• Title/Summary/Keyword: Public-key cryptography

Search Result 241, Processing Time 0.024 seconds

Chosen Message Attack Against Goldreich-Goldwasser-Halevi's Lattice Based Signature Scheme (Goldreich-Goldwasser-Halevi 전자서명의 선택 평문 공격)

  • DaeHun Nyang
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.14 no.1
    • /
    • pp.47-57
    • /
    • 2004
  • The Goldreich-Goldwasser-Halevi(GGH)'s signature scheme from Crypto '97 is cryptanalyzed, which is based on the well-blown lattice problem. We mount a chosen message attack on the signature scheme, and show the signature scheme is vulnerable to the attack. We collects n lattice points that are linearly independent each other, and constructs a new basis that generates a sub-lattice of the original lattice. The sub-lattice is shown to be sufficient to generate a valid signature. Empirical results are presented to show the effectiveness of the attack Finally, we show that the cube-like parameter used for the private-key generation is harmful to the security of the scheme.

Yi et al.'s Group Key Exchange Protocol : A Security Vulnerability and its Remediation (Yi등이 제안한 그룹 키 교환 프로토콜의 보안 취약성 및 개선 방법)

  • Lee, Young-Sook;Kim, Jee-Yeon;Won, Dong-Ho
    • Journal of the Korea Society of Computer and Information
    • /
    • v.17 no.4
    • /
    • pp.91-98
    • /
    • 2012
  • A group key exchange (GKE) protocol is designed to allow a group of parties communicating over a public network to establish a common secret key. As group-oriented applications gain popularity over the Internet, a number of GKE protocols have been suggested to provide those applications with a secure multicast channel. Among the many protocols is Yi et al.'s password-based GKE protocol in which each participant is assumed to hold their individual password registered with a trusted server. A fundamental requirement for password-based key exchange is security against off-line dictionary attacks. However, Yi et al.'s protocol fails to meet the requirement. In this paper, we report this security problem with Yi et al.'s protocol and show how to solve it.

Cryptography Module Detection and Identification Mechanism on Malicious Ransomware Software (악성 랜섬웨어 SW에 사용된 암호화 모듈에 대한 탐지 및 식별 메커니즘)

  • Hyung-Woo Lee
    • Journal of Internet of Things and Convergence
    • /
    • v.9 no.1
    • /
    • pp.1-7
    • /
    • 2023
  • Cases in which personal terminals or servers are infected by ransomware are rapidly increasing. Ransomware uses a self-developed encryption module or combines existing symmetric key/public key encryption modules to illegally encrypt files stored in the victim system using a key known only to the attacker. Therefore, in order to decrypt it, it is necessary to know the value of the key used, and since the process of finding the decryption key takes a lot of time, financial costs are eventually paid. At this time, most of the ransomware malware is included in a hidden form in binary files, so when the program is executed, the user is infected with the malicious code without even knowing it. Therefore, in order to respond to ransomware attacks in the form of binary files, it is necessary to identify the encryption module used. Therefore, in this study, we developed a mechanism that can detect and identify by reverse analyzing the encryption module applied to the malicious code hidden in the binary file.

Study on Improvement of Weil Pairing IBE for Secret Document Distribution (기밀문서유통을 위한 Weil Pairing IBE 개선 연구)

  • Choi, Cheong-Hyeon
    • Journal of Internet Computing and Services
    • /
    • v.13 no.2
    • /
    • pp.59-71
    • /
    • 2012
  • PKI-based public key scheme is outstanding in terms of authenticity and privacy. Nevertheless its application brings big burden due to the certificate/key management. It is difficult to apply it to limited computing devices in WSN because of its high encryption complexity. The Bilinear Pairing emerged from the original IBE to eliminate the certificate, is a future significant cryptosystem as based on the DDH(Decisional DH) algorithm which is significant in terms of computation and secure enough for authentication, as well as secure and faster. The practical EC Weil Pairing presents that its encryption algorithm is simple and it satisfies IND/NM security constraints against CCA. The Random Oracle Model based IBE PKG is appropriate to the structure of our target system with one secret file server in the operational perspective. Our work proposes modification of the Weil Pairing as proper to the closed network for secret file distribution[2]. First we proposed the improved one computing both encryption and message/user authentication as fast as O(DES) level, in which our scheme satisfies privacy, authenticity and integrity. Secondly as using the public key ID as effective as PKI, our improved IBE variant reduces the key exposure risk.

WWW Security Mechanism Using Plug-in and PGP (Plug-in 기법을 이용한 PGP 기반의 Web 보안 시스템 개발)

  • 김태갑;조은경;박정수;류재철
    • Proceedings of the Korea Institutes of Information Security and Cryptology Conference
    • /
    • 1996.11a
    • /
    • pp.205-218
    • /
    • 1996
  • World Wide Web(WWW) has a lot of useful charaters. Easiness of use, multi-media data supporting and interactive communication capability are typical reasons why people want to use WWW. But because WWW is based on Internet, it has some security problems which originate in plain format data transmission on physical transmission line. The unique solution fer this problems is data encryption. Since theoritically proved encryption algorithms ensure data confidentiality, a unauthorized user can not know what is transmitted on network. In this paper, we propose a cryptography system which uses public key system. In detail, our public key based web security mechanism is using PGP module. PGP is a e-mail security system implemented by Phil Zimmermann. The basic idea of our propose is data encryption and integrity checking for all data which is transmitted on Web. To implement these facilities, we. use netscape browser extension technology, plug-in. Through these technology, security mechanisms are added on netscape browser.

