KR101749322B1 - Apparatus for encrypting and decrypting image based on mutual authentication, method thereof and computer recordable medium storing the method - Google Patents

Apparatus for encrypting and decrypting image based on mutual authentication, method thereof and computer recordable medium storing the method Download PDF

Info

Publication number
KR101749322B1
KR101749322B1 KR1020160011023A KR20160011023A KR101749322B1 KR 101749322 B1 KR101749322 B1 KR 101749322B1 KR 1020160011023 A KR1020160011023 A KR 1020160011023A KR 20160011023 A KR20160011023 A KR 20160011023A KR 101749322 B1 KR101749322 B1 KR 101749322B1
Authority
KR
South Korea
Prior art keywords
factor
identifier
random number
bits
bit string
Prior art date
Application number
KR1020160011023A
Other languages
Korean (ko)
Inventor
윤은준
Original Assignee
경일대학교산학협력단
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 경일대학교산학협력단 filed Critical 경일대학교산학협력단
Priority to KR1020160011023A priority Critical patent/KR101749322B1/en
Application granted granted Critical
Publication of KR101749322B1 publication Critical patent/KR101749322B1/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/60Network structure or processes for video distribution between server and client or between remote clients; Control signalling between clients, server and network components; Transmission of management data between server and client, e.g. sending from server to client commands for recording incoming content stream; Communication details between server and client 
    • H04N21/63Control signaling related to video distribution between client, server and network components; Network processes for video distribution between server and clients or between remote clients, e.g. transmitting basic layer and enhancement layers over different transmission paths, setting up a peer-to-peer communication via Internet between remote STB's; Communication protocols; Addressing
    • H04N21/633Control signals issued by server directed to the network components or client
    • H04N21/6332Control signals issued by server directed to the network components or client directed to client
    • H04N21/6334Control signals issued by server directed to the network components or client directed to client for authorisation, e.g. by transmitting a key
    • H04N21/63345Control signals issued by server directed to the network components or client directed to client for authorisation, e.g. by transmitting a key by transmitting keys
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/20Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
    • H04N21/25Management operations performed by the server for facilitating the content distribution or administrating data related to end-users or client devices, e.g. end-user or client device authentication, learning user preferences for recommending movies
    • H04N21/266Channel or content management, e.g. generation and management of keys and entitlement messages in a conditional access system, merging a VOD unicast channel into a multicast channel
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/60Network structure or processes for video distribution between server and client or between remote clients; Control signalling between clients, server and network components; Transmission of management data between server and client, e.g. sending from server to client commands for recording incoming content stream; Communication details between server and client 
    • H04N21/63Control signaling related to video distribution between client, server and network components; Network processes for video distribution between server and clients or between remote clients, e.g. transmitting basic layer and enhancement layers over different transmission paths, setting up a peer-to-peer communication via Internet between remote STB's; Communication protocols; Addressing
    • H04N21/633Control signals issued by server directed to the network components or client
    • H04N21/6332Control signals issued by server directed to the network components or client directed to client
    • H04N21/6334Control signals issued by server directed to the network components or client directed to client for authorisation, e.g. by transmitting a key

Abstract

The present invention relates to a device for mutual authentication based image encryption and decryption, a method therefor, and a computer readable recording medium on which the method is recorded. The present invention relates to a communication module for communication, Extracting first and second secret keys (K1, K2) and an identifier (ID) corresponding to the received fake ID (IDS), and extracting the first random number (n1) and the second random number (ID), the first and second random numbers (n1, n2), and the ID (IDS) of the first and second secret keys (K1, K2) (A1, A2) and a first verification factor (B3) through a predetermined first calculation based on the first verification factor (B3) and outputs the derived factors (A1, A2) and the first verification factor To the black box via the control module, and a method and a method therefor Is recorded provides a computer-readable recording medium.

Description

BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to a device for mutual authentication based image encryption and decryption, a method therefor, and a computer readable recording medium on which the method is recorded.

The present invention relates to a device for decrypting a video image, and more particularly, to a device for decrypting a video image by performing mutual authentication for each session between entities connected to each other through communication over a network, A method for the same, and a computer-readable recording medium on which the method is recorded.

In order to facilitate the judgment of responsibility for accidents in the event of a traffic accident and to increase the effectiveness of accident prevention, the mounting of a vehicle black box for recording the situation around the vehicle is increasing. In general, a black box device, known as an EDR (Event Data Recorder), has been used as a crucial device for identifying the cause of an accident when an aircraft crashes or a major disaster has disappeared. The concept of this black box is applied to solve traffic accident by vehicle is a car black box. The black box for automobiles has been recently spotlighted in that it records the situation for a certain period of time before the collision of the vehicle and provides evidence for the victim and the assailant 's claims when they are conflicting with each other.

Various types of privacy invasion problems arise due to abuse of a black box for a vehicle. Since a vehicle black box is limited in its ability to access a black box, such as a vehicle owner or a driver, an attacker against data stored in a black box is likely to be the owner or driver of the vehicle. An attacker against black box data is likely to have complete access to the black box data attached to the vehicle and does not have the time constraints necessary to perform the attack. Typical vehicle black box data is always exposed to potential tampering, depending on the attacker's interests or needs.

Korean Published Patent Application No. 2004-0088137 Published October 16, 2004 (Name: Transmission Encryption Key Value Generation Method and Mutual Authentication Security Method Using It)

SUMMARY OF THE INVENTION The present invention has been made in view of the above problems, and it is an object of the present invention to provide an apparatus capable of transmitting an image photographed by a black box to a server and safely storing the image in a server, a method therefor and a computer readable recording medium on which the method is recorded have.

It is a further object of the present invention to provide a method and apparatus for updating a secret key by mutual authentication between a black box and a server when a session is connected between a black box and a server for transmitting an image, An apparatus for safely protecting an image at the time of transmitting an image, a method therefor, and a computer readable recording medium on which the method is recorded.

According to another aspect of the present invention, there is provided an apparatus and method for encrypting and decrypting data based on mutual authentication of a server, the apparatus comprising: a communication module for communication; and a receiving unit for receiving an IDS from a black box through the communication module Extracts the first and second secret keys K1 and K2 and the identifier ID corresponding to the received fake IDs and generates a first random number n1 and a second random number n2 , A first predetermined operation based on the first and second secret keys (K1 and K2), the identifier (ID), the first and second random numbers (n1 and n2) and the citation identifier (IDS) (A1, A2), deriving a first verification factor (B3) through a second predetermined operation, and then deriving the derivation factors (A1, A2) and the first verification factor (B3) And a control module for transmitting to the black box through a communication module.

