KR101749322B1 - Apparatus for encrypting and decrypting image based on mutual authentication, method thereof and computer recordable medium storing the method - Google Patents
Apparatus for encrypting and decrypting image based on mutual authentication, method thereof and computer recordable medium storing the method Download PDFInfo
- Publication number
- KR101749322B1 KR101749322B1 KR1020160011023A KR20160011023A KR101749322B1 KR 101749322 B1 KR101749322 B1 KR 101749322B1 KR 1020160011023 A KR1020160011023 A KR 1020160011023A KR 20160011023 A KR20160011023 A KR 20160011023A KR 101749322 B1 KR101749322 B1 KR 101749322B1
- Authority
- KR
- South Korea
- Prior art keywords
- factor
- identifier
- random number
- bits
- bit string
- Prior art date
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/60—Network structure or processes for video distribution between server and client or between remote clients; Control signalling between clients, server and network components; Transmission of management data between server and client, e.g. sending from server to client commands for recording incoming content stream; Communication details between server and client
- H04N21/63—Control signaling related to video distribution between client, server and network components; Network processes for video distribution between server and clients or between remote clients, e.g. transmitting basic layer and enhancement layers over different transmission paths, setting up a peer-to-peer communication via Internet between remote STB's; Communication protocols; Addressing
- H04N21/633—Control signals issued by server directed to the network components or client
- H04N21/6332—Control signals issued by server directed to the network components or client directed to client
- H04N21/6334—Control signals issued by server directed to the network components or client directed to client for authorisation, e.g. by transmitting a key
- H04N21/63345—Control signals issued by server directed to the network components or client directed to client for authorisation, e.g. by transmitting a key by transmitting keys
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/20—Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
- H04N21/25—Management operations performed by the server for facilitating the content distribution or administrating data related to end-users or client devices, e.g. end-user or client device authentication, learning user preferences for recommending movies
- H04N21/266—Channel or content management, e.g. generation and management of keys and entitlement messages in a conditional access system, merging a VOD unicast channel into a multicast channel
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/60—Network structure or processes for video distribution between server and client or between remote clients; Control signalling between clients, server and network components; Transmission of management data between server and client, e.g. sending from server to client commands for recording incoming content stream; Communication details between server and client
- H04N21/63—Control signaling related to video distribution between client, server and network components; Network processes for video distribution between server and clients or between remote clients, e.g. transmitting basic layer and enhancement layers over different transmission paths, setting up a peer-to-peer communication via Internet between remote STB's; Communication protocols; Addressing
- H04N21/633—Control signals issued by server directed to the network components or client
- H04N21/6332—Control signals issued by server directed to the network components or client directed to client
- H04N21/6334—Control signals issued by server directed to the network components or client directed to client for authorisation, e.g. by transmitting a key
Abstract
The present invention relates to a device for mutual authentication based image encryption and decryption, a method therefor, and a computer readable recording medium on which the method is recorded. The present invention relates to a communication module for communication, Extracting first and second secret keys (K1, K2) and an identifier (ID) corresponding to the received fake ID (IDS), and extracting the first random number (n1) and the second random number (ID), the first and second random numbers (n1, n2), and the ID (IDS) of the first and second secret keys (K1, K2) (A1, A2) and a first verification factor (B3) through a predetermined first calculation based on the first verification factor (B3) and outputs the derived factors (A1, A2) and the first verification factor To the black box via the control module, and a method and a method therefor Is recorded provides a computer-readable recording medium.
Description
The present invention relates to a device for decrypting a video image, and more particularly, to a device for decrypting a video image by performing mutual authentication for each session between entities connected to each other through communication over a network, A method for the same, and a computer-readable recording medium on which the method is recorded.
