• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.14 no.3
• /
• pp.13-25
• /
• 2004

The key exchange protocols are very crucial tools to provide the secure communication in the broadband satellite access network. They should be required to satisfy various requirements such as security, key confirmation, and key freshness. In this paper, we present the guideline of security functions in BSAN(Broadband Satellite Access Network), and analyze the specification of the security primitives and the hey exchange Protocols for the authenticated key agreement between RCST(Return Channel Satellite Terminal) and NCC(fretwork Control Centre). In addition, we propose the security specification for a domestic broad satellite network based on the analysis on the analysis profile of ETSI(European Telecommunications Standards Institute) standards. The key exchange protocols proposed in ETSI standard are vulnerable to man-in-the-middle attack and they don't provide key confirmation. To overcome this shortcoming, we propose the 4 types of the key exchange protocols which have the resistant to man-in-the-middle-attack, key freshness, and key confirmation, These proposed protocols can be used as a key exchange protocol between RCST and NCC in domestic BSAN. These proposed protocols are based on DH key exchange protocol, MTI(Matsumoto, Takashima, Imai) key exchange protocol, and ECDH(Elliptic Curve Diffie-Hellman).

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.11 no.5
• /
• pp.17-30
• /
• 2001

In this paper, we implemented a scalar multiplier needed at an elliptic curve cryptosystem over standard basis in $GF(2^{163})$. The scalar multiplier consists of a radix-16 finite field serial multiplier and a finite field inverter with some control logics. The main contribution is to develop a new fast finite field inverter, which made it possible to avoid time consuming iterations of finite field multiplication. We used an algorithmic transformation technique to obtain a data-independent computational structure of the Extended Euclid GCD algorithm. The finite field multiplier and inverter shown in this paper have regular structure so that they can be easily extended to larger word size. Moreover they can achieve 100% throughput using the pipelining. Our new scalar multiplier is synthesized using Hyundai Electronics 0.6$\mu\textrm{m}$ CMOS library, and maximum operating frequency is estimated about 140MHz. The resulting data processing performance is 64Kbps, that is it takes 2.53ms to process a 163-bit data frame. We assure that this performance is enough to be used for digital signature, encryption & decryption and key exchange in real time embedded-processor environments.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.12 no.2
• /
• pp.45-52
• /
• 2002

In this contributions, we propose a new MSB(most significant bit) algorithm based on AOP(All One Polynomial) and two parallel semi-systolic architectures to computes $AB^2$over finite field $GF(2^m)$. The proposed architectures are based on standard basis and use the property of irreducible AOP(All One Polynomial) which is all coefficients of 1. The proposed parallel semi-systolic architecture(PSM) has the critical path of $D_{AND2^+}D_{XOR2}$ per cell and the latency of m+1. The modified parallel semi-systolic architecture(WPSM) has the critical path of $D_{XOR2}$ per cell and has the same latency with PSM. The proposed two architectures, PSM and MPSM, have a low latency and a small hardware complexity compared to the previous architectures. They can be used as a basic architecture for exponentiation, division, and inversion. Since the proposed architectures have regularity, modularity and concurrency, they are suitable for VLSI implementation. They can be used as a basic architecture for algorithms, such as the Diffie-Hellman key exchange scheme, the Digital Signature Algorithm(DSA), and the ElGamal encryption scheme which are needed exponentiation operation. The application of the algorithms can be used cryptosystem implementation based on elliptic curve.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.21 no.6
• /
• pp.1083-1091
• /
• 2017

This paper describes a design of cryptographic processor supporting 224-bit elliptic curves over prime field defined by NIST. Scalar point multiplication that is a core arithmetic function in elliptic curve cryptography(ECC) was implemented by adopting the modified Montgomery ladder algorithm. In order to eliminate division operations that have high computational complexity, projective coordinate was used to implement point addition and point doubling operations, which uses addition, subtraction, multiplication and squaring operations over GF(p). The final result of the scalar point multiplication is converted to affine coordinate and the inverse operation is implemented using Fermat's little theorem. The ECC processor was verified by FPGA implementation using Virtex5 device. The ECC processor synthesized using a 0.18 um CMOS cell library occupies 2.7-Kbit RAM and 27,739 gate equivalents (GEs), and the estimated maximum clock frequency is 71 MHz. One scalar point multiplication takes 1,326,985 clock cycles resulting in the computation time of 18.7 msec at the maximum clock frequency.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.3
• /
• pp.497-508
• /
• 2021

In this paper, we focus on optimizing the performance of CSURF, which uses the tweaked Montgomery curves. The projective version of elliptic curve arithmetic is slower on tweaked Montgomery curves than on Montgomery curves, so that CSURF is slower than the hybrid version of CSIDH. However, as the square-root Velu formula uses less number of ellitpic curve arithmetic than the standard Velu formula, there is room for optimization We optimize the square-root Velu formula and 2-isogeny formula on tweaked Montgomery curves. Our CSURFis 14% faster than the standard CSURF, and 10.8% slower than the CSIDH using the square-root Velu formula. The constant-time CSURF is 6.8% slower than constant-time CSIDH. Compared to the previous implementations, this is a remarkable result.

