• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.20 no.3
• /
• pp.135-140
• /
• 2010

The computation using Chinese Remainder Theorem in RSA cryptosystem is well suited in the digital signature or decryption processing due to its low computational load compared to the case of general RSA without CRT. Since the RSA-CRT algorithm is vulnerable to many fault insertion attacks, some countermeasures against them were proposed. Among several countermeasures, Yen et al. proposed two schemes based on fault propagation method. Unfortunately, a new vulnerability was founded in FDTC 2006 conference. To improve the original schemes, Kim et al. recently proposed a new countermeasure in which they adopt the AND operation for fault propagation. In this paper, we show that the proposed scheme using AND operation without checking procedure is also vulnerable to fault insertion attack with chosen messages.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.5
• /
• pp.899-914
• /
• 2022

A blockchain-based decentralized service can offer reliable services without the centralized server by operating the system based on the consensus among byzantine participants. Participants can interact with the blockchain network through a digital signature mechanism but the private key management issue remains unresolved. NIST SP800-57 provides a key-management guidance but this guidance is not appropriate for blockchain-based services because it does not consider a decentralized environment. In this paper, we define the core functions of the blockchain wallet application for private key management and present security protections according to NIST SP800-57, as well as related techniques to satisfy them. Finally, we propose the private key management guideline for secure blockchain-based decentralized services.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2011.04a
• /
• pp.1608-1609
• /
• 2011

국토해양부에서는 건설사업의 생산성을 향상시키고 건설사업의 효율성을 제고하기 위해 건설기술관리법 제15조의 2에 따라 건설공사지원통합정보체계의 구성.운영에 관한 법률을 마련하고 1998년부터 건설사업정보화(Continuous Acquisition Life-Cycle Support : CALS)를 추진중에 있다. 건설사업정보화의 일환으로 건설공사비의 상당부분을 차지하고 개인의 소유권과 관계되어 있어 민원 소지가 많은 보상자료를 관리하기 위해 용지보상시스템이 기 개발되어 운영중에 있으나 보상비 지출의 핵심과정인 지급단계가 국가재정정보시스템과 별도로 운영중에 있어 체계적인 보상자료 관리 및 보상비 지급의 이력관리가 제대로 이루어지 지고 있지 않다. 이는 곧 부적절한 보상비 집행으로 인한 국고예산 낭비의 소지가 있고 보상비 집행에 대한 대민 신뢰도 저하로 인해 다수의 소송으로 이어질수 있다. 이에 기존의 보상비 집행업무 프로세스 개선 및 건설CALS 용지보상시스템과 디지털예산회계시스템의 연계를 통해 보상비 집행의 투명성을 확보하고 민원인들에게 대민행정에 대한 신뢰도를 높일 수 있는 방안을 제시하고자 한다.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.17 no.2
• /
• pp.357-364
• /
• 2022

A pseudo-random number generator (PRNG) is a program used when a large amount of random numbers is needed. It is used to generate symmetric keys in symmetric key cryptography systems, generate public key pairs in public key cryptography or digital signatures, and generate columns used for padding with disposable pads. Cellular Automata (CA), which is useful for specific representing nonlinear dynamics in various scientific fields, is a discrete and abstract computational system that can be implemented in hardware and is applied as a PRNG that generates keys in cryptographic systems. In this paper, I propose an algorithm for synthesizing a programmable 5-neighbor CA based PRNG that can effectively generate a nonlinear sequence using 5-neighbor CA with the radius of the neighboring cell increased by 2.

• Journal of Internet of Things and Convergence
• /
• v.5 no.2
• /
• pp.21-26
• /
• 2019

Wisdom contents is made by an ordinary person and contains life tips helpful in general. As the existing copyright management systems are designed for the corporate or professional authors, it's not easy to use and requires high cost for the ordinary person to get the copyright. Blockchain based system can notarize the block of transactions without help of trustful third party such as existing copyright protection center. Thus, blockchain based copyright protection model is needed to protect the ordinary author's copyright. In this study, we propose the smart contract based copyright protection model which run on the blockchain network. The proposed model consists of smart contract creation, contents purchase and profit sharing stages. The digital signature scheme is used to get the contract agreed by the seller and the author. The smart contract stores the author information, contents information and the percentage of the share as states. If the contents is sold, the sales tokens are redistributed to the author and the seller according to the share. The proposed model can be applied to the ordinary person's copyright registration and management for Wisdom contents distributed in cafe, blog, YouTube, etc.

