• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.18 no.4
• /
• pp.73-78
• /
• 2018

In this paper, we consider a system where multiple sources are encrypted in separated nodes and sent through their respective public communication channels into a joint sink node. We are interested at the problem on protecting the security of an already existing system such above, which is found out to have correlated encryption keys. In particular, we focus on finding a solution without introducing additional secret keys and with minimal modification to minimize the cost and the risk of bringing down an already running system. We propose a solution under a security model where an eavesdropper obtains all ciphertexts, i.e., encrypted sources, by accessing available public communication channels. Our main technique is to use encoders of universal function to encode the ciphertexts before sending them to public communication channels.

• The KIPS Transactions:PartC
• /
• v.16C no.3
• /
• pp.335-346
• /
• 2009

Mobile environments are evolving the main communication environment as a develops of communication technology. In mobile environments, sensitive information can be compromised on-line, so demand for security has increased. Also, mobile devices that provide various services are in danger from malware and illegal devices, phishing and sniffing etc, and the privacy. Therefore, MTM(Mobile Trusted Module) is developed and promoted by TCG(Trusted Computing Group), which is an industry standard body to enhance the security level in the mobile computing environment. MTM protects user privacy and platform integrity, because it is embedded in the platform, and it is physically secure. However, a security approach is required when secret data is migrated elsewhere, because MTM provides strong security functions. In this paper, we analyze the TCG standard and migration method for cryptographic key, then we propose a secure migration scheme for cryptographic key using key Backup/Recovery method.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.4
• /
• pp.585-591
• /
• 2013

Recently, the combined attack which is a combination of side channel analysis and fault attack has been developed to extract the secret key during the cryptographic processes using a security device. Unfortunately, an attacker can find the private key of RSA cryptosystem through one time fault injection and power signal analysis. In this paper, we diagnosed SPA/FA resistant BNP(Boscher, Naciri, and Prouff) exponentiation algorithm as having threats to a similar combined attack. And we proposed a simple countermeasure to resist against this combined attack by randomizing the private key using error infective method.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.14 no.7
• /
• pp.1597-1602
• /
• 2010

Sarkar et al. proposed a new Cellular Automata(CA) based security scheme providing both authentication and confidentiality. The application of CA for designing the scheme makes it suitable for hardware implementation. But the proposed method by Sakar dt al. has some problems. In this paper, we analyze CA and give a method for detecting secret key.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.19 no.5
• /
• pp.25-34
• /
• 2009

Many conference systems over the Internet require authenticated group key agreement (AGKA) for secure and reliable communication. After Shamir [1] proposed the ID-based cryptosystem in 1984, ID-based AGKA protocols have been actively studied because of the simple public key management. In 2006, Zhou et al. [12] proposed two-round ID-based AGKA protocol which is very efficient in communication and computation complexity. However, their protocol does not provide user identification and suffers from the impersonation attack by malicious participants. In this paper, we propose improved ID-based AGKA protocol to prevent impersonation attack from Zhou et al.'s protocol. In our protocol, the malicious insider cannot impersonate another participants even if he knows the ephemeral group secret value. Moreover, our protocol reduces the computation cost from Zhou et al.'s protocol.

• Journal of the military operations research society of Korea
• /
• v.15 no.2
• /
• pp.127-146
• /
• 1989

여러 암호화 방식 중 비교적 비도가 높으며 표준화되어 있어 가장 널리 사용되고 있는 것이 DES이다. 그러나 DES의 안전성에 대하여 많은 문제점과 의문이 제기되어 왔으며 이들은 주로 DES S-Box에 관한 것이다. 이 S-Box의 구성은 평문과 암호문 사이의 상호관련성을 제거해주는 데 도움을 주지만 여기에 비밀통로가 숨겨져 있을 수 있는 가능성이 문제되고 있다. DES의 S-Box에 대한 이러한 문제점을 해결할 수 있는 방법의 하나는 0부터 15까지의 수를 무작위하게 순열하여 S-Box를 구성하는 것이다. 본 연구에서는 키에 의존하는 S-Box를 설계하며 아울러 이 변형된 DES를 수행할 수 있는 소프트웨어를 구축하여 변형된 암호화 방법의 안전성을 검토하고자 한다.

• Journal of Internet of Things and Convergence
• /
• v.6 no.2
• /
• pp.25-29
• /
• 2020

The elliptic curve crypto-algorithm is widely used in authentication for IoT environment, since it has small key size and low communication overhead compare to the RSA public key algorithm. If the scalar multiplication, a core operation of the elliptic curve crypto-algorithm, is not implemented securely, attackers can find the secret key to use simple power analysis or differential power analysis. In this paper, an elliptic curve scalar multiplication algorithm using a randomized scalar and an elliptic curve point blinding is suggested. It is resistant to power analysis but does not significantly reduce efficiency. Given a random r and an elliptic curve random point R, the elliptic scalar multiplication kP = u(P+R)-vR is calculated by using the regular variant Shamir's double ladder algorithm, where l+20-bit u≡rn+k(modn) and v≡rn-k(modn) using 2^lP=∓cP for the case of the order n=2^l±c.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.13 no.3
• /
• pp.111-117
• /
• 2003

The XTR public key system has advantage of short key length and fast computing speed. So, the XTR is used usefully in complicated operation. In this paper, we propose a new algorithm of double exponentiation operation and a proxy signature protocol based on the XTR. The double exponentiation operation should be executed to apply XTR for the proxy signature protocol. But this algorithm is inappropriate, because two secret key has to be blown in existent operation algorithm. New algorithm enable double exponentiation operation with proxy signer's secret key and public information. And the XTR is used to generation and verification of proxy at proxy signature protocol. Therefore proxy signature based on the XTR has basic advantage of the XTR. These advantage can be used in internet as well as mobile.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.3
• /
• pp.551-561
• /
• 2018

As the computational technology using quantum computing has been developed, several threats on cryptographic systems are recently increasing. Therefore, many researches on post-quantum cryptosystems which can withstand the analysis attacks using quantum computers are actively underway. Nevertheless, the lattice-based NTRU system, one of the post-quantum cryptosystems, is pointed out that it may be vulnerable to the fault injection attack which uses the weakness of implementation of NTRU. In this paper, we investigate the fault injection attacks and their previous countermeasures on the NTRU signature system and propose a secure and efficient countermeasure to defeat it. As a simulation result, the proposed countermeasure has high fault detection ratio and low implementation costs.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.22 no.2
• /
• pp.353-360
• /
• 1997

In this paper, we propose a new blocking method in which the size of an encryption block is changed according to the size of a message block. The proposed method can be applied to multisignature scheme with no restrictio of the signing order and a multisignature anc be sent secretly to the receiver through RSA encryption. It causes expansion in block size of a multisignuture, but the length of the expanded bits is not greater than the number of signers regardless fo the bit lengths of RSA moduli.