• Journal of KIISE:Information Networking
• /
• v.30 no.4
• /
• pp.484-493
• /
• 2003

Proxy signature scheme is a cryptographic protocol that an original signer delegates her signing capability to a proxy signer, and then the proxy signer is able to create signatures on behalf of the original signer. In general, there is time-limit for which the signing capability of the proxy signer is valid. One of methods to limit the valid delegation time is to make public delegation information contain the expiration date of the delegation. however, in this method we cannot prevent the proxy signer from signing after the valid delegation is expired because no one knows the exact time when the proxy signer signed a message. The validity of the past legal signatures cannot be preserved in case that the proxy singer´s key is compromised during the delegation period. In this paper, we propose a new scheme, time-limited forward-secure proxy signature protocol, which prevents the proxy singer from signing after the valid delegation is expired and which preserves the validity of the past legal signatures even if the signing key is compromised. The proposed scheme does not require the exact time-information by making an original signer control time-related parameters and satisfies the forward-security property in each update-period of the proxy signing key. The time-period is determined according to the application characteristics or security policies.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.17 no.4
• /
• pp.53-60
• /
• 2007

In a known plaintext scenario, fast correlation attack is very powerful attack on stream ciphers. Most of fast correlation attacks consider the cryptographic problem as the suitable decoding problem. In this paper, we introduce advanced multi-pass fast correlation attack which is based on the fast correlation attack, which uses parity check equation and Fast Walsh Transform, proposed by Chose et al. and the Multi-pass fast correlation attack proposed by Zhang et al. We guess some bits of initial states of the target LFSR with the same method as previously proposed methods, but we can get one more bits at each passes and we will recover the initial states more efficiently.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.15 no.6
• /
• pp.93-103
• /
• 2005

As the usage of XML documents increases the requirement of security for XML documents is growing. Especially it is very important to solve the problem of access control to XML object which shares in the environment where various users connect to each others. In this paper, we propose the access control model and mechanism which is combined with role hierarchy in the RBAC and hierarchical key derivation/assign method for the access to XML object. So we implement the access control mechanism by including hierarchical key derivation method. The technique, we proposed, gives not only the benefit in management which RBAC provides in access control to XML objects, but also it ran help derive a lower layer key from the higher layer user's. This feature decrease the number of keys managed in each role hierarchy in comparison with previous methods.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.5
• /
• pp.1019-1025
• /
• 2012

Fault attacks manipulate the computation of an algorithm and get information about the private key from the erroneous result. It is the most powerful attack for the cryptographic device. Currently, the research on error detection methods and fault attacks have been studied actively. S. Pontarelli et al. introduced an error detection method in 2009. It can detect an error that occurs during Elliptic Curve Scalar Multiplication (ECSM). In this paper, we present a new fault attack. Our attack can avoid the error detection method introduced by S. Pontarelli et al. We inject a bit flip error in the Euclidean Addition Chain (EAC) on the private key in ECSM and retrieve the private key.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.5
• /
• pp.737-750
• /
• 2022

The demands of Unmanned Aerial Vehicles (UAVs) are growing very rapidly with the era of the 4th industrial revolution. As the technology of the UAV improved with the development of artificial intelligence and semiconductor technology, it began to be used in various civilian fields such as hobbies, bridge inspections, etc from being used for special purposes such as military use. MAVLink (Macro Air Vehicle Link), which started as an open source project, is the most widely used communication protocol between UAV and ground control station. However, MAVLink does not include any security features such as encryption/decryption mechanism, so it is vulnerable to various security threats. Therefore, in this study, the block cipher is implemented in UAV to ensure confidentiality, and the results of the encryption and decryption performance evaluation in the UAV according to various implementation methods are analyzed. In addition, we proposed the security requirements in accordance with Common Criteria, which is an international recognized ISO standard.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.1
• /
• pp.75-86
• /
• 2023

Public key cryptography algorithm such as RSA and ECC, which are commonly used in current financial transaction services, can no longer guarantee security when quantum computers are realized. Therefore it is necessary to convert existing legacy algorithms to Post-Quantum Cryptography, but it is expected that will take a considerable amount of time to replace them. Hence, it is necessary to study a hybrid method combining the two algorithms in order to prepare the forthcoming transition period. In this paper we propose a hybrid session key exchange protocol that generates a session key by combining the legacy algorithm ECDH and the Post-Quantum Cryptographic algorithm NTRU. We tried the methods that proposed by the IETF for TLS 1.3 based hybrid key exchange, and as a result, it is expected that the security can be enhanced by applying the protocol proposed in this paper to the existing financial transaction session protection solution.