The control module transmits the same value as the second random number n2 derived from the first and second secret keys K1 and K2 and the derivation factors A1 and A2 from the black box through the communication module Upon receiving the second verification factor (C3) generated through a predetermined fifth operation on the basis of the factor n2 ', generates the same random number as the fifth operation based on the secret key and the second random number (n2) The second comparison factor C3 'is obtained through a sixth operation which is an operation of the first random number C3 and the black box is authenticated if the second verification factor C3 and the second comparison factor C3' And sets the number n1 as a new phoneme identifier.

The control unit generates a secret key from the first random number (n1) upon receiving the encrypted image from the authenticated black box through the communication module, and decrypts the image using the generated secret key .

According to another aspect of the present invention, there is provided a device for encrypting and decrypting data based on a mutual authentication of a black box, the device comprising: a communication unit for communication; an identifier (ID) corresponding to a counterfeit identifier (IDS) (A1, A2) generated through a predetermined first operation based on the first and second secret keys (K1, K2) and the first and second random numbers (n1, n2) (ID), the ID, and the first and second secret keys (K1 and K2) when receiving the first verification factor (B3) (N1 ', n2') having the same value as the first and second random numbers (n1, n2) are derived from the derivation factors (A1, A2) The first and second secret keys (K1, K2), the parameters (n1 ', n2'), the counterfeit ID (IDS), the identifier The first comparison factor B3 'and the first comparison factor B3', and if the received first verification factor B3 and the first comparison factor B3 'are the same, authenticates the server, And sets the parameter n1 'having the same value as the number n1 as a new phoneme identifier.

Wherein the control unit sets the second verification factor (K1, K2) through a predetermined fifth operation based on the first and second secret keys (K1, K2) and a factor (n2 ') having the same value as the second random number (C3), and transmits the second verification factor (C3) to the server via the communication unit.

Wherein the control unit generates a secret key from a factor n1 'having the same value as the first random number n1, encrypts the image using the generated secret key, Unit to the server.

According to another aspect of the present invention, there is provided a mutual authentication-based encryption / decryption method for a server, comprising: receiving a fake ID (IDS) from a black box; Extracting a first random number (n1) and a second random number (n2) unique in the server, extracting a first secret number (K1, K2) and an identifier (ID) Through the predetermined first operation based on the first secret key (K1, K2), the identifier (ID), the first and second random numbers (n1, n2) (A1, A2) capable of deriving a factor (n1 ', n2') having the same value as the first random number (n1) and the second random number (n2) Based on the second secret key (K1, K2), the identifier (ID), the first and second random numbers (n1, n2), and the counterfeit identifier (IDS) Generating a first verification factor B3 that allows the black box to authenticate the server via an acid; and outputting the derived factors A1 and A2 and the first verification factor B3 to the black box .

The mutual authentication-based encryption / decryption method of the server is performed by using the same value as the second random number (n2) derived from the first and second secret keys (K1, K2) and the derivation factors (A1, A2) (N2 ') based on the secret key and the second random number (n2'), receiving a second verification factor (C3) generated through a predetermined fifth operation based on the factor n2 ' (C3 ') through a sixth operation, which is the same operation as the first comparison factor (C3'), and authenticates the black box if the second verification factor (C3) and the second comparison factor (C3 ' And setting the first random number n1 as a new imitation identifier.

A server mutual authentication-based encryption / decryption method, when receiving an encrypted image from the authenticated black box, generates a secret key from the first random number (n1) and decrypts the image using the generated secret key .

According to another aspect of the present invention, there is provided a method for encrypting and decrypting a black box based on mutual authentication, comprising the steps of: receiving from a server an identifier (ID) corresponding to a fake ID (IDS) (A1, A2) generated through a predetermined first calculation based on the first and second random numbers (n1, n2) and the derivation factors (A1, A2) generated by the first and second random numbers Receiving a verification factor B3 and a third operation that is the inverse of the first operation using the falsification identifier IDS, the identifier ID, the first and second secret keys K1 and K2, (N1 ', n2') having the same value as the first and second random numbers (n1, n2) from the derivation factors (A1, A2) 4) which is the same as the predetermined second operation based on the ID, the ID, and the first and second secret keys K1 and K2, Obtaining a first comparison factor (B3 ') through an acid; authenticating the server if the received first verification factor (B3) is equal to the first comparison factor (B3'); And setting a factor n1 'having the same value as the number n1 as a new phoneme identifier.

The black-box mutual authentication-based encryption / decryption method is based on the first and second secret keys (K1, K2) and a factor n2 'having the same value as the second random number (n2) Generating a second verification factor (C3) through an operation, and transmitting the second verification factor (C3) to the server.

The method of encrypting and decrypting a black box based on mutual authentication includes the steps of generating a secret key from a factor n1 'having the same value as the first random number n1, encrypting the image using the generated secret key, And transmitting the encrypted image to the server.

In addition, the present invention provides a computer-readable recording medium on which the above-described encryption / decryption method according to the preferred embodiment of the present invention is recorded.

According to the present invention as described above, a new replicated identifier is assigned to each session through a random number through a mutual authentication procedure, and an encrypted image is transmitted / received using a secret key derived based on the replicated identifier. It is possible to safely protect the image. Particularly, since the mutual authentication procedure is lightweight, the burden of computation cost and load is reduced.

1 is a block diagram illustrating a system including a mutual authentication-based image encryption / decryption apparatus according to an embodiment of the present invention.
2 is a block diagram for explaining a configuration of an apparatus for encrypting and decrypting a server according to an embodiment of the present invention.
FIG. 3 is a block diagram for explaining a configuration of a black-box encryption / decryption apparatus according to an embodiment of the present invention.
FIG. 4 is a diagram for explaining a merge function according to an embodiment of the present invention, and FIG. 5 is a diagram for explaining a division function according to an embodiment of the present invention.
6 and 7 are flowcharts for explaining a method for encrypting and decrypting an image based on mutual authentication according to an embodiment of the present invention.

Prior to the detailed description of the present invention, the terms or words used in the present specification and claims should not be construed as limited to ordinary or preliminary meaning, and the inventor may designate his own invention in the best way It should be construed in accordance with the technical idea of the present invention based on the principle that it can be appropriately defined as a concept of a term to describe it. Therefore, the embodiments described in the present specification and the configurations shown in the drawings are merely the most preferred embodiments of the present invention, and are not intended to represent all of the technical ideas of the present invention. Therefore, various equivalents It should be understood that water and variations may be present.