In order to facilitate the judgment of responsibility for accidents in the event of a traffic accident and to increase the effectiveness of accident prevention, the mounting of a vehicle black box for recording the situation around the vehicle is increasing. In general, a black box device, known as an EDR (Event Data Recorder), has been used as a crucial device for identifying the cause of an accident when an aircraft crashes or a major disaster has disappeared. The concept of this black box is applied to solve traffic accident by vehicle is a car black box. The black box for automobiles has been recently spotlighted in that it records the situation for a certain period of time before the collision of the vehicle and provides evidence for the victim and the assailant 's claims when they are conflicting with each other.
Various types of privacy invasion problems arise due to abuse of a black box for a vehicle. Since a vehicle black box is limited in its ability to access a black box, such as a vehicle owner or a driver, an attacker against data stored in a black box is likely to be the owner or driver of the vehicle. An attacker against black box data is likely to have complete access to the black box data attached to the vehicle and does not have the time constraints necessary to perform the attack. Typical vehicle black box data is always exposed to potential tampering, depending on the attacker's interests or needs.
SUMMARY OF THE INVENTION The present invention has been made in view of the above problems, and it is an object of the present invention to provide an apparatus capable of transmitting an image photographed by a black box to a server and safely storing the image in a server, a method therefor and a computer readable recording medium on which the method is recorded have.
It is a further object of the present invention to provide a method and apparatus for updating a secret key by mutual authentication between a black box and a server when a session is connected between a black box and a server for transmitting an image, An apparatus for safely protecting an image at the time of transmitting an image, a method therefor, and a computer readable recording medium on which the method is recorded.
According to another aspect of the present invention, there is provided an apparatus and method for encrypting and decrypting data based on mutual authentication of a server, the apparatus comprising: a communication module for communication; and a receiving unit for receiving an IDS from a black box through the communication module Extracts the first and second secret keys K1 and K2 and the identifier ID corresponding to the received fake IDs and generates a first random number n1 and a second random number n2 , A first predetermined operation based on the first and second secret keys (K1 and K2), the identifier (ID), the first and second random numbers (n1 and n2) and the citation identifier (IDS) (A1, A2), deriving a first verification factor (B3) through a second predetermined operation, and then deriving the derivation factors (A1, A2) and the first verification factor (B3) And a control module for transmitting to the black box through a communication module.
The control module transmits the same value as the second random number n2 derived from the first and second secret keys K1 and K2 and the derivation factors A1 and A2 from the black box through the communication module Upon receiving the second verification factor (C3) generated through a predetermined fifth operation on the basis of the factor n2 ', generates the same random number as the fifth operation based on the secret key and the second random number (n2) The second comparison factor C3 'is obtained through a sixth operation which is an operation of the first random number C3 and the black box is authenticated if the second verification factor C3 and the second comparison factor C3' And sets the number n1 as a new phoneme identifier.
The control unit generates a secret key from the first random number (n1) upon receiving the encrypted image from the authenticated black box through the communication module, and decrypts the image using the generated secret key .
According to another aspect of the present invention, there is provided a device for encrypting and decrypting data based on a mutual authentication of a black box, the device comprising: a communication unit for communication; an identifier (ID) corresponding to a counterfeit identifier (IDS) (A1, A2) generated through a predetermined first operation based on the first and second secret keys (K1, K2) and the first and second random numbers (n1, n2) (ID), the ID, and the first and second secret keys (K1 and K2) when receiving the first verification factor (B3) (N1 ', n2') having the same value as the first and second random numbers (n1, n2) are derived from the derivation factors (A1, A2) The first and second secret keys (K1, K2), the parameters (n1 ', n2'), the counterfeit ID (IDS), the identifier The first comparison factor B3 'and the first comparison factor B3', and if the received first verification factor B3 and the first comparison factor B3 'are the same, authenticates the server, And sets the parameter n1 'having the same value as the number n1 as a new phoneme identifier.
Wherein the control unit sets the second verification factor (K1, K2) through a predetermined fifth operation based on the first and second secret keys (K1, K2) and a factor (n2 ') having the same value as the second random number (C3), and transmits the second verification factor (C3) to the server via the communication unit.
