• Title/Summary/Keyword: Digital Signature Algorithm(DSA)

Search Result 13, Processing Time 0.037 seconds

A new digital signature scheme secure against fault attacks (오류 주입 공격에 안전한 전자서명 대응법)

  • Kim, Tae-Won;Kim, Tae-Hyun;Hong, Seok-Hie;Park, Young-Ho
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.22 no.3
    • /
    • pp.515-524
    • /
    • 2012
  • Fault attacks are a powerful side channel analysis extracting secret information by analyzing the result after injecting faults physically during the implementation of a cryptographic algorithm. First, this paper analyses vulnerable points of existing Digital Signature Algorithm (DSA) schemes secure against fault attacks. Then we propose a new signature algorithm immune to all fault attacks. The proposed DSA scheme is designed to signature by using two nonce and an error diffusion method.

An Efficient DSA Signature Scheme Resistant to the Fault Analysis Attack (오류 분석 공격에 대응하는 효율적인 DSA 서명 기법)

  • Bae, Ki-Seok;Baek, Yi-Roo;Moon, Sang-Jae;Ha, Jae-Cheol
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.20 no.5
    • /
    • pp.49-57
    • /
    • 2010
  • The fault cryptanalysis is a physical attack in which the key stored inside of the device can be extracted by occurring some faults when the device performs cryptographic algorithm. Since the international signature standard DSA(Digital Signature Algorithm) was known to be vulnerable to some fault analysis attacks, many researchers have been investigating the countermeasure to prevent these attacks. In this paper we propose a new countermeasure to compute DSA signature that has its immunity in the presence of faults. Since additional computational overhead of our proposal is only an inverse operation in signature process, the proposed DSA scheme can be implemented more efficiently compared to previous countermeasures.

EC-DSA Implementation using Security SoC with built-in ECC Core (ECC 코어가 내장된 보안 SoC를 이용한 EC-DSA 구현)

  • Yang, Hyeon-Jun;Shin, Kyung-Wook
    • Proceedings of the Korean Institute of Information and Commucation Sciences Conference
    • /
    • 2021.05a
    • /
    • pp.63-65
    • /
    • 2021
  • This paper describes an integrated H/W-S/W implementation of elliptic curve digital signature algorithm (EC-DSA) using a security system-on-chip (SoC). The security SoC uses the Cortex-A53 APU as CPU, and the hardware IPs of high-performance elliptic curve cryptography (HP-ECC) core and SHA3 (secure hash algorithm 3) hash function core are interfaced via AXI4-Lite bus protocol. The signature generation and verification processes of EC-DSA were verified by the implementation of the security SoC on a Zynq UltraScale+ MPSoC device.

  • PDF

Digital Signature Schemes with Restriction on Signing Capability (서명 능력을 제한하는 전자 서명 스킴)

  • 황정연;이동훈;임종인
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.12 no.6
    • /
    • pp.81-92
    • /
    • 2002
  • In some practical circumstances, the ability of a signer should be restricted. In group signature schemes, a group member of a group may be allowed to generate signatures up to a certain number of times according to his/her position in the group. In proxy signature schemes, an original signer may want to allow a proxy signer to generate a certain number of signatures on behalf of the original signer. In the paper, we present signature schemes, called c-times signature schemes, that restrict the signing ability of a signer up to c times for pre-defined value c at set-up. The notion of c-times signature schemes are formally defined, and generic transformation from a signature scheme to a c-times signature scheme is suggested. The proposed scheme has a self-enforcement property such that if a signer generates c+1 or more signatures, his/her signature is forged. As a specific example, we present a secure c-times signature scheme $^c$DSA based on the DSA (Digital Signature Algorithm) by using a threshold scheme. Our transformation can be applied to other ElGamal-like signature schemes as well.

Cryptanalysis using Fault Injection and Countermeasures on DSA (오류주입을 이용한 DSA 서명 알고리즘 공격 및 대응책)

  • Jung, Chul-Jo;Oh, Doo-Hwan;Choi, Doo-Sik;Kim, Hwan-Koo;Ha, Jae-Cheol
    • Journal of the Korea Academia-Industrial cooperation Society
    • /
    • v.11 no.8
    • /
    • pp.3045-3052
    • /
    • 2010
  • The international standard signature algorithm DSA has been guaranteed its security based on discrete logarithm problem. Recently, the DSA was known to be vulnerable to some fault analysis attacks in which the secret key stored inside of the device can be extracted by occurring some faults when the device performs signature algorithm. After analyzing an existing fault attack presented by Bao et al., this paper proposed a new fault analysis attack by disturbing the random number. Furthermore, we presented a countermeasure to compute DSA signature that has its immunity in the two types of fault attacks. The security and efficiency of the proposed countermeasure were verified by computer simulations.