Hereinafter, preferred embodiments of the present invention will be described in detail with reference to the accompanying drawings. Note that, in the drawings, the same components are denoted by the same reference symbols as possible. Further, the detailed description of known functions and configurations that may obscure the gist of the present invention will be omitted. For the same reason, some of the elements in the accompanying drawings are exaggerated, omitted, or schematically shown, and the size of each element does not entirely reflect the actual size.

First, a system including an encryption / decryption apparatus for information protection according to an embodiment of the present invention will be described. 1 is a block diagram illustrating a system including a mutual authentication-based image encryption / decryption apparatus according to an embodiment of the present invention. Referring to FIG. 1, a system according to an embodiment of the present invention includes a server 10 and a plurality of black boxes 20. Here, the server 10 also includes the encryption / decryption apparatus 100, and similarly, each of the plurality of black boxes 20 also includes the encryption / decryption apparatus 200. Both the server 10 encryption / decryption apparatus 100 and the black box 20 encryption / decryption apparatus 200 can perform the same function.

The black box 20 is a vehicle black box mounted on a vehicle and can transmit the photographed images to the server 10 via a network according to a predetermined policy. Here, the predetermined policy may be a specific event. For example, when a traffic accident occurs, it is possible to transmit an image photographed for a predetermined period before and after the traffic accident time so as to grasp the situation at the time of the traffic accident.

When the black box 20 transmits an image, the server 10 receives the image and stores the image. Thus, the image stored in the server 10 can be more safely protected from forgery or tampering than storing the image in the black box 20. On the other hand, when the black box 20 transmits an image to the server 10, it must be protected from external attacks. The server encryption / decryption device 100 and the black box encryption / decryption device 200 are for protecting an external attack when transmitting an image. The black box 20 and the encryption decryption apparatuses 100 and 200 of the server 10 are connected to the black box 20 and the server 10 through a mutual authentication procedure each time a session for communication between the black box 20 and the server 10 is connected. Update the pseudonym with a new pseudonym identifier and share it. Then, the black box 20 and the server 10 generate an encryption key capable of encrypting and decrypting the image from the updated pseudonym. Accordingly, the black box 20 encrypts the image transmitted using the encryption key, and the server 10 can decrypt the received image using the corresponding encryption key. In the embodiment of the present invention, the encryption key will be described by taking a secret key according to the symmetric key encryption algorithm as an example, but it is not limited thereto, and those skilled in the art will understand that asymmetric key encryption can also be applied It will be possible.

Next, the configuration of the above-described server and black-box encryption / decryption apparatuses 100 and 200 will be described. First, the configuration of the encryption / decryption apparatus 100 of the server will be described. 2 is a block diagram for explaining a configuration of an apparatus for encrypting and decrypting a server according to an embodiment of the present invention. The encryption / decryption apparatus 100 of the server 10 according to the embodiment of the present invention includes a communication module 110, a storage module 120, and a control module 130.

The communication module 110 is for communication between the server 10 and the black box 20. The communication module 110 may be a network interface for the wired communication of the server 10 and the black box 20, or a wireless communication module for wirelessly communicating.

The storage module 120 stores programs and data necessary for the operation of the encryption / decryption apparatus 100, and can be divided into a program area and a data area. The program area may store a program for controlling overall operation of the encryption / decryption apparatus 100, an operating system (OS) for booting the encryption / decryption apparatus 100, an application program, and the like. The data area is an area where user data generated according to use of the encryption / decryption apparatus 100 is stored. In addition, the storage module 120 may store various kinds of data generated according to the use of the encryption / decryption apparatus 100. These kinds of data can be deleted, changed, or added to each kind of data stored in the storage module 120 according to a user's operation.

The control module 130 may control the overall operation of the encryption / decryption apparatus 100 and the signal flow between the internal blocks of the encryption / decryption apparatus 100, and may perform a data processing function for processing data. The control module 130 may be a central processing unit (CPU) or an application processor (application processor). The control module 130 loads and executes the application stored in the storage module 120, and may allocate the buffer to the temporary storage space, if necessary. In particular, the control module 130 performs a mutual authentication process or a process of encrypting or decrypting an image according to an embodiment of the present invention. The operation of this control module 130 will be described in more detail below.

Next, the configuration of the encryption / decryption apparatus 200 of the black box 20 will be described. FIG. 3 is a block diagram for explaining a configuration of a black-box encryption / decryption apparatus according to an embodiment of the present invention. The encryption / decryption apparatus 200 of the black box 20 according to the embodiment of the present invention includes a communication unit 210, a storage unit 220 and a control unit 230. [ The communication unit 210, the storage unit 220 and the control unit 230 of the black box 20 encryption / decryption apparatus 200 are connected to the communication module 110 of the server 10 encryption / decryption apparatus 100, Module 120 and control module 130, and the functions thereof are also the same. Therefore, detailed description of the black box 20 encryption / decryption apparatus 200 will be omitted.

Next, a procedure of mutual authentication and encryption / decryption of an image according to an embodiment of the present invention will be described. Before describing the mutual authentication and encryption / decryption procedure of the image, the terms used in the embodiments of the present invention and the abbreviations thereof will be described.

Terms Abbreviation Explanation Identifier ID Identifier of the black box Imitation identifier IDS A pseudonym Old imitation identifier IDS_O The old black box's pseudonym New imitation identifier IDS_N The pseudonym of the new black box, The first and second random numbers n1, n2 Random numbers (random numbers) generated by the server factor A, B Random bit strings of L-bit length (random strings) Secret key K Is a secret key having a length of 2 L bits, and the total number of 0 bits and 1 bit is the same. The first and second secret keys K1, K2 The left half (L-bit length) and the right half (L-bit length) Merge function Mer (A, B, K, C) It is a function to output the factor C by merging the factors A and B according to K.
At this time, when the bit of K is 0, A is moved to C, and when 1 is bit is moved to B, C is merged. Partition function Sep (C, K, A, B) And divides the factor C according to K to output the factors A and B.
At this time, if the bit of K is 0, C is moved to A, and if 1 is bit, C is moved to B to merge. XOR operator

Figure 112016009692535-pat00001
XOR operator for bits String concatenation operator || Bit-column concatenation operator

The terms in Table 1 will be described in more detail as follows. The identifier ID is a unique identifier of the black box 20. A pseudonym IDS is newly allocated every time the server 10 and the black box 20 establish a session with each other for communication, and a first random number n1 among the random numbers can be used. In particular, the phonetic identifier IDS previously used at the time of newly assigning the phoneme identifier IDS is called a phrase phoneme identifier IDS_O, and the phoneme identifier newly assigned is called a new phoneme identifier IDS_N.

