• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.20 no.3
• /
• pp.135-140
• /
• 2010

The computation using Chinese Remainder Theorem in RSA cryptosystem is well suited in the digital signature or decryption processing due to its low computational load compared to the case of general RSA without CRT. Since the RSA-CRT algorithm is vulnerable to many fault insertion attacks, some countermeasures against them were proposed. Among several countermeasures, Yen et al. proposed two schemes based on fault propagation method. Unfortunately, a new vulnerability was founded in FDTC 2006 conference. To improve the original schemes, Kim et al. recently proposed a new countermeasure in which they adopt the AND operation for fault propagation. In this paper, we show that the proposed scheme using AND operation without checking procedure is also vulnerable to fault insertion attack with chosen messages.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.20 no.4
• /
• pp.155-160
• /
• 2010

Since the RSA cryptosystem based on Chinese Remainder Theorem is vulnerable to many fault insertion attacks, some countermeasures against them were proposed. Recently, Kim et al. or Ha et al. respectively proposed each countermeasure scheme based on fault propagation method. Unfortunately, Hur et al. insist that these countermeasures are vulnerable to their opcode modification fault attack. In this paper, we show that the proposed attack can not apply to almost CRT-RSA countermeasures which use multi-precision operations in long bit computation. Therefore, the countermeasure against fault attack proposed by Kim et al. or Ha et al. are still secure.

• Journal of the military operations research society of Korea
• /
• v.12 no.1
• /
• pp.38-49
• /
• 1986

Cryptography attempts to protect information by altering its form to make it unreadable to all but the authorized readers. DBMS is a most important computer application area requiring data security, but only a few cryptosystems are suggested for the database encryption. This research develops a new Residue-Coded Cryptosystem based on the Chinese Remainder Theorem, which is considered to be more efficient than the database encryption scheme introduced by Davida, Wells and Kam in 1981.

• The Journal of the Korea Contents Association
• /
• v.13 no.12
• /
• pp.9-18
• /
• 2013

In recent years, the demands of multimedia data in wireless sensor networks have been significantly increased for the high-quality environment monitoring applications that utilize sensor nodes to collect multimedia data. However, since the amount of multimedia data is very large, the network lifetime and network performance are significantly reduced due to excessive energy consumption on particular nodes. In this paper, we propose an energy-efficient dynamic area compression scheme in wireless multimedia sensor networks. The proposed scheme minimizes the energy consumption in the huge multimedia data transmission process by compression using the Chinese Remainder Theorem(CRT) and dynamic area detection and division algorithm. Our experimental results show that our proposed scheme improves the data compression ratio by about 37% and reduces the amount of transmitted data by about 56% over the existing scheme on average. In addition, the proposed scheme increases network lifetime by about 14% over the existing scheme on average.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.9 no.10
• /
• pp.4250-4267
• /
• 2015

Although many revocable group signature schemes has been proposed in vehicular ad hoc networks (VANETs), the existing schemes suffer from long computation delay on revocation that they cannot adapt to the dynamic VANETs. Based on Chinese remainder theorem and Schnorr signature algorithm, this paper proposes an efficient revocable group signature scheme in VANETs. In the proposed scheme, it only need to update the corresponding group public key when a member quits the group, and in the meanwhile the key pairs of unchanged group members are not influenced. Furthermore, this scheme can achieve privacy protection by making use of blind certificates. Before joining to the VANETs, users register at local trusted agencies (LTAs) with their ID cards to obtain blind certificates. The blind certificate will be submitted to road-side units (RSUs) to verify the legality of users. Thus, the real identities of users can be protected. In addition, if there is a dispute, users can combine to submit open applications to RSUs against a disputed member. And LTAs can determine the real identity of the disputed member. Moreover, since the key pairs employed by a user are different in different groups, attackers are not able to track the movement of users with the obtained public keys in a group. Furthermore, performance analysis shows that proposed scheme has less computation cost than existing schemes.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.17 no.6
• /
• pp.29-39
• /
• 2007

RSA is one of the most popular public-key crypto-system in various applications. This paper addresses a high-speed RSA crypto-processor with modified radix-4 modular multiplication algorithm and Chinese Remainder Theorem(CRT) using Carry Save Adder(CSA). Our design takes 0.84M clock cycles for a 1024-bit modular exponentiation and 0.25M cycles for a 512-bit exponentiations. With 0.18um standard cell library, the processor achieves 365Kbps for a 1024-bit exponentiation and 1,233Kbps for two 512-bit exponentiations at a 300MHz clock rate.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.4
• /
• pp.17-25
• /
• 2008