Wherein the control unit generates a secret key from a factor n1 'having the same value as the first random number n1, encrypts the image using the generated secret key, Unit to the server.
According to another aspect of the present invention, there is provided a mutual authentication-based encryption / decryption method for a server, comprising: receiving a fake ID (IDS) from a black box; Extracting a first random number (n1) and a second random number (n2) unique in the server, extracting a first secret number (K1, K2) and an identifier (ID) Through the predetermined first operation based on the first secret key (K1, K2), the identifier (ID), the first and second random numbers (n1, n2) (A1, A2) capable of deriving a factor (n1 ', n2') having the same value as the first random number (n1) and the second random number (n2) Based on the second secret key (K1, K2), the identifier (ID), the first and second random numbers (n1, n2), and the counterfeit identifier (IDS) Generating a first verification factor B3 that allows the black box to authenticate the server via an acid; and outputting the derived factors A1 and A2 and the first verification factor B3 to the black box .
The mutual authentication-based encryption / decryption method of the server is performed by using the same value as the second random number (n2) derived from the first and second secret keys (K1, K2) and the derivation factors (A1, A2) (N2 ') based on the secret key and the second random number (n2'), receiving a second verification factor (C3) generated through a predetermined fifth operation based on the factor n2 ' (C3 ') through a sixth operation, which is the same operation as the first comparison factor (C3'), and authenticates the black box if the second verification factor (C3) and the second comparison factor (C3 ' And setting the first random number n1 as a new imitation identifier.
A server mutual authentication-based encryption / decryption method, when receiving an encrypted image from the authenticated black box, generates a secret key from the first random number (n1) and decrypts the image using the generated secret key .
According to another aspect of the present invention, there is provided a method for encrypting and decrypting a black box based on mutual authentication, comprising the steps of: receiving from a server an identifier (ID) corresponding to a fake ID (IDS) (A1, A2) generated through a predetermined first calculation based on the first and second random numbers (n1, n2) and the derivation factors (A1, A2) generated by the first and second random numbers Receiving a verification factor B3 and a third operation that is the inverse of the first operation using the falsification identifier IDS, the identifier ID, the first and second secret keys K1 and K2, (N1 ', n2') having the same value as the first and second random numbers (n1, n2) from the derivation factors (A1, A2) 4) which is the same as the predetermined second operation based on the ID, the ID, and the first and second secret keys K1 and K2, Obtaining a first comparison factor (B3 ') through an acid; authenticating the server if the received first verification factor (B3) is equal to the first comparison factor (B3'); And setting a factor n1 'having the same value as the number n1 as a new phoneme identifier.
The black-box mutual authentication-based encryption / decryption method is based on the first and second secret keys (K1, K2) and a factor n2 'having the same value as the second random number (n2) Generating a second verification factor (C3) through an operation, and transmitting the second verification factor (C3) to the server.
The method of encrypting and decrypting a black box based on mutual authentication includes the steps of generating a secret key from a factor n1 'having the same value as the first random number n1, encrypting the image using the generated secret key, And transmitting the encrypted image to the server.
In addition, the present invention provides a computer-readable recording medium on which the above-described encryption / decryption method according to the preferred embodiment of the present invention is recorded.
According to the present invention as described above, a new replicated identifier is assigned to each session through a random number through a mutual authentication procedure, and an encrypted image is transmitted / received using a secret key derived based on the replicated identifier. It is possible to safely protect the image. Particularly, since the mutual authentication procedure is lightweight, the burden of computation cost and load is reduced.
1 is a block diagram illustrating a system including a mutual authentication-based image encryption / decryption apparatus according to an embodiment of the present invention.
2 is a block diagram for explaining a configuration of an apparatus for encrypting and decrypting a server according to an embodiment of the present invention.
FIG. 3 is a block diagram for explaining a configuration of a black-box encryption / decryption apparatus according to an embodiment of the present invention.
FIG. 4 is a diagram for explaining a merge function according to an embodiment of the present invention, and FIG. 5 is a diagram for explaining a division function according to an embodiment of the present invention.
