• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.5
• /
• pp.27-33
• /
• 2011

At FDTC'05 and CISC-W'10, the authors showed that if they decrease the number of rounds of AES and Triple-DES by using the fault injections, it is possible to recover the secret key of the target algorithms, respectively. In this paper, we propose a key recovery attack on HMAC by using the main idea of these attacks. This attack is applicable to HMAC based on MD-family hash functions and can recover the secret key with the negligible computational complexity. Particularly, the attack result on HMAC-SHA-2 is the first known key recovery attack result on this algorithm.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.2
• /
• pp.327-334
• /
• 2016

Contrary to the common belief, DRAM which is used for the main memory of various computing devices retains its content even though it is powered-off. Especially, the data-retaining time can increase if DRAM is cooled down. The Cold Boot Attack, a kind of side-channel attacks, tries to recover the sensitive information such as the cryptographic key from the powered-off DRAM. This paper proposes a new algorithm which recovers the AES key under the symmetric-decay cold-boot-attack model. In particular, the proposed algorithm uses the strategy of reducing the size of the candidate key space by testing the randomness of the extracted AES key bit stream.

• Journal of Internet Computing and Services
• /
• v.7 no.3
• /
• pp.83-91
• /
• 2006

In this paper, we improved a cryptography system model based on the secure initial authentication public key with PKINIT of authentication and key recovery protocol. It is applied to all fields of cryptography system using certificate. This study presents two mechanisms to authenticate between member users. The first mechanism is initial authentication and distribution of session key by public key cryptography based on certificate between entity and server, and the second mechanism is a key recovery support protocol considering loss of session key in the secure communication between application servers.

• Review of KIISC
• /
• v.8 no.4
• /
• pp.97-112
• /
• 1998

암호가 법 질서에 위배되는 목적으로 사용되는 것을 막기 위해 선진 각국에서는 여러 가지 암호 정책을 수립하고 있다. 그 중에서 현재 가장 주목을 받고 있는 것이 키 복구( Key Recovery) 개념이다. 이 개념은 정부 수사기관에게 암호 통신에 대해 수사권을 행사할 수 있는 능력을 부여하는 것이다. 또한 수사권 행사 이외의 프라이버시 침해를 보호할 수 있어야 한다. 본 고에서는 현재까지 제안된 복구 방식과 동향 등을 살펴본다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.9 no.2
• /
• pp.83-92
• /
• 1999

Cryptography techniques can prevent eavesdroppers from maliciously intercepting or modifying sensitive information. however misuses of encryption may cause other problems First if the encryption key is lost or damaged even an authorized access to the original data will be denied. Second criminals can prevent authorized law enforcement officers from examining the necessary information by using the strong encrypted data can provide solutions for the situations. In this paper we propose a new key escrow system based on the ElGamal cryptosystem. Our system provide time-bound eavesdropping under court authorized permission protect from trustee's cheating and prevent user's shadow public key generation.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2001.04b
• /
• pp.1065-1068
• /
• 2001

최근 세계 각 국에서는 암호 기술의 역기능을 방지하고 일반 사용자들 사이에 암호 사용을 활성화하기 위한 방안으로 암호키 관리 기반 구조(KMI)에 관한 연구가 활발히 진행되고 있으며 이를 구현한 시스템들도 개발되고 있다. 그러나 현재 여러 나라에서 이러한 키 복구 기술에 대한 연구와 함께 키 복구 시스템들이 개발되고 있는 것에 반해 국내에서는 아직까지 암호키 관리 기관 구조를 구축할 수 있는 실제 시스템들에 대한 연구 및 개발이 미흡한 실정이다. 본 논문에서는 암호키 관리 기반 구조 구축에 기반이 될 수 있는 KMI 라이브러리를 구현하고 성능을 분석하였다.

• Proceedings of the Korean Information Science Society Conference
• /
• 2005.07a
• /
• pp.163-165
• /
• 2005

유비쿼터스 환경이 도래하면서 언제, 어느 곳에서든 네트?을 사용하여 정당한 사용자임을 확인하고자 하는 요구가 증대하고 있다. 기존의 사용자 인증 방식은 인증기관으로부터 받은 인증서와 비밀키를 하드웨어 장치나 스마트카드 등의 보조 기억장치에 저장하여 휴대하고 다녀야 하는 번거로움이 있다. 또한 사용자의 비밀키를 키위탁 센터에 위탁하여 필요할 때 사용할 수 있도록 하고 있으나 여러 가지 위협으로부터 안전할 수 없는 상황이다. 본 논문에서는 이러한 휴대의 불편함과 여러 가지 위협으로부터 보호하고, 사용자가 언제 어디서든 인증을 제공받을 수 있는 동적 키생성 및 키복구 모듈을 제안한다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.12 no.3
• /
• pp.119-128
• /
• 2002

In case certification between user and service provider is achieved, problem that user's identity is revealed is occurring by social issue, so it was presented identity escrow scheme to solve these problem. In identity escrow scheme, the issuer who have correct user's identity transmits securely anonymity authentication information to user, and user achieves authentication phase with service provider keeping oneself anonymity using this. In this paper, we present requirement for security and trusty of identity escrow scheme and propose new mechanism that can security this. Also, propose method that service provider can deliver securely contents to user and propose mechanism that improve that support ky recovery at encryption communication that using secret key that it was generated by key agreement between users.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.5
• /
• pp.1089-1097
• /
• 2016

It is well-known that, if additional information other than a plaintext-ciphertext pair is available, breaking the RSA cryptosystem may be much easier than factorizing the RSA modulus. For example, Coppersmith showed that, given the 1/2 fraction of the least or most significant bits of one of two RSA primes, the RSA modulus can be factorized in a polynomial time. More recently, Henecka et. al showed that the RSA private key of the form (p, q, d, $d_p$, $d_q$) can efficiently be recovered whenever the bits of the private key are erroneous with error rate less than 23.7%. It is notable that their algorithm is based on counting the matching bits between the candidate key bit string and the given decayed RSA private key bit string. And, extending the algorithm, this paper proposes a new RSA private key recovery algorithm using a generalized probabilistic measure for measuring the consistency between the candidate key bits and the given decayed RSA private key bits.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.27 no.12C
• /
• pp.1276-1281
• /
• 2002

Bellare and Rivest proposed the translucent cryptography which was a kind of key recovery system. Translucent cryptography is a system in which the third party can recover encrypted message with the probability p(0$\leq$p$\leq$1). The key recovery agency doesn't need to store the user's private key in advance. The balance between key recovery agency and user can be controlled by the value of p. For example, if p is set to be 0.4 then the key recovery agency can recover 40 out of 100 encrypted messages. In this paper, we show that user can easily deceive the key recovery agency in the translucent cryptography. Then we propose the solution of this problem.