• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.3
• /
• pp.547-557
• /
• 2015

The security of all cryptographic algorithms and protocols is based on the confidentiality of secret keys. Key management mechanism is an indispensable part of the cryptographic system and this deals with the generation, exchange, storage, use, and replacement of keys. Within the key management mechanism there are key derivation functions (KDFs) which derive one or more keys from a master key. NIST specifies three families of PRF-based KDFs in SP 800-108. In this paper, we examine the difference of security models between the KDFs and the encryption modes of operations. Moreover we focus on the provable security of PRF-based KDFs according to input types of counters, and show that the counter and feedback modes of KDFs using XOR of counters are insecure, while these modes using concatenation of counters are secure.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.1
• /
• pp.87-100
• /
• 2020

Researches on Post-quantum blockchain, which is a synthesis of blockchain and post-quantum cryptography[1], are relatively unrevealed areas but have needs to be studied with the regard to the quantum computers. However there could be several fundamental problems, e.g. unsustainably large size of public key and signature, or too lengthy time for sign and verification, if any post-quantum cryptography is adopted to the existing blockchain to implement post-quantum blockchain. Thus, a new method was proposed in this paper that produces fixed length of references for massive signatures and corresponding public keys to enable relatively lightweight transactions. This paper proposed the mechanism that included a new transaction structure and protocols, and demonstrated a post-quantum blockchain that the proposed mechanism was adopted. Through this research, it could enhance compatibility of blockchain regarding post-quantum digital signature, possibly reducing weights of the whole blockchain.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2006.05a
• /
• pp.183-186
• /
• 2006

It is studied the implementation possibility of some encryption algorithms which meet the performance requirements in the smart card used in the TETRA system End-to-End Encryption. It is measured the operation time of the algorithm in the smart card which has 32 bit smart card controller made by Samsung Electronics. The algorithms used in the performance comparison are AES, ARIA, 3DES, SEED, IDEA which are the domestic or international standards. The input and output time of the smart card are measured using the smart card protocol analyzer. The pure algorithm operation time is calculated by the repeated algorithm operations. This measurement results can be used as the criteria for the selection of algorithm which will be used in the TETRA End-to-End encryption system. The algorithm which has better performance can be used for the implementation of additional functions in the smart lard, because of the enough time margin.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.19 no.6
• /
• pp.23-35
• /
• 2009

Password-Authenticated Key Exchange (PAKE) Protocol is a useful tool for secure communication conducted over open networks without sharing a common secret key or assuming the existence of the public key infrastructure (PKI). It seems difficult to design efficient PAKE protocols using RSA, and thus many PAKE protocols are designed based on the Diffie-Hellman key exchange (DH-PAKE). Therefore it is important to design an efficient PAKE based on RSA function since the function is suitable for designing a PAKE protocol for imbalanced communication environment. In this paper, we propose a computationally-efficient key exchange protocol based on the RSA function that is suitable for low-power devices in imbalanced environment. Our protocol is more efficient than previous RSA-PAKE protocols, required theoretical computation and experiment time in the same environment. Our protocol can provide that it is more 84% efficiency key exchange than secure and the most efficient RSA-PAKE protocol CEPEK. We can improve the performance of our protocol by computing some costly operations in offline step. We prove the security of our protocol under firmly formalized security model in the random oracle model.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.14 no.3
• /
• pp.1393-1401
• /
• 2013

What is RFID Microchip tag attached to an object, the reader recognizes technology collectively, through communication with the server to authenticate the object. A variety of RFID tags, 13.56Mhz bandwidth RFID card, ISO/IEC 14443 standards based on NXP's Mifare tag occupies 72.5% of the world market. Of the Mifare tags, low cost tag Mifare Classic tag provided in accordance with the limited hardware-based security operations, protocol leaked by a variety of attacks and key recovery vulnerability exists. Therefore, in this paper, Cryptography Scheme and Secure Protocol for Safety Secure Scheme Construction in 13.56Mhz RFID have been designed. The proposed security scheme that KS generated by various fixed values and non-fixed value, S-Box operated, values crossed between LFSR and S-Box is fully satisfied spoofing, replay attacks, such as vulnerability of existing security and general RFID secure requirement. Also, It is designed by considering the limited hardware computational capabilities and existing security schemes, so it could be suit to Mifare Classic now.

• Journal of the Korea Society of Computer and Information
• /
• v.25 no.1
• /
• pp.87-92
• /
• 2020

Various devices, which are powerful computer and low-performance sensors, is connected to IoT network. Accordingly, applying mutual authentication for devices and data encryption method are essential since illegal attacks are existing on the network. But cryptographic methods such as symmetric key and public key algorithms, hash function are not appropriate to low-performance devices. Therefore, this paper proposes blockchain-based lightweight IoT mutual authentication protocol for the low-performance devices.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.24 no.6B
• /
• pp.1059-1067
• /
• 1999

In this paper characteristics of ATM-PON is described and a TC layer controller for ATM-PON OLT is designed. This paper proposes an algorithm of economically controlling the grant information written by CPU to dynamically allocate the upstream bandwidth on the PON among the ONUs in a fair way and of encrypting the downstream data using a lower standard of encryption, termed data churning, which is used to distinguish it from existing transmission system scramblers and higher layer encryption methods. This paper also proposes a method of allocating churning-related message into the PLOAM cell in order to synchronously change the churning key between the OLT and the ONU.

• Journal of Internet Computing and Services
• /
• v.6 no.5
• /
• pp.27-43
• /
• 2005

EAP provides authentication for each entity based on IEEE Std 802.1x Wireless lAN and RADIUS/DIAMETER protocol, and it uses certificate, dual scheme(e.g., password and token) with the authentication method. The password-based authentication scheme for authenticated key exchange is the most widely-used user authentication method due to various advantages, such as human-memorable simplicity, convenience, mobility, A specific hardware device is also unnecessary, This paper discusses user authentication via public networks and proposes the Split Password-based Authenticated Key Exchange (SPAKE), which is ideal for both authenticating users and exchanging session keys when using a subsequent secure communication over untrusted network, And then we provides EAP authentication framework EAP-SPAKE by using it.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.12 no.6
• /
• pp.2754-2759
• /
• 2011

With information communications and RFID/USN environments merged wire/wireless networks are generalized. In this viewpoint, WAP is used by communication protocol for the data communication in the field of wireless environment. WTLS developed for the secure communications optimize TLS adapted wireless environment in the TCP/IP internet protocol. But WTLS denote WAP security problem, end-to-end problem, and power consumption, etc. Therefore in this paper we proposed WTLS cryptographic algorithm eliminated WTLS disadvantages. Proposed algorithm solved power consumption, calculated complexity, and security problems because it is not unique but hybrid form.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.17 no.4
• /
• pp.909-916
• /
• 2013

Since realization of E-voting system expands participation of voters and efficient count of voting, political and social and technical revolution is possible. However, without secure e-voting system, practical usages are infeasible. In the paper, we propose an e-voting system which is able to open votes in server without decryption during midst process using EC-ELGAMAL homomorphic cryptography. Users ensure anonymity with pseudo id from server and check their voting with Bloom Filter technology. Furthermore, we combine attributes and voters' information, so we can collect information of voter under the condition of anonymity.