• Journal of Digital Convergence
• /
• v.10 no.3
• /
• pp.105-111
• /
• 2012

Internet Protocol Television (IPTV) through broadband cable network is a subscriber-based system which consists of software and set-top box. However, a weakness for the current IPTV system is the lack of security between users and CAS. This paper proposes a user authentication protocol at STB, which limits the service by the user-valued attribute to prevent illegal IPTV users. User attribute values change the order with bit form according to the certain rule, and apply to one-way hash function and Diffie-Hellman's elliptic curve key-exchange algorithm. The proposed protocol is able to improve on user authentication and computation. Also, each user generates an authentication message by smart card and receives various services based on the user-valued attribute.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.14 no.2
• /
• pp.738-756
• /
• 2020

The modular multiplication is the key module of public-key cryptosystems such as RSA (Rivest-Shamir-Adleman) and ECC (Elliptic Curve Cryptography). However, the efficiency of the modular multiplication, especially the modular square, is very low. In order to reduce their operation cycles and power consumption, and improve the efficiency of the public-key cryptosystems, a dual-field efficient FIPS (Finely Integrated Product Scanning) modular multiplication algorithm is proposed. The algorithm makes a full use of the correlation of the data in the case of equal operands so as to avoid some redundant operations. The experimental results show that the operation speed of the modular square is increased by 23.8% compared to the traditional algorithm after the multiplication and addition operations are reduced about (s² - s) / 2, and the read operations are reduced about s² - s, where s = n / 32 for n-bit operands. In addition, since the algorithm supports the length scalable and dual-field modular multiplication, distinct applications focused on performance or cost could be satisfied by adjusting the relevant parameters.

• Journal of Korea Multimedia Society
• /
• v.20 no.8
• /
• pp.1321-1329
• /
• 2017

A quantum computer, based on quantum mechanics, is a paradigm of information processing that can show remarkable possibilities of exponentially improved information processing. This paradigm can be solved in a short time by calculating factoring problem and discrete logarithm problem that are typically used in public key cryptosystems such as RSA(Rivest-Shamir-Adleman) and ECC(Elliptic Curve Cryptography). In 2013, Lei et al. proposed a secure NTRU-based key distribution protocol for quantum computing. However, Lei et al. protocol was vulnerable to man-in-the-middle attacks. In this paper, we propose a NTRU(N-the truncated polynomial ring) key distribution protocol with mutual authentication only using NTRU convolution multiplication operation in order to maintain the security for quantum computing. The proposed protocol is resistant to quantum computing attacks. It is also provided a secure key distribution from various attacks such as man-in-the middle attack and replay attack.

• IEIE Transactions on Smart Processing and Computing
• /
• v.1 no.1
• /
• pp.65-71
• /
• 2012

Mobile RFID is a new application that uses a mobile phone as an RFID reader with wireless technology and provides a new valuable service to users by integrating RFID and ubiquitous sensor network infrastructures with mobile communication and wireless Internet. Whereas the mobile RFID system has many advantages, privacy violation problems on the reader side are very concerning to individuals and researchers. Unlike in regular RFID environments, where the communication channel between the server and reader is assumed to be secure, the communication channel between the backend server and the RFID reader in the mobile RFID system is not assumed to be safe. Therefore it has become necessary to devise a new communication protocol that secures the privacy of mobile RFID-enabled devices. Recently, Lo et al. proposed a mutual key agreement protocol that secures the authenticity and privacy of engaged mobile RFID readers by constructing a secure session key between the reader and server. However, this paper shows that this protocol does not meet all of the necessary security requirements. Therefore we developed an enhanced mutual key agreement protocol for mobile RFID-enabled devices that alleviates these concerns. We further show that our protocol can enhance data security and provide privacy protection for the reader in an unsecured mobile RFID environment, even in the presence of an active adversary.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.14 no.1
• /
• pp.382-403
• /
• 2020

Steganography is the art of concealing the existence of a secret data in a non-secret digital carrier called cover media. While the image of steganography methods is extensively researched, studies on other cover files remain limited. Videos are promising research items for steganography primitives. This study presents an improved approach to video steganography. The improvement is achieved by allowing senders and receivers exchanging secret data without embedding the hidden data in the cover file as in traditional steganography methods. The method is based mainly on searching for exact matches between the secret text and the video frames RGB channel pixel values. Accordingly, a random key-dependent data is generated, and Elliptic Curve Public Key Cryptography is used. The proposed method has an unlimited embedding capacity. The results show that the improved method is secure against traditional steganography attacks since the cover file has no embedded data. Compared to other existing Steganography video systems, the proposed system shows that the method proposed is unlimited in its embedding capacity, system invisibility, and robustness. The system achieves high precision for data recovery in the receiver. The performance of the proposed method is found to be acceptable across different sizes of video files.