• Title/Summary/Keyword: secret key cryptography

Search Result 70, Processing Time 0.022 seconds

Single Trace Analysis against HyMES by Exploitation of Joint Distributions of Leakages (HyMES에 대한 결합 확률 분포 기반 단일 파형 분석)

  • Park, ByeongGyu;Kim, Suhri;Kim, Hanbit;Jin, Sunghyun;Kim, HeeSeok;Hong, Seokhie
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.28 no.5
    • /
    • pp.1099-1112
    • /
    • 2018
  • The field of post-quantum cryptography (PQC) is an active area of research as cryptographers look for public-key cryptosystems that can resist quantum adversaries. Among those categories in PQC, code-based cryptosystem provides high security along with efficiency. Recent works on code-based cryptosystems focus on the side-channel resistant implementation since previous works have indicated the possible side-channel vulnerabilities on existing algorithms. In this paper, we recovered the secret key in HyMES(Hybrid McEliece Scheme) using a single power consumption trace. HyMES is a variant of McEliece cryptosystem that provides smaller keys and faster encryption and decryption speed. During the decryption, the algorithm computes the parity-check matrix which is required when computing the syndrome. We analyzed HyMES using the fact that the joint distributions of nonlinear functions used in this process depend on the secret key. To the best of our knowledge, we were the first to propose the side-channel analysis based on joint distributions of leakages on public-key cryptosystem.

A Multi-Stage Encryption Technique to Enhance the Secrecy of Image

  • Mondal, Arindom;Alam, Kazi Md. Rokibul;Ali, G.G. Md. Nawaz;Chong, Peter Han Joo;Morimoto, Yasuhiko
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.13 no.5
    • /
    • pp.2698-2717
    • /
    • 2019
  • This paper proposes a multi-stage encryption technique to enhance the level of secrecy of image to facilitate its secured transmission through the public network. A great number of researches have been done on image secrecy. The existing image encryption techniques like visual cryptography (VC), steganography, watermarking etc. while are applied individually, usually they cannot provide unbreakable secrecy. In this paper, through combining several separate techniques, a hybrid multi-stage encryption technique is proposed which provides nearly unbreakable image secrecy, while the encryption/decryption time remains almost the same of the exiting techniques. The technique consecutively exploits VC, steganography and one time pad (OTP). At first it encrypts the input image using VC, i.e., splits the pixels of the input image into multiple shares to make it unpredictable. Then after the pixel to binary conversion within each share, the exploitation of steganography detects the least significant bits (LSBs) from each chunk within each share. At last, OTP encryption technique is applied on LSBs along with randomly generated OTP secret key to generate the ultimate cipher image. Besides, prior to sending the OTP key to the receiver, first it is converted from binary to integer and then an asymmetric cryptosystem is applied to encrypt it and thereby the key is delivered securely. Finally, the outcome, the time requirement of encryption and decryption, the security and statistical analyses of the proposed technique are evaluated and compared with existing techniques.

A Study on AES-based Mutual Authentication Protocol for IoT Devices (사물인터넷 디바이스를 위한 AES 기반 상호인증 프로토콜)

  • Oh, Se-Jin;Lee, Seung-Woo
    • Journal of Industrial Convergence
    • /
    • v.18 no.5
    • /
    • pp.23-29
    • /
    • 2020
  • The Internet of things (IoT) is the extension of Internet connectivity into various devices and everyday objects. Embedded with electronics, Internet connectivity and other forms of hardware. The IoT poses significant risk to the entire digital ecosystem. This is because so many of these devices are designed without a built-in security system to keep them from being hijacked by hackers. This paper proposed a mutual authentication protocol for IoT Devices using symmetric-key algorithm. The proposed protocol use symmetric key cryptographic algorithm to securely encrypt data on radio channel. In addition, the secret key used for encryption is random number of devices that improves security by using variable secret keys. The proposed protocol blocked attacker and enabled legal deives to communicate because only authenticated devices transmit data by a mutual authentication protocol. Finally, our scheme is safe for attacks such as eavesdropping attack, location tracking, replay attack, spoofing attack and denial of service attack and we confirmed the safety by attack scenario.

