• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.25 no.12
• /
• pp.1882-1889
• /
• 2021

This paper describes a high-performance hardware implementation of modular multiplication used as a core operation in elliptic curve cryptography. A 521-bit high-performance modular multiplier for NIST P-521 curve was designed by adopting 3-way Toom-Cook integer multiplication and fast reduction algorithm. Considering the property of the 3-way Toom-Cook algorithm in which the result of integer multiplication is multiplied by 1/3, modular multiplication was implemented on the Toom-Cook domain where the operands were multiplied by 3. The modular multiplier was implemented in the xczu7ev FPGA device to verify its hardware operation, and hardware resources of 69,958 LUTs, 4,991 flip-flops, and 101 DSP blocks were used. The maximum operating frequency on the Zynq7 FPGA device was 50 MHz, and it was estimated that about 4.16 million modular multiplications per second could be achieved.

• Journal of Internet Computing and Services
• /
• v.14 no.5
• /
• pp.11-26
• /
• 2013

In the wireless Internet, it is so restrictive to use the IPSec. The MIPv4 IPSec's path cannot include wireless links. That is, the IPSec of the wireless Internet cannot protect an entire path of Host-to-Host connection. Also wireless circumstance keeps a path static during the shorter time, nevertheless, the IKE for IPSec SA agreement requires relatively long delay. The certificate management of IPSec PKI security needs too much burden. This means that IPSec of the wireless Internet is so disadvantageous. Our paper is to construct the Mobile IPSec proper to the wireless Internet which provides the host-to-host transport mode service to protect even wireless links as applying excellent WP-IBE scheme. For this, Mobile IPSec requires a dynamic routing over a path with wireless links. FA Forwarding is a routing method for FA to extend the path to a newly formed wireless link. The FA IPSec SA for FA Forwarding is updated to comply the dynamically extended path using Source Routing based Bind Update. To improve the performance of IPSec, we apply efficient and strong future Identity based Weil Pairing Bilinear Elliptic Curve Cryptography called as WP-IBE scheme. Our paper proposes the modified protocols to apply 6 security-related algorithms of WP-IBE into the Mobile IPSec. Particularly we focus on the protocols to be applied to construct ESP Datagram.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.9 no.12
• /
• pp.4987-5014
• /
• 2015

The bilinear pairing, also known as Weil pairing or Tate pairing, is widely used in cryptography and its properties help to construct cryptographic schemes for different applications in which the security of the transmitted data is a major concern. In remote login authentication schemes, there are two major requirements: i) proving the identity of a user and the server for legitimacy without exposing their private keys and ii) freedom for a user to choose and change his password (private key) efficiently. Most of the existing methods based on the bilinear property have some security breaches due to the lack of features and the design issues. In this paper, we develop a new scheme using the bilinear property of an elliptic point and the biometric characteristics. Our method provides many features along with three major goals. a) Checking the correctness of the password before sending the authentication message, which prevents the wastage of communication cost; b) Efficient password change phase in which the user is asked to give a new password after checking the correctness of the current password without involving the server; c) User anonymity - enforcing the suitability of our scheme for applications in which a user does not want to disclose his identity. We use BAN logic to ensure the mutual authentication and session key agreement properties. The paper provides informal security analysis to illustrate that our scheme resists all the security attacks. Furthermore, we use the AVISPA tool for formal security verification of our scheme.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2001.11a
• /
• pp.210-214
• /
• 2001

본 논문에서는 이동 통신 시스템에서 사용자 신원확인 및 인증을 하기 위해 타원곡선과 지문인식을 적용하는 시스템을 제안하였다. 제안된 시스템은 타원곡선 암호 시스템의 계산량, 키 크기, 대역폭의 측면에서의 효율성이 고려되었다. 또한, 타원곡선 이산대수 문제가 어렵다는 점에 초점을 맞추었다. 수학적인 증명과 안전성을 분석하여 제안된 시스템의 성능을 분석하였다.

• Proceedings of the Korean Information Science Society Conference
• /
• 1998.10c
• /
• pp.709-711
• /
• 1998

인터넷의 급성장은 전세계의 전반적인 사회 구조를 급변화시킨 원동력이 되었다. 하지만 사용자의 급증으로 현 인터넷의 주소가 한계에 다달았다. 그래서 많은 기업이나 공공 기관에서는 각자의 사설망을 구축하여 사용하지만, 지역적으로 멀리 떨어진 지점과의 통신상의 해킹 문제점들이나, 전용선을 이용할 경우 상당한 비용의 문제점이 발생하였다. 본 논문에서는 가상 사설망을 이용하여 지역적으로 멀리 떨어진 지점과도 하나의 사설망으로 구축하여 인터넷을 사용할 수 있도록 하였다. 또한, 인터넷을 통하여 전송되는 데이터의 해킹문제를 해결하기 위해 타원 곡선 알고리즘을 이용하여 보다 안전하게 전송할 수 있도록 하였다.