IMPLEMENTATION ISSUES FOR ARITHMETIC OVER EXTENSION FIELDS OF CHARACTERISTIC ODD

  • Oh, Sang-Ho;Kim, Chang-Han;Kim, Yong-Tae;Park, Young-Ho
    • Communications of the Korean Mathematical Society
    • /
    • v.18 no.1
    • /
    • pp.159-168
    • /
    • 2003
  • In this paper we discuss the Construction Of 3 new extension field of characteristic odd and analyze the complexity of arithmetic operations over such a field. Also we show that it is suitable for Elliptic Curve Cryptosystems(ECC) and Digital Signature Algorithm(DSA, 〔7〕) as an underlying field. In particular, our digital signature scheme is at least twice as efficient as DSA.

XML Digital signature System based on Mobile Environment (모바일 환경에서의 XML 문서 디지털 서명 시스템)

  • Hao, Ri-Ming;Hong, Xian-Yu;Lee, Seong-Hyun;Lee, Jae-Seung;Jung, Hoe-Kyung
    • Proceedings of the Korean Institute of Information and Commucation Sciences Conference
    • /
    • 2007.10a
    • /
    • pp.701-704
    • /
    • 2007
  • Recently, More and more consumer enjoy the finance service such as settling, account transferring, stocks investment, and so via mobile device. In the mobile environment, data transferring between the devices is formatted as XML. However, the common XML file is exposed to the attack such as hacking and malignity code, to satisfy security of mobile environment is very difficult. The problem is more seriously at the open platform such as WIPI that is developed by our country. So there is enough reason to propose one system to protect the import data. In this paper, we development the system to digital signature and signature the XML document in order to protect data, and the system is observing the recommendation of the XML Signature Syntax and Processing by W3C. When designing and composition the system, we use the digital signature algorithm RSA, DSA, KCDSA, and HMAC, etc. we test the system at the open WIPI platform.

  • PDF

Flexible Video Authentication based on Aggregate Signature

  • Shin, Weon;Hong, Young-Jin;Lee, Won-Young;Rhee, Kyung-Hyune
    • Journal of Korea Multimedia Society
    • /
    • v.12 no.6
    • /
    • pp.833-841
    • /
    • 2009
  • In this paper we propose a flexible video authentication scheme based on aggregate signature, which provides authenticity of a digital video by means of cryptographic signature to guarantee right of users. In contrast to previous works, the proposed scheme provides flexible usages on content distribution system, and it allows addition of new contents to the signed contents and deletion of some parts of the signed contents. A modification can be done by content owner or others. Although contents are modified by one or more users, our scheme can guarantee each user's right by aggregation of the each user's signatures. Moreover, proposed scheme has half size of Digital Signature Algorithm (DSA) with comparable security.

  • PDF

Designing and Implementing a PKI-based Safety Protocol for Electronic Medical Record Systems (공개키 기반의 안전한 전자의무기록에 관한 프로토콜 설계 및 구현)

  • Jin, Gang-Yoon;Jeong, Yoon-Su;Shin, Seung-Soo
    • Journal of Digital Convergence
    • /
    • v.10 no.4
    • /
    • pp.243-250
    • /
    • 2012
  • This study proposes new protocol protecting patients' personal record more safely as well as solving medical dispute smoothly by storing the record not into a computer server in hospitals but into the National Health Insurance Corporation computer server. The new protocol for electronic medical record is designed using RSA public key algorithm and DSA digital signature. In addition, electronic medical record systems are built up with more safety and reliability through certificate authority. The proposed medical information systems can strengthen trust between doctors and patients. If medical malpractice occurs, the systems can also provide evidence. Furthermore, the systems can be helpful to reduce medical accidents. The systems could be also utilized efficiently in various applied areas.

TIM: A Trapdoor Hash Function-based Authentication Mechanism for Streaming Applications

  • Seo, Seog Chung;Youn, Taek-Young
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.12 no.6
    • /
    • pp.2922-2945
    • /
    • 2018
  • Achieving efficient authentication is a crucial issue for stream data commonly seen in content delivery, peer-to-peer, and multicast/broadcast networks. Stream authentication mechanisms need to be operated efficiently at both sender-side and receiver-side at the same time because of the properties of stream data such as real-time and delay-sensitivity. Until now, many stream authentication mechanisms have been proposed, but they are not efficient enough to be used in stream applications where the efficiency for sender and receiver sides are required simultaneously since most of them could achieve one of either sender-side and receiver-side efficiency. In this paper, we propose an efficient stream authentication mechanism, so called TIM, by integrating Trapdoor Hash Function and Merkle Hash Tree. Our construction can support efficient streaming data processing at both sender-side and receiver-side at the same time differently from previously proposed other schemes. Through theoretical and experimental analysis, we show that TIM can provide enhanced performance at both sender and receiver sides compared with existing mechanisms. Furthermore, TIM provides an important feature for streaming authentication, the resilience against transmission loss, since each data block can be verified with authentication information contained in itself.