6 and 7 are flowcharts for explaining a method for encrypting and decrypting an image based on mutual authentication according to an embodiment of the present invention.
Prior to the detailed description of the present invention, the terms or words used in the present specification and claims should not be construed as limited to ordinary or preliminary meaning, and the inventor may designate his own invention in the best way It should be construed in accordance with the technical idea of the present invention based on the principle that it can be appropriately defined as a concept of a term to describe it. Therefore, the embodiments described in the present specification and the configurations shown in the drawings are merely the most preferred embodiments of the present invention, and are not intended to represent all of the technical ideas of the present invention. Therefore, various equivalents It should be understood that water and variations may be present.
Hereinafter, preferred embodiments of the present invention will be described in detail with reference to the accompanying drawings. Note that, in the drawings, the same components are denoted by the same reference symbols as possible. Further, the detailed description of known functions and configurations that may obscure the gist of the present invention will be omitted. For the same reason, some of the elements in the accompanying drawings are exaggerated, omitted, or schematically shown, and the size of each element does not entirely reflect the actual size.
First, a system including an encryption / decryption apparatus for information protection according to an embodiment of the present invention will be described. 1 is a block diagram illustrating a system including a mutual authentication-based image encryption / decryption apparatus according to an embodiment of the present invention. Referring to FIG. 1, a system according to an embodiment of the present invention includes a
The
When the
Next, the configuration of the above-described server and black-box encryption /
The
The
The
Next, the configuration of the encryption /
Next, a procedure of mutual authentication and encryption / decryption of an image according to an embodiment of the present invention will be described. Before describing the mutual authentication and encryption / decryption procedure of the image, the terms used in the embodiments of the present invention and the abbreviations thereof will be described.
At this time, when the bit of K is 0, A is moved to C, and when 1 is bit is moved to B, C is merged.
At this time, if the bit of K is 0, C is moved to A, and if 1 is bit, C is moved to B to merge.
The terms in Table 1 will be described in more detail as follows. The identifier ID is a unique identifier of the
The first and second random numbers n1 and n2 are random numbers (random numbers) generated by the
The secret key K is a bit string having a length of 2 L bits and is used as a secret key. In particular, the secret key K has the same total number of 0 bits and 1 bit in the bit string. The first secret key K1 is the left half bit string (L-bit length) of the secret key K and the right half bit string (L-bit length) of the second secret key K2.
XOR operator
XORs the bits before and after the operator. The string concatenation operator || connects the bit strings before and after the operator.The merge function Mer (A, B, K, C) is a function that outputs C by merging the factors A and B according to K. At this time, when the bit of K is 0, A is moved to C, and when 1 is bit is moved to B, C is merged. The division function Sep (C, K, A, B) is a function for dividing the factor C according to K and outputting A and B. At this time, if the bit of the secret key K is 0, C is moved to A, and if 1, C is moved to B to merge.
The merge functions Mer (A, B, K, C) and the division functions Sep (C, K, A, B) will now be described in more detail. FIG. 4 is a diagram for explaining a merge function according to an embodiment of the present invention, and FIG. 5 is a diagram for explaining a division function according to an embodiment of the present invention.
As shown in the following Table 2, in the merge function and the partition function, the factors A and B are bit strings of L- bit, and the factors K and C are 2 L- bit bit strings.
In FIGS. 4 and 5, it is assumed that L is 4. Accordingly, in the merge function and the partition function, the factors A and B are respectively 4-bit bit strings, and the factors K and C are 8-bit bit strings.
Table 3 below shows the source code of the merge function for explaining the operation of the merge function Mer (A, B, K, C).
Referring to Table 2 and Table 3, the merge function Mer () is a factor A and but merges B, aligned with the length L of factor A and the arrangement of bits of B according to the bit value of the 2L length K by merging 2L length The bit string C of FIG. That is, if the bits of K are sequentially 0, the bits of the argument A are arranged in the bits of C, and if the bits of K are 1, the bits of the factor B are arranged in the bits of C.
