• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제10권1호
• /
• pp.414-430
• /
• 2016

Verifier-local revocation (VLR) seems to be the most flexible revocation approaches for any group signature scheme, because it just only requires the verifiers to possess some up-to-date revocation information, but not the signers. Langlois et al. (PKC 2014) proposed the first VLR group signature based on lattice assumptions in the random oracle model. Their scheme has at least Õ(n²) ⋅ log N bit group public key and Õ(n) ⋅ log N bit signature, respectively. Here, n is the security parameter and N is the maximum number of group members. In this paper, we present a simpler lattice-based VLR group signature, which is more efficient by a O(log N) factor in both the group public key and the signature size. The security of our VLR group signature can be reduced to the hardness of learning with errors (LWE) and small integer solution (SIS) in the random oracle model.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제2권5호
• /
• pp.265-277
• /
• 2008

In spite of previous common assumptions about the incompatibility of public key cryptography (PKC) schemes with wireless sensor networks (WSNs), recent works have shown that they can be utilized for such networks in some manner. The major challenge of employing a PKC-based scheme in a wireless sensor network is posed by the resource limitations of the tiny sensors. Considering this sensor feature, in this paper we propose an efficient PKC-based security architecture with relatively lower resource requirements than those of previously proposed PKC schemes for WSN. In addition, our scheme aims to provide robust security in the network. Our security architecture comprises two basic components; a key handshaking scheme based on simple, linear operations and the derivation of a decryption key by a receiver node. Our architecture enables node-to-base-station and node-to-node secure communications. Analysis and simulation results show that our proposed architecture ensures a good level of security for network communications, and can be effectively implemented with the limited computational, memory, and energy budgets of current-generation sensor nodes.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제6권11호
• /
• pp.2956-2979
• /
• 2012

Along with the development of Information Technology, online transactions through Internet have become more popular for the reasons of convenience and efficiency. In order to provide secure and reliable online transactions, an effective electronic payment protocol is crucial. In this paper, we propose a novel electronic payment protocol for digital product transactions with an offline arbiter to achieve fair exchange, automated dispute resolution, customer anonymity, and customer unlinkability. In our protocol a product token is adopted to eliminate the need of key management for digital product decryption in the offline arbiter. In addition, Elliptic Curve Cryptography (ECC)-based self-certified public key is utilized to further reduce computing overheads. According to our analysis, the efficiency of our protocol can be greatly increased in comparison with previous literatures.

• 한국정보시스템학회지:정보시스템연구
• /
• 제10권1호
• /
• pp.127-146
• /
• 2001

The area of business applications in the internet are extended enormously in result of fast development of computing and communication technologies, increase of internet use, and use of intranet/extranet in enterprise information system. Widely spread the use of the internet, there are various applications for Business to Business (B to B) or Business to Customer(B to C) model that are based on the intranet or extranet. This paper designed and implemented the Web-based Electronic Bidding System for Business to Business (B to B) model. The technical issues of electronic bidding system in the internet are involved in the connection between web client and server, electronic data interchange for the contract document, and security solution during the bidding and contracting processes. The web-based electronic bidding system in this paper is implemented using Java applet and servlet as a connection interface for web client and server, XML/EDI-based documents for a bid and a contract, and bidding server and notary server for enhancing the security using PKI(Public Key Infrastructure)-based public key cryptography, digital signature and Certification Authority(CA).

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제13권6호
• /
• pp.3299-3315
• /
• 2019

Deniable authentication (DA) is a protocol in which a receiver can generate an authenticator that is probabilistically indistinguishable from a sender. DA can be applied in many scenarios that require user privacy protection. To enhance the security of DA, in this paper, we construct a new deniable authenticated encryption (DAE) scheme that realizes deniable authentication and confidentiality in a logical single step. Compared with existing approaches, our approach provides proof of security and is efficient in terms of performance analysis. Our scheme is in an identity-based environment; thus, it avoids the public key certificate-based public key infrastructure (PKI). Moreover, we provide an example that shows that our protocol is applicable for e-voting systems.

