• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.23 no.5
• /
• pp.15-20
• /
• 2023

Until now, Pollard's Rho algorithm has been known as the most efficient way for discrete algebraic problems to decrypt symmetric keys. However, the algorithm is being studied on how to further reduce the complexity of O(${\sqrt{p}}$) performance, along with the disadvantage of having to store the giant stride m=⌈${\sqrt{p}}$⌉ data. This paper proposes an array method for cycle detection in discrete logarithms. The proposed method reduces the number of updates of stack memory by at least 73%. This is done by only updating the array when (x_i<0.5x_i-1)∩(x_i<0.5(p-1)). The proposed array method undergoes the same number of modular calculation as stack method, but significantly reduces the number of updates and the execution time for array through the use of a binary search method.

• Bulletin of the Korean Mathematical Society
• /
• v.53 no.4
• /
• pp.1051-1069
• /
• 2016

Combining the concept of self-certified public key and message recovery, Li-Zhang-Zhu (LZZ) gives the proxy signature scheme with message recovery using self-certified public key. The security of the proposed scheme is based on the discrete logarithm problem (DLP) and one-way hash function (OWHF). Their scheme accomplishes the tasks of public key verification, proxy signature verification, and message recovery in a logically single step. In addition, their scheme satisfies all properties of strong proxy signature and does not use secure channel in the communication between the original signer and the proxy signer. In this paper, it is shown that in their signature scheme a malicious signer can cheat the system authority (SA), by obtaining a proxy signature key without the permission of the original signer. At the same time malicious original signer can also cheat the SA, he can also obtain a proxy signature key without the permission of the proxy signer. An improved signature scheme is being proposed, which involves the remedial measures to get rid of security flaws of the LZZ et al.'s. The security and performance analysis shows that the proposed signature scheme is maintaining higher level of security, with little bit of computational complexity.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.6 no.1
• /
• pp.90-96
• /
• 2011

In this paper, we propose a new discrete logarithm problem(DLP) based on the class semigroups of imaginary quadratic non-maximal orders using the special character of non-invertible ideal and analysis its security. To do this, we first explain the mathematical background explicitly and prove some properties of Cls (O) which relate to constructing the DLP and guaranteeing the security. To test the security of the proposed DLP, we compare the class number of the maximal order with that of the non-maximal order and investigate the unique factorization problems of ideals between class groups of the maximal orders and class semigroups of non-maximal orders to ensure the security of the cryptosystem.

• The KIPS Transactions:PartC
• /
• v.11C no.3
• /
• pp.287-292
• /
• 2004

BOCC(Brand's Offline Cash with a Counter) is useful in mobile environments, but it has the possibility of attacking amount data in a smart card. To insert the upper & lower limitation of amount into a token data decreases the level of risk. If upper and lower values are same, it means a fixed amount token. Since refund can more often happen in on-line commerce, refundability is added. BOCC is based on Discrete Logarithm Problem, needs exponential computations. But mobile terminals like cell phones have low computational power. As a result, ECC is used to Improve the performance supporting same security level.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.9 no.2
• /
• pp.73-82
• /
• 1999

In an open network computing environment a host cannot to identity its users correctly to network services. In order to prevent this thing we present the design of a authentication scheme 솟 using the notion of rth -residuosity problem and discrete logarithm problem which is proposed by S. J. Park et al. The proposed scheme described here is efficient method for mutual authentication without leakage of users identity in mobile communication system that ensure user anonymity and untraceability.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.9 no.4
• /
• pp.61-70
• /
• 1999

In this paper we propose the verifiable self-certified schemes(key distribution scheme identification scheme digital signature scheme) based on ${\gamma}$th -residuosity which make up for defects of Girault's self-certified schemes allow the authenticity of public keys to be verified during the use of the keys. The security of our schemes is based on the difficulty of ${\gamma}$th -residuosity problem and discrete logarithm problem simultaneously.

• Journal of Communications and Networks
• /
• v.18 no.1
• /
• pp.1-7
• /
• 2016

Most of the previous proxy re-encryption schemes rely on the average-case hardness problems such as the integer factorization problems and the discrete logarithm problems. Therefore, they cannot guarantee its security under quantum analysis, since there exist quantum algorithms efficiently solving the factorization and logarithm problems. In the paper, we propose the first proxy re-encryption scheme based on the hard worst-case lattice problems. Our scheme has many useful properties as follows: Unidirectional, collusion-resistant, noninteractive, proxy invisible, key optimal, and nontransitive.We also provided the formal security proof of the proposed scheme in the random oracle model.

• Journal of Communications and Networks
• /
• v.15 no.1
• /
• pp.1-7
• /
• 2013

Most of the provably-secure proxy signature schemes rely on the average-case hardness problems such as the integer factorization problems and the discrete logarithm problems. Therefore, those schemes are insecure to quantum analysis algorithms, since there exist quantum algorithms efficiently solving the factorization and logarithm problems. To make secure proxy signature schemes against quantum analysis, some lattice-based proxy signature schemes are suggested. However, none of the suggested lattice-based proxy signature schemes is proxy-protected in the adaptive security model. In the paper, we propose a provably-secure ID-based proxy signature scheme based on the lattice problems. Our scheme is proxy-protected in the adaptive security model.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.15 no.2
• /
• pp.23-29
• /
• 2015

The baby-step giant-step algorithm seeks b in a discrete logarithm problem when a,c,p of $a^b{\equiv}c$(mod p) are already given. It does so by dividing p by m block of $m={\lceil}{\sqrt{p}}{\rceil}$ length and letting one giant walk straight toward $a^0$ with constant m strides in search for b. In this paper, I basically reduce $m={\lceil}{\sqrt{p}}{\rceil}$ to p/l, $a^l$ > p and replace a giant with an adult who is designed to walk straight with constant l strides. I also extend the algorithm to allow $2^k$ adults to walk simultaneously. As a consequence, the proposed algorithm quarters the execution time of the basic adult-walk method when applied to $2^k$, (k=2) in the range of $1{\leq}b{\leq}p-1$. In conclusion, the proposed algorithm greatly shorten the step number of baby-step giant-step.

• Journal of the Korea Society of Computer and Information
• /
• v.18 no.8
• /
• pp.87-93
• /
• 2013

A baby-step giant-step algorithm divides n by n blocks that possess $m={\lceil}\sqrt{n}{\rceil}$ elements, and subsequently computes and stores $a^x$ (mod n) for m elements in the 1st block. It then calculates mod n for m blocks and identifies each of them with those in the 1st block of an identical elemental value. This paper firstly proposes a modified baby-step giant-step algorithm that divides ${\lceil}m/2{\rceil}$ blocks with m elements applying $a^{{\phi}(n)/2}{\equiv}1(mod\;n)$ and $a^x(mod\;n){\equiv}a^{{\phi}(n)+x}$ (mod n) principles. This results in a 50% decrease in the process of the giant-step. It then suggests a reverse baby-step giant step algorithm that performs and saves ${\lceil}m/2{\rceil}$ blocks firstly and computes $a^x$ (mod n) for m elements. The proposed algorithm is found to successfully halve the memory and search time of the baby-step giant step algorithm.