• International Journal of Internet, Broadcasting and Communication
• /
• v.16 no.1
• /
• pp.17-28
• /
• 2024

As listed as one of the most important requirements for Post-Quantum Cryptography standardization process by National Institute of Standards and Technology, the resistance to various side-channel attacks is considered very critical in deploying cryptosystems in practice. In fact, cryptosystems can easily be broken by side-channel attacks, even though they are considered to be secure in the mathematical point of view. The timing attack(TA) and the simple power analysis attack(SPA) are such side-channel attack methods which can reveal sensitive information by analyzing the timing behavior or the power consumption pattern of cryptographic operations. Thus, appropriate measures against such attacks must carefully be considered in the early stage of cryptosystem's implementation process. The Montgomery multiplier is a commonly used and classical gadget in implementing big-number-based cryptosystems including RSA and ECC. And, as recently proposed as an alternative of building blocks for implementing post quantum cryptography such as lattice-based cryptography, the big-number multiplier including the Montgomery multiplier still plays a role in modern cryptography. However, in spite of its effectiveness and wide-adoption, the multiplier is known to be vulnerable to TA and SPA. And this paper proposes a new countermeasure for the Montgomery multiplier against TA and SPA. Briefly speaking, the new measure first represents a multiplication operand without 0 digits, so the resulting multiplication operation behaves in a very regular manner. Also, the new algorithm removes the extra final reduction (which is intrinsic to the modular multiplication) to make the resulting multiplier more timing-independent. Consequently, the resulting multiplier operates in constant time so that it totally removes any TA and SPA vulnerabilities. Since the proposed method can process multi bits at a time, implementers can also trade-off the performance with the resource usage to get desirable implementation characteristics.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.34 no.1
• /
• pp.103-114
• /
• 2024

In a situation where drone-related crimes continue to rise, research in drone forensics becomes crucial for preventing and responding to incidents involving drones. Conducting forensic analysis on flight record files stored internally is essential for investigating illegal activities. However, analyzing flight record files generated through the exclusive DUML protocol requires a deep understanding of the protocol's structure and characteristics. Additionally, a forensic analysis tool capable of handling cryptographic payloads and analyzing various drone models is imperative. Therefore, this study presents the methods and characteristics of flight record files generated by drones. It also explains the structure of the flight record file and the features of the DUML packet. Ultimately, we conduct forensic analysis based on the presented structure of the DUML packet and propose an extension forensic analysis system that operates more universally than existing tools, performing expanded syntactic analysis.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.5
• /
• pp.93-101
• /
• 2008

Side channel attacks are well known as one of the most powerful physical attacks against low-power cryptographic devices and do not take into account of the target's theoretical security. As an important succeeding factor in side channel attacks (specifically in DPAs), exact time-axis alignment methods are used to overcome misalignments caused by trigger jittering, noise and even some countermeasures intentionally applied to defend against side channel attacks such as random clock generation. However, the currently existing alignment methods consider only on the position of signals on time-axis, which is ineffective for certain countermeasures based on time-axis misalignments. This paper proposes a new signal alignment method based on interpolation and decimation techniques. Our proposal can align the size as well as the signals' position on time-axis. The validity of our proposed method is then evaluated experimentally with a smart card chip, and the results demonstrated that the proposed method is more efficient than the existing alignment methods.

• Journal of Broadcast Engineering
• /
• v.20 no.1
• /
• pp.92-109
• /
• 2015

Broadcast encryption is a cryptographic primitive that allows a sender to securely broadcast a message to a set of receivers. The most influential broadcast encryption system was proposed in 2001 by Naor, Naor, Lotspiech, based on a pseudo-random generator and the Subset Difference (SD) method. In this paper, we suggest a new broadcast encryption system that is based on secret sharing and SD methods. On an efficiency aspect, our system achieves O(r) transmission cost, O($log^2n$) storage cost, and O(1) computational cost for the number n of users and the number r of revoked users. Compared to O(log n) computational cost in the previous SD method, our system has the advantage that it needs only constant-sized computational cost for decryption, regardless of the number n or r. On a security aspect, our system can achieve tighter security reduction than the previous SD method and the gap of security loss is about O(n log n). Moreover, our result shows that it is possible to give the effect of the SD method while using an information-theoretically secure key distribution technique as in the Complete Subtree method.