• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.14 no.1
• /
• pp.101-111
• /
• 2004

Preneel, Govaerts, and Vandewalle considered the 64 basic ways to construct a collision resistant hash function from a block cipher. They regarded 12 of these 64 schemes as secure, though no proofs or formal claims were given. Black, Rogaway, and Shrimpton presented a more proof-centric look at the schemes from PGV. They proved that, in the black box model of block cipher, 12 of 64 compression functions are CRHFs and 20 of 64 extended hash functions are CRHFs. In this paper, we present 64 schemes of block-cipher-based universal one way hash functions using the main idea of PGV and analyze these schemes in the black box model. We will show that 30 of 64 compression function families UOWHF and 42 of 64 extended hash function families are UOWHF. One of the important results is that, in this black box model, we don't need the mask keys for the security of UOWHF in contrast with the results in general security model of UOWHF. Our results also support the assertion that building an efficient and secure UOWHF is easier than building an efficient and secure CRHF.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.31 no.3C
• /
• pp.286-292
• /
• 2006

Both composition and XOR are operations widely used to enhance security of cryptographic schemes. The more number of random permutations we compose (resp. XOR), the more secure random permutation (resp. random function) we get. Combining the two methods, we consider a generalized form of random function: $SUM^s - CMP^c = ({\pi}_{sc} ... {\pi}_{(s-1)c+1}){\oplus}...{\oplus}({\pi}_c...{\pi}_1)$ where ${\pi}_1...{\pi}_{sc}$ are random permutations. Given a fixed number of random permutations, there seems to be a trade-off between composition and XOR for security of $SUM^s - CMP^c$. We analyze this trade-off based on some upper bound of insecurity of $SUM^s - CMP^c$, and investigate what the optimal number of each operation is, in order to lower the upper bound.

• Journal of the Institute of Convergence Signal Processing
• /
• v.11 no.1
• /
• pp.47-52
• /
• 2010

For cryptographic systems, nonlinearity is crucial since most linear systems are easily decipherable. C.Bracken, Z.Zhaetc., propose the APN(Almost Perfect Nonlinear) functions with the properties similar to those of the bent functions with perfect nonlinearity. We design two kinds of new code sequence generating algorithms using the above APN functions. And we find that the out of phase ${\tau}\;{\neq}\;0$, autocorrelation functions, $R_{ii}(\tau)$ and the crosscorrelation functions, $R_{ik}(\tau)$ of the binary code sequences generated by two new algorithms over GF(2), have three values of {-1, $-1-2^{n/2}$, $-1+2^{n/2}$}. We also find that the out of phase ${\tau}\;{\neq}\;0$, autocorrelation functions, $R_{p,ii}(\tau)$ and the crosscorrelation functions, $R_{p,ik}(\tau)$ of the nonbinary code sequences generated by the modified algorithms over GF(p), $p\;{\geq}\;3$, have also three values of {$-1+p^{n-1}$, $-1-p^{(n-1)/2}+p^{n-1}$, $-1+p^{(n-1)/2}p^{n-1}$}. We show that these code sequences have the characteristics of the correlation functions similar to those of Gold code sequences.

• The KIPS Transactions:PartC
• /
• v.11C no.4
• /
• pp.439-446
• /
• 2004

In the Internet, user authentication is the most important service in secure communications. Although password-based mechanism is the most widely used method of the user authentication in the network, people are used to choose easy-to-remember passwords, and thus suffers from some Innate weaknesses. Therefore, using a memorable password it vulnerable to the dictionary attacks. The techniques used to prevent dictionary attacks bring about a heavy computational workload. In this paper, we describe a recent solution, the Optimal Strong-Password Authentication (OSPA) protocol, and that it is vulnerable to the stolen-verifier attack and an impersonation attack. Then, we propose an Improved Optimal Strong-Password Authentication (I-OSPA) protocol, which is secure against stolen-verifier attack and impersonation attack. Also, since the cryptographic operations are computed by the processor in the smart card, the proposed I-OSPA needs relatively low computational workload and communicational workload for user.

• Journal of KIISE:Computing Practices and Letters
• /
• v.7 no.3
• /
• pp.220-228
• /
• 2001

Digital watermarking is a technique for the purpose of protecting the ownership of the image by embedding invisible watermarks in a digital imnge. To guarantee the security of the digital watermarking scheme for copyright protection, it is required to satisfy some requirements robustness and perceptual invisibility which provided by the location of embedded bits, the public watermarking algorithm, and the hidden use of the key, which can protect unauthorized accesses from illegal users. For this, in this paper we propose a new copyright watermarking scheme, which is based on one-way hash functions using RSA functions and modular operations. RSA functions are widely used in cryptographic systems. Our watermarking scheme is robust against LSB(Jeast significant bit) attacks and gamma corresction attack, and is also perceptually invisible. We demonstrate the characteristics of our proposed watermarking scheme through experiments.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.21 no.6
• /
• pp.1075-1082
• /
• 2017