• Journal of KIISE:Information Networking
• /
• v.37 no.3
• /
• pp.187-197
• /
• 2010

The fusion stream of recent broadcasting and communication make multimedia content served in the area of broadcasting into IPTV service which transmits it through high-speed internet, cable TV net and satellite net in realtime. However, as the digital broadcasting service is extended to various media, the security of IPTV service content provided to users by service provider is not fully supported by CAS(Conditional Access System) provided by existing broadcasting system. This paper proposes interactive certification protocol which can efficiently distinguish the receiving-qualification of user between Set-Top Box and Smart Card which are parts of configurations for IPTV system. The proposed protocol uses hash function to make Set-Top Box transmit receiving-qualification about the channel fee which user pays more properly than existing protocol. Also, the proposed protocol uses session key generated between receiver and smart card through inter certification process and encrypts EMM not the service to be used by anyone illegally.

• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.47 no.4
• /
• pp.51-62
• /
• 2010

This paper proposes RSA cryptosystem based anonymous electronic prescription which is issued from university and local hospitals by authorized medical professionals. Electronic prescription is now being used in domestic hospitals where sharing medical records and images are prevailing, facilitated by digitalizing medical information and building network infrastructure between the institutes. Proposed RSA based anonymous electronic prescription makes use of PKI protects the identity exposure of doctors and privacy of patients. While traditional prescription fails to protect identities to mandates party or to health insurance, the proposed RSA based prescription opens the contents of the prescription to health insurance authority only after its prescribing function is finished. The proposed approach along with soon to be deployed electronic ID card will help national health insurance corporation to increase the transparency of national prescription system.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.18 no.5
• /
• pp.161-169
• /
• 2018

This study presents a time synchronization system in decentralized structure by using the blockchain, a core technology of Bitcoin introduced by Satoshi Nakamoto in 2008. In this study, Getting away from existing time synchronization system in centralized structure, A blockchain network has completely decentralized structure using public blockchain. In decentralized structure, Only certain peers among the peers that participate in a blockchain network access the NTP server. Therefore, others can synchronize time without having to go to public network. Furthermore if appropriate time synchronization cycles are established for each peer, time synchronization can be maintained even when connection to public network is completely lost. A time synchronization system in this study has advantages of p2p system and can be also guaranteed reliability and stability because it used digital signature, merkle tree, consensus algorithm which are core characteristics of block chains.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.29 no.5C
• /
• pp.726-736
• /
• 2004

In this paper, we proposed a new scalar multiplier structure needed for an elliptic curve cryptosystem(ECC) over the standard basis in GF(2$^{163}$ ). It consists of a bit-serial multiplier and a divider with control logics, and the divider consumes most of the processing time. To speed up the division processing, we developed a new division algorithm based on the extended Euclid algorithm. Dynamic data dependency of the Euclid algorithm has been transformed to static and fixed data flow by a localization technique, to make it independent of the input and field polynomial. Compared to other existing scalar multipliers, the new scalar multiplier requires smaller gate counts with improved processor performance. It has been synthesized using Samsung 0.18 um CMOS technology, and the maximum operating frequency is estimated 250 MHz. The resulting performance is 148 kbps, that is, it takes 1.1 msec to process a 163-bit data frame. We assure that this performance is enough to be used for digital signature, encryption/decryption, and key exchanges in real time environments.

• Journal of the Korea Convergence Society
• /
• v.9 no.7
• /
• pp.69-75
• /
• 2018

The key technology of Industry 4.0, Smart factory is evaluated as the driving force of our economic development hereafter and a lot of researches have been established. Various entities including devices, products and managers exist in smart factory, but roles of these entities may be continuous or variable and can become extinct not long after. Existing methods for access control are not suitable to adapt to the variable environment. If we don't consider certain security level, important industrial data can be the targets of attacks. We need a new access control method satisfying desired level of efficiency and security without excessive system loads. In this paper, we propose a new RBAC-PAC which extend AC defined for PKC to the authority attribute of roles. We distribute PACs for roles through block chain method to provide the efficient access control. We verified that RBAC-PAC is more efficient in the smart factory with large number of entities which need a frequent permission update.