The first and second random numbers n1 and n2 are random numbers (random numbers) generated by the server 10 in the mutual authentication procedure. Of these, n1 can be used as a newly assigned mock identifier IDS_N. The first and second factors A and B are random strings of L-bit length, respectively.

The secret key K is a bit string having a length of 2 L bits and is used as a secret key. In particular, the secret key K has the same total number of 0 bits and 1 bit in the bit string. The first secret key K1 is the left half bit string (L-bit length) of the secret key K and the right half bit string (L-bit length) of the second secret key K2.

XOR operator

Figure 112016009692535-pat00002
XORs the bits before and after the operator. The string concatenation operator || connects the bit strings before and after the operator.

The merge function Mer (A, B, K, C) is a function that outputs C by merging the factors A and B according to K. At this time, when the bit of K is 0, A is moved to C, and when 1 is bit is moved to B, C is merged. The division function Sep (C, K, A, B) is a function for dividing the factor C according to K and outputting A and B. At this time, if the bit of the secret key K is 0, C is moved to A, and if 1, C is moved to B to merge.

The merge functions Mer (A, B, K, C) and the division functions Sep (C, K, A, B) will now be described in more detail. FIG. 4 is a diagram for explaining a merge function according to an embodiment of the present invention, and FIG. 5 is a diagram for explaining a division function according to an embodiment of the present invention.

As shown in the following Table 2, in the merge function and the partition function, the factors A and B are bit strings of L- bit, and the factors K and C are 2 L- bit bit strings.

Figure 112016009692535-pat00003

In FIGS. 4 and 5, it is assumed that L is 4. Accordingly, in the merge function and the partition function, the factors A and B are respectively 4-bit bit strings, and the factors K and C are 8-bit bit strings.

Table 3 below shows the source code of the merge function for explaining the operation of the merge function Mer (A, B, K, C).

Figure 112016009692535-pat00004

Referring to Table 2 and Table 3, the merge function Mer () is a factor A and but merges B, aligned with the length L of factor A and the arrangement of bits of B according to the bit value of the 2L length K by merging 2L length The bit string C of FIG. That is, if the bits of K are sequentially 0, the bits of the argument A are arranged in the bits of C, and if the bits of K are 1, the bits of the factor B are arranged in the bits of C.

For example, assume that A is {0011}, B is {1001}, and K is {00110110}, as shown in FIG. The first, second, fifth and eighth bits [0, 1, 4, 7] of K are zero. Thus, 0, 0, 1, and 1 of the first to fourth bits [0, 1, 2, 3] of A correspond to the first, second, fifth, and eighth bits of C [0, , 7]. Also, the third, fourth, sixth and seventh bits [2, 3, 5, 6] of K are one. The first, fourth, sixth, and seventh bits [2, 3, and 5] of C are assigned to bits 1, 0, 0, , 6]. As a result, a bit string C in which the bit strings A and B are merged according to the bit values of K is generated.

Table 4 below shows the source code of the division function for explaining the operation of the division function Sep (C, K, A, B).

Figure 112016009692535-pat00005

Referring to Table 2 and Table 4, the partition function Sep () is, but divides the factor C, by dividing each bit of the bit string C of the 2L length and rearranged in accordance with respective bits of the bit string K in the 2L long length L And generates bit strings A and B, respectively. That is, if the bits of K are sequentially 0, the bits of C are arranged in the bits of A, and if the bits of K are 1, the bits of C are arranged in the bits of factor B.

For example, as shown in FIG. 5, it is assumed that K is {00110110} and C is {00101011}. The first, second, fifth and eighth bits [0, 1, 4, 7] of K are zero. Accordingly, 0, 0, 1, and 1, which are the first, second, fifth, and eighth bits [0, 1, 4, 7] of C are sequentially output from the first bit to the fourth bit [0, 1 , 2, 3] = {0011}. Also, the third, fourth, sixth and seventh bits [2, 3, 5, 6] of K are one. Thus, 1, 0, 0, and 1 of the third, fourth, sixth, and seventh bits [2, 3, 5, 6] of C correspond to the first to fourth bits [0, 1, 2 , 3] = {1001}. Accordingly, the bit string A is divided into a bit string A {0011} and a bit string B {1001} according to the bit value of the bit string K, and is generated.

Hereinafter, a method for performing mutual authentication using the merging and dividing function or the like and performing encryption and decryption of an image through the mutual authentication according to an embodiment of the present invention will be described. 6 and 7 are flowcharts for explaining a method for encrypting and decrypting an image based on mutual authentication according to an embodiment of the present invention.

The server 10 and the black box 20 can mutually establish a session in order to transmit and receive data, that is, video. In addition, since these sessions are established through mutual authentication, it is possible to protect images transmitted and received in a primary direction. The phoneme identifier IDS is updated for each session. The storage unit 120 of the encryption / decryption apparatus 100 of the server 10 may include a database for storing the used fake IDS. However, the conventional protocol does not check whether the phoneme identifier IDS is unique in the database of the server 10. If one of the black boxes 20 and the other black box IDs are the same, the server 10 can not distinguish the black box 20 from the other black boxes. Then, the server 10 can not authenticate the corresponding black box 20. Therefore, the present invention proposes a protocol that uses a unique mock identifier IDS by using a random number for all the mock IDs. Thus, it is possible to solve the problem of collision IDS collision between different black boxes.

5, in step S110, the control module 130 of the server encryption apparatus 100 transmits a Hello message to the black box 20 through the communication module 110 to start a session with the black box 20 ). The control unit 230 receiving the Hello message through the communication unit 210 in the black box 20 encrypting apparatus 200 receives the Hello message a second time in step 120 and transmits the Hello message to the server 10 ) To IDS_O, and if not, transmits IDS_N to the ID of the ID.

The control module 130 searches the storage module 120 for the presence of the fake IDS ID received from the black box 20 in step S130. If the phoneme identifier IDS received from the black box 20 does not exist in the storage module 120 as a result of the search, the control module 130 proceeds to S110 and transmits the Hello message to the black box 20 again.

