• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.6
• /
• pp.1091-1102
• /
• 2014

The power analysis attack is a cryptanalytic technique to retrieve an user's secret key using the side-channel power leakage occurred during the execution of cryptographic algorithm embedded on a physical device. Especially, many power analysis attacks have targeted on an exponentiation algorithm which is composed of hundreds of squarings and multiplications and adopted in public key cryptosystem such as RSA. Recently, a new correlation power attack, which is tried when two modular multiplications have a same input, is proposed in order to recover secret key. In this paper, after reviewing the principle of side-channel attack based on input collisions in modular multiplications, we analyze the vulnerability of some exponentiation algorithms having regularity property. Furthermore, we present an improved exponentiation countermeasure to resist against the input collision-based CPA(Correlation Power Analysis) attack and existing side channel attacks and compare its security with other countermeasures.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.14 no.6
• /
• pp.25-31
• /
• 2014

When the public key e and the composite number n=pq are disclosed but not the private key d in an asymmetric-key RSA, message decryption is carried out by obtaining ${\phi}(n)=(p-1)(q-1)=n+1-(p+q)$ and subsequently computing $d=e^{-1}(mod{\phi}(n))$. The most commonly used decryption algorithm is integer factorization of n/p=q or $a^2{\equiv}b^2$(mod n), a=(p+q)/2, b=(q-p)/2. But many of the RSA numbers remain unfactorable. This paper therefore applies baby-step giant-step discrete logarithm and $2^k$-ary modular exponentiation to directly obtain ${\phi}(n)$. The proposed algorithm performs a reverse baby-step and $2^k$-ary adult-step. As a results, it reduces the execution time of basic adult-step to $1/2^k$ times and the memory $m={\lceil}\sqrt{n}{\rceil}$ to l, $a^l$ > n, hence obtaining ${\phi}(n)$ by executing within l times.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.16 no.4
• /
• pp.683-688
• /
• 2021

Digital signature algorithms such as RSA and ECDSA are threatened by the development of quantum computer technology, which is attracting attention as a future technology. Alternatively, various post-quantum algorithms such as grid-based, multivariate-based, code-based, and hash-based are being studied. Among them, the hash-based is a fast and quantitative security level that can be calculated and its safety has been proven. So it is receiving a lot of attention. In this paper, we examine various hash-based digital signature algorithms that have been proposed so far, and analyze their features and their strengths and weaknesses. In addition, we emphasize the importance of reducing the size of the signature in order for the hash-based signature algorithm to be practically used.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.1
• /
• pp.261-269
• /
• 2014

There are many researches on fast exponentiation algorithm which is used to implement a public key cryptosystem such as RSA. On the other hand, the malicious attacker has tried various side-channel attacks to extract the secret key. In these attacks, an attacker uses the power consumption or electromagnetic radiation of cryptographic devices which is measured during computation of exponentiation algorithm. In this paper, we propose a novel simple power analysis attack on m-ary exponentiation implementation. The core idea of our attack on m-ary exponentiation with pre-computation process is that an attacker controls the input message to identify the power consumption patterns which are related with secret key. Furthermore, we implement the m-ary exponentiation on evaluation board and apply our simple power analysis attack to it. As a result, we verify that the secret key can be revealed in experimental environment.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.36 no.10C
• /
• pp.614-620
• /
• 2011

RSA, the most commonly used public-key cryptosystem, is based on the difficulty of factoring very large integers. The fastest known factoring algorithm is the Number Field Sieve(NFS). NFS first chooses two polynomials having common root modulo N and consists of the following four major steps; 1. Polynomial Selection 2. Sieving 3. Matrix 4. Square Root, of which the most time consuming step is the Sieving step. However, in recent years, the importance of the Polynomial Selection step has been studied widely, because one can save a lot of time and memory in sieving and matrix step if one chooses optimal polynomial for NFS. One of the ideal ways of choosing sieving polynomial is to choose two polynomials with same degree. Montgomery proposed the method of selecting two (nonlinear) quadratic sieving polynomials. We proposed two cubic polynomials using 5-term geometric progression.

