• Review of KIISC
• /
• v.31 no.1
• /
• pp.57-64
• /
• 2021

기존의 공개키 암호가 양자 알고리즘에 취약함이 밝혀지고 양자컴퓨터의 개발이 현실화됨에 따라 NIST는 미연방표준 양자 내성 암호 공모전을 실시하고 있다. FALCON은 공모전 Round 3까지 통과한 전자서명 알고리즘으로 서명 및 검증 속도가 빠르고 공개키 및 서명 길이가 짧다는 장점이 있다. 하지만 FALCON은 부동소수점 연산 등 특별한 구조로 설계되어 새로운 형태의 부채널 공격이 존재할 수 있다. 본 논문에서는 FALCON에 대한 세 가지 전력 분석 공격의 가능성을 제시한다. 또한 주어진 공격을 활용하여 개인키를 복원하는 방안에 대해서 제시한다.

• Journal of Convergence for Information Technology
• /
• v.8 no.2
• /
• pp.77-82
• /
• 2018

Recently, as cloud services become popular with general users, users' information is freely transmitted and received among the information used in the cloud environment, so security problems related to user information disclosure are occurring. we propose a method to secure personal information of multiple users by making personal information stored in the cloud server and a key for accessing the shared information so that the privacy information of the multi users using the cloud service can be prevented in advance do. The first key used in the proposed scheme is a key for accessing the user 's personal information, and is used to operate the information related to the personal information in the form of a multi - layer. The second key is the key to accessing information that is open to other users than to personal information, and is necessary to associate with other users of the cloud. The proposed scheme is constructed to anonymize personal information with multiple hash chains to process multiple kinds of information used in the cloud environment. As a result of the performance evaluation, the proposed method works by allowing third parties to safely access and process the personal information of multiple users processed by the multi - type structure, resulting in a reduction of the personal information management cost by 13.4%. The efficiency of the proposed method is 19.5% higher than that of the existing method.

• Convergence Security Journal
• /
• v.7 no.3
• /
• pp.61-70
• /
• 2007

In Windows operating system, CSPs(Cryptographic Service Providers) are provided for offering a easy and convenient way of using an various cryptographic algorithms to applications. The applications selectively communicate with various CSPs through a set of functions known as the Crypto API(Cryptographic Application Program Interface). During this process, a secure method, accessing data using a handle, is used in order to prevent analysis of the passing parameters to function between CryptoAPI and CSPs. In this paper, our experiment which is using a novel memory traceback method proves that still there is a vulnerability of private key and secret key disclosure in spite of the secure method above-mentioned.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 1996.11a
• /
• pp.44-52
• /
• 1996

개인의 사생활을 보호하는 것과 법집행기관의 합법적인 도청/복호화 요구 사이에서 균형을 맞출 수 있는 Key Escrow를 스마트 카드를 사용하는 공개키 암호 시스템에서 적용한다. 사용자의 비공개키는 권위있는 기관/키관리센타와의 상호작용 또는 사용자가 만든 비공개키를 escrow하는 신뢰받는 기관과의 상호작용에 의해 만들어지며 time warrant를 가져서 사용자가 세션키를 만드는 프로토콜을 따른다면 합법적인 도청/복호화의 경우 사용자의 비공개키는 공개되지 않는다.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2003.12a
• /
• pp.417-421
• /
• 2003

2000년 고기형 등이 발표한 땋임군상에서의 공개키 암호시스템은 후속적으로 다양한 이론적 분석 및 응용기법이 연구되고 있다 땋임군에서의 공개키 암호화기법과 서명기법은 기존에 제안되었으나 개인식별기법은 제안된 바가 없다. 본 논문에서 우리는 땋임군에서의 서명기법에 바탕을 둔 개인식별기법을 제안하고 그 안전성을 증명한다.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.38C no.5
• /
• pp.428-433
• /
• 2013

We present a fully homomorphic encryption (FHE) scheme without key switching based on ring- learning with errors (RLWE) problems and some other assumption. Previous FHE schemes based on LWE needed a step called key switching to reduce the dimension of ciphertext. The key switching step actually needs a heavy computation and severe increasement of keys. So the key switching step is a big burden for implementing FHE Schemes. We suggest a FHE scheme without key switching step by reducing the dimension of ciphertexts in other way. Instead of throwing away key switching, we need another hardness assumption of the difficulty of solving quadratic equation over rings.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.12 no.4
• /
• pp.67-76
• /
• 2002

Kerberos is designed to provide strong authentication between client and application servers which are working in distributed network environment by using symmetric-key cryptography, and supposed to trust other systems of the realm. In this paper, we design an efficient and strong authentication mechanism by introducing the public/private-key to Kerberos. In the mechanism to make a system more secure, the value of the session key is changed everytime using MAC(message authentication code) algorithm with the long-term key for user-authentication and a random number exchanged through the public key. Also, we employ a mutual authentication method, which is used on challenge-response mechanism based on digital signatures, to improve trust between realms, and present a way of reducing the number of keys by simplifying authentication steps.

• Journal of the Institute of Electronics Engineers of Korea CI
• /
• v.49 no.3
• /
• pp.56-61
• /
• 2012

User authentication is a necessity to set up secure system which only an authorized user can use various resource on the Internet. Encryption is to provide data privacy. Also, searchable encryption is to provide both data privacy and efficient management of data by searching with a keyword. The public key based searchable encryption requires in advance the authentication of user's public key as well as the secure management of a publlic/private key of a user, respectively. In cloud, it is purpose to use cloud various resources by using various devices, meanwhile, it is not sufficient resource that some devices manage public/private keys and certificates and it is not easy to implement these clients. To solve this problem, we propose a password-based saerchable encryption using smart cards which are temper-resistant devices.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.20 no.6
• /
• pp.1109-1122
• /
• 2016

Certificateless public key cryptography is a technique that can solve the certificate management problem of a public key cryptosystem and clear the key escrow issue of ID-based cryptography using the public key in user ID. Although the studies were actively in progress, many existing schemes have been designed without taking into account the safety of the secret value with the decryption key exposure attacks. If previous secret values and decryption keys are exposed after replacing public key, a valid private key can be calculated by obtaining the partial private key corresponding to user's ID. In this paper, we propose a new security model which ensures the security against the key exposure attacks and show that several certificateless public key encryption schemes are insecure in the proposed security model. In addition, we design a certificateless public key encryption scheme to be secure in the proposed security model and prove it based on the DBDH(Decisional Bilinear Diffie-Hellman) assumption.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.13 no.2
• /
• pp.849-855
• /
• 2012

In this paper, a proposed system can be ensured safety using scrambling technique in order to protect personal information which identifies visually from the existing e-passport. This system inserts ID card number and photograph into e-passport using scrambling technique. In this system, we need user private key and CA private key to encrypt and decrypt which make it secure. And It show better performance in throughput by not encrypting or decrypting the whole e-passport.