If the phoneme identifier IDS received from the black box 20 is present in the storage module 120 as a result of the search, the control module 130 reads the identifier ID corresponding to the phoneme identifier IDS retrieved from the storage module 120 , First and second secret keys K1 and K2, and generates random numbers n1 and n2 of two L- bit lengths. Here, n1 may be a unique IDS in the storage module 120. [

According to an embodiment of the present invention, the black box 20 has a unique identifier ID, and is assigned a fake ID IDS corresponding to the identifier ID from the server 10 at every session connection. In addition, the server 10 and the black box 20 are used to derive the secret key K from the phoneme identifier IDS to encrypt and decrypt the data transmitted and received. In particular, both the server 10 and the black box 20 are mapped to each other until the next session is established and the fake ID IDS and the secret key K corresponding to the identifier ID are stored. Therefore, the control module 130 stores the ID and the ID of the counterpart IDS (= IDS) in step S140 because the ID is used in the previous session (IDS_O) IDS_O) of the black box 20 and the secret key K (K1 | K2) used in the previous session. According to an embodiment of the present invention, the new imitation identifier IDS will assign a random number n1. Thus, according to an embodiment of the present invention, a random number is generated to prevent a collision with another entity, and the generated random number n1 is transmitted to another entity (" Other black boxes) should be unique IDSs that do not conflict with the IDS. If the random number is the same as the IDS of another entity, create a new one.

Both the server 10 and the black box 20 receive the identifier ID of the black box 20, the fake ID IDS used in the previous session, and the secret key K ( K1 || K2). Then, in step S150, the control module 130 determines, based on the first and second secret keys K1 and K2, the identifier ID, the first and second random numbers n1 and n2, and the previously received IDS, And obtains the factors A1 and A2 according to the same first operation.

Figure 112016009692535-pat00006

The first operation of Table 5 will now be described in more detail. First, the control module 130 performs an XOR operation on the first random number n1 and the identifier ID to obtain a factor N1 (N1 = n1

Figure 112016009692535-pat00007
ID). Then, the control module 130 performs an XOR operation on the second random number n2 and the phoneme identifier IDS to obtain an intermediate factor N2 (N1 = n1
Figure 112016009692535-pat00008
ID). The control module 130 then receives as input to the merge function Mer () the bits N1, N2, the first and the second sub secret key successively concatenated bits K1 || K2, (A1, A2) (A1, A2, K1, K2, A2).

In the first operation of step S150, the control module 130 XORs the first and second random numbers n1 and n2 with the identifier ID and the phoneme identifier IDS to derive the factors N1 and N2 and outputs the derived factors N1 and N2 Through the merge function Mer () according to the first and second secret keys K1 and K2 to obtain the factors A1 and A2. These factors A1 and A2 will be used to derive the factors n1 ', n2', where the black box 20 has the same values as the factors n1 and n2, which are the first and second random numbers. Therefore, the factors A1 and A2 will be referred to as derivation factors.

Then, in step S160, the control module 130 determines, based on the first and second secret keys K1 and K2, the identifier ID, the first and second random numbers n1 and n2, and the previously received IDS, And the factor B3 is obtained according to the same second operation.

Figure 112016009692535-pat00009

The second operation of Table 6 will now be described in more detail. The control module 130 sequentially XORs the identifier ID, the first random number n1, and the second sub secret key K2 to obtain a factor M1 (M1 = ID

Figure 112016009692535-pat00010
n1
Figure 112016009692535-pat00011
K2). Subsequently, the control module 130 sequentially XORs the fake IDs IDS, the second random number n2, and the first sub secret key K1 to obtain a factor M2 (M2 = IDS
Figure 112016009692535-pat00012
n2
Figure 112016009692535-pat00013
K1). Then, the control module 130 inputs the factors M1 and M2 and the bits K2 < K1 > obtained by connecting the second and first sub secret keys to the merging function Mer () (M1, M2, K2 || K1, B1 || B2) of the connected bit (B1 || B2). Then, the control module 130 XORs B1 and B2 to obtain B3 (B3 = B1
Figure 112016009692535-pat00014
B2).

In the second operation, the control module 130 sequentially XORs the first and second random numbers n1 and n2, the identifier ID and the fake IDs IDS, and the first and second secret keys K1 and K2 to generate a factor M1 And combines the derived factors M1 and M2 through the merge function Mer () according to the second and first secret keys K2 and K1 to obtain the factors B1 and B2 and XORs B1 and B2 to obtain the factors B3. This factor B3 is used for verification in the procedure in which the black box 20 authenticates the server 10. Hence, the factor B3 will be referred to as a first verification factor.

In step S170, the control module 130 transmits a message including the arguments A1, A2, and B3 to the black box 20 (20) via the communication module 110, ).

The control unit 230 receiving the arguments A1, A2 and B3 included in the message via the communication unit 210 in the black box 20 uses the factors A1 and A2 in step S180 to calculate According to the third operation, the factors n1 'and n2' having the same values as the factors n1 and n2 are obtained. Here, the third operation is the inverse of the first operation.

Figure 112016009692535-pat00015

The third operation in Table 7 will now be described in more detail. First, the control unit 230 of the black box 20 receives the bit A1 (A2) and the first and second sub secret keys K1, K2, N1 ', N2') by inputting a bit (K1 || K2) obtained by sequentially connecting the bits N1 'and N2'. Then, the first random number n1 'is obtained by XORing the factor N1' and the identifier ID (n1 '= N1'

Figure 112016009692535-pat00016
ID). Then, the second random number n2 'is obtained by XORing the argument N2' and the phoneme identifier IDS (n2 '= N2'
Figure 112016009692535-pat00017
IDS).

In the third operation described above, the control unit 230 can obtain n1 'and n2' inversely using the received factors A1 and A2 (derivation factors). That is, the control unit 230 divides the arguments A1 and A2 in accordance with the first and second secret keys K1 and K2 through the division function Sep (), as a reverse of the first operation for obtaining the arguments A1 and A2 in step S150, To obtain the factors N1 'and N2'. The factors N1 'and N2' obtained here are the same as the factors N1 and N2. Accordingly, the control unit 230 XORs the arguments N1 ', N2' and the identifier ID and the phoneme identifier IDS to obtain the factors n1 ', n2'. These factors n1 'and n2' have the same values as the first and second random numbers n1 and n2. As a result, the control unit 230 can obtain the first random number n1 using the derivation factors A1 and A2.

Next, in step S190, the control unit 230 determines whether or not the fourth operation (the second operation) is performed based on the arguments n1 'and n2', the fake IDs IDS, the identifier ID, the first and second secret keys K1 and K2, To obtain the factor B3 '. Here, the fourth operation is the same operation as the second operation.