• Journal of Internet Computing and Services
• /
• v.8 no.1
• /
• pp.79-85
• /
• 2007

As the use of the computer and networks generalized, the various tasks which are requested secrets can be processed such os the banking transaction. And because of increasing of data exchange, Internet, and mobile networks, the method which is not connected only but also used with many users has been changed. Especially because of the structural problem of the Internet, a lot of information is leaked out when we use the Internet banking. If we check the Internet banking by using an existing cypher method which is either simple of slow, a credit card number, an account number or password will be leaked out. Because the security of information doesn't meet our expectation, we need more powerful cryptography. But, the wasted space-time which is required shouldn,t be ignored when the whole transferred data are encrypted. So, by using both the Elliptic Curve algorithm which is based on mobile networks and the partial encryption of the DTD of XML in this essay, we will implement more faster cypher method of the partial XML.

• The Journal of the Korea Contents Association
• /
• v.20 no.1
• /
• pp.356-363
• /
• 2020

As a becoming era of Internet-of-Things, various devices are connected via wire or wirless networks. Although every day life is more convenient, security problems are also increasing such as privacy, information leak, denial of services. Since ECC, a kind of public key cryptosystem, has a smaller key size compared to RSA, it is widely used for environmentally constrained devices. The key of ECC in constrained devices can be exposed to power analysis attacks during scalar multiplication operation. In this paper, a key-randomization method is suggested for scalar multiplication on SECG parameters. It is against differential power analysis and has operational efficiency. In order to increase of operational efficiency, the proposed method uses the property 2^lP=∓cP where the constant c is small compared to the order n of SECG parameters and n=2^l±c. The number of operation for the Coron's key-randomization scalar multiplication algorithm is 21, but the number of operation for the proposed method in this paper is (3/2)l. It has efficiency about 25% compared to the Coron's method using full random numbers.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.5
• /
• pp.815-824
• /
• 2013

Traditionally embedded microprocessors is considered as a device for low- and simple-computations because of its limited computing power and constrained resources. However high-end embedded devices have been developed and many applications are getting feasible in the embedded devices. To provide secure and robust service environments, security on embedded devices are in order. Recently many research results on embedded devices have been proposed. In this paper, we explore various cryptography implementation results on representative 8-, 16- and 32-bit embedded processors including AVR, MSP and ARM. This report would be helpful for following researchers who are interested in cryptography implementation techniques on resource constrained devices.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2005.05a
• /
• pp.827-830
• /
• 2005

본 논문은 DRM(Digital Rights Management)의 핵심요소기술인 디지털 비디오 워터마킹 기술에서 암호화 기법을 함께 적용하여 저작권 판별 및 콘텐츠 보호의 두 가지 역할을 수행하는 시스템을 제안하고자 한다. 본 논문에서는 저작권 정보를 공개키 기반의 RSA 암호화 방법으로 암호문을 만든 후 이진화 과정을 수행하여 워터마크 키 정보를 생성하였고, 워터마킹 기법으로는 통계적 모델의 계산 속도가 빠른 NVF(Noise Visibility Function) 방식의 Adaptive Stationary GG(Generalized Gaussian) model[1]의 기법을 사용하였다. 암호문은 사용자 컨트롤러에서 제어가 가능하도록 하여 권한이 부여된 사용자만이 재생이 가능하도록 하였다. 본 논문의 구성은 2장에서 암호화 과정을 설명하고, 3장에서는 기존의 기법과는 다른 통계적 접근의 워터마킹 기법을 적용한 과정을 설명하며, 4장에서는 제안한 방법이 실제 환경에서의 실험 결과를 보여준다. 마지막으로 5장에서는 결론과 개선점을 바탕으로 향후 연구방향을 제시한다. 본 논문에서 제안한 방법은 미래사회 인터넷에서의 올바른 디지털 콘텐츠 사용 문화 정책에 큰 역할을 할 것으로 기대된다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.6
• /
• pp.1017-1023
• /
• 2013

With the growing use of smartphones, many secure applications are performed on smartphones such as banking, payment, authentication. To provide security services, cryptographic algorithms are performed on smartphones' CPU. However, smartphone's CPU has no considerations against side-channel attacks including Electromagnetic Analysis (EMA). In DesignCon 2012, G. Kenworthy introduced the risk of cryptographic algorithms operated on smartphone against EMA. In this paper, using improved experimental setups, we performed EMA experiments on androin smartphones' commercial secure applications. As a result, we show that the weakness of real application. According to the experimental setups, we picked up the operation of w-NAF scalar multiplication from the operation of Google's Play Store application using radiated EM signal. Also, we distinguished scalar values (0 or not) of w-NAF scalar multiplication.