A Design of Block cipher-Secure Electronic Xenogenesis Alorithm for Efficient Plaintext Management in Block Cryptosystem

  • Lee, Seon-Keun;Kim, Hwan-Yong
    • The Journal of Korean Institute of Communications and Information Sciences
    • /
    • v.28 no.4C
    • /
    • pp.356-364
    • /
    • 2003
  • Presently, etwork is being in the existence as an influence can not be neglected. This rapid progress of network has gone with development of mobile network and information communication. But the development of network can generate serous social problems. So, it is highly required to control security of network. These problems related security will be developed and keep up to confront with anti-security part such as hacking, cracking. There's no way to preserve security from hacker or cracker without delvelopping new cryptographic algorithm or keeping the state of anti-cryptanalysis in a prescribed time by means of extendig key-length. Worldwidely, many researchers for network security are trying to handle these problems. In this paper, we proposed a new block cryptosystem. The Block cipher-Secure Electronic Xenogenesis Algorithm(B-SEXA) which is capable to cipher regardless of key distribution or key-length for these definite problem is proposed and designed in hardware. B-SEXA increase secret level from using a MDP and MLP in maximum is proposed to prevent cryptograpy analysis. The designed B-SEXA in this paper performed synthesization and simulation using Synopsys Vwe. 1999.10 and VHDL.

Study on Improvement of Weil Pairing IBE for Secret Document Distribution (기밀문서유통을 위한 Weil Pairing IBE 개선 연구)

  • Choi, Cheong-Hyeon
    • Journal of Internet Computing and Services
    • /
    • v.13 no.2
    • /
    • pp.59-71
    • /
    • 2012
  • PKI-based public key scheme is outstanding in terms of authenticity and privacy. Nevertheless its application brings big burden due to the certificate/key management. It is difficult to apply it to limited computing devices in WSN because of its high encryption complexity. The Bilinear Pairing emerged from the original IBE to eliminate the certificate, is a future significant cryptosystem as based on the DDH(Decisional DH) algorithm which is significant in terms of computation and secure enough for authentication, as well as secure and faster. The practical EC Weil Pairing presents that its encryption algorithm is simple and it satisfies IND/NM security constraints against CCA. The Random Oracle Model based IBE PKG is appropriate to the structure of our target system with one secret file server in the operational perspective. Our work proposes modification of the Weil Pairing as proper to the closed network for secret file distribution[2]. First we proposed the improved one computing both encryption and message/user authentication as fast as O(DES) level, in which our scheme satisfies privacy, authenticity and integrity. Secondly as using the public key ID as effective as PKI, our improved IBE variant reduces the key exposure risk.

An Escrow-Free Two-party Identity-based Key Agreement Protocol without Using Pairings for Distinct PKGs

  • Vallent, Thokozani Felix;Yoon, Eun-Jun;Kim, Hyunsung
    • IEIE Transactions on Smart Processing and Computing
    • /
    • v.2 no.3
    • /
    • pp.168-175
    • /
    • 2013
  • Key escrow is a default property that is inherent in identity-based cryptography, where a curious private key generator (PKG) can derive a secret value shared by communicating entities in its domain. Therefore, a dishonest PKG can encrypt and decrypt ciphers or can carry out any attack on the communicating parties. Of course, the escrow property is not completely unwanted but is acceptable in other particular applications. On the other hand, in more civil applications, this key escrow property is undesirable and needs to be removed to provide maximum communication privacy. Therefore, this paper presents an escrow-free identity-based key agreement protocol that is also applicable even in a distinct PKG condition that does not use pairings. The proposed protocol has comparable computational and communicational performance to many other protocols with similar security attributes, of which their security is based on costly bilinear pairings. The protocol's notion was inspired by McCullagh et al. and Chen-Kudla, in regard to escrow-free and multi-PKG key agreement ideas. In particular, the scheme captures perfect forward secrecy and key compromise impersonation resilience, which were lacking in McCullagh et al.'s study, as well as all other desirable security attributes, such as known key secrecy, unknown key-share resilience and no-key control. The merit in the proposed protocol is the achievement of all required security requirements with a relatively lower computational overhead than many other protocols because it precludes pairings.