This paper describes a design of hash processor which can execute new hash algorithm, SHA-3 and extendable-output function (XOF), SHAKE-256. The processor that consists of padder block, round-core block and output block maximizes its performance by using the block-level pipelining scheme. The padder block formats the variable-length input data into multiple blocks and then round block generates SHA-3 message digest or SHAKE256 result for multiple blocks using on-the-fly round constant generator. The output block finally transfers the result to host processor. The hash processor that is implemented with Xilinx Virtex-5 FPGA can operate up to 220-MHz clock frequency. The estimated maximum throughput is 5.28 Gbps(giga bits per second) for SHA3-512. Because the processor supports both SHA-3 hash algorithm and SHAKE256 algorithm, it can be applicable to cryptographic areas such as data integrity, key generation and random number generation.

• The Journal of the Korea Contents Association
• /
• v.7 no.2
• /
• pp.92-99
• /
• 2007

This paper presented a low power design of a 32bit block cypher processor reduced from the original 128bit architecture. The primary purpose of this research is to evaluate physical implementation results rather than theoretical aspects. The data path and diffusion function of the processor were reduced to accommodate the smaller hardware size. As a running example demonstrating the design approach, we employed a modified ARIA algorithm having four S-boxes. The proposed 32bit ARIA processor comprises 13,893 gates which is 68.25% smaller than the original 128bit structure. The design was synthesized and verified based on the standard cell library of the MagnaChip's 0.35um CMOS Process. A transistor level power simulation shows that the power consumption of the proposed processor reduced to 61.4mW, which is 9.7% of the original 128bit design. The low power design of the block cypher Processor would be essential for improving security of battery-less wireless sensor networks or RFID.

• Journal of the Institute of Electronics Engineers of Korea SD
• /
• v.40 no.9
• /
• pp.702-713
• /
• 2003

The importance of protection for data and information is increasing by the rapid development of information communication and network. And the concern for protecting private information is also growing due to the increasing demand for lots of services by users. Asymmetric cryptosystem is the mainstream in encryption system rather than symmetric cryptosystem by above reasons. But asymmetric cryptosystem is restricted in applying fields by the reason it takes more times to process than symmetric cryptosystem. In this paper, encryption system which executes authentication works of asymmetric cryptosystem by means of symmetric cryptosystem. The proposed cryptosystem uses an algorithms combines that combines block cipherment with stream cipherment and has a high stability in aspect of secret rate by means of transition of key sequence according to the information of plaintext while symmetric/asymmetric cryptosystem conducts encipherment/deciphermeent using a fixed key. Consequently, it is very difficult to crack although unauthenticator acquires the key information. So, the proposed encryption system which has a certification function of asymmetric cryptosystem and a processing time equivalent to symmetric cryptosystems will be highly useful to authorize data or exchange important information.

• Journal of the Institute of Electronics Engineers of Korea SD
• /
• v.40 no.4
• /
• pp.51-57
• /
• 2003

The development of the communication network and the other network method can generate serious social problems. So, it is highly required to control security of network. These problems related security will be developed and keep up to confront with anti-security field such as hacking, cracking. The way to preserve security from hacker or cracker without developing new cryptographic algorithm is keeping the state of anti-cryptanalysis in a prescribed time by means of extending key-length. In this paper, we proposed M3 algorithm for the reduced processing time in the montgomery multiplication part. Proposed M3 algorithm using the matrix function M(.) and lookup table perform optionally montgomery multiplication with repeated operation. In this result, modified repeated operation part produce 30% processing rate than existed montgomery multiplicator. The proposed montgomery multiplication structured unit array method in carry generated part and variable length multiplication for eliminating bottle neck effect with the RSA cryptosystem. Therefore, this proposed montgomery multiplier enforce the real time processing and prevent outer cracking.

• Journal of KIISE:Information Networking
• /
• v.33 no.2
• /
• pp.131-138
• /
• 2006

To achieve security in wireless sensor networks(WSN), it is important to be able to encrypt and authenticate messages sent among sensor nodes. Due to resource constraints, many key agreement schemes used in general networks such as Diffie-Hellman and public-key based schemes are not suitable for wireless sensor networks. The current pre-distribution of secret keys uses q-composite random key and it randomly allocates keys. But there exists high probability not to be public-key among sensor nodes and it is not efficient to find public-key because of the problem for time and energy consumption. To remove problems in pre-distribution of secret keys, we propose a new cryptographic key management protocol, which is based on the clustering scheme but does not depend on probabilistic key. The protocol can increase efficiency to manage keys because, before distributing keys in bootstrap, using public-key shared among nodes can remove processes to send or to receive key among sensors. Also, to find outcompromised nodes safely on network, it selves safety problem by applying a function of lightweight attack-detection mechanism.