DOI QR코드

DOI QR Code

A Study on the Cryptography Algorithm Performance Comparison Used in Modulation and Forgery

위·변조에서 사용되는 암호알고리즘 성능 비교에 대한 연구

  • Lee, Jun Yeong (Sejong Cyber University Graduate School of Information Security) ;
  • Chang, Nam Su (Sejong Cyber University Department of Information Security)
  • Received : 2016.11.17
  • Accepted : 2017.01.13
  • Published : 2017.01.31

Abstract

Recently, the use of mobile devices has increased in order to provide a variety of services, and thus there has been a surge in the number of application malicious attacks on the Android platform. To resolve the problem, the domestic financial sector has been introducing the app anti-tamper solution based on cryptographic algorithms. However, since the capacity of apps installed in smartphones continues to increase and environments with limited resources as wearables and IoTs spread, there are limitations to the processing speed of the anti-tamper solutions. In this paper, we propose a novel anti-tamper solution by using lightweight hash function LEA and LSH. We also present the test results of a simulation program that implements this method and compare the performance with anti-tamper solutions based on the previous cryptographic algorithms.

최근 다양한 서비스를 제공하기 위해 모바일 기기의 활용도가 증가하고, 이에 따라 안드로이드 플랫폼에서의 앱 위 변조 공격이 급증하고 있다. 이에 대응하기 위해 국내의 금융 분야에서는 암호 알고리즘을 기반으로 한 앱 위 변조 방지 솔루션을 도입하고 있다. 그러나 스마트폰에 설치되는 앱의 용량이 지속적으로 증가하고, 웨어러블이나 IoT 등 제한된 자원을 가진 환경이 확산되면서 앱 위 변조 방지 솔루션의 처리 속도의 한계점을 가진다. 본 논문에서는 고속경량 암호 LEA와 LSH를 사용한 앱 위 변조 방지 솔루션을 제안한다. 또한 이 기법을 구현한 시뮬레이션 프로그램의 실험결과를 제시하고 기존 암호 알고리즘이 적용된 앱 위 변조 방지 솔루션과의 성능을 비교한다.

Keywords

References

  1. K. Y. Park and J. H. Seo, "Research on information security technology trends smartphone," in Proc. KICS Int. Conf. Commun., pp. 305-306, Nov. 2014.
  2. D. Kim, S. Yoon, and Y. Lee "Security for IoT services," KICS Inf. and Commun. Mag., vol. 20, no. 8, pp. 53-59, Jul. 2013.
  3. B. Choi, H. J. Shim, C. H. Lee, S. Cho, and S. Cho, "An APK overwrite scheme for preventing modification of android applications," J. KICS, vol. 39, no. 8, pp. 309-316, May 2014.
  4. J.-W. Kim and I. Kim, "The counterfeit & modulation checks on the android applications," in Proc. KITS Int. Conf. Commun., pp. 460-464, 2012.
  5. TTAS, 128-bit Block Cipher SEED, TTAS.KO-12.0004/R1, Dec. 2005.
  6. NIST, Announcing the Advanced Encryption Standard(AES), FIPS PUB-197, Nov. 2002.
  7. KS, 128 bit block encryption algorithm ARIA, KS X 1213:2004, Dec. 2004.
  8. D. Hong, J.-K. Lee, D.-C. Kim, D. Kwon, K. H. Ryu, and D.-G. Lee, "LEA: A 128-bit block cipher for fast encryption on common processors," in Proc. WISA 2013, LNCS, vol. 8269, 2014.
  9. J.-Y. Lee, D.-E. Cho, and J.-Y. Lee, "An integrity verification method for secure application on the smartphone," KIIT, vol. 9, no. 10, pp. 223-228, Oct. 2011.
  10. S. Kim, S. Kim, and D. H. Lee, "A study on the vulnerability of integrity verification functions of android-based smartphone banking applications," JKIISC, vol. 23, no. 4, pp. 743-755, Aug. 2013.
  11. NIST, Secure Hash Standard(SHS), FIPS 180-4, Aug. 2015.
  12. D.-C. Kim, D. Hong, J.-K. Lee, W.-H. Kim, and D. Kwon, "LSH: A new fast secure hash function family," Inf. Security and Cryptology, ICISC 2014, pp. 286-313, Jan. 2015.
  13. Daniel R. L. Brown, Standards for efficient cryptography, SEC 1: Elliptic curve cryptography, Certicom Res., May 2009.
  14. NIST, Recommendation for block cipher modes of operation: Methods and techniques, SP 800-38A, 2001.