• Journal of IKEEE
• /
• v.23 no.4
• /
• pp.1321-1327
• /
• 2019

This paper describes an efficient hardware implementation of modular square root (MSQR) computation over GF(p), which is the operation needed to map plaintext messages to points on elliptic curves for elliptic curve (EC)-ElGamal public-key encryption. Our method supports five sizes of elliptic curves over GF(p) defined by the National Institute of Standards and Technology (NIST) standard. For the Koblitz curves and the pseudorandom curves with 192-bit, 256-bit, 384-bit and 521-bit, the Euler's Criterion based on the characteristic of the modulo values was applied. For the elliptic curves with 224-bit, the Tonelli-Shanks algorithm was simplified and applied to compute MSQR. The proposed method was implemented using the finite field arithmetic circuit with 32-bit datapath and memory block of elliptic curve cryptography (ECC) processor, and its hardware operation was verified by implementing it on the Virtex-5 field programmable gate array (FPGA) device. When the implemented circuit operates with a 50 MHz clock, the computation of MSQR takes about 18 ms for 224-bit pseudorandom curves and about 4 ms for 256-bit Koblitz curves.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2018.05a
• /
• pp.163-165
• /
• 2018

GF(p)상 타원곡선 암호(ECC)와 RSA를 단일 하드웨어로 통합하여 구현한 공개키 암호 프로세서를 설계하였다. 설계된 EC-RSA 공개키 암호 프로세서는 NIST 표준에 정의된 소수체 상의 224-비트 타원 곡선 P-224와 2048-비트 키 길이의 RSA를 지원한다. ECC와 RSA가 갖는 연산의 공통점을 기반으로 워드기반 몽고메리 곱셈기와 메모리 블록을 효율적으로 결합하여 최적화된 데이터 패스 구조를 적용하였다. EC-RSA 공개키 암호 프로세서는 Modelsim을 이용한 기능검증을 통하여 정상동작을 확인하였으며, $0.18{\mu}m$ CMOS 셀 라이브러리로 합성한 결과 11,779 GEs와 14-Kbit RAM의 경량 하드웨어로 구현되었다. EC-RSA 공개키 암호 프로세서는 최대 동작주파수 133 MHz이며, ECC 연산에는 867,746 클록주기가 소요되며, RSA 복호화 연산에는 26,149,013 클록주기가 소요된다.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.9 no.12
• /
• pp.5135-5149
• /
• 2015

Communications among multi-party must be fast, cost effective and secure. Today's computing environments such as internet conference, multi-user games and many more applications involve multi-party. All participants together establish a common session key to enable multi-party and secure exchange of messages. Multi-party password-based authenticated key exchange scheme allows users to communicate securely over an insecure network by using easy-to-remember password. Kwon et al. proposed a practical three-party password-based authenticated key exchange (3-PAKE) scheme to allow two users to establish a session key through a server without pre-sharing a password between users. However, Kwon et al.'s scheme cannot meet the security requirements of key authentication, key confirmation and anonymity. In this paper, we present a novel, simple and efficient multi-party password-based authenticated key exchange (M-PAKE) scheme based on the elliptic curve cryptography for mobile environment. Our proposed scheme only requires two round-messages. Furthermore, the proposed scheme not only satisfies security requirements for PAKE scheme but also achieves efficient computation and communication.

• International Journal of Computer Science & Network Security
• /
• v.21 no.5
• /
• pp.168-174
• /
• 2021

The Cognitive radio (CR) is evolving technology for managing the spectrum bandwidth in wireless network. The security plays a vital role in wireless network where the secondary users are trying to access the primary user's bandwidth. During the allocation the any malicious user either he pretends to be primary user or secondary user to access the vital information's such as credentials, hacking the key, network jam, user overlapping etc. This research paper discusses on various types of attack and to prevent the attack in cognitive radio network. In this research, secondary users are identified by the primary user to access the primary network by the secondary users. The secondary users are given authorization to access the primary network. If any secondary user fails to provide the authorization, then that user will be treated as the malicious user. In this paper two approaches are suggested one by applying elliptic curve cryptography and the other method by using priority-based service access.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2021.05a
• /
• pp.167-170
• /
• 2021

현재, 주요 선진국들을 포함하여 Google과 IBM과 같은 국제 대기업들을 필두로 양자 컴퓨터 개발에 전폭적인 투자들을 하고 있다. 양자 컴퓨터는 특정 분야에 있어 월등한 계산 능력을 보여주며, 기존 컴퓨터에서는 해결할 수 없던 몇몇 문제들을 빠른 시간 내에 해결한다. 이러한 양자 컴퓨터의 등장은 기존 컴퓨터에서는 사실상 풀 수 없는 암호 알고리즘들을 빠른 시간 내에 해결하여 암호학계에 큰 위협이 되고 있다. 현재 사용하고 있는 대부분의 공개키 암호 알고리즘인 RSA와 ECC(Elliptic Curve Cryptography) 또한 공격 대상이다. NIST에서는 다가오는 양자 컴퓨터 시대에 대비하여 양자내성암호 공모전을 주최하였으며 현재 라운드 3에 도입하였다. 본 논문에서는 라운드 3의 후보 알고리즘인 코드기반암호를 공격하는 ISD(Information Set Decoding) 알고리즘에 관한 동향을 조사하였다.