한국정보과학회논문지:시스템및이론 (Journal of KIISE:Computer Systems and Theory)

한국정보과학회 (Korean Institute of Information Scientists and Engineers)
권호 표지

블록 암호 알고리즘을 사용하지 않는 인증 암호화 방법

An Authenticated Encryption Scheme without Block Encryption Algorithms

  • 이문규 (서울대학교 컴퓨터공학부) ;
  • 김동규 (부산대학교 전자전기정보컴퓨터공학부) ;
  • 박근수 (서울대학교 컴퓨터공학부)
  • 발행 : 2002.06.01
PDF 다운로드
⟨ 이전 논문 다음 논문 ⟩

초록

본 논문에서는 블록 암호 알고리즘을 사용하지 않는 새로운 인증 암호화 방법을 제안한다. 이 방법은 Horster-Michels-Petersen 인증 암호화 방법에 기반하고 있으며, Bao-Deng 서명암호화에 이용된 기법을 적용함으로써 전송자의 서명을 수신자 이외의 임의의 제삼자가 검증할 수 있는 특성을 지닌다. 제안된 방법은 블록 암호 알고리즘을 이용하지 않으므로 구현시 코드 크기를 줄일 수 있는 장점을 가지며, 블록 암호 알고리즘을 이용하는 Bao-Deng 방법과 거의 같은 정도의 계산량 및 통신량만을 필요로 한다. 또한 제안된 방법은 기밀성, 인증성, 부인방지 등 안전성 요건들을 만족시킨다.

We propose a new authenticated encryption scheme that does not require any block encryption algorithm. Our scheme is based on the Horster-Michels-Petersen authenticated encryption scheme, and it uses a technique in the Bae~Deng signcryption scheme so that the sender's signature can be verified by an arbitrary third party. Since our scheme does not use any block encryption algorithm, we can reduce the code size in its implementation. The computation and communication costs of the proposed scheme are almost the same as those of the Bao-Deng scheme that uses a block encryption algorithm. Our scheme also satisfies all the security properties such as confidentiality, authenticity and nonrepudiation.

키워드

참고문헌

  1. Zheng, Y., 'Digital signcryption or how to achieve cost(signature & encryption) << cost(signature) + cost (encryption),' CRYPTO '97, LNCS Vol.1294, pp.165-179, Springer-Verlag, 1997
  2. Zheng, Y., 'Signcryption and its applications in efficient public key solutions,' Information Security Workshop (ISW '97), LNCS Vol.1397, pp.291-312, Springer-Verlag, 1998
  3. Petersen, H. and Michels, M., 'Cryptanalysis and improvement of signcryption schemes,' IEE Proceeding - Computers and Digital Techniques, Vol.145, No.2, pp. 149-151, 1998 https://doi.org/10.1049/ip-cdt:19981862
  4. Nyberg, K. and Rueppel, R. A., 'Message recovery for signature schemes based on the discrete logarithm problem,' Eurocrypt '94, LNCS Vol.950, pp. 182-193, Springer-Verlag, 1995 https://doi.org/10.1007/BFb0053434
  5. Horster, P., Michels, M. and Petersen, H., 'Authenticated encryption schemes with low communication costs,' Electronics Letters, Vol.30, No.15, pp.1212-1213, 1994 https://doi.org/10.1049/el:19940856
  6. Lee, W.-B. and Chang, C.-C., 'Authenticated encryption scheme without using a on way function,' Electronics Letters, Vol.31, No.19, pp.1656-1657, 1995 https://doi.org/10.1049/el:19951167
  7. He, W.-H. and Wu, T.-C., 'Cryptanalysis and improvement of Petersen-Michels signcryption scheme,' IEE Proceedings - Computers and Digital Techniques, Vol.146, No.2, pp.123-124, 1999 https://doi.org/10.1049/ip-cdt:19990198
  8. ElGamal, T., 'A public key crytosystem and a signature scheme based on discrete logarithms,' IEEE Transactions on Information Theory, Vol.IT-31, No.4, pp469-472, 1985 https://doi.org/10.1109/TIT.1985.1057074
  9. Bao, F. and Deng, R. H., 'A signcryption scheme with signature directly verifiabe by public key,' PKC '98, LNCS Vol.1431, pp.55-59, Spriger-Verlg, 1998 https://doi.org/10.1007/BFb0054014
  10. Gamage, C., Leiwo, J. andZheng, Y., 'Encrypted message authentication by firewalls,' PKC '99, LNCS Vol.1560, pp.69-81, Springer-Verlag, 1999
  11. Horster, P., Petersen, H. and Michels, M., 'Meta-ElGamal signature schemes,' Proceedings of the second ACM conference on computer and communications security, pp.96-107, 1994 https://doi.org/10.1145/191177.191197
  12. Horster, P., Michels, M. and Petersen, H., 'Meta-message recovery and meta-blind signature schemes based on the discrete logarithm problem and their applications,' Asiacrypt '94, LNCS Vol.917, pp.224-237, Springer-Verlag, 1995 https://doi.org/10.1007/BFb0000437
  13. National Bureau of Standards, 'Data Encryption Standard,' Federal Information Processing Standards Publication FIPS PUB 46, 1977
  14. Lai, X., Massey, J. and Murphy, S. 'Markov ciphers and differential cryptanalysis,' Eurocrypt '91, LNCS Vol.547, pp.17-38, Springer-Verlag, 1991
  15. Brickell, E. F., Gordon, D. M., McCurley, K. S., and Wilson, D. B., 'Fast exponentiation with precomputation,' Eurocrypt '92, LNCS Vol.658, pp.200-207, Springer-Verlag, 1993
  16. de Rooij, P., 'Efficient exponentiation using precomputation and vector addition chains,' Eurocrypt '94, LNCS Vol.950, pp.389-399, Springer-Verlag, 1995 https://doi.org/10.1007/BFb0053453
  17. Lim, C. H. and Lee, P. J., 'More flexible exponentiation with precomputation,' CRYPTO '94, LNCS Vol.839, pp. 95-107, Springer-Verlag, 1994
  18. Knuth, D. E., Seminumerical Algorithms, 2nd Ed., The Art of Computer Programming, Vol.2, Addison-Wesley, Reading, Massachusetts, 1981
  19. Bos, J. and Coster, M., 'Addition chain heuristics,' CRYPTO '89, LNCS Vol.435, pp.400-407, Springer-Verlag, 1990