For example, assume that A is {0011}, B is {1001}, and K is {00110110}, as shown in FIG. The first, second, fifth and eighth bits [0, 1, 4, 7] of K are zero. Thus, 0, 0, 1, and 1 of the first to fourth bits [0, 1, 2, 3] of A correspond to the first, second, fifth, and eighth bits of C [0, , 7]. Also, the third, fourth, sixth and seventh bits [2, 3, 5, 6] of K are one. The first, fourth, sixth, and seventh bits [2, 3, and 5] of C are assigned to
Table 4 below shows the source code of the division function for explaining the operation of the division function Sep (C, K, A, B).
Referring to Table 2 and Table 4, the partition function Sep () is, but divides the factor C, by dividing each bit of the bit string C of the 2L length and rearranged in accordance with respective bits of the bit string K in the 2L long length L And generates bit strings A and B, respectively. That is, if the bits of K are sequentially 0, the bits of C are arranged in the bits of A, and if the bits of K are 1, the bits of C are arranged in the bits of factor B.
For example, as shown in FIG. 5, it is assumed that K is {00110110} and C is {00101011}. The first, second, fifth and eighth bits [0, 1, 4, 7] of K are zero. Accordingly, 0, 0, 1, and 1, which are the first, second, fifth, and eighth bits [0, 1, 4, 7] of C are sequentially output from the first bit to the fourth bit [0, 1 , 2, 3] = {0011}. Also, the third, fourth, sixth and seventh bits [2, 3, 5, 6] of K are one. Thus, 1, 0, 0, and 1 of the third, fourth, sixth, and seventh bits [2, 3, 5, 6] of C correspond to the first to fourth bits [0, 1, 2 , 3] = {1001}. Accordingly, the bit string A is divided into a bit string A {0011} and a bit string B {1001} according to the bit value of the bit string K, and is generated.
Hereinafter, a method for performing mutual authentication using the merging and dividing function or the like and performing encryption and decryption of an image through the mutual authentication according to an embodiment of the present invention will be described. 6 and 7 are flowcharts for explaining a method for encrypting and decrypting an image based on mutual authentication according to an embodiment of the present invention.
The
5, in step S110, the
The
If the phoneme identifier IDS received from the
According to an embodiment of the present invention, the
Both the
The first operation of Table 5 will now be described in more detail. First, the
In the first operation of step S150, the
Then, in step S160, the
The second operation of Table 6 will now be described in more detail. The
In the second operation, the
In step S170, the
The
The third operation in Table 7 will now be described in more detail. First, the
In the third operation described above, the
Next, in step S190, the
The fourth operation of Table 8 will now be described in more detail. The
Since the factors n1 'and n2' are the same as the factors n1 and n2, the
If the argument B3 'is obtained as described above, the
Here, it is assumed that the authentication is successful. Accordingly, the
The fifth operation of Table 9 will now be described in more detail. The
As described above, the factor C3 obtained through the fifth calculation is used for verification in the procedure in which the
In step S230, the
The sixth operation of Table 10 will now be described in more detail. K1 'and K2' are input to the merge function Mer () by inputting a bit string K2|| K1 in which the arguments K1 and K2 and the second and first sub secret keys K2 and K1 are successively connected as inputs, (K1, K2, K2 || K1, K1 '|| K2') in which the bit strings K1 'and K2' are successively connected. A bit string (K1 '|| K2') successively connecting the arguments n2 and N1 and the arguments K1 'and K2' as inputs is input to the merge function Mer () C1 '|| C2') (Mer (n2, N1, K1 '|| K2', C1 '|| C2')). Subsequently, the factor C1 'and the factor C2' are sequentially XORed to obtain a factor C3 '(C3' = C1 '
C2 '). In this manner, theNext, in step S240, the
As described above, when both the
As described above, when both the
On the other hand, the
As described above, according to the present invention, since a new simulant identifier is assigned to each session through a random number for each session through a mutual authentication procedure, and an encrypted image is transmitted / received using a secret key derived based on the granted simulant identifier, The image can be safely protected. Particularly, since the mutual authentication procedure is lightweight, the burden of computation cost and load is reduced.
