information
• /
• v.19 no.7
• /
• pp.71-76
• /
• 2014

There is to be virtually impossible to solve the very large digits of prime number p and q from composite number n=pq using integer factorization in typical public-key cryptosystems, RSA. When the public key e and the composite number n are known but the private key d remains unknown in an asymmetric-key RSA, message decryption is carried out by first obtaining ${\phi}(n)=(p-1)(q-1)=n+1-(p+q)$ and then using a reverse function of $d=e^{-1}(mod{\phi}(n))$. Integer factorization from n to p,q is most widely used to produce ${\phi}(n)$, which has been regarded as mathematically hard. Among various integer factorization methods, the most popularly used is the congruence of squares of $a^2{\equiv}b^2(mod\;n)$, a=(p+q)/2,b=(q-p)/2 which is more commonly used then n/p=q trial division. Despite the availability of a number of congruence of scares methods, however, many of the RSA numbers remain unfactorable. This paper thus proposes an algorithm that directly and immediately obtains ${\phi}(n)$. The proposed algorithm computes $2^k{\beta}_j{\equiv}2^i(mod\;n)$, $0{\leq}i{\leq}{\gamma}-1$, $k=1,2,{\ldots}$ or $2^k{\beta}_j=2{\beta}_j$ for $2^j{\equiv}{\beta}_j(mod\;n)$, $2^{{\gamma}-1}$ < n < $2^{\gamma}$, $j={\gamma}-1,{\gamma},{\gamma}+1$ to obtain the solution. It has been found to be capable of finding an arbitrarily located ${\phi}(n)$ in a range of $n-10{\lfloor}{\sqrt{n}}{\rfloor}$ < ${\phi}(n){\leq}n-2{\lfloor}{\sqrt{n}}{\rfloor}$ much more efficiently than conventional algorithms.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.20 no.6
• /
• pp.1163-1170
• /
• 2016

A hardware implementation of ultra-lightweight block cipher algorithm PRESENT which was specified as a standard for lightweight cryptography ISO/IEC 29192-2 is described. The PRESENT crypto-processor supports two key lengths of 80 and 128 bits, as well as four modes of operation including ECB, CBC, OFB, and CTR. The PRESENT crypto-processor has on-the-fly key scheduler with master key register, and it can process consecutive blocks of plaintext/ciphertext without reloading master key. In order to achieve a lightweight implementation, the key scheduler was optimized to share circuits for key lengths of 80 bits and 128 bits. The round block was designed with a data-path of 64 bits, so that one round transformation for encryption/decryption is processed in a clock cycle. The PRESENT crypto-processor was verified using Virtex5 FPGA device. The crypto-processor that was synthesized using a $0.18{\mu}m$ CMOS cell library has 8,100 gate equivalents(GE), and the estimated throughput is about 908 Mbps with a maximum operating clock frequency of 454 MHz.

• Journal of Broadcast Engineering
• /
• v.20 no.1
• /
• pp.92-109
• /
• 2015

Broadcast encryption is a cryptographic primitive that allows a sender to securely broadcast a message to a set of receivers. The most influential broadcast encryption system was proposed in 2001 by Naor, Naor, Lotspiech, based on a pseudo-random generator and the Subset Difference (SD) method. In this paper, we suggest a new broadcast encryption system that is based on secret sharing and SD methods. On an efficiency aspect, our system achieves O(r) transmission cost, O($log^2n$) storage cost, and O(1) computational cost for the number n of users and the number r of revoked users. Compared to O(log n) computational cost in the previous SD method, our system has the advantage that it needs only constant-sized computational cost for decryption, regardless of the number n or r. On a security aspect, our system can achieve tighter security reduction than the previous SD method and the gap of security loss is about O(n log n). Moreover, our result shows that it is possible to give the effect of the SD method while using an information-theoretically secure key distribution technique as in the Complete Subtree method.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.12 no.3
• /
• pp.1356-1366
• /
• 2011

The TPM(Trusted Platform Module) is a hardware chip to support a trusted computing environment. A rightful user needs a command authorization process in order to use principal TPM commands. To get command authorization from TPM chip, the user should perform the OIAP(Object-Independent Authorization Protocol) or OSAP(Object-Specific Authorization Protocol). Recently, Chen and Ryan alerted the vulnerability of insider attack on TPM command authorization protocol in multi-user environment and presented a countermeasure protocol SKAP(Session Key Authorization Protocol). In this paper, we simulated the possibility of insider attack on OSAP authorization protocol in real PC environment adopted a TPM chip. Furthermore, we proposed a novel countermeasure to defeat this insider attack and improve SKAP's disadvantages such as change of command suructures and need of symmetric key encryption algorithm. Our proposed protocol can prevent from insider attack by modifying of only OSAP command structure and adding of RSA encryption on user and decryption on TPM.