KR101683051B1 - BLOCK CIPHERING METHOD USING SYMMETRIC KEY IN IoT NETWORK AND DATA TRANSFERRING METHOD FROM CLIENT APPARATUS TO SERVER IN IoT NETWORK - Google Patents
BLOCK CIPHERING METHOD USING SYMMETRIC KEY IN IoT NETWORK AND DATA TRANSFERRING METHOD FROM CLIENT APPARATUS TO SERVER IN IoT NETWORK Download PDFInfo
- Publication number
- KR101683051B1 KR101683051B1 KR1020150100899A KR20150100899A KR101683051B1 KR 101683051 B1 KR101683051 B1 KR 101683051B1 KR 1020150100899 A KR1020150100899 A KR 1020150100899A KR 20150100899 A KR20150100899 A KR 20150100899A KR 101683051 B1 KR101683051 B1 KR 101683051B1
- Authority
- KR
- South Korea
- Prior art keywords
- data
- block
- allocated
- iot device
- symmetric key
- Prior art date
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0618—Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
- H04L9/0625—Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation with splitting of the data block into left and right halves, e.g. Feistel based algorithms, DES, FEAL, IDEA or KASUMI
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0618—Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
A method of block encryption using a symmetric key in an IoT network includes the steps of: obtaining at least one piece of data having a reference size by the IoT device; dividing the at least one piece of data into blocks of the IoT device; Wherein the IoT device waits for a reference time when the size of the spare area, which is an area to which no data is allocated in the last block to be divided, is larger than the reference size, and that at least one Allocating the additional data to the last block when the additional data is acquired, and encrypting the last block using the symmetric key.
Description
The technique described below relates to a block encryption technique using a symmetric key.
As interest in Internet (IoT) has increased, commercial services using IoT devices are beginning to appear. Since the IoT network also transmits data over the communication network, the data generated or obtained by the IoT device must be constantly encrypted and transmitted.
Conventionally, the encryption technique using the symmetric key encrypts data without padding the data in the last block even if the data is not occupied in the last block.
In the block encryption scheme using the symmetric key, the following description is to provide a technique of adding data to the last block and encrypting the data after waiting for additional data even if data is not occupied in the last block.
A block encryption method using a symmetric key in an IoT network is characterized in that the IoT device obtains at least one data having a reference size, the IoT device allocates the at least one data block by block, Wherein the IoT device waits for a reference time when the size of the spare area, which is an area to which no data is allocated in the last allocated block, is larger than the reference size, Allocating the additional data to the last block when the additional data is acquired, and encrypting the last block using the symmetric key.
A method for a client device to transfer data to a server in an IoT network includes the steps of a client device generating or collecting data, a client device allocating the data block by block, data is allocated in the last block to which the data is allocated When the client device generates or collects the additional data, if the size of the spare area, which is an area that is not the area, is larger than the reference size, the client device waits for additional data to be generated or collected next, Encrypting the last block using a symmetric key, and
And transmitting the block encrypted by the client apparatus to the server.
The technique described below is an encryption technique that can efficiently transmit data in a device that collects very small data, such as IoT devices in particular. The technique described below reduces the congestion of the communication channel by transmitting as much data as possible at a time, and at the same time, the energy of the IoT device can be saved.
Fig. 1 is an example showing a configuration for an IoT network system.
2 is an example of a conventional symmetric key-based block encryption scheme.
3 is another example of a symmetric key-based block encryption technique.
4 is an example of a flowchart of a block encryption method using a symmetric key in an IoT network.
5 shows an example of the last block configuration in the block encryption method using the symmetric key in the IoT network.
6 is another example of a flowchart of a block encryption method using a symmetric key in the IoT network.
7 is another example showing the last block configuration in the block encryption method using the symmetric key in the IoT network.
The following description is intended to illustrate and describe specific embodiments in the drawings, since various changes may be made and the embodiments may have various embodiments. However, it should be understood that the following description does not limit the specific embodiments, but includes all changes, equivalents, and alternatives falling within the spirit and scope of the following description.
