• Journal of KIISE:Computer Systems and Theory
• /
• v.35 no.9_10
• /
• pp.476-484
• /
• 2008

Most string problems and their solutions are relevant to diverse applications such as pattern matching, data compression, recently bioinformatics, and so on. However, there have been few works on the relations between string problems and cryptographic problems. In this paper, we consider the following string reconstruction problems and show how these problems can be applied to cryptography. Given a string x of length n over a constant-sized alphabet ${\sum}$ and a set W of strings of lengths at most an integer $k({\leq}n)$, the first problem is to find the sequence of strings in W that reconstruct x by the minimum number of concatenations. We propose an O(kn+L)-time algorithm for this problem, where L is the sum of all lengths of strings in a given set, using suffix trees and a shortest path algorithm for directed acyclic graphs. The other is a dynamic version of the first problem and we propose an $O(k^3n+L)$-time algorithm. Finally, we show that exponentiation problems that arise in cryptography can be successfully reduced to these problems and propose a new solution for exponentiation.

• Journal of KIISE:Computer Systems and Theory
• /
• v.31 no.1_2
• /
• pp.1-9
• /
• 2004

The important arithmetic operations over finite fields include exponentiation, division, and inversion. An exponentiation operation can be implemented using a series of squaring and multiplication operations using a binary method, while division and inversion can be performed by the iterative application of an AB$^2$ operation. Hence, it is important to develop a fast algorithm and efficient hardware for this operations. In this paper presents new bit-serial architectures for the simultaneous computation of multiplication and squaring operations, and the computation of an $AB^2$ operation over $GF(2^m)$ generated by an irreducible AOP of degree m. The proposed architectures offer a significant improvement in reducing the hardware complexity compared with previous architectures, and can also be used as a kernel circuit for exponentiation, division, and inversion architectures. Furthermore, since the Proposed architectures include regularity and modularity, they can be easily designed on VLSI hardware and used in IC cards.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.16 no.2
• /
• pp.41-47
• /
• 2016

The times of multiplication for encryption and decryption of cryptosystem is primarily determined by implementation efficiency of the modular exponentiation of $a^b$(mod m). The most frequently used among standard modular exponentiation methods is a standard binary method, of which n-ary($2{\leq}n{\leq}6$) is most popular. The n-ary($1{\leq}n{\leq}6$) is a square-and-multiply method which partitions $b=b_kb_{k-1}{\cdots}b_1b_{0(2)}$ into n fixed bits from right to left and squares n times and multiplies bit values. This paper proposes a variable-length partition algorithm that partitions $b_{k-1}{\cdots}b_1b_{0(2)}$ from left to right. The proposed algorithm has proved to reduce the multiplication frequency of the fixed-length partition n-ary method.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.6
• /
• pp.1091-1102
• /
• 2014

The power analysis attack is a cryptanalytic technique to retrieve an user's secret key using the side-channel power leakage occurred during the execution of cryptographic algorithm embedded on a physical device. Especially, many power analysis attacks have targeted on an exponentiation algorithm which is composed of hundreds of squarings and multiplications and adopted in public key cryptosystem such as RSA. Recently, a new correlation power attack, which is tried when two modular multiplications have a same input, is proposed in order to recover secret key. In this paper, after reviewing the principle of side-channel attack based on input collisions in modular multiplications, we analyze the vulnerability of some exponentiation algorithms having regularity property. Furthermore, we present an improved exponentiation countermeasure to resist against the input collision-based CPA(Correlation Power Analysis) attack and existing side channel attacks and compare its security with other countermeasures.

• The Mathematical Education
• /
• v.60 no.1
• /
• pp.21-39
• /
• 2021

The aim of this study was to deduce implications of the growth of mathematics teachers' specialty for effective instruction about the formulae of exponentiation with rational exponents by analyzing teachers' understanding of the definition of rational exponent. In order to accomplish the aim, this study ascertained the nature of the definition of rational exponent through examining previous literature and established specific research questions with reference to the results of the examination. A questionnaire regarding the nature of the definition was developed in order to solve the questions and was taken to 50 in-service high school teachers. By analysing the data from the written responses by the teachers, this study delineated four characteristics of the teachers' understanding with regard to the definition of rational exponent. Firstly, the teachers did not explicitly use the condition of the bases with rational exponents while proving f'(x)=rxr-1. Secondly, few teachers explained the reason why the bases with rational exponents must be positive. Thirdly, there were some teachers who misunderstood the formulae of exponentiation with rational exponents. Lastly, the majority of teachers thought that $(-8)^{\frac{1}{3}}$ equals to -2. Additionally, several issues were discussed related to teacher education for enhancing teachers' knowledge about the definition, features of effective instruction on the formulae of exponentiation and improvement points to explanation methods about the definition and formulae on the current high school textbooks.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.15 no.7
• /
• pp.2610-2630
• /
• 2021

