• Proceedings of the Korean Information Science Society Conference
• /
• 2002.10c
• /
• pp.673-675
• /
• 2002

기존의 SET은 전자서명(digital signature), 데이터 암호화(data encryption), 전자 봉투(digital envelope)로 구성되어 있으며, RSA, SHA, DES를 사용하여 프로토콜을 구현하는데, 본 논문은 ECC의 공개키와 개인키를 이용하여 암호 강도가 강화된 대칭키 알고리즘을 제안하고 SET의 전자 봉투를 생략한 SSET를 제안하고 있다.

• Proceedings of the Korean Information Science Society Conference
• /
• 2003.10a
• /
• pp.754-756
• /
• 2003

많은 디지털 서명 알고리즘들이 제안되었지만, 내제된 위험 요소들은 여전히 해결되지 않고 있다. 그 중 해쉬 함수의 충돌(Collision)문제가 있는데, 중요한 것은 이 문제로 인해 메시지가 일단 위조되면 어느 누구도 그 메시지의 위법성을 증명할 수 없다는 것이다. 따라서, 본 논문에서는 이 문제를 해결하는 방법에 대해 연구하고 새로운 디지털 서명 방식을 제안한다. 제안된 디지털 서명 방식은 해쉬(Hash) 알고리즘의 안전성 정도에 상관없고 오직 공개키 암호의 안전성에 연관되기 때문에 계산 속도가 빠른 해쉬 알고리즘을 사용할 수 있다. 또한, 이 방식은 기존 디지털 서명 알고리즘과 함께 사용될 수 있어서 E-commerce를 더욱 활성화시킬 것으로 예상된다.

• The KIPS Transactions:PartC
• /
• v.12C no.4 s.100
• /
• pp.489-494
• /
• 2005

In 2002, Shundong Xia proposed a new ID-based group signature scheme with strong separability. The nature of a strong separability is to divide group manager's role into a membership manager and a revocation manager Jianhong et al showed that the scheme was not coalition-resistant. In this letter, we first propose two new attacks, forgery and link attacks, for Xia-You's scheme. We also propose a new ID-based group signature scheme that Is resistant to coalition, forgery and link attacks

• The Journal of Information Technology
• /
• v.5 no.4
• /
• pp.129-137
• /
• 2002

In this paper, a public key knapsack cryptosystem algorithm is based on the security to a difficulty of polynomial factorization in computer communication networks is proposed. For the proposed public key knapsack cryptosystem, a polynomial vector Q(x,y,z) is formed by transform of superincreasing vector P, a polynomial g(x,y,z) is selected. Next then, the two polynomials Q(x,y,z) and g(x,y,z) is decided on the public key. The enciphering first selects plaintext vector. Then the ciphertext R(x,y,z) is computed using the public key polynomials and a random integer $\alpha$. For the deciphering of ciphertext R(x,y,z), the plaintext is determined using the roots x, y, z of a polynomial g(x,y,z)=0 and the increasing property of secrety key vector. Therefore a public key knapsack cryptosystem is based on the security to a difficulty of factorization of a polynomial g(x,y,z)=0 with three variables. The propriety of the proposed public key cryptosystem algorithm is verified with the computer simulation.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.15 no.6
• /
• pp.119-125
• /
• 2005

We propose a new code-based publick key encryption scheme. It is obtained by modifying the Augot and Finiasz scheme proposed at Eurocrypt 2003. We replace the Reed-Solomon codes with general algebraic-geometry codes and employ Guruswami-Sudan decoding algorithm for decryption. The scheme is secure against Colon's attack or Kiayias and Yung's attack to which the Augot and Finiasz scheme is vulnerable. Considering basic attacks aprlied to the Augot and Finiasz scheme, we claim that the proposed scheme provides similar security levels as the Augot and Finiasz scheme was claimed to provide for given key lengths.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.12 no.4
• /
• pp.67-76
• /
• 2002

Kerberos is designed to provide strong authentication between client and application servers which are working in distributed network environment by using symmetric-key cryptography, and supposed to trust other systems of the realm. In this paper, we design an efficient and strong authentication mechanism by introducing the public/private-key to Kerberos. In the mechanism to make a system more secure, the value of the session key is changed everytime using MAC(message authentication code) algorithm with the long-term key for user-authentication and a random number exchanged through the public key. Also, we employ a mutual authentication method, which is used on challenge-response mechanism based on digital signatures, to improve trust between realms, and present a way of reducing the number of keys by simplifying authentication steps.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.15 no.11
• /
• pp.2374-2380
• /
• 2011

Many people is preferred to mVoIP which offers call telephone-quality and convenient UI as well as free of charge. On the other hand, security of mVoIP is becoming an issue as it using Internet network may have danger about wiretapping. Although traditionally encryption algorithm of symmetric key for security of voice data has been used, ECC algorithm of public key type has been preferring for encryption because it is stronger in part the strength of encryption than others. However, the existing way is restricted by lots of operations in poor mobile environment. Thus this paper proposes the efficiency of resource consumption way by reducing cryptographic operations.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.16 no.5
• /
• pp.47-57
• /
• 2006

Mobile Ad-hoc networks have various implementation constraints such as infrastructure-free, no trusted authority, node mobility, and the limited power and small memory of mobile device. And just like wired networks, various security issues such as authentication, confidentiality, integrity, non-repudiation, access control, availability and so on have been arisen in mobile Ad-hoc networks. But we focus on authentication of these security issues because it is quitely affected by the characteristics of networks. In this paper, we propose the authentication protocol that can limit the size of certificate repository as $log_2N$ and assures to make a trusted certificate path from one node to another, adopting the concept of Hamming distance. Particularly, our protocol can construct a trusted certificate path in spite of decreasing or increasing the number of nodes in mobile Ad-hoc network.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2003.12a
• /
• pp.205-208
• /
• 2003

암호 시스템의 안전성 및 신뢰성은 키의 안전성에 기반을 두기 때문에, 암호 시스템의 설계 및 구현 시 키를 안전하게 생성하는 것은 매우 중요한 일이다. 키 생성은 암호학적인 안전성을 만족하는 키를 생성하는 절차를 의미하며, 키를 생성하기 위해서는 지금까지 알려진 여러 가지 공격 방법들에 대한 안전성을 확보할 수 있는 파라미터를 사용해야 한다. 본 논문에서는 암호 시스템의 설계 및 구현 시 공개키 암호방식의 키 생성 단계에서 이산대수 문제와 소인수분해 문제를 푸는 알고리즘들을 이용한 공격으로부터 안전성을 갖기 위한 요구사항을 분석한다. 또한 이러한 결과를 바탕으로 키 생성 단계의 안전성 확보를 위한 요구사항 명세서를 작성한다.

• The KIPS Transactions:PartC
• /
• v.11C no.7 s.96
• /
• pp.971-980
• /
• 2004

This paper describes the design and implementation of the video conferencing system using public key infrastructure which is used for user authentication and encryption. Public key infrastructure reinforces the authentication process for conference participant, and the symmetric key system blocks malicious access to information and protect conference control information. This paper shows the implementation of the trans portation layer secure protocol in conformity with Korea public key authentication algorithm standard and symmetric encryption algorithm (DES, 3DES and AES) for media stream encryption. In this paper, we deal with two ways of protecting information : transportation layer secure protocol secures user authentication process and the conference control information; while public key-based authentication system protects personal information of users when they connect to the network. When distributing the session keys for encryption, Internet Key Exchange is used for P2P communication, and secure protocol is employed for 1 : N multi-user communication in the way of distributing the public key-based en-cryption key.