Meanwhile, the image processing method according to the embodiment of the present invention can be implemented in a form of a program readable by various computer means and recorded in a computer-readable recording medium. Here, the recording medium may include program commands, data files, data structures, and the like, alone or in combination. Program instructions to be recorded on a recording medium may be those specially designed and constructed for the present invention or may be available to those skilled in the art of computer software. For example, the recording medium may be a magnetic medium such as a hard disk, a floppy disk and a magnetic tape, an optical medium such as a CD-ROM or a DVD, a magneto-optical medium such as a floppy disk magneto-optical media, and hardware devices that are specially configured to store and execute program instructions such as ROM, RAM, flash memory, and the like. Examples of program instructions may include machine language wires such as those produced by a compiler, as well as high-level language wires that may be executed by a computer using an interpreter or the like. Such a hardware device may be configured to operate as one or more software modules to perform the operations of the present invention, and vice versa.
While the present invention has been described with reference to several preferred embodiments, these embodiments are illustrative and not restrictive. It will be understood by those skilled in the art that various changes and modifications may be made without departing from the spirit of the invention and the scope of the appended claims.
10: server 20: black box
100: server encryption device 110: communication module
120: storage module 130: control module
200: black box encryption device 210: communication unit
220: storage unit 230: control unit
Claims (13)
A communication module for communication; And
Upon receiving a counterfeit identifier (IDS) from the black box through the communication module,
Extracts first and second secret keys (K1, K2) and an identifier (ID) corresponding to the received fake ID (IDS)
Generates a first random number (n1) and a second random number (n2)
Through a predetermined first operation based on the first and second secret keys K1 and K2, the identifier ID, the first and second random numbers n1 and n2 and the citation identifier IDS Derives derivation factors A1 and A2, derives a first verification factor B3 through a second set of operations,
And a control module for transmitting the derivation factors A1 and A2 and the first verification factor B3 to the black box through the communication module,
Wherein the first and second operations include a merging function, wherein the merging function aligns the bit arrays of the input parameters A and B of length L according to the bit values of the input bit string K of length 2L, Length output bit string C, and if the bits of the input bit string K are sequentially 0, the bits of the input parameter A are arranged in the bits of the output bit string C, and if the bits of K are 1, And the output bit string is arranged in bits of the output bit string.
The control module
(N2 ') having the same value as the second random number (n2) derived from the first and second secret keys (K1, K2) and the derivation factors (A1, A2) (C3) generated through a predetermined fifth operation on the basis of the second verification factor
(C3 ') through a sixth operation, which is the same operation as the fifth operation, on the basis of the secret key and the second random number (n2)
Authenticates the black box and sets the first random number (n1) as a new phoneme identifier if the second verification factor (C3) and the second comparison factor (C3 ') are the same. .
The control module
And generates a secret key from the first random number (n1) when receiving the encrypted image from the authenticated black box through the communication module, and decrypts the image using the generated secret key Decoding device.
A communication unit for communication; And
A predetermined first operation is performed on the basis of the identifier (ID) corresponding to the fake ID (IDS), the first and second secret keys K1 and K2 and the first and second random numbers n1 and n2 Upon receiving the derivation factors A1 and A2 and the first verification factor B3 generated through the second predetermined operation,
(A1, A2) from the derivation factors (A1, A2) through a third operation which is an inverse of the first operation using the ID, the ID, the first and second secret keys (K1, K2) (N1 ', n2') having the same value as the first and second random numbers (n1, n2)
(ID1), the identifier (ID), the first and second secret keys (K1, K2) having the same value as the predetermined second operation on the basis of the parameters (n1 ', n2' Calculates a first comparison factor B3 'through an operation,
Authenticates the server if the received first verification factor B3 and the first comparison factor B3 'are the same, and sets a factor n1' having the same value as the first random number n1 as a new And a control unit for setting the phoneme identifier as a phoneme identifier,
Wherein the first and second operations include a merging function, wherein the merging function aligns the bit arrays of the input parameters A and B of length L according to the bit values of the input bit string K of length 2L, Length output bit string C, and if the bits of the input bit string K are sequentially 0, the bits of the input parameter A are arranged in the bits of the output bit string C, and if the bits of K are 1, And the output bit string is arranged in bits of the output bit string.
