• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.13 no.6
• /
• pp.97-106
• /
• 2003

The important factor in Public-Key Infrastructure is the authentication to correspondent. We receive the digital certificate for authentication between each other, and then we check the existence of validity on the certificate by Certification Revocation List(CRL). But, To use CRL is the scheme used in offline status. So, it is impossible to refer to the latest information and the CRL scheme which is used after downloading is variously unsuitable to getting bigger of the CRL size as time goes on. Therefore, we prefer OCSP(Online Certificate Status Protocol) used in online to CRL used in offline. Consequently, we propose the scheme which provides the request of fast verification in case of requesting the verification on the certificate by owning the same update information to Certificate Registry and distributed OCSP.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.14 no.3
• /
• pp.49-61
• /
• 2004

In broadcast encryption schemes, traceability is a useful property to trace authorized subscribers, called traitors, who collude for manufacturing a pirate decoder. Unfortunately, this is usually achieved with a sacrifice of a privacy. Most traitor tracing schemes in the literature have been developed without considering a subscriber's anonymity, which is one of important requirements for electronic marketplaces to offer similar privacy as current marketplace. It would be unsatisfactory for the subscriber to reveal his/her identity to purchase multimedia contents. In this paper we propose an anonymous broadcast encryption scheme, where a user can subscribe anonymously and one purchases multimedia contents without giving a lot of information about his lifestyle, habits, and etc, but anonymity control is provided, i.e., a data supplier can date traitors.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.9 no.3
• /
• pp.3-12
• /
• 1999

The public key crytptosystem is represented by RSA based on the difficulty of integer factorization and ElGamal cryptosystem based on the intractability of the discrete logarithm problem in a cyclic group G. The index-calculus algorithm for discrete logarithms in GF${$q^n$}^+$ requires an polynomial factorization. The Niederreiter recently developed deterministic facorization algorithm for polynomial over GF$q^n$ In this paper we implemented the arithmetic of finite field with c-language and gibe an implementation of the Niederreiter's algorithm over GF$2^n$ using normal bases.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.12 no.2
• /
• pp.77-87
• /
• 2002

In the field of secure information systems including electronic commercials, public key infrastructure(PKI) is widely used for secure services. The more PKI domains are established, the more needs we required for cross-domain certifications. Furthermore, each country has many certificate authorities(CA) which requires more complex cross certification. We may need a fast algorithm in order to fad the possible certification paths. This will be more indispensible in the growing PKI systems. Thus, in this paper we design a high-speed certification path discovery algorithm and implement it. Also we investigate the feature of operation of the system.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.13 no.3
• /
• pp.45-55
• /
• 2003

Wireless LAM has the advantage of extension, flexibility and easiness of installation and maintenance. However, due to the characteristics of wireless media, it is vulnerable to security attacks. PKI(Public Key Infrastructure) is estimated to be a good solution offering security function to wireless LAM including global roaming. It offers high security functions as authentication confidentiality and digital signature while it generates big overheads such as CRL search and certificate verification. The overheads can not be avoided during the initial authentication. However, when we consider the case of handoff, it can be minimized through the fast handoff. In this paper, we design a fast handoff authentication mechanism based on PKI in the wireless LAM and analyze the performance of the scheme.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.3
• /
• pp.509-516
• /
• 2021

The transitive signature scheme is a technique that can be very useful when authenticating edges in a graph that is transitively closed. In other words, when there is an authentication value for an edge (i, j) and an authentication value for an edge (j, k), the authentication value for the edge (i, k) can also be calculated immediately without any separate authentication procedure through a transitive signature. In this paper, we propose the first identity-based transitive signature scheme. Our scheme is based on the lattice problem.

