• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2003.12a
• /
• pp.227-230
• /
• 2003

본 논문은 공개된 네트워크를 통해 교환되는 기밀정보의 무결성과 인증을 위해 사용되는 공기키 인증서에 대한 새로운 인증방법을 제안한다. 제안된 새로운 방법은 인증된 딕셔너리［1］기반하에 RSA 일방향 어큐뮬레이터를 이용하여 인증서 폐기목록(CRL： Certificate Revocation List) 원소들의 존재 유무에 대한 증거값들을 미리 생성하고 사용자가 인증서의 유효성을 알아보기 위해 해당 원소에 대한 질의를 보내게 되면 미리 계산되어진 증거값을 바로 제시해줌으로써 계산시간이나 전송용량의 효율성을 극대화시켰다. 또한 파라미터값을 주어 CRL을 여러개의 부분집합으로 나눔으로써 계산량을 동적으로 분산시켜 사용자가 소형기기나 무선 네트워크 환경에 있더라도 활용이 가능하도록 하였다.

• Journal of KIISE:Computer Systems and Theory
• /
• v.26 no.4
• /
• pp.406-419
• /
• 1999

RSA와 같은 공개키 암호시스템(public-key cryptography system)에서는 512 비트 또는 그 이상 큰수의 모듈러 곱셈 연산을 수행하여야한다. 본 논문에서는 Montgomery 알고리즘을 이용하여 모듈러 곱셈을 수행하는 두 가지의 고정-크기 선형 시스톨릭 어레이를 설계하고 분석한다. 제안된 임의의 고정-크기 선형 시스톨릭 어레이와 파이프라인된 고정-크기 선형 시스톨릭 어레이는 최적의 문제-크기 선형 시스톨릭 어레이로부터 LPGS(Locally Parallel Globally Sequential)분할방법을 적용하여 설계한다. VHDL 시뮬레이션 결과, 밴드이 크기를 4로 하여 분할 시 문제-크기 어레이와 비교하면 수행시간의 지연이 없었으며,어레이의 크기도 1/4로 줄일 수 있었다. 제안된 시스톨릭 어레이는 크기에 제한을 갖는 스마트카드 등에 이용될수 있을 것이다.

• Journal of the Korea Society of Computer and Information
• /
• v.19 no.7
• /
• pp.71-76
• /
• 2014

There is to be virtually impossible to solve the very large digits of prime number p and q from composite number n=pq using integer factorization in typical public-key cryptosystems, RSA. When the public key e and the composite number n are known but the private key d remains unknown in an asymmetric-key RSA, message decryption is carried out by first obtaining ${\phi}(n)=(p-1)(q-1)=n+1-(p+q)$ and then using a reverse function of $d=e^{-1}(mod{\phi}(n))$. Integer factorization from n to p,q is most widely used to produce ${\phi}(n)$, which has been regarded as mathematically hard. Among various integer factorization methods, the most popularly used is the congruence of squares of $a^2{\equiv}b^2(mod\;n)$, a=(p+q)/2,b=(q-p)/2 which is more commonly used then n/p=q trial division. Despite the availability of a number of congruence of scares methods, however, many of the RSA numbers remain unfactorable. This paper thus proposes an algorithm that directly and immediately obtains ${\phi}(n)$. The proposed algorithm computes $2^k{\beta}_j{\equiv}2^i(mod\;n)$, $0{\leq}i{\leq}{\gamma}-1$, $k=1,2,{\ldots}$ or $2^k{\beta}_j=2{\beta}_j$ for $2^j{\equiv}{\beta}_j(mod\;n)$, $2^{{\gamma}-1}$ < n < $2^{\gamma}$, $j={\gamma}-1,{\gamma},{\gamma}+1$ to obtain the solution. It has been found to be capable of finding an arbitrarily located ${\phi}(n)$ in a range of $n-10{\lfloor}{\sqrt{n}}{\rfloor}$ < ${\phi}(n){\leq}n-2{\lfloor}{\sqrt{n}}{\rfloor}$ much more efficiently than conventional algorithms.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2006.06a
• /
• pp.351-355
• /
• 2006

RSA 암호 시스템은 IC카드, 모바일 및 WPKI, 전자화폐, SET, SSL 시스템 등에 많이 사용된다. RSA는 모듈러 지수승 연산을 통하여 수행되며, Montgomery 곱셈기를 사용하는 것이 효율적이라고 알려져 있다. Montgomery 곱셈기에서 임계 경로 지연 시간(Critical Path Delay)은 세 피연산자의 덧셈에 의존하고 캐리 전파를 효율적으로 처리하는 문제는 Montgomery 곱셈기의 효율성에 큰 영향을 미친다. 최근 캐리 전파를 제거하는 방법으로 캐리 저장 덧셈기(Carry Save Adder, CSA)를 사용하는 연구가 계속 되고 있다. McIvor외 세 명은 지수승 연산에 최적인 CSA 3단계로 구성된 Montgomery 곱셈기와 CSA 2단계로 구성된 Montgomery 곱셈기를 제안했다. 시간 복잡도 측면에서 후자는 전자에 비해 효율적이다. 본 논문에서는 후자보다 빠른 연산을 수행하기 위해 캐리 전파 제거 특성을 가진 이진 부호 자리(Signed-Digit, SD) 수 체계를 사용한다. 두 이진 SD 수의 덧셈을 수행하는 잉여 이진 덧셈기(Redundant Binary Adder, RBA)를 새로 제안하고 Montgomery 곱셈기에 적용한다. 기존의 RBA에서 사용하는 이진 SD 덧셈 규칙 대신 새로운 덧셈 규칙을 제안하고 삼성 STD130 $0.18{\mu}m$ 1.8V 표준 셀 라이브러리에서 지원하는 게이트들을 사용하여 설계하고 시뮬레이션 하였다. 그 결과 McIvor의 2 방법과 기존의 RBA보다 최소 12.46%의 속도 향상을 보였다.