The control unit
The second verification factor C3 is calculated through a predetermined fifth operation based on the first and second secret keys K1 and K2 and the factor n2 'having the same value as the second random number n2 Generate,
And transmits the second verification factor (C3) to the server via the communication unit.
The control unit
Generates a secret key from a factor n1 'having the same value as the first random number n1,
Encrypts the image using the generated secret key,
And transmits the encrypted image to the server through the communication unit.
Extracting a first and a second secret key (K1, K2) and an identifier (ID) corresponding to a received fake ID (IDS) upon receiving a fake ID (IDS) from a black box;
Deriving a first random number (n1) and a second random number (n2) unique in the server;
Through a predetermined first operation based on the first and second secret keys K1 and K2, the identifier ID, the first and second random numbers n1 and n2 and the citation identifier IDS Calculating derivation factors (A1, A2) capable of deriving factors (n1 ', n2') having the same values as the first random number (n1) and the second random number (n2);
Through a predetermined second operation based on the first and second secret keys K1 and K2, the identifier ID, the first and second random numbers n1 and n2, and the citation identifier IDS, Generating a first verification factor (B3) that allows the black box to authenticate the server;
And transmitting the derivation factors A1 and A2 and the first verification factor B3 to the black box,
Wherein the first and second operations include a merging function, wherein the merging function aligns the bit arrays of the input parameters A and B of length L according to the bit values of the input bit string K of length 2L, Length output bit string C, and if the bits of the input bit string K are sequentially 0, the bits of the input parameter A are arranged in the bits of the output bit string C, and if the bits of K are 1, And the output bit string is arranged in bits of the output bit string.
(N2 ') having the same value as the second random number (n2) derived from the first and second secret keys (K1, K2) and the derivation factors (A1, A2) Receiving a second verification factor (C3) generated through a set fifth operation;
Obtaining a second comparison factor (C3 ') through a sixth operation which is the same operation as the fifth operation based on the secret key and the second random number (n2); And
Authenticating the black box and setting the first random number n1 as a new imitation identifier if the second verification factor C3 and the second comparison factor C3 'are the same Wherein said method comprises the steps of:
Generating a secret key from the first random number n1 upon receiving the encrypted image from the authenticated black box and decrypting the image using the generated secret key, Encryption method.
A predetermined first operation is performed on the basis of the identifier (ID) corresponding to the fake ID (IDS), the first and second secret keys K1 and K2 and the first and second random numbers n1 and n2 (A1, A2) generated through the second calculation and a first verification factor (B3) generated through a second predetermined operation;
(A1, A2) from the derivation factors (A1, A2) through a third operation which is an inverse of the first operation using the ID, the ID, the first and second secret keys (K1, K2) Deriving a factor (n1 ', n2') having the same value as the first and second random numbers (n1, n2);
(ID1), the identifier (ID), the first and second secret keys (K1, K2) having the same value as the predetermined second operation on the basis of the parameters (n1 ', n2' Obtaining a first comparison factor (B3 ') through a fourth operation; And
Authenticates the server if the received first verification factor B3 and the first comparison factor B3 'are the same, and sets a factor n1' having the same value as the first random number n1 as a new And setting it as a phoneme identifier,
Wherein the first and second operations include a merging function, wherein the merging function aligns the bit arrays of the input parameters A and B of length L according to the bit values of the input bit string K of length 2L, Length output bit string C, and if the bits of the input bit string K are sequentially 0, the bits of the input parameter A are arranged in the bits of the output bit string C, and if the bits of K are 1, And the output bit string is arranged in bits of the output bit string.