Figure 112016009692535-pat00018

The fourth operation of Table 8 will now be described in more detail. The control unit 230 of the black box 20 sequentially XORs the identifier ID, the first random number n1 'and the second sub secret key K2 to obtain a factor M1' (M1 '= ID

Figure 112016009692535-pat00019
n1 '
Figure 112016009692535-pat00020
K2). Subsequently, the control unit 230 performs an XOR operation on the fake IDS IDS, the second random number n2 'and the first sub secret key K1 in order to obtain a factor M1' (M2 '= IDS
Figure 112016009692535-pat00021
n2 '
Figure 112016009692535-pat00022
K1). In addition, the control unit 230 inputs the factors M1 'and M2' as inputs to the division function Sep () to generate a bit string (K2 ||) in which the second and first sub secret keys K2 and K1 are sequentially connected. B2 'obtained by sequentially connecting the parameters B1' and B2 '(Sep (M1', M2 ', K2 || K1, B1' || B2 '). Then, the control unit 230 performs an XOR operation on the factor B1 'and the factor B2' sequentially to obtain the factor B3 '(B3' = B1 '
Figure 112016009692535-pat00023
B2 ').

Since the factors n1 'and n2' are the same as the factors n1 and n2, the control unit 230 uses the factors n1 'and n2' to calculate the factor B3 in the previous step S160 according to the same fourth operation as the second calculation, Can be obtained. That is, the control unit 230 sequentially XORs the arguments n1 ', n2', the identifier ID, the phoneme identifier IDS, and the first and second secret keys K1 and K2 to derive the factors M1 'and M2'. Here, the factors M1 'and M2' are the same as the factors M1 and M2 in the step S150. Accordingly, the control unit 230 merges the factors M1 'and M2' through the merge function Mer () according to the second and first secret keys K2 and K1 to obtain the factors B1 'and B2' And the factor B2 'to obtain the factor B3'. Since the same operation is performed using the same factor as in step S160, the factors B1 'and B2' are also the same as the factors B1 and B2 in step S160. Accordingly, the factor B3 'should be the same as that of B3.

If the argument B3 'is obtained as described above, the control unit 230 of the black box encrypting apparatus 200 verifies whether the argument B3 previously received in step S200 and the previously obtained argument B3' are the same, and performs authentication . B3 'performs authentication through comparison with the first verification factor B3, this factor B3' will be referred to as a first comparison factor. At this time, if the first verification factor B3 and the first comparison factor B3 'are not the same, the control unit 230 of the black box encryption apparatus 200 fails to authenticate the server 10 and ends the process. On the other hand, if the first verification factor B3 and the first comparison factor B3 'are the same, the control unit 230 succeeds in authentication of the server 10.

Here, it is assumed that the authentication is successful. Accordingly, the control unit 230 derives the factor C3 through a fifth calculation as shown in the following Table 9 in step S210.

Figure 112016009692535-pat00024

The fifth operation of Table 9 will now be described in more detail. The control unit 230 inputs a bit string K2∥K1 in which the arguments K1 and K2 and the second and first sub secret keys K2 and K1 are successively connected as an input to the merge function Mer () (K1, K2, K2 || K1, K1 '|| K2') obtained by sequentially connecting the factors K1 'and K2'. Then, the control unit 230 receives as input the argument n2 ', N1 and the bit string K1' || K2 'in which the arguments K1' and K2 'are sequentially concatenated, and outputs the argument C1 And C2 are sequentially connected to obtain a bit string C1 || C2 (Mer (n2 ', N1', K1 '|| K2', C1 || C2)). Then, the control unit 230 sequentially XORs the factor C1 and the factor C2 to obtain the factor C3 (C3 = C1

Figure 112016009692535-pat00025
C2).

As described above, the factor C3 obtained through the fifth calculation is used for verification in the procedure in which the server 10 authenticates the black box 20. Thus, the factor C3 will be referred to as a second verification factor. That is, in step S210, the control unit 230 generates the second verification factor C3 based on the secret key and the factor n2 'having the same value as the second random number n2. As described above, the control unit 230 that obtained the parameter C3 transmits the parameter C to the server 10 via the communication unit 210 in step S220.

In step S230, the control module 130 of the server 10 that receives the argument C3 via the communication module 110 derives the argument C3 'through a sixth operation as shown in Table 10 below. Here, the sixth operation is the same as the fifth operation.

Figure 112016009692535-pat00026

The sixth operation of Table 10 will now be described in more detail. K1 'and K2' are input to the merge function Mer () by inputting a bit string K2|| K1 in which the arguments K1 and K2 and the second and first sub secret keys K2 and K1 are successively connected as inputs, (K1, K2, K2 || K1, K1 '|| K2') in which the bit strings K1 'and K2' are successively connected. A bit string (K1 '|| K2') successively connecting the arguments n2 and N1 and the arguments K1 'and K2' as inputs is input to the merge function Mer () C1 '|| C2') (Mer (n2, N1, K1 '|| K2', C1 '|| C2')). Subsequently, the factor C1 'and the factor C2' are sequentially XORed to obtain a factor C3 '(C3' = C1 '

Figure 112016009692535-pat00027
C2 '). In this manner, the control module 130 of the encryption apparatus 100 of the server 10 in step S230 uses the factor having the same value as that of the fifth operation in step S210 by the sixth operation, which is the same as the fifth operation, Can be obtained. Therefore, factor C3 and factor C3 'will be the same.

Next, in step S240, the control module 130 of the encryption apparatus 100 of the server 10 which has obtained the argument C3 'verifies whether or not the second verification factor C3, which is the previously received factor, is equal to the previously obtained factor C3' Authentication is performed. This factor C3 'will be referred to as a second comparison factor since C3' performs authentication through comparison with the second verification factor C3. At this time, if the second verification factor C3 and the second comparison factor C3 'are not the same, the control module 130 of the encryption device 100 of the server 10 fails to authenticate the black box 20 and ends the process. On the other hand, if the second verification factor C3 and the second comparison factor C3 'are the same, the control module 130 succeeds in black box 20 authentication.

As described above, when both the server 10 and the black box 20 are successfully authenticated, the control module 130 of the server 10 transmits the IDS_O to the IDS received from the black box 20 in step S250, To the first random number n1. Similarly, the control unit 230 of the black box 20 also updates IDS_O to IDS and IDS_N to n1 in step S260. That is, both the server 10 and the black box 20 update the first random number with the new imitation identifier IDS.