• Convergence Security Journal
• /
• v.20 no.4
• /
• pp.177-186
• /
• 2020

In current public blockchain, any node can see every blocks, so that public blockchain provider transparent property. However, some application requires the confidential information to be stored in the block. Therefore, this paper proposes a multi-layer blockchain that have the public block layer and the private block for confidential information. This paper suggests the requirement for encryption of private block. Also, this paper shows the t-of-n threshold cryptosystem without dealer who is trusted third party. Moreover, the delegated node who has key information can be withdraw the delegated node group or a new delegated node can join in the delegated node group. Therefore, the paper proposes an efficient key information resharing scheme for withdraw and join. Finally proposed scheme satisfies the requirements for encryption and fairness.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2022.05a
• /
• pp.246-248
• /
• 2022

Binary Edwards curves (BEdC), a new form of elliptic curves proposed by Bernstein, satisfy the complete addition law without exceptions. This paper describes an efficient hardware implementation of point scalar multiplication on BEdC using projective coordinates. Modified Montgomery ladder algorithm was adopted for point scalar multiplication, and binary field arithmetic operations were implemented using 257-bit binary adder, 257-bit binary squarer, and 32-bit binary multiplier. The hardware operation of the BEdC crypto-core was verified using Zynq UltraScale+ MPSoC device. It takes 521,535 clock cycles to compute point scalar multiplication.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2022.11a
• /
• pp.216-218
• /
• 2022

최근 공인인증서가 폐지되고 보다 발급이 간편하고 유효기간이 긴 사설인증서가 부상했다. 더불어 탈중앙화를 핵심 개념으로 하는 블록체인 기반 분산 신원 증명(Decentralized Identity, DID)기술이 대두되고 있다. 서비스 환경의 변화에 따라 사용자 인증 기술도 변화가 요구된다. 더욱이 메타버스라는 새로운 인터넷 환경이 조성되고 있는 바 현재 사용자 인증 기술의 동향을 살펴보고 미래에 사용자 인증이 나아갈 방향성을 제시하는 것은 의미가 있어 보인다. 본 논문에서는 사용자 인증 기술의 개요와 사용자 인증 기술의 변천과정을 시작으로 공개키 기반 구조(Public Key Infrastructure, PKI)와 분산 신원 증명을 중심으로 시장에서의 사용자 인증 기술의 동향을 살펴본다. 나아가 메타버스가 상용화되었을 시기에 사용자 인증 기술이 나아가야할 세가지 방향성(분산화, 플랫폼 초월, 생체 기반 인증 중심)을 제시한다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2023.11a
• /
• pp.252-256
• /
• 2023

쇼어 알고리즘을 실행할 수 있는 양자 컴퓨터의 발전으로 인해 기존 ECC(Elliptic Curve Cryptography)를 사용하던 블록체인이 PQC(Post Quantum Cryptography)로의 전환을 고려하고 있다. 하지만 PQC 는 기존 암호에 비해 큰 사이즈, 느린 서명/검증 속도 등과 같은 문제점이 존재한다. 본 논문에서는 우리가 WISA'23 에서 새롭게 제안한 PQ-DPoL 합의 알고리즘에 NIST(National Institute of Standards and Technology)가 선정한 Crystal-Dilithium, Falcon 그리고 Sphincs+를 적용하여 비교 분석하였다. 실험 결과에 따르면, 매우 큰 서명 크기를 가지고 있기 때문에 블록에 담기는 트랜잭션의 수가 감소하므로 Sphincs+의 성능이 가장 떨어짐을 확인하였다. 또한 Dilithium 은 Falcon 과 비슷한 성능을 보여주었다. 그 중에서도 Falcon 이 가장 우수한 성능을 보여주었다. 이는 Falcon 의 공개키와 서명의 크기가 다른 알고리즘에 비해 작기 때문이다. 따라서 양자내성을 갖는 블록체인에는 Falcon 512 알고리즘이 가장 적합할 것으로 생각된다. 그러나 블록체인의 속도와 보안 강도는 Trade-off 관계이므로 보안성을 중요시하는 블록체인 네트워크에서는 Sphincs+가 적합할 수 있을 것으로 보인다. 따라서 블록체인 네트워크의 상황과 목적에 따라 적절한 알고리즘을 사용해야 될 것으로 생각된다.