The aim of this paper is to propose the alternative algorithm to finish the process in public key cryptography. In general, the proposed method can be selected to finish both of modular exponentiation and point multiplication. Although this method is not the best method in all cases, it may be the most efficient method when the condition responds well to this approach. Assuming that the binary system of the exponent or the multiplier is considered and it is divided into groups, the binary system is in excellent condition when the number of groups is small. Each group is generated from a number of 0 that is adjacent to each other. The main idea behind the proposed method is to convert the exponent or the multiplier as the subtraction between two integers. For these integers, it is impossible that the bit which is equal to 1 will be assigned in the same position. The experiment is split into two sections. The first section is an experiment to examine the modular exponentiation. The results demonstrate that the cost of completing the modular multiplication is decreased if the number of groups is very small. In tables 7 - 9, four modular multiplications are required when there is one group, although number of bits which are equal to 0 in each table is different. The second component is the experiment to examine the point multiplication process in Elliptic Curves Cryptography. The findings demonstrate that if the number of groups is small, the costs to compute point additions are low. In tables 10 - 12, assigning one group is appeared, number of point addition is one when the multiplier of a point is an even number. However, three-point additions are required when the multiplier is an odd number. As a result, the proposed method is an alternative way that should be used when the number of groups is minimal in order to save the costs.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.5
• /
• pp.985-991
• /
• 2015

The user's secret key can be retrieved by various side channel leakage informations occurred during the execution of cryptographic RSA exponentiation algorithm which is embedded on a security device. The collision-based power analysis attack known as a serious side channel threat can be accomplished by finding some collision pairs on a RSA power consumption trace. Recently, an RSA exponentiation algorithm was proposed as a countermeasure which is based on the window method adopted combination of message blinding and exponent splitting. In this paper, we show that this countermeasure provides approximately $2^{53}$ attack complexity, much lower than $2^{98}$ insisted in the original article, when the window size is two.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.4
• /
• pp.585-591
• /
• 2013

Recently, the combined attack which is a combination of side channel analysis and fault attack has been developed to extract the secret key during the cryptographic processes using a security device. Unfortunately, an attacker can find the private key of RSA cryptosystem through one time fault injection and power signal analysis. In this paper, we diagnosed SPA/FA resistant BNP(Boscher, Naciri, and Prouff) exponentiation algorithm as having threats to a similar combined attack. And we proposed a simple countermeasure to resist against this combined attack by randomizing the private key using error infective method.

• Journal of the Korea Institute of Military Science and Technology
• /
• v.2 no.1
• /
• pp.159-169
• /
• 1999

Recently a firewall is being employed to protect hacking by controlling the traffics. The security services in the firewall include authentication, access control, confidentiality, integrity, and audit trail. A token is adapted for authentication to the firewall. A token has a small battery within which has restricted power capacity, This paper proposes a novel cost-effective firewall token for hacking protecting on transmission control protocol/internet protocol (TCP/IP) based network. This paper proposes a fast exponentiation method with a sparse prime that take a major operation for a public-key crypto-system and a major power consumption in the token. The proposed method uses much less amount of modular operations in exponentiation that is reduced of battery's capacity or CPU's price in the token.

• Journal of KIISE:Computer Systems and Theory
• /
• v.26 no.9
• /
• pp.1055-1063
• /
• 1999

공개키 암호화 시스템에서 주된 연산은 512비트 이상의 큰 수에 의한 모듈러 지수 연산으로 표현되며, 이 연산은 내부적으로 모듈러 곱셈을 반복적으로 수행함으로써 계산된다. 본 논문에서는 Montgomery 알고리즘을 분석하여 right-to-left 방식의 모듈러 지수 연산에서 공통으로 계산 가능한 부분을 이용하여 모듈러 제곱과 모듈러 곱셈을 동시에 수행하는 선형 시스톨릭 어레이를 설계한다. 설계된 시스톨릭 어레이는 VLSI 칩과 같은 하드웨어로 구현함으로써 IC 카드나 smart 카드에 이용될 수 있다.Abstract The main operation of the public-key cryptographic system is represented the modular exponentiation containing 512 or more bits and computed by performing the repetitive modular multiplications. In this paper, we analyze Montgomery algorithm and design the linear systolic array for performing modular multiplication and modular squaring simultaneously using the computable part in common in right-to-left modular exponentiation. The systolic array presented in this paper could be designed on VLSI hardware and used in IC and smart card.