The terms first, second, A, B, etc., may be used to describe various components, but the components are not limited by the terms, but may be used to distinguish one component from another . For example, without departing from the scope of the following description, the first component may be referred to as a second component, and similarly, the second component may also be referred to as a first component. And / or < / RTI > includes any combination of a plurality of related listed items or any of a plurality of related listed items.
As used herein, the singular " include "should be understood to include a plurality of representations unless the context clearly dictates otherwise, and the terms" comprises & , Parts or combinations thereof, and does not preclude the presence or addition of one or more other features, integers, steps, components, components, or combinations thereof.
Before describing the drawings in detail, it is to be clarified that the division of constituent parts in this specification is merely a division by main functions of each constituent part. That is, two or more constituent parts to be described below may be combined into one constituent part, or one constituent part may be divided into two or more functions according to functions that are more subdivided. In addition, each of the constituent units described below may additionally perform some or all of the functions of other constituent units in addition to the main functions of the constituent units themselves, and that some of the main functions, And may be carried out in a dedicated manner.
Also, in performing a method or an operation method, each of the processes constituting the method may take place differently from the stated order unless clearly specified in the context. That is, each process may occur in the same order as described, may be performed substantially concurrently, or may be performed in the opposite order.
In IoT networks, IoT devices are generally devices that generate or collect specific data. The data generated or collected by the IoT device is passed to the object that stores or manages the data over the network. Data generated or collected by IoT devices may be stored in a separate database. A server providing a specific service using the data generated or collected by the IoT device provides the service using the corresponding data. The IoT network also uses end-to-end encryption between the IoT daubies and the servers corresponding to the client devices. Generally, the encryption scheme used in this case is a symmetric key encryption scheme in which the terminal and the service server encrypt and decrypt data using the same secret key. The symmetric key cryptosystem divides data into blocks of a certain size and performs encryption on a block-by-block basis. A typical symmetric key encryption scheme is DES (Data Encryption Standard) using a 64-bit-length block and AES (Advanced Encryption Standard) using a 128-bit-length block. DES uses a symmetric key with a length of 56 bits, and AES uses a symmetric key with a length of 128, 192 or 256 bits. A detailed description of the known portions of the symmetric key cryptography is omitted.
1 shows an example of a configuration of the
The data collected by the
The user can confirm the data collected by the
In the
2 is an example of a conventional symmetric key-based block encryption scheme. FIG. 2 illustrates an example of a process in which the
It may happen that the block can not be completely filled according to the size of the data. In this case, as shown in the lower part of FIG. 2, the encryption apparatus paddes an area to which no data is allocated in the block. In the following block, an empty area in which meaningful data is not filled is called a spare area. Padding refers to the process of filling in meaningless data according to the convention. The encryption device fills the block with padding and encrypts the block. The decoding apparatus can distinguish the padding data while decoding the data. Therefore, the data used for padding must have a predefined data format in the encryption scheme.
3 is another example of a symmetric key-based block encryption technique. FIG. 3 corresponds to an example of the proposed encryption technique. On the other hand, the
It is assumed that the data generated or collected by the
4 is an example of a flowchart for a
The IoT device first acquires data (210). The data corresponds to the data collected by the IoT device or the data generated by the IoT device based on the specific information.
The IoT device divides the data into blocks and performs encryption (220). In
The IoT device determines whether the free area of the current block (the last block if the data is divided into a plurality of blocks) filling the data is larger than the reference size (230). Various values can be used as the reference size to be compared with the spare area. However, it is assumed that the reference size (several bits to dozens of bits) of the data basically collected by the IoT device is used.
If the size of the spare area of the block is smaller than the reference size (no), the IoT device pads the spare area of the corresponding block and encrypts the corresponding block (260).
If the size of the spare area of the block is larger than the reference size (yes), the IoT device waits for the reference time and confirms whether to acquire additional data (240). The reference time may be different depending on the characteristics of the data collected by the IoT device, the energy state of the IoT device, the service using the IoT device, and the like. If the IoT device collects additional data within the reference time to wait, the IoT device allocates additional data to the spare area (250). The IoT device then pads the remaining free space in the block and encrypts the block (260).