As described above, when both the server 10 and the black box 20 succeed in mutual authentication, both the server 10 and the black box 20 have the same phoneme identifier (= n1). The control unit 230 of the black box 20 generates the secret key K from the same imitation identifier (= n1) between the server 10 and the black box 20 in step S270. Here, the control unit 230 can generate a secret key K by inputting a mock identifier (= n1) as a factor in an encryption key generation function according to an encryption algorithm previously negotiated between both the server 10 and the black box 20 have. Then, the control unit 230 encrypts the image using the secret key K generated in step S280. Then, the control unit 230 transmits the encrypted image to the server 10 through the communication unit 210 in step S290.

On the other hand, the control module 130 of the server 10 which has received the encrypted image transmits the encrypted image to the black box 230 by using the replica identifier (= n1) in the same manner as the control unit 230 performed in step S250, The secret key K 'identical to the secret key generated by the secret key generation unit 20 is derived. Then, in step S310, the control module 130 can decrypt the encrypted image using the secret key K 'to obtain an image.

As described above, according to the present invention, since a new simulant identifier is assigned to each session through a random number for each session through a mutual authentication procedure, and an encrypted image is transmitted / received using a secret key derived based on the granted simulant identifier, The image can be safely protected. Particularly, since the mutual authentication procedure is lightweight, the burden of computation cost and load is reduced.

Meanwhile, the image processing method according to the embodiment of the present invention can be implemented in a form of a program readable by various computer means and recorded in a computer-readable recording medium. Here, the recording medium may include program commands, data files, data structures, and the like, alone or in combination. Program instructions to be recorded on a recording medium may be those specially designed and constructed for the present invention or may be available to those skilled in the art of computer software. For example, the recording medium may be a magnetic medium such as a hard disk, a floppy disk and a magnetic tape, an optical medium such as a CD-ROM or a DVD, a magneto-optical medium such as a floppy disk magneto-optical media, and hardware devices that are specially configured to store and execute program instructions such as ROM, RAM, flash memory, and the like. Examples of program instructions may include machine language wires such as those produced by a compiler, as well as high-level language wires that may be executed by a computer using an interpreter or the like. Such a hardware device may be configured to operate as one or more software modules to perform the operations of the present invention, and vice versa.

While the present invention has been described with reference to several preferred embodiments, these embodiments are illustrative and not restrictive. It will be understood by those skilled in the art that various changes and modifications may be made without departing from the spirit of the invention and the scope of the appended claims.

10: server 20: black box
100: server encryption device 110: communication module
120: storage module 130: control module
200: black box encryption device 210: communication unit
220: storage unit 230: control unit

Claims (13)

A server-based mutual authentication-based encryption / decryption apparatus,
A communication module for communication; And
Upon receiving a counterfeit identifier (IDS) from the black box through the communication module,
Extracts first and second secret keys (K1, K2) and an identifier (ID) corresponding to the received fake ID (IDS)
Generates a first random number (n1) and a second random number (n2)
Through a predetermined first operation based on the first and second secret keys K1 and K2, the identifier ID, the first and second random numbers n1 and n2 and the citation identifier IDS Derives derivation factors A1 and A2, derives a first verification factor B3 through a second set of operations,
And a control module for transmitting the derivation factors A1 and A2 and the first verification factor B3 to the black box through the communication module,
Wherein the first and second operations include a merging function, wherein the merging function aligns the bit arrays of the input parameters A and B of length L according to the bit values of the input bit string K of length 2L, Length output bit string C, and if the bits of the input bit string K are sequentially 0, the bits of the input parameter A are arranged in the bits of the output bit string C, and if the bits of K are 1, And the output bit string is arranged in bits of the output bit string. The method according to claim 1,
The control module
(N2 ') having the same value as the second random number (n2) derived from the first and second secret keys (K1, K2) and the derivation factors (A1, A2) (C3) generated through a predetermined fifth operation on the basis of the second verification factor
(C3 ') through a sixth operation, which is the same operation as the fifth operation, on the basis of the secret key and the second random number (n2)
Authenticates the black box and sets the first random number (n1) as a new phoneme identifier if the second verification factor (C3) and the second comparison factor (C3 ') are the same. . 3. The method of claim 2,
The control module
And generates a secret key from the first random number (n1) when receiving the encrypted image from the authenticated black box through the communication module, and decrypts the image using the generated secret key Decoding device. A black-box mutual authentication-based encryption / decryption apparatus,
A communication unit for communication; And
A predetermined first operation is performed on the basis of the identifier (ID) corresponding to the fake ID (IDS), the first and second secret keys K1 and K2 and the first and second random numbers n1 and n2 Upon receiving the derivation factors A1 and A2 and the first verification factor B3 generated through the second predetermined operation,
(A1, A2) from the derivation factors (A1, A2) through a third operation which is an inverse of the first operation using the ID, the ID, the first and second secret keys (K1, K2) (N1 ', n2') having the same value as the first and second random numbers (n1, n2)
(ID1), the identifier (ID), the first and second secret keys (K1, K2) having the same value as the predetermined second operation on the basis of the parameters (n1 ', n2' Calculates a first comparison factor B3 'through an operation,
Authenticates the server if the received first verification factor B3 and the first comparison factor B3 'are the same, and sets a factor n1' having the same value as the first random number n1 as a new And a control unit for setting the phoneme identifier as a phoneme identifier,
Wherein the first and second operations include a merging function, wherein the merging function aligns the bit arrays of the input parameters A and B of length L according to the bit values of the input bit string K of length 2L, Length output bit string C, and if the bits of the input bit string K are sequentially 0, the bits of the input parameter A are arranged in the bits of the output bit string C, and if the bits of K are 1, And the output bit string is arranged in bits of the output bit string. 5. The method of claim 4,
The control unit
The second verification factor C3 is calculated through a predetermined fifth operation based on the first and second secret keys K1 and K2 and the factor n2 'having the same value as the second random number n2 Generate,
And transmits the second verification factor (C3) to the server via the communication unit. 5. The method of claim 4,
The control unit
Generates a secret key from a factor n1 'having the same value as the first random number n1,
Encrypts the image using the generated secret key,
And transmits the encrypted image to the server through the communication unit. A method for encryption / decryption based on mutual authentication of a server,
Extracting a first and a second secret key (K1, K2) and an identifier (ID) corresponding to a received fake ID (IDS) upon receiving a fake ID (IDS) from a black box;
Deriving a first random number (n1) and a second random number (n2) unique in the server;
Through a predetermined first operation based on the first and second secret keys K1 and K2, the identifier ID, the first and second random numbers n1 and n2 and the citation identifier IDS Calculating derivation factors (A1, A2) capable of deriving factors (n1 ', n2') having the same values as the first random number (n1) and the second random number (n2);
Through a predetermined second operation based on the first and second secret keys K1 and K2, the identifier ID, the first and second random numbers n1 and n2, and the citation identifier IDS, Generating a first verification factor (B3) that allows the black box to authenticate the server;
And transmitting the derivation factors A1 and A2 and the first verification factor B3 to the black box,
Wherein the first and second operations include a merging function, wherein the merging function aligns the bit arrays of the input parameters A and B of length L according to the bit values of the input bit string K of length 2L, Length output bit string C, and if the bits of the input bit string K are sequentially 0, the bits of the input parameter A are arranged in the bits of the output bit string C, and if the bits of K are 1, And the output bit string is arranged in bits of the output bit string. 8. The method of claim 7,
(N2 ') having the same value as the second random number (n2) derived from the first and second secret keys (K1, K2) and the derivation factors (A1, A2) Receiving a second verification factor (C3) generated through a set fifth operation;
Obtaining a second comparison factor (C3 ') through a sixth operation which is the same operation as the fifth operation based on the secret key and the second random number (n2); And
Authenticating the black box and setting the first random number n1 as a new imitation identifier if the second verification factor C3 and the second comparison factor C3 'are the same Wherein said method comprises the steps of: 9. The method of claim 8,
Generating a secret key from the first random number n1 upon receiving the encrypted image from the authenticated black box and decrypting the image using the generated secret key, Encryption method. A method for encryption / decryption based on mutual authentication of a black box,
A predetermined first operation is performed on the basis of the identifier (ID) corresponding to the fake ID (IDS), the first and second secret keys K1 and K2 and the first and second random numbers n1 and n2 (A1, A2) generated through the second calculation and a first verification factor (B3) generated through a second predetermined operation;
(A1, A2) from the derivation factors (A1, A2) through a third operation which is an inverse of the first operation using the ID, the ID, the first and second secret keys (K1, K2) Deriving a factor (n1 ', n2') having the same value as the first and second random numbers (n1, n2);
(ID1), the identifier (ID), the first and second secret keys (K1, K2) having the same value as the predetermined second operation on the basis of the parameters (n1 ', n2' Obtaining a first comparison factor (B3 ') through a fourth operation; And
Authenticates the server if the received first verification factor B3 and the first comparison factor B3 'are the same, and sets a factor n1' having the same value as the first random number n1 as a new And setting it as a phoneme identifier,
Wherein the first and second operations include a merging function, wherein the merging function aligns the bit arrays of the input parameters A and B of length L according to the bit values of the input bit string K of length 2L, Length output bit string C, and if the bits of the input bit string K are sequentially 0, the bits of the input parameter A are arranged in the bits of the output bit string C, and if the bits of K are 1, And the output bit string is arranged in bits of the output bit string. 11. The method of claim 10,
The second verification factor C3 is calculated through a predetermined fifth operation based on the first and second secret keys K1 and K2 and the factor n2 'having the same value as the second random number n2 ; And
And transmitting the second verification factor (C3) to the server. 11. The method of claim 10,
Generating a secret key from a factor n1 'having the same value as the first random number n1;
Encrypting the image using the generated secret key; And
And transmitting the encrypted image to the server. A computer-readable recording medium on which an encryption method according to any one of claims 7 to 12 is recorded.
KR1020160011023A 2016-01-28 2016-01-28 Apparatus for encrypting and decrypting image based on mutual authentication, method thereof and computer recordable medium storing the method KR101749322B1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
KR1020160011023A KR101749322B1 (en) 2016-01-28 2016-01-28 Apparatus for encrypting and decrypting image based on mutual authentication, method thereof and computer recordable medium storing the method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
KR1020160011023A KR101749322B1 (en) 2016-01-28 2016-01-28 Apparatus for encrypting and decrypting image based on mutual authentication, method thereof and computer recordable medium storing the method