• The KIPS Transactions:PartC
• /
• v.8C no.5
• /
• pp.585-596
• /
• 2001

In this paper, a new stream cipher algorithm based on the chaos theory is proposed and is applied to a Web security system. The Web security system is composed of three parts： certificate authority (CA), Web client, and Web server. The Web client and server system include a secure proxy client (SPC) and a secure management server (SMS), respectively, for data encryption and decryption between them. The certificate is implemented based on X.509 and the RSA public key algorithm is utilized for key creation and distribution to certify both the client and server. Once a connection is established between the client and server, outgoing and incoming data are encrypted and decrypted, respectively, using one of the three cipher algorithms： chaos, SEED, and DES. The proposed chaos algorithm outperforms the other two conventional algorithms in processing time and complexity. Thus, the developed Web security system can be widely used in electronic commerce (EC) and Internet banking.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.10 no.9
• /
• pp.1573-1581
• /
• 2006

To utilize actively the agent which is one of the elements of revitalization of Agro-Foods Mobile I-commerce, an essential prerequisite is agent security. IF using partial PKI(Public Key Infrastructure)-based confirmation mechanism providing security for the agent, the size of agent is becoming larger, the result of the transmission speed is slow, and the confirmation speed is tardy as well because of performing calculation of public keys such as RSA and needing linkage with the CA for the valid examination of certificates. This paper suggests a mechanism that can cross certification and data encryption of each host in the side of improving the problems of key distribution on agent by shaping key chain relationship. This mechanism can guarantee the problem of ky distribution by using agent cipher key(ACK) module and generating random number to fit mobile surroundings and to keep the secret of the agent. Suggested mechanism is a thing that takes into consideration security and efficiency to secure agent for the revitalization of M-Commerce, and is a code skill to make the agent solid and is a safe mechanism minimizing the problems of memory overflow.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.14 no.8
• /
• pp.1836-1842
• /
• 2010

Sensor network, which is technology to realize the ubiquitous environment, recently, could apply to the field of Mechanic & electronic Security System, Energy management system, Environment monitoring system, Home automation and health care application. However, feature of wireless networking of sensor network is vulnerable to eavesdropping and falsification about message. Presently, PKC(public key cryptography) technique using ECC(elliptic curve cryptography) is used to build up the secure networking over sensor network. ECC is more suitable to sensor having restricted performance than RSA, because it offers equal strength using small size of key. But, for high computation cost, ECC needs to enhance the performance to implement over sensor. In this paper, we propose the optimizing technique for multiplication, core operation in ECC, to accelerate the speed of ECC.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.17 no.4
• /
• pp.131-136
• /
• 2007

Ad hoc networks enable efficient resource aggregation in decentralized manner, and are inherently scalable and fault-tolerant since they do not depend on any centralized authority. However, lack of a centralized authority prompts many security-related challenges. Moreover, the dynamic topology change in which network nodes frequently join and leave adds a further complication in designing effective and efficient security mechanism. Security services for ad hoc networks need to be provided in a scalable and fault-tolerant manner while allowing for membership change of network nodes. In this paper, we investigate distributed certification mechanisms using a threshold cryptography in a way that the functions of a CA(Certification Authority) are distributed into the network nodes themselves and certain number of nodes jointly issue public key certificates to future joining nodes. In the process, we summarize one interesting report [5] in which the recently proposed RSA-based ad hoc signature scheme, called URSA, contains unfortunate yet serious security flaws. We then propose new scheme by fixing their security flaws.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.36 no.1C
• /
• pp.14-21
• /
• 2011

Cryptographic protocols based on bilinear pairings provide excellent alternatives to conventional elliptic curve cryptosystems based on discrete logarithm problems. Through active research has been done toward fast computation of the bilinear pairings, it is still believed that the computational cost of one pairing computation is heavier than the cost of one ECC scalar multiplication. However, there have been many progresses in pairing computations over binary fields. In this paper, we compare the cost of BLS signature scheme with ECDSA with equvalent level of security parameters. Analysis shows that the cost of the pairing computation is quite comparable to the cost of ECC scalar multiplication for the case of binary fields.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.11 no.10
• /
• pp.3942-3949
• /
• 2010

Since existing Nate-on Messenger application stores users' personal information in the database of its server, it is extremely venerable to internal threats, not to mention the communication data being transmitted without any safety measures. To solve such problematic areas of the existing application, we have developed a safer messenger application. The messenger application proposed in this paper discloses only the least required personal information of its users and the rest of the personal information is safely encrypted in the database using private passwords. This protective measure prevents the administrator or a third party from misusing the information since he/she will not be able access the information. In addition, users will be able to freely and safely communicate using this new messenger since transmitted data will also be encrypted.