• 한국정보과학회논문지:시스템및이론
• /
• 제36권6호
• /
• pp.502-510
• /
• 2009

Multiprecision Squaring은 공개키 알고리즘을 구성하는 연산 중에서 가장 중요한 연산 중 하나이다. 본 논문에서는 기존의 Multiprecision Squaring 알고리즘을 개선하여 연산 양을 줄임으로 성능을 항상시키는 Squaring 기법들을 제시하고 구현하였다. Scott이[1]에서 제안한 Carry-Catcher Hybrid 곱셈 알고리즘은 Gura가 제안한 Hybrid 곱셈 알고리즘[2]을 계승 발전시킨 것으로 MRACL 라이브러리에 구현되어 있으며, Carry-Catcher Hybrid 방법 사용한 Multiprecision Squaring 알고리즘도 MIRACL에 함께 구현되어 있다. 본 논문에서 이 Carry-Catcher Hybrid Squaring 알고리즘을 발전시켜 보다 효율적인 Squaring 알고리즘인 Lazy Doubling Squaring 알고리즘을 제안하고 구현하였으며, atmega128상에서 성능테스터를 수행하여 Carry-Catcher Hybrid Squaring 알고리즘과 비교하여 더 효율적인 알고리즘임을 보였다. 표준 Squaring 알고리즘이 $S_{ij}\;=\;x_i\;{\ast}\;x_j\;=\;S_{ij}$인 사실을 기반으로 곱셈의 횟수를 절반 가까이 줄인 알고리즘이라면 본 논문에서 제시한 Lazy Doubling Squaring 알고리즘은 $a_0\;{\ast}\;2\;+\;a_1\;{\ast}\;2\;+\;...\;+\;a_{n-1}\;{\ast}\;2\;+\;a_n\;{\ast}\;2\;=\;(a_0\;+\;a_1\;+\;...\;+\;a_{n-1}\;+\;a_n)\;{\ast}\;2$ 라는 사실을 기반으로 하여 doubling 연산 횟수를 획기적으로 줄인 알고리즘으로, MIRACL에 구현되어 있는 Multiprecision Squaring 알고리즘 보다 atmega128상에서 약 25% 정도의 빠른 결과를 얻을 수 있었으며, 저자가 아는 바로는 현재까지 나온 어떤 방법보다 빠르다.

• ETRI Journal
• /
• 제25권5호
• /
• pp.315-320
• /
• 2003

Elliptic curve cryptography (ECC) offers the highest security per bit among the known public key cryptosystems. The operation of ECC is based on the arithmetic of the finite field. This paper presents the design of a 193-bit finite field multiplier and an inversion unit based on a normal basis representation in which the inversion and the square operation units are easy to implement. This scalable multiplier can be constructed in a variable structure depending on the performance area trade-off. We implement it using Verilog HDL and a 0.35 ${\mu}m$ CMOS cell library and verify the operation by simulation.

• 한국정보통신학회:학술대회논문집
• /
• 한국정보통신학회 2016년도 추계학술대회
• /
• pp.158-160
• /
• 2016

전자서명(ECDSA), 키 교환(ECDH) 등에 사용되는 233-비트 타원곡선 암호(Elliptic Curve Cryptography; ECC) 프로세서의 설계에 대해 기술한다. $GF(2^{333})$ 상의 덧셈, 곱셈, 나눗셈 등의 유한체 연산을 지원하며, 하드웨어 자원 소모가 적은 쉬프트 연산과 XOR 연산만을 이용하여 구현하였다. 스칼라 곱셈은 modified montgomery ladder 알고리듬을 이용하여 구현하였으며, 정수 k의 정보를 노출하지 않고, 단순 전력분석에 보다 안전하다. 스칼라 곱셈 연산은 최대 490,699 클록 사이클이 소요된다. 설계된 ECC 프로세서는 Xilinx ISim을 이용한 시뮬레이션 결과값과 한국인터넷진흥원(KISA)의 참조 구현 값을 비교하여 정상 동작함을 확인하였다. Xilinx Virtex5 XC5VSX95T FPGA 디바이스 합성결과 1,576 슬라이스로 구현되었으며, 189 MHz의 최대 동작주파수를 갖는다.

• 대한전자공학회논문지TC
• /
• 제43권7호
• /
• pp.14-23
• /
• 2006

무선 센서 네트워크(Wireless Sensor Network, WSN)는 작고 값이 싸지만 매우 제한된 자원을 가진 많은 수의 센서로 구성된다. 이러한 자원의 부종으로 인하여 공개키 암호화방식은 WSN에 사용하기 적합하지 않으며, 비밀키 암호화방식을 적용시키기 위하여는 키 관리와 선분배 기법이 필요하다. 많은 키 선분배 기법이 제안되었지만 대부분의 이러한 기법은 실제 WSN의 환경을 충분히 고려하지 않고 있다. 이 논문에서는 적당한 통신량과 연결을 고려한 WSN을 위하여 계층적 그리드(Grid)를 기반으로 하는 보안 프레임워크를 제안한다. 프레임워크의 보안성을 검증하기 위하여 간단한 키 개체 분배 기법을 적용하였으며, WSN에서 가능한 보안 위협에 대하여 분석하였다.

• 디지털산업정보학회논문지
• /
• 제13권3호
• /
• pp.43-51
• /
• 2017

MANET consists of only wireless nodes having limited processing capability. It processes routing and data transmission through cooperation among each other. And it is exposed to many attack threats due to the dynamic topology by movement of nodes and multi-hop communication. Therefore, the reliability of transmitted data between nodes must be improved and security of integrity must be high. In this paper, we propose a method to increase the reliability of transmitted data by providing a secure cryptography protocol. The proposed method used a hierarchical structure to provide smooth cryptographic services. The cluster authentication node issues the cluster authentication key pair and unique key to the nodes. The nodes performs the encryption through two steps of encryption using cluster public key and block encryption using unique key. Because of this, the robustness against data forgery attacks was heightened. The superior performance of the proposed method can be confirmed through comparative experiment with the existing security routing method.