• Title/Summary/Keyword: Public key cryptography

Search Result 240, Processing Time 0.027 seconds

Design of a Strong Authentication Mechanism using Public-Key based on Kerberos (공개키를 이용한 커버로스 기반의 강력한 인증 메커니즘 설계)

  • 김은환;전문석
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.12 no.4
    • /
    • pp.67-76
    • /
    • 2002
  • Kerberos is designed to provide strong authentication between client and application servers which are working in distributed network environment by using symmetric-key cryptography, and supposed to trust other systems of the realm. In this paper, we design an efficient and strong authentication mechanism by introducing the public/private-key to Kerberos. In the mechanism to make a system more secure, the value of the session key is changed everytime using MAC(message authentication code) algorithm with the long-term key for user-authentication and a random number exchanged through the public key. Also, we employ a mutual authentication method, which is used on challenge-response mechanism based on digital signatures, to improve trust between realms, and present a way of reducing the number of keys by simplifying authentication steps.

A Study on the Secure Key Escrow System (안전한 키 위탁 시스템에 관한 연구)

  • 채승철
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.9 no.2
    • /
    • pp.83-92
    • /
    • 1999
  • Cryptography techniques can prevent eavesdroppers from maliciously intercepting or modifying sensitive information. however misuses of encryption may cause other problems First if the encryption key is lost or damaged even an authorized access to the original data will be denied. Second criminals can prevent authorized law enforcement officers from examining the necessary information by using the strong encrypted data can provide solutions for the situations. In this paper we propose a new key escrow system based on the ElGamal cryptosystem. Our system provide time-bound eavesdropping under court authorized permission protect from trustee's cheating and prevent user's shadow public key generation.

Identity-Based Multiple Key Agreement Scheme

  • Dehkordi, Massoud Hadian;Alimoradi, Reza
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.5 no.12
    • /
    • pp.2392-2402
    • /
    • 2011
  • In order to protect some important information communicated through an insecure network, a common hidden key must be used. One can produce the common hidden key using key agreement protocols; and this helps to have high security in modern data networks. Today, the designers of public key cryptography protocols try to set the public identity of a system's users (like their email addresses) as their public key. This not only makes a cryptographic protocol more efficient but also decreases its cost. These protocols are called "identity-based". In this article, an identity-based multiple key agreement scheme will be presented; this scheme uses the challenge-response method to do the verification. While the number of random values produced in our scheme is the same as other schemes, the number of keys generated in this scheme is much more than what many other key agreement schemes produce,. Therefore, we will have less computational complexities campered with other schems. In this paper, we consider the security of our scheme and consequently, we will show that it satisfies many security conditions such as strong security.

A Secure Switch Migration for SDN with Role-based IBC

  • Lam, JunHuy;Lee, Sang-Gon;Andrianto, Vincentius Christian
    • Journal of the Korea Society of Computer and Information
    • /
    • v.22 no.9
    • /
    • pp.49-55
    • /
    • 2017
  • Despite the Openflow's switch migration occurs after the channel was established in secure manner (optional), the current cryptography protocol cannot prevent the insider attack as the attacker possesses a valid public/private key pair. There are methods such as the certificate revocation list (CRL) or the online certificate status protocol (OCSP) that tries to revoke the compromised certificate. However, these methods require a management system or server that introduce additional overhead for the communication. Furthermore, these methods are not able to mitigate power abuse of an insider. In this paper, we propose a role-based identity-based cryptography (RB-IBC) that integrate the identity of the node along with its role so the nodes within the network can easily mitigate any role abuse of the nodes. Besides that, by combining with IBC, it will eliminate the need of exchanging certificates and hence improve the performance in a secure channel.

A Survey of Public-Key Cryptography over Non-Abelian Groups

  • Lanel, G.H.J.;Jinasena, T.M.K.K.;Welihinda, B.A.K.
    • International Journal of Computer Science & Network Security
    • /
    • v.21 no.4
    • /
    • pp.289-300
    • /
    • 2021
  • Non-abelian group based Cryptography is a field which has become a latest trend in research due to increasing vulnerabilities associated with the abelian group based cryptosystems which are in use at present and the interesting algebraic properties associated that can be thought to provide higher security. When developing cryptographic primitives based on non-abelian groups, the researchers have tried to extend the similar layouts associated with the traditional underlying mathematical problems and assumptions by almost mimicking their operations which is fascinating even to observe. This survey contributes in highlighting the different analogous extensions of traditional assumptions presented by various authors and a set of open problems. Further, suggestions to apply the Hamiltonian Cycle/Path Problem in a similar direction is presented.