The second verification factor C3 is calculated through a predetermined fifth operation based on the first and second secret keys K1 and K2 and the factor n2 'having the same value as the second random number n2 ; And
And transmitting the second verification factor (C3) to the server.
Generating a secret key from a factor n1 'having the same value as the first random number n1;
Encrypting the image using the generated secret key; And
And transmitting the encrypted image to the server.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
KR1020160011023A KR101749322B1 (en) | 2016-01-28 | 2016-01-28 | Apparatus for encrypting and decrypting image based on mutual authentication, method thereof and computer recordable medium storing the method |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
KR1020160011023A KR101749322B1 (en) | 2016-01-28 | 2016-01-28 | Apparatus for encrypting and decrypting image based on mutual authentication, method thereof and computer recordable medium storing the method |
Publications (1)
Publication Number | Publication Date |
---|---|
KR101749322B1 true KR101749322B1 (en) | 2017-06-20 |
Family
ID=59281527
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
KR1020160011023A KR101749322B1 (en) | 2016-01-28 | 2016-01-28 | Apparatus for encrypting and decrypting image based on mutual authentication, method thereof and computer recordable medium storing the method |
Country Status (1)
Country | Link |
---|---|
KR (1) | KR101749322B1 (en) |
-
2016
- 2016-01-28 KR KR1020160011023A patent/KR101749322B1/en active IP Right Grant
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US11082228B2 (en) | Reuse system, key generation device, data security device, in-vehicle computer, reuse method, and computer program | |
JP5180678B2 (en) | IC card, IC card system and method thereof | |
US20190028267A1 (en) | In-vehicle computer system, vehicle, key generation device, management method, key generation method, and computer program | |
US10395062B2 (en) | Method and server for authenticating and verifying file | |
US9479329B2 (en) | Motor vehicle control unit having a cryptographic device | |
US10880100B2 (en) | Apparatus and method for certificate enrollment | |
CN110690956B (en) | Bidirectional authentication method and system, server and terminal | |
Dewanta et al. | A mutual authentication scheme for secure fog computing service handover in vehicular network environment | |
KR20210129742A (en) | Cryptographic safety mechanisms for remote control of autonomous vehicles | |
CN105162797A (en) | Bidirectional authentication method based on video surveillance system | |
CN110336673B (en) | Block chain design method based on privacy protection | |
CN103546289A (en) | USB (universal serial bus) Key based secure data transmission method and system | |
CN110855616B (en) | Digital key generation system | |
CN109905384B (en) | Data migration method and system | |
KR20210015264A (en) | APPARATUS AND METHOD FOR AUTHENTICATING IoT DEVICE BASED ON PUF USING WHITE-BOX CRYPTOGRAPHY | |
KR101015401B1 (en) | Method of checking integrity of data by storing data of common ID in separated database system | |
CN111401901A (en) | Authentication method and device of biological payment device, computer device and storage medium | |
CN110519222B (en) | External network access identity authentication method and system based on disposable asymmetric key pair and key fob | |
KR20170017455A (en) | Mutual authentication method between mutual authentication devices based on session key and token, mutual authentication devices | |
KR102157695B1 (en) | Method for Establishing Anonymous Digital Identity | |
WO2017020669A1 (en) | Method and device for authenticating identity of node in distributed system | |
KR20200104084A (en) | APPARATUS AND METHOD FOR AUTHENTICATING IoT DEVICE BASED ON PUF | |
CN108292997B (en) | Authentication control system and method, server device, client device, authentication method, and recording medium | |
KR101749322B1 (en) | Apparatus for encrypting and decrypting image based on mutual authentication, method thereof and computer recordable medium storing the method | |
CN110912857A (en) | Method and storage medium for sharing login between mobile applications |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
E701 | Decision to grant or registration of patent right | ||
GRNT | Written decision to grant |