Publications (1)

Publication Number Publication Date
KR101749322B1 true KR101749322B1 (en) 2017-06-20

Family

ID=59281527

Family Applications (1)

Application Number Title Priority Date Filing Date
KR1020160011023A KR101749322B1 (en) 2016-01-28 2016-01-28 Apparatus for encrypting and decrypting image based on mutual authentication, method thereof and computer recordable medium storing the method

Country Status (1)

Country Link
KR (1) KR101749322B1 (en)

Similar Documents

Publication Publication Date Title
US11082228B2 (en) Reuse system, key generation device, data security device, in-vehicle computer, reuse method, and computer program
JP5180678B2 (en) IC card, IC card system and method thereof
US20190028267A1 (en) In-vehicle computer system, vehicle, key generation device, management method, key generation method, and computer program
US10395062B2 (en) Method and server for authenticating and verifying file
US9479329B2 (en) Motor vehicle control unit having a cryptographic device
US10880100B2 (en) Apparatus and method for certificate enrollment
CN110690956B (en) Bidirectional authentication method and system, server and terminal
Dewanta et al. A mutual authentication scheme for secure fog computing service handover in vehicular network environment
KR20210129742A (en) Cryptographic safety mechanisms for remote control of autonomous vehicles
CN105162797A (en) Bidirectional authentication method based on video surveillance system
CN110336673B (en) Block chain design method based on privacy protection
CN103546289A (en) USB (universal serial bus) Key based secure data transmission method and system
CN110855616B (en) Digital key generation system
CN109905384B (en) Data migration method and system
KR20210015264A (en) APPARATUS AND METHOD FOR AUTHENTICATING IoT DEVICE BASED ON PUF USING WHITE-BOX CRYPTOGRAPHY
KR101015401B1 (en) Method of checking integrity of data by storing data of common ID in separated database system
CN111401901A (en) Authentication method and device of biological payment device, computer device and storage medium
CN110519222B (en) External network access identity authentication method and system based on disposable asymmetric key pair and key fob
KR20170017455A (en) Mutual authentication method between mutual authentication devices based on session key and token, mutual authentication devices
KR102157695B1 (en) Method for Establishing Anonymous Digital Identity
WO2017020669A1 (en) Method and device for authenticating identity of node in distributed system
KR20200104084A (en) APPARATUS AND METHOD FOR AUTHENTICATING IoT DEVICE BASED ON PUF
CN108292997B (en) Authentication control system and method, server device, client device, authentication method, and recording medium
KR101749322B1 (en) Apparatus for encrypting and decrypting image based on mutual authentication, method thereof and computer recordable medium storing the method
CN110912857A (en) Method and storage medium for sharing login between mobile applications

Legal Events

Date Code Title Description
E701 Decision to grant or registration of patent right
GRNT Written decision to grant