• Journal of Communications and Networks
• /
• 제15권1호
• /
• pp.1-7
• /
• 2013

Most of the provably-secure proxy signature schemes rely on the average-case hardness problems such as the integer factorization problems and the discrete logarithm problems. Therefore, those schemes are insecure to quantum analysis algorithms, since there exist quantum algorithms efficiently solving the factorization and logarithm problems. To make secure proxy signature schemes against quantum analysis, some lattice-based proxy signature schemes are suggested. However, none of the suggested lattice-based proxy signature schemes is proxy-protected in the adaptive security model. In the paper, we propose a provably-secure ID-based proxy signature scheme based on the lattice problems. Our scheme is proxy-protected in the adaptive security model.

• 대한수학회지
• /
• 제45권6호
• /
• pp.1613-1622
• /
• 2008

Let G be a graph with vertex set V(G) and edge set E(G), and let g, f be two nonnegative integer-valued functions defined on V(G) such that $g(x)\;{\leq}\;f(x)$ for every vertex x of V(G). We use $d_G(x)$ to denote the degree of a vertex x of G. A (g, f)-factor of G is a spanning subgraph F of G such that $g(x)\;{\leq}\;d_F(x)\;{\leq}\;f(x)$ for every vertex x of V(F). In particular, G is called a (g, f)-graph if G itself is a (g, f)-factor. A (g, f)-factorization of G is a partition of E(G) into edge-disjoint (g, f)-factors. Let F = {$F_1$, $F_2$, ..., $F_m$} be a factorization of G and H be a subgraph of G with mr edges. If $F_i$, $1\;{\leq}\;i\;{\leq}\;m$, has exactly r edges in common with H, we say that F is r-orthogonal to H. If for any partition {$A_1$, $A_2$, ..., $A_m$} of E(H) with $|A_i|=r$ there is a (g, f)-factorization F = {$F_1$, $F_2$, ..., $F_m$} of G such that $A_i\;{\subseteq}E(F_i)$, $1\;{\leq}\;i\;{\leq}\;m$, then we say that G has (g, f)-factorizations randomly r-orthogonal to H. In this paper it is proved that every (0, mf - (m - 1)r)-graph has (0, f)-factorizations randomly r-orthogonal to any given subgraph with mr edges if $f(x)\;{\geq}\;3r\;-\;1$ for any $x\;{\in}\;V(G)$.

• 한국인터넷방송통신학회논문지
• /
• 제12권5호
• /
• pp.185-189
• /
• 2012

큰 반소수 n=pq의 소인수 p,q를 직접 찾는 것은 현실적으로 거의 불가능하여 대부분의 소인수분해 알고리즘은 $a^2{\equiv}b^2$(mod n)의 제곱합동을 찾아 p=GCD(a-b,n),q=GCD(a+b,n)의 소인수를 찾는 간접 방법을 적용하고 있다. 제곱합동 a,b을 찾는 다양한 방법이 제안되었지만 100자리 이상인 RSA 수에 대해서는 적용이 쉽지 않다. 본 논문에서는 $xa={\lceil}\sqrt{zn}{\rceil}\;or\;{\lceil}\sqrt{zn}{\rceil}+z+z=1,2,{\cdots}$로 설정하고 $(xa)^2{\equiv}(yb)^2$(mod n)을 찾는 간단한 방법을 제안한다. 제안된 알고리즘은 19 자리 수 까지는 제곱합동을 빠르게 찾는데 성공하였으나 39 자리 수에 대해서는 실패하였다.

• 한국컴퓨터정보학회논문지
• /
• 제19권7호
• /
• pp.71-76
• /
• 2014

대표적인 공개키 암호방식인 RSA에 사용되는 합성수 n=pq의 큰자리 소수 p,q를 소인수분해하여 구하는 것은 사실상 불가능하다. 공개키 e와 합성수 n은 알고 개인키 d를 모를 때, ${\phi}(n)=(p-1)(q-1)=n+1-(p+q)$을 구하여 $d=e^{-1}(mod{\phi}(n))$의 역함수로 개인키 d를 해독할수 있다. 따라서 ${\phi}(n)$을 알기위해 n으로부터 p,q를 구하는 수학적 난제인 소인수분해법을 적용하고 있다. 소인수분해법에는 n/p=q의 나눗셈 시행법보다는 $a^2{\equiv}b^2(mod\;n)$, a=(p+q)/2,b=(q-p)/2의 제곱합동법이 일반적으로 적용되고 있다. 그러나 다양한 제곱합동법이 존재함에도 불구하고 아직까지도 많은 RSA 수들이 해독되지 않고 있다. 본 논문은 ${\phi}(n)$을 직접 구하는 알고리즘을 제안하였다. 제안된 알고리즘은 $2^j{\equiv}{\beta}_j(mod\;n)$, $2^{{\gamma}-1}$ < n < $2^{\gamma}$, $j={\gamma}-1,{\gamma},{\gamma}+1$에 대해 $2^k{\beta}_j{\equiv}2^i(mod\;n)$, $0{\leq}i{\leq}{\gamma}-1$, $k=1,2,{\ldots}$ 또는 $2^k{\beta}_j=2{\beta}_j$로 ${\phi}(n)$을 구하였다. 제안된 알고리즘은 $n-10{\lfloor}{\sqrt{n}}{\rfloor}$ < ${\phi}(n){\leq}n-2{\lfloor}{\sqrt{n}}{\rfloor}$의 임의의 위치에 존재하는 ${\phi}(n)$도 약 2배 차이의 수행횟수로 찾을 수 있었다.