  • PDF

A Design and Implementation of Secure Electronic Bidding System (인터넷 기반 전자입찰시스템의 보안 설계 및 구현)

  • 윤선희
    • Journal of the Korea Computer Industry Society
    • /
    • v.3 no.7
    • /
    • pp.861-870
    • /
    • 2002
  • The area of business applications in the internet are extended enormously in result of fast development of computing and communication technologies, increase of internet use, and use of intranet/extranet in enterprise information system. Widely spread the use of the internet, there are various applications for Business to Business (B to B) or Business to Customer(B to C) model that are based on the intranet or extranet. This paper designed and implemented the Web-based Electronic Bidding System for Business to Business (B to B) model. The technical issues of electronic bidding system in the internet are involved in the connection between web client and server, electronic data interchange for the contract document, and security solution during the bidding and contracting processes. The web-based electronic bidding system in this paper is implemented using Java applet and servlet as a connection interface for web client and sewer, XML/EDI-based documents for a bid and a contract, and bidding server and notary server for enhancing the security using PKI(Public Key Infrastructure)-based public key cryptography, digital signature and Certification Authority (CA).

  • PDF

Efficient Radix-4 Systolic VLSI Architecture for RSA Public-key Cryptosystem (RSA 공개키 암호화시스템의 효율적인 Radix-4 시스톨릭 VLSI 구조)

  • Park Tae geun
    • The Journal of Korean Institute of Communications and Information Sciences
    • /
    • v.29 no.12C
    • /
    • pp.1739-1747
    • /
    • 2004
  • In this paper, an efficient radix-4 systolic VLSI architecture for RSA public-key cryptosystem is proposed. Due to the simple operation of iterations and the efficient systolic mapping, the proposed architecture computes an n-bit modular exponentiation in n$^{2}$ clock cycles since two modular multiplications for M$_{i}$ and P$_{i}$ in each exponentiation process are interleaved, so that the hardware is fully utilized. We encode the exponent using Radix-4. SD (Signed Digit) number system to reduce the number of modular multiplications for RSA cryptography. Therefore about 20% of NZ (non-zero) digits in the exponent are reduced. Compared to conventional approaches, the proposed architecture shows shorter period to complete the RSA while requiring relatively less hardware resources. The proposed RSA architecture based on the modified Montgomery algorithm has locality, regularity, and scalability suitable for VLSI implementation.

A Scalable ECC Processor for Elliptic Curve based Public-Key Cryptosystem (타원곡선 기반 공개키 암호 시스템 구현을 위한 Scalable ECC 프로세서)

  • Choi, Jun-Baek;Shin, Kyung-Wook
    • Journal of the Korea Institute of Information and Communication Engineering
    • /
    • v.25 no.8
    • /
    • pp.1095-1102
    • /
    • 2021
  • A scalable ECC architecture with high scalability and flexibility between performance and hardware complexity is proposed. For architectural scalability, a modular arithmetic unit based on a one-dimensional array of processing element (PE) that performs finite field operations on 32-bit words in parallel was implemented, and the number of PEs used can be determined in the range of 1 to 8 for circuit synthesis. A scalable algorithms for word-based Montgomery multiplication and Montgomery inversion were adopted. As a result of implementing scalable ECC processor (sECCP) using 180-nm CMOS technology, it was implemented with 100 kGEs and 8.8 kbits of RAM when NPE=1, and with 203 kGEs and 12.8 kbits of RAM when NPE=8. The performance of sECCP with NPE=1 and NPE=8 was analyzed to be 110 PSMs/sec and 610 PSMs/sec, respectively, on P256R elliptic curve when operating at 100 MHz clock.

Initial Authentication Protocol of Hadoop Distribution System based on Elliptic Curve (타원곡선기반 하둡 분산 시스템의 초기 인증 프로토콜)

  • Jeong, Yoon-Su;Kim, Yong-Tae;Park, Gil-Cheol
    • Journal of Digital Convergence
    • /
    • v.12 no.10
    • /
    • pp.253-258
    • /
    • 2014
  • Recently, the development of cloud computing technology is developed as soon as smartphones is increases, and increased that users want to receive big data service. Hadoop framework of the big data service is provided to hadoop file system and hadoop mapreduce supported by data-intensive distributed applications. But, smpartphone service using hadoop system is a very vulnerable state to data authentication. In this paper, we propose a initial authentication protocol of hadoop system assisted by smartphone service. Proposed protocol is combine symmetric key cryptography techniques with ECC algorithm in order to support the secure multiple data processing systems. In particular, the proposed protocol to access the system by the user Hadoop when processing data, the initial authentication key and the symmetric key instead of the elliptic curve by using the public key-based security is improved.

An Efficient cryptography for healthcare data in the cloud environment (클라우드 환경에서 헬스케어 데이터를 위한 효율적인 암호화 기법)

  • Cho, Sung-Nam;Jeong, Yoon-Su;Oh, ChungShick
    • Journal of Convergence for Information Technology
    • /
    • v.8 no.3
    • /
    • pp.63-69
    • /
    • 2018
  • Recently, healthcare services are using cloud services to efficiently manage users' healthcare data. However, research to ensure the stability of the user's healthcare data processed in the cloud environment is insufficient. In this paper, we propose a partial random encryption scheme that efficiently encrypts healthcare data in a cloud environment. The proposed scheme generates two random keys (p, q) generated by the user to optimize for the hospital medical service and reflects them in public key and private key generation. The random key used in the proposed scheme improves the efficiency of user 's healthcare data processing by encrypting only part of the data without encrypting the whole data. As a result of the performance evaluation, the proposed method showed 21.6% lower than the existing method and 18.5% improved the user healthcare data processing time in the hospital.