Because Chinese Remainder Theorem based RSA (RSA CRT) offers a faster version of modular exponentiation than ordinary repeated squaring, it is promoting with standard. Unfortunately there are major security issues associated with RSA CRT, since Bellcore announced a fault-based cryptanalysis against RSA CRT in 1996. In 1997, Shamir developed a countermeasure using error free immune checking procedure. And soon it became known that the this checking procedure can not effect as the countermeasures. Recently Yen proposed two hardware fault immune protocols for RSA CRT, and this two protocols do not assume the existence of checking procedure. However, in FDTC 2006, the method of attack against the Yen's two protocols was introduced. In this paper, the main purpose is to present a countermeasure against the method of attack from FDTC 2006 for CRT-RSA. The proposed countermeasure use a characteristic bit operation and dose not consider an additional operation.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.15 no.12
• /
• pp.4508-4530
• /
• 2021

Today distributed data storage service are being widely used. However lack of proper means of security makes the user data vulnerable. In this work, we propose a Randomized Block Size (RBS) model for secure data storage in distributed environments. The model work with multifold block sizes encrypted with the Chinese Remainder Theorem-based RSA (C-RSA) technique for end-to-end security of multimedia data. The proposed RBS model has a key generation phase (KGP) for constructing asymmetric keys, and a rand generation phase (RGP) for applying optimal asymmetric encryption padding (OAEP) to the original message. The experimental results obtained with text and image files show that the post encryption file size is not much affected, and data is efficiently encrypted while storing at the distributed storage server (DSS). The parameters such as ciphertext size, encryption time, and throughput have been considered for performance evaluation, whereas statistical analysis like similarity measurement, correlation coefficient, histogram, and entropy analysis uses to check image pixels deviation. The number of pixels change rate (NPCR) and unified averaged changed intensity (UACI) were used to check the strength of the proposed encryption technique. The proposed model is robust with high resilience against eavesdropping, insider attack, and chosen-plaintext attack.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.12 no.2
• /
• pp.21-34
• /
• 2002

In this paper we propos a new hardware architecture of modular exponentiation using a division chain method which has been proposed in (2). Modular exponentiation using the division chain is performed by receding an exponent E as a mixed form of multiplication and addition with divisors d=2 or $d=2^I +1$ and respective remainders r. This calculates the modular exponentiation in about $1.4log_2$E multiplications on average which is much less iterations than $2log_2$E of conventional Binary Method. We designed a linear systolic array multiplier with pipelining and used a horizontal projection on its data dependence graph. So, for k-bit key, two k-bit data frames can be inputted simultaneously and two modular multipliers, each consisting of k/2+3 PE(Processing Element)s, can operate in parallel to accomplish 100% throughput. We propose a new encoding scheme to represent divisors and remainders of the division chain to keep regularity of the data path. When it is synthesized to ASIC using Samsung 0.5 um CMOS standard cell library, the critical path delay is 4.24ns, and resulting performance is estimated to be abort 140 Kbps for a 1024-bit data frame at 200Mhz clock In decryption process, the speed can be enhanced to 560kbps by using CRT(Chinese Remainder Theorem). Futhermore, to satisfy real time requirements we can choose small public exponent E, such as 3,17 or $2^{16} +1$, in encryption and verification process. in which case the performance can reach 7.3Mbps.

• ETRI Journal
• /
• v.36 no.3
• /
• pp.469-478
• /
• 2014

RSA signature algorithms using the Chinese remainder theorem (CRT-RSA) are approximately four-times faster than straightforward implementations of an RSA cryptosystem. However, the CRT-RSA is known to be vulnerable to fault attacks; even one execution of the algorithm is sufficient to reveal the secret keys. Over the past few years, several countermeasures against CRT-RSA fault attacks have tended to involve additional exponentiations or inversions, and in most cases, they are also vulnerable to new variants of fault attacks. In this paper, we review how Shamir's countermeasure can be broken by fault attacks and improve the countermeasure to prevent future fault attacks, with the added benefit of low additional costs. In our experiment, we use the side-channel analysis resistance framework system, a fault injection testing and verification system, which enables us to inject a fault into the right position, even to within $1{\mu}s$. We also explain how to find the exact timing of the target operation using an Atmega128 software board.