5 is an example showing the last block configuration in the
5C shows a state in which the spare area of the corresponding block is completely padded when the IoT device waits for the reference time in
In FIG. 4, the configuration of the block varies depending on whether or not additional data arrives at the reference time. However, it is also possible to use the size of the spare area of the block as a reference instead of the time. 5 (d) shows a state in which additional data is allocated to the block after waiting for additional data in the state of FIG. 5 (a). In FIG. 4 and FIG. 5 (b), additional data is allocated to a block based on whether additional data has arrived within the reference time. However, FIG. 5 (d) . That is, if the spare area remaining in the current block is larger than the reference size, the IoT device waits unconditionally and allocates the next additional data to the spare area. The IoT device paddes the remaining free space only when the remaining spare area is smaller than the reference size, and encrypts the corresponding block.
6 is another example of a flowchart for a
The IoT device first acquires data (310). The IoT device divides the data into blocks and performs encryption (320). In
The IoT device checks whether there is a spare area of the current block (the last block if the data is divided into a plurality of blocks) filling the data (330). If there is no spare area in the current block, the IoT device encrypts the corresponding block (370).
If there is a spare area in the current block, the IoT device waits until it acquires additional data (340). When additional data is acquired, the IoT device allocates additional data to the spare area (350). In
In FIG. 6, the case where all the blocks are filled is described as an example. However, it may not be necessary to fill all blocks. If the size of the remaining spare area is smaller than a specific size according to the system requirement, the IoT device may paddle the remaining area and encrypt the corresponding block.
7 is another example showing the last block configuration in the
It should be noted that the present embodiment and the drawings attached hereto are only a part of the technical idea included in the above-described technology, and those skilled in the art will readily understand the technical ideas included in the above- It is to be understood that both variations and specific embodiments which can be deduced are included in the scope of the above-mentioned technical scope.
100: IoT network system
110: IoT device
110A, 110B, 110C: IoT devices
130: Network
150: Server
50: User terminal
Claims (11)
The IoT device dividing the at least one data into blocks of a predetermined size and allocating the block;
The IoT device waiting for a reference time when a size of a spare area, which is an area to which no data is allocated, is larger than the reference size in the last block to which the at least one data is allocated;
Obtaining at least one additional data having the reference size while the IoT device is waiting; And
The IoT device further allocates to the last block only additional data that can be allocated to the spare area in the reference size unit among the at least one additional data and encrypts the last block using the symmetric key Block Encryption Method Using Symmetric Key in IoT Network.
Wherein the IoT device is a sensor device for collecting data.
Further comprising: padding the spare area when the IoT device fails to acquire the additional data while waiting for the IoT device, and encrypting the last block using the symmetric key. .
Wherein the IoT device encrypts data allocated to the remaining blocks except for the last block using the symmetric key when the at least one piece of data is allocated to the plurality of blocks. Block encryption method.
The encrypting step
If the additional data is allocated to the last block and thereafter the area to which no data is allocated in the last block is larger than the reference size, the IoT device secondarily waits for a reference time; And
Allocating the second additional data to the last block when the IoT device acquires at least one second additional data having the reference size during the second waiting, encrypting the last block with the symmetric key The method comprising the steps of:
The encrypting step
If the additional data is allocated to the last block and thereafter the area to which no data is allocated in the last block is larger than the reference size, the IoT device paddes an area to which no data is yet allocated in the last block, Block encryption method using a symmetric key in an IoT network for encrypting a block using the symmetric key.
Wherein the reference time is when the IoT device acquires additional data that can fill all of the spare area, using the symmetric key in the IoT network.
The client device allocating the data in block units of a predetermined size;
Waiting for additional data to be generated or collected next when the size of the spare area, which is an area to which no data is allocated in the last block to which the data is allocated, is larger than a reference size;
Further allocating to the spare area only additional data that can be allocated to the spare area in the reference size unit of the additional data when the client device generates or collects the additional data, ; And
And transmitting the block encrypted by the client device to a server in the IoT network.
Further comprising: padding the spare area if the client device fails to generate or collect the additional data for a reference time, and encrypting the last block using the symmetric key. Lt; / RTI >
When the data is allocated to a plurality of blocks, the client device encrypts data allocated to the remaining blocks other than the last block using the symmetric key, and transmits data corresponding to the remaining blocks to the server Wherein the client device communicates data to the server in an IoT network.
Wherein if the additional data is allocated to the last block in the encrypting step and there is a second spare area which is an area to which no data is allocated in the last block, the client padding the second spare area, A method for a client device to transfer data to a server in an IoT network that encrypts the data.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
KR1020150100899A KR101683051B1 (en) | 2015-07-16 | 2015-07-16 | BLOCK CIPHERING METHOD USING SYMMETRIC KEY IN IoT NETWORK AND DATA TRANSFERRING METHOD FROM CLIENT APPARATUS TO SERVER IN IoT NETWORK |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
KR1020150100899A KR101683051B1 (en) | 2015-07-16 | 2015-07-16 | BLOCK CIPHERING METHOD USING SYMMETRIC KEY IN IoT NETWORK AND DATA TRANSFERRING METHOD FROM CLIENT APPARATUS TO SERVER IN IoT NETWORK |
Publications (1)
Publication Number | Publication Date |
---|---|
KR101683051B1 true KR101683051B1 (en) | 2016-12-07 |
Family
ID=57573023
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
KR1020150100899A KR101683051B1 (en) | 2015-07-16 | 2015-07-16 | BLOCK CIPHERING METHOD USING SYMMETRIC KEY IN IoT NETWORK AND DATA TRANSFERRING METHOD FROM CLIENT APPARATUS TO SERVER IN IoT NETWORK |
Country Status (1)
Country | Link |
---|---|
KR (1) | KR101683051B1 (en) |
Cited By (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR20190061940A (en) | 2017-11-28 | 2019-06-05 | 주식회사 안랩 | Apparatus and method for managing communication of internet of things |
CN110300122A (en) * | 2019-07-25 | 2019-10-01 | 陈蔚 | A kind of Internet of Things electronic information processing system and method |
KR20200067265A (en) * | 2018-09-07 | 2020-06-12 | 고려대학교 산학협력단 | Apparatus and Method for Patterned Cipher Block for Real-Time Data Communication |
KR20200092160A (en) | 2019-01-24 | 2020-08-03 | (주)네오와인 | Method for transmitting encryption key |
KR20200094119A (en) | 2020-07-22 | 2020-08-06 | (주)네오와인 | Method for transmitting encryption key |
US11115187B2 (en) | 2018-09-07 | 2021-09-07 | Korea University Research And Business Foundation | Apparatus and method for block ciphers for real-time data transmission |
KR20220048294A (en) * | 2020-10-12 | 2022-04-19 | 엘아이지넥스원 주식회사 | Voice packet communication device and control method thereof |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR20080018768A (en) * | 2006-08-25 | 2008-02-28 | 삼성전자주식회사 | Method and apparatus for encrypting data |
KR20080075751A (en) * | 2007-02-13 | 2008-08-19 | 삼성전자주식회사 | Partial page data write method of non-volatile memory device |
JP2013015643A (en) * | 2011-07-01 | 2013-01-24 | Yamaha Corp | Performance data transmitter and performance data receiver |
KR20150035971A (en) | 2015-03-18 | 2015-04-07 | 문종섭 | A secure Data Communication protocol between IoT smart devices or sensors and a Network gateway under Internet of Thing environment |
-
2015
- 2015-07-16 KR KR1020150100899A patent/KR101683051B1/en active IP Right Grant
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR20080018768A (en) * | 2006-08-25 | 2008-02-28 | 삼성전자주식회사 | Method and apparatus for encrypting data |
KR20080075751A (en) * | 2007-02-13 | 2008-08-19 | 삼성전자주식회사 | Partial page data write method of non-volatile memory device |
JP2013015643A (en) * | 2011-07-01 | 2013-01-24 | Yamaha Corp | Performance data transmitter and performance data receiver |
KR20150035971A (en) | 2015-03-18 | 2015-04-07 | 문종섭 | A secure Data Communication protocol between IoT smart devices or sensors and a Network gateway under Internet of Thing environment |
Cited By (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR20190061940A (en) | 2017-11-28 | 2019-06-05 | 주식회사 안랩 | Apparatus and method for managing communication of internet of things |
KR20200067265A (en) * | 2018-09-07 | 2020-06-12 | 고려대학교 산학협력단 | Apparatus and Method for Patterned Cipher Block for Real-Time Data Communication |
KR102172181B1 (en) * | 2018-09-07 | 2020-10-30 | 고려대학교 산학협력단 | Apparatus and Method for Patterned Cipher Block for Real-Time Data Communication |
US11115187B2 (en) | 2018-09-07 | 2021-09-07 | Korea University Research And Business Foundation | Apparatus and method for block ciphers for real-time data transmission |
KR20200092160A (en) | 2019-01-24 | 2020-08-03 | (주)네오와인 | Method for transmitting encryption key |
CN110300122A (en) * | 2019-07-25 | 2019-10-01 | 陈蔚 | A kind of Internet of Things electronic information processing system and method |
KR20200094119A (en) | 2020-07-22 | 2020-08-06 | (주)네오와인 | Method for transmitting encryption key |
KR20220048294A (en) * | 2020-10-12 | 2022-04-19 | 엘아이지넥스원 주식회사 | Voice packet communication device and control method thereof |
KR102410664B1 (en) * | 2020-10-12 | 2022-06-20 | 엘아이지넥스원 주식회사 | Voice packet communication device and control method thereof |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
KR101683051B1 (en) | BLOCK CIPHERING METHOD USING SYMMETRIC KEY IN IoT NETWORK AND DATA TRANSFERRING METHOD FROM CLIENT APPARATUS TO SERVER IN IoT NETWORK | |
CN108510270B (en) | Mobile transfer method with safe quantum | |
US8165296B2 (en) | Time of day encryption using TDMA timing | |
CN105262772B (en) | Data transmission method, system and related device | |
KR101686015B1 (en) | DATA TRANSFERRING METHOD USING MULTIPLE SECRET KEYS IN IoT NETWORK | |
CN104380773B (en) | Virtual card method for down loading, terminal and intermediate equipment | |
CN110800332A (en) | Network slice distribution method, equipment and system | |
RU2003135411A (en) | TERMINAL, DATA DISTRIBUTION SYSTEM CONTAINING SUCH TERMINAL, AND METHOD OF DIGITAL RELAY OF DIGITAL DATA | |
WO2013111364A1 (en) | Encryption communication system, communication device, key distribution device, encryption communication method | |
CN101247356B (en) | DHCP message passing method and system | |
CN109787759B (en) | Data transmission method, system, device and computer readable storage medium | |
WO2014019456A1 (en) | Method, apparatus, system, and related device for data transmission | |
CN102694753A (en) | Gateway equipment capable of carrying out encryption transmission on data, system and method thereof | |
CN105847001A (en) | Device, system and method for digital microwave communication based on quantum encryption | |
JP2013030890A (en) | Communication device and communication method | |
US11044603B2 (en) | On-vehicle device, ground data-managing device, ground-to-vehicle communication security system, and ground-to-vehicle communication method | |
CN113613227B (en) | Data transmission method and device of Bluetooth equipment, storage medium and electronic device | |
CN101621661A (en) | Audio-video encryption and decryption transmission system | |
CN101309265A (en) | System for storing encrypted data by sub-address | |
CN101431408B (en) | Encryption apparatus capable of implementing connection between communication terminal and wireless local area network | |
CN106487761B (en) | Message transmission method and network equipment | |
CN101621677A (en) | Method, device and system for multi-level encryption and decryption of audios and videos for monitoring | |
KR101500118B1 (en) | Data sharing method and data sharing system | |
KR100680025B1 (en) | Apparatus and method for high-speed distributing encryption and deencryption with multi-session | |
US8121141B2 (en) | Confidential transmission of data by change of frequency in a telecommunications network |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
E701 | Decision to grant or registration of patent right | ||
GRNT | Written decision to grant | ||
FPAY | Annual fee payment |
Payment date: 20191104 Year of fee payment: 4 |