• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.14 no.6
• /
• pp.25-31
• /
• 2014

When the public key e and the composite number n=pq are disclosed but not the private key d in an asymmetric-key RSA, message decryption is carried out by obtaining ${\phi}(n)=(p-1)(q-1)=n+1-(p+q)$ and subsequently computing $d=e^{-1}(mod{\phi}(n))$. The most commonly used decryption algorithm is integer factorization of n/p=q or $a^2{\equiv}b^2$(mod n), a=(p+q)/2, b=(q-p)/2. But many of the RSA numbers remain unfactorable. This paper therefore applies baby-step giant-step discrete logarithm and $2^k$-ary modular exponentiation to directly obtain ${\phi}(n)$. The proposed algorithm performs a reverse baby-step and $2^k$-ary adult-step. As a results, it reduces the execution time of basic adult-step to $1/2^k$ times and the memory $m={\lceil}\sqrt{n}{\rceil}$ to l, $a^l$ > n, hence obtaining ${\phi}(n)$ by executing within l times.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.13 no.6
• /
• pp.221-228
• /
• 2013

It is impossible directly to find a prime number p,q of a large semiprime n = pq using Trial Division method. So the most of the factorization algorithms use the indirection method which finds a prime number of p = GCD(a-b, n), q=GCD(a+b, n); get with a congruence of squares of $a^2{\equiv}b^2$ (mod n). It is just known the fact which the area that selects p and q about n=pq is between $10{\cdots}00$ < p < $\sqrt{n}$ and $\sqrt{n}$ < q < $99{\cdots}9$ based on $\sqrt{n}$ in the range, [$10{\cdots}01$, $99{\cdots}9$] of $l(p)=l(q)=l(\sqrt{n})=0.5l(n)$. This paper proposes the method that reduces the range of p using information obtained from n. The proposed method uses the method that sets to $p_