Scalable RSA public-key cryptography processor based on CIOS Montgomery modular multiplication Algorithm (CIOS 몽고메리 모듈러 곱셈 알고리즘 기반 Scalable RSA 공개키 암호 프로세서)

  • Cho, Wook-Lae;Shin, Kyung-Wook
    • Journal of the Korea Institute of Information and Communication Engineering
    • /
    • v.22 no.1
    • /
    • pp.100-108
    • /
    • 2018
  • This paper describes a design of scalable RSA public-key cryptography processor supporting four key lengths of 512/1,024/2,048/3,072 bits. The modular multiplier that is a core arithmetic block for RSA crypto-system was designed with 32-bit datapath, which is based on the CIOS (Coarsely Integrated Operand Scanning) Montgomery modular multiplication algorithm. The modular exponentiation was implemented by using L-R binary exponentiation algorithm. The scalable RSA crypto-processor was verified by FPGA implementation using Virtex-5 device, and it takes 456,051/3,496347/26,011,947/88,112,770 clock cycles for RSA computation for the key lengths of 512/1,024/2,048/3,072 bits. The RSA crypto-processor synthesized with a $0.18{\mu}m$ CMOS cell library occupies 10,672 gate equivalent (GE) and a memory bank of $6{\times}3,072$ bits. The estimated maximum clock frequency is 147 MHz, and the RSA decryption takes 3.1/23.8/177/599.4 msec for key lengths of 512/1,024/2,048/3,072 bits.

An enhanced method using NP-complete problem in Public Key Cryptography System (NP-complete 문제를 이용한 공개키 암호 시스템 개선)

  • Baek, Jaejong
    • Journal of the Korea Institute of Information and Communication Engineering
    • /
    • v.19 no.12
    • /
    • pp.2865-2870
    • /
    • 2015
  • Recently, due to the hardware computing enhancement such as quantum computers, the amount of information that can be processed in a short period of time is growing exponentially. The cryptography system proposed by Koblitz and Fellows has a problem that it can not be guaranteed that the problem finding perfect dominating set is NP-complete in specific 3-regular graphs because the number of invariant polynomial can not be generated enough. In this paper, we propose an enhanced method to improve the vulnerability in 3-regular graph by generating plenty of invariant polynomials.

A Proposal of Secure Route Discovery Protocol for Ad Hoc Network (Ad Hoc 네트워크를 위한 안전한 경로발견 프로토콜 제안)

  • Park Young-Ho;Kim Jin-Gyu;Kim Cheol-Su
    • Journal of Korea Society of Industrial Information Systems
    • /
    • v.10 no.3
    • /
    • pp.30-37
    • /
    • 2005
  • Ad hoc network is a collection of mobile nodes without using any infrastructure, it , is using in the various fields. Because ad hoc network is vulnerable to attacks such as routing disruption and resource consumption, it is in need of routing protocol security. In this paper, we propose two secure route-discovery protocols. One is a protocol using hash function. This protocol is weak in active attack but has some merits such as small data of transmission packet and small computation at each hop. The other is a protocol using hash function and public key cryptography. This protocol is strong in active attack.

  • PDF

3X Serial GF(2m) Multiplier on Polynomial Basis Finite Field (Polynomial basis 방식의 3배속 직렬 유한체 곱셈기)

  • 문상국
    • Proceedings of the Korean Institute of Information and Commucation Sciences Conference
    • /
    • 2004.05b
    • /
    • pp.255-258
    • /
    • 2004
  • Efficient finite field operation in the elliptic curve (EC) public key cryptography algorithm, which attracts much of latest issues in the applications in information security, is very important. Traditional serial finite multipliers root from Mastrovito's serial multiplication architecture. In this paper, we adopt the polynomial basis and propose a new finite field multiplier, inducing numerical expressions which can be applied to exhibit 3 times as much performance as the Mastrovito's. We described the proposed multiplier with HDL to verify and evaluate as a proper hardware IP. HDL-implemented serial GF (Galois field) multiplier showed 3 times as fast speed as the traditional serial multiplier's adding only Partial-sum block in the hardware.

  • PDF

Hardware Design of Efficient Montgomery Multiplier for Low Area RSA (저면적 RSA를 위한 효율적인 Montgomery 곱셈기 하드웨어 설계)

  • Nti, Richard B.;Ryoo, Kwangki
    • Proceedings of the Korean Institute of Information and Commucation Sciences Conference
    • /
    • 2017.10a
    • /
    • pp.575-577
    • /
    • 2017
  • In public key cryptography such as RSA, modular exponentiation is the most time-consuming operation. RSA's modular exponentiation can be computed by repeated modular multiplication. To attain high efficiency for RSA, fast modular multiplication algorithms have been proposed to speed up decryption/encryption. Montgomery multiplication is limited by the carry propagation delay from the addition of long operands. In this paper, we propose a hardware structure that reduces the area of the Montgomery multiplication implementation for lightweight applications of RSA. Experimental results showed that the new design can achieve higher performance and reduce hardware area. A frequency of 884.9MHz and 250MHz were achieved with 84K and 56K gates respectively using the 90nm technology.

  • PDF