  • PDF

Analysis of Certificateless Signcryption Schemes and Construction of a Secure and Efficient Pairing-free one based on ECC

  • Cao, Liling;Ge, Wancheng
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.12 no.9
    • /
    • pp.4527-4547
    • /
    • 2018
  • Signcryption is a cryptographic primitive that provides authentication (signing) and confidentiality (encrypting) simultaneously at a lower computational cost and communication overhead. With the proposition of certificateless public key cryptography (CLPKC), certificateless signcryption (CLSC) scheme has gradually become a research hotspot and attracted extensive attentions. However, many of previous CLSC schemes are constructed based on time-consuming pairing operation, which is impractical for mobile devices with limited computation ability and battery capacity. Although researchers have proposed pairing-free CLSC schemes to solve the issue of efficiency, many of them are in fact still insecure. Therefore, the challenging problem is to keep the balance between efficiency and security in CLSC schemes. In this paper, several existing CLSC schemes are cryptanalyzed and a new CLSC scheme without pairing based on elliptic curve cryptosystem (ECC) is presented. The proposed CLSC scheme is provably secure against indistinguishability under adaptive chosen-ciphertext attack (IND-CCA2) and existential unforgeability under adaptive chosen-message attack (EUF-CMA) resting on Gap Diffie-Hellman (GDH) assumption and discrete logarithm problem in the random oracle model. Furthermore, the proposed scheme resists the ephemeral secret leakage (ESL) attack, public key replacement (PKR) attack, malicious but passive KGC (MPK) attack, and presents efficient computational overhead compared with the existing related CLSC schemes.

A Ternary Tree-based Authenticated Group Key Agreement For Dynamic Peer Group (동적 피어 그룹을 위한 삼진 트리방식의 인증된 그룹 키 합의 프로토콜)

  • Kim, Ho-Hee;Kim, Soon-Ja
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.22 no.6
    • /
    • pp.1253-1263
    • /
    • 2012
  • As a result of the increased popularity of group oriented applications, the design of an efficient authenticated group key agreement protocol has received a lot of attention. Lee et al. proposed a tree-based group key agreement protocol, which applies a ternary key tree structure and pairing-based cryptography to the key agreement of Dynamic Peer Group. In their protocol, only the group sponsor knows all member's session random keys computes all blinded keys. In addition, when the group sponsor leaves a group, all nodes of the tree should be changed. In this paper, we present the modified protocol that has several sponsors. Since a secret value for each member isn't given to the group sponsor, the key renewing of our protocol is more secure and efficient than that of Lee et al.'s protocol in the previous case. Therefore, our protocol is suitable to Dynamic Peer Groups.

Yi et al.'s Group Key Exchange Protocol : A Security Vulnerability and its Remediation (Yi등이 제안한 그룹 키 교환 프로토콜의 보안 취약성 및 개선 방법)

  • Lee, Young-Sook;Kim, Jee-Yeon;Won, Dong-Ho
    • Journal of the Korea Society of Computer and Information
    • /
    • v.17 no.4
    • /
    • pp.91-98
    • /
    • 2012
  • A group key exchange (GKE) protocol is designed to allow a group of parties communicating over a public network to establish a common secret key. As group-oriented applications gain popularity over the Internet, a number of GKE protocols have been suggested to provide those applications with a secure multicast channel. Among the many protocols is Yi et al.'s password-based GKE protocol in which each participant is assumed to hold their individual password registered with a trusted server. A fundamental requirement for password-based key exchange is security against off-line dictionary attacks. However, Yi et al.'s protocol fails to meet the requirement. In this paper, we report this security problem with Yi et al.'s protocol and show how to solve it.

An Efficient Hardware Implementation of Lightweight Block Cipher Algorithm CLEFIA for IoT Security Applications (IoT 보안 응용을 위한 경량 블록 암호 CLEFIA의 효율적인 하드웨어 구현)

  • Bae, Gi-chur;Shin, Kyung-wook
    • Journal of the Korea Institute of Information and Communication Engineering
    • /
    • v.20 no.2
    • /
    • pp.351-358
    • /
    • 2016
  • This paper describes an efficient hardware implementation of lightweight block cipher algorithm CLEFIA. The CLEFIA crypto-processor supports for three master key lengths of 128/192/256-bit, and it is based on the modified generalized Feistel network (GFN). To minimize hardware complexity, a unified processing unit with 8 bits data-path is designed for implementing GFN that computes intermediate keys to be used in round key scheduling, as well as carries out round transformation. The GFN block in our design is reconfigured not only for performing 4-branch GFN used for round transformation and intermediate round key generation of 128-bit, but also for performing 8-branch GFN used for intermediate round key generation of 256-bit. The CLEFIA crypto-processor designed in Verilog HDL was verified by using Virtex5 XC5VSX50T FPGA device. The estimated throughput is 81.5 ~ 60 Mbps with 112 MHz clock frequency.