• Journal of the Chungcheong Mathematical Society
• /
• v.20 no.4
• /
• pp.355-366
• /
• 2007

In this paper, we propose a new blind group identification protocol and a hidden group signature protocol as its application. These protocols involve many provers and one verifier such that (1) the statement of all the provers are proved simultaneously, (2) and also all the provers using computationally limited devices (e.g. smart cards) have no need of computing the bilinear pairings, (3) but only the verifier uses the bilinear pairings. A. Saxena et al. proposed a two-round blind (group) identification protocol in 2005 using the bilinear pairings. But it reveals weakness in the active-intruder attack, and all the provers as well as the verifier must have devices computing bilinear pairings. Comparing their results, our protocol is secure from the active-intruder attack and has more fit for smart cards. In particular, it is secure under only the assumption of the hardness of the Discrete-Logarithm Problem in bilinear groups.

• Proceedings of the IEEK Conference
• /
• 2001.06c
• /
• pp.51-54
• /
• 2001

Recently Hwang and Li［1］ proposed a remote user authentication scheme using smart cards. Their scheme is based on the ElGamal public key cryptosystem and does not need to maintain a password table for verifying the legitimacy of the login users. In this paper, we proposed an advanced user authentication scheme using smart cards. Unlike Hwang and Li's scheme, smart card contains a pair of public parameters(h, P) where h is a hash function which is used in login phase. In result, we reduce one exponential computation frequency in login phase and two exponential computation frequencies in authentication phase with comparing the Hwang and Li's scheme. The proposed scheme not only provides the advantages as security of Hwang and Li's scheme, but also reduces computation cost.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.15 no.5
• /
• pp.47-57
• /
• 2005

For economic reasons, even though there are some security problems, the commands of re-initializing and writing patch code are widely used in smart cards. The current software tester has difficulty in detecting these trapdoor commands because trapdoors are not published and programmed sophisticatedly. Up to now the effective way to detect them is to completely reveal and analyze the entire code of the COS with applications such as the ITSEC. It is, however, a very time-consuming and expensive processes. We propose the new detecting approach of trapdoors in smart cards using timing and power analysis. With our experiments, this paper shows that the proposed approach is more practical than the current methods.

• Proceedings of the Korean Information Science Society Conference
• /
• 2006.10d
• /
• pp.132-134
• /
• 2006

In this paper, we propose an efficient bilateral remote user authentication scheme with smart cards. Our scheme ensures both-way authentication, so that any attempt of the adversary to affect the secure communications between the authentication server and the user could not be successful. We also present a brief analysis of our proposed scheme and show that it is well-resistant against the known attacks in remote user authentication process.

• Proceedings of the Korean Information Science Society Conference
• /
• 2003.04a
• /
• pp.518-520
• /
• 2003

This paper proposes a new session key agreement scheme which is based on Station-to-station protocol, or STS shortly. We extend key agreement model of STS, to take into account smart cards. Besides, we modify STS to withstand message replaying attack. Security analysis shows our scheme is still secure.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.1
• /
• pp.31-39
• /
• 2008

The development of next-generation resident registration cards, financial IC cards and administrative agency IC cards based on a smart card is currently coming out in Korea. However, the low-price IC cards without countermeasures against side channel analysis attacks are expected to be used fer cost reduction. This paper has investigated the side channel resistance of financial IC cards that are currently in use and have performed DPA attacks on the financial IC cards. We have been able to perform successful DPA attacks on these cards by using only 100 power measurement traces. From our experiment results, we have been able to extract the master key used for encryption of a count PIN number.

• Journal of Korea Society of Industrial Information Systems
• /
• v.9 no.1
• /
• pp.69-76
• /
• 2004

Recently, smart cards with multi-applications loaded are becoming popular owing to many advantages. As many casual users would like to reduce the number of plastic cards, and card issuers want to upgrade the existing applications or add the new applications, and developers wish to reduce the development turn-around time, multi-applications smart cards are becoming important. In addition, many advantages exist between the business partners as smart card applications can share critical information. New operating systems such as JavaCard and MULTOS are suggested for the multi-applications smart card service recently. In this paper, after we review the principles of operations of smart card, we propose the various security mechanisms for the multi-application JavaCard service environment, which is becoming de facto standard in the industry.

• The Journal of Information Technology
• /
• v.12 no.2
• /
• pp.1-12
• /
• 2009

China first started its mobile phone services in 1987, and the number of users has exponentially increased so that it reached 700 millions in January 2009. Currently China's 2G(GSM) users is 650 millions. These 2G (GSM) services have an advantage of the capability to use the mobile phone with a SIM (Subscriber Identity Modul) card, one kind of smart cards, inserted into it. However, due to the security vulnerability of SIM cards being used within China's 2G (GSM) services, SIM cards cloning. Problems concerning mobile phone surveillance towards a designated person by illegal cloning ESN and IMSI have recently risen to be a massive social issue within Korea as well. These studies have experimented the possibility of SIM cards clone in various mobile communication corporations using 2G (GSM) in China, and hence discovered the security vulnerability such as the incoming outgoing, SMS service and additional services on mobile phones using clone SIM cards.

• JSTS:Journal of Semiconductor Technology and Science
• /
• v.4 no.4
• /
• pp.307-311
• /
• 2004

This paper presents an efficient architecture that optimizes the design of SEED S-box using composite field arithmetic. SEED is the Korean standard 128-bit block cipher algorithm developed by Korea Information Security Agency. The nonlinear function S-box is the most costly operation in terms. of size and power consumption, taking up more than 30% of the entire SEED circuit. Therefore the S-box design can become a crucial factor when implemented in systems where resources are limited such as smart cards. In this paper, we transform elements in $GF(2^8)$ to composite field $GF(((2^2)^2)^2)$ where more efficient computations can be implemented and transform the computed result back to $GF(2^8)$. This technique reduces the S-box portion to 15% and the entire SEED algorithm can be implemented at 8,700 gates using Samsung smart card CMOS technology.

• The Journal of Society for e-Business Studies
• /
• v.4 no.3
• /
• pp.197-212
• /
• 1999

In general, the electronic commerce systems comprise the background system, terminal, network and smart cards. Among them, the smart card systems are expected to take a great portion of applications for the convenience of rapidly improving technology. The technology includes adopting RISC processors or co-processors for cryptography and developing new memory systems based on the standardization. In this paper, we investigate the overall trends of the technology and the standardization process of smart cards. We also propose the guidelines to enhance the capabilities of designing H/W and S/W related to COS(Chip Operating System).