• Journal of applied mathematics & informatics
• /
• 제29권5_6호
• /
• pp.1525-1532
• /
• 2011

The $m{\times}n$ Boolean matrix A is said to be of Boolean rank r if there exist $m{\times}r$ Boolean matrix B and $r{\times}n$ Boolean matrix C such that A = BC and r is the smallest positive integer that such a factorization exists. We consider the the sets of matrix ordered pairs which satisfy extremal properties with respect to Boolean rank inequalities of matrices over nonbinary Boolean algebra. We characterize linear operators that preserve these sets of matrix ordered pairs as the form of $T(X)=PXP^T$ with some permutation matrix P.

• 정보처리학회논문지A
• /
• 제8A권1호
• /
• pp.36-41
• /
• 2001

본 논문에서는 첫째로 큰 정수의 소인수 분해를 위한 병렬 이차선별법(parallel quadratic sieve) 알고리즘을 제시한다. 이 알고리즘을 반복적으로 사용하여, 분산 메모리 모델(DMM)을 갖는 SIMD구조의 병렬 컴퓨터 상에서 분할정복기법을 사용하는 병력 소인수 분해(parallel factoring) 알고리즘을 제시한다. 또한 이러한 알고리즘이 시간과 프로세서의 곱의 관점에서 최적화 알고리즘임을 보인다.

• Journal of Information Processing Systems
• /
• 제8권4호
• /
• pp.567-574
• /
• 2012

This paper presents a strong designated verifiable signcryption scheme, in which a message is signcrypted by a signcryptor and only a specific receiver, who called a "designated verifier", verifies it using his own secret key. The scheme is secure, as an adversary can not verify the signature even if the secret key of the signer is compromised or leaked. The security of the proposed scheme lies in the complexity of solving two computationally hard problems, namely, the Discrete Logarithm Problem (DLP) and the Integer Factorization Problem (IFP). The security analysis of the scheme has been done and it is proved that, the proposed scheme can withstand an adaptive chosen ciphertext attack. This scheme can be very useful in organizations where there is a need to send confidential documents to a specific recipient. This scheme can also be applicable to real life scenarios, such as, e-commerce applications, e-banking and e-voting.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제16권1호
• /
• pp.287-304
• /
• 2022

With the development of quantum computers, ring signature schemes based on large integer prime factorization, discrete logarithm problem, and bilinear pairing are under threat. For this reason, we design a ring signature scheme based on lattice with a fixed verification key. Compared with the previous ring signature scheme based on lattice, our design has a fixed verification key and does not disclose the signer's identity. Meanwhile, we propose an anonymous electronic voting scheme by using our ring signature scheme based on lattice and (t, n) threshold scheme, which makes up for the lack of current anonymous electronic voting that cannot resist attacks of the quantum computer. Finally, under standard model (SM), we prove that our ring signature scheme based on lattice is anonymous against the full-key exposure, and existentially non-forgeable against insider corruption. Furthermore, we also briefly analyze the security of our anonymous electronic voting scheme.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제17권1호
• /
• pp.74-96
• /
• 2023

At present, the smart grid has become one of the indispensable infrastructures in people's lives. As a commonly used communication method, wireless communication is gradually, being widely used in smart grid systems due to its convenient deployment and wide range of serious challenges to security. For the insecurity of the schemes based on large integer factorization and discrete logarithm problem in the quantum environment, an identity-based key management scheme for smart grid over lattice is proposed. To assure the communication security, through constructing intra-cluster and inter-cluster multi-hop routing secure mechanism. The time parameter and identity information are introduced in the relying phase. Through using the symmetric cryptography algorithm to encrypt improve communication efficiency. Through output the authentication information with probability, the protocol makes the private key of the certification body no relation with the distribution of authentication information. Theoretic studies and figures show that the efficiency of keys can be authenticated, so the number of attacks, including masquerade, reply and message manipulation attacks can be resisted. The new scheme can not only increase the security, but also decrease the communication energy consumption.

• 한국인터넷방송통신학회논문지
• /
• 제14권6호
• /
• pp.25-31
• /
• 2014

비대칭키 RSA의 공개키 e와 합성수 n=pq은 알고 있고 개인키 d를 모를 때, ${\phi}(n)=(p-1)(q-1)=n+1-(p+q)$을 구하여 $d=e^{-1}(mod{\phi}(n))$으로 개인키 d를 해독한다. 암호해독은 일반적으로 n/p=q 또는 $a^2{\equiv}b^2$(mod n), a=(p+q)/2,b=(q-p)/2를 구하는 소인수 분해법이 널리 적용되고 있다. 그러나 아직까지도 많은 RSA 수들이 해독되지 않고 있다. 본 논문은 ${\phi}(n)$을 직접 구하는 알고리즘을 제안하였다. 제안된 알고리즘은 이산대수의 아기걸음-거인걸음법과 모듈러 지수연산의 $2^k$-ary법을 적용하였다. 이 알고리즘은 역-아기걸음과 $2^k$-ary 성인걸음법을 적용하여 기본적인 성인걸음법 수행횟수를 $1/2^k$로 줄이고, $m={\lfloor}\sqrt{n}{\rfloor}$의 저장 메모리 용량도 l, $a^l$ > n로 감소시켜 ${\phi}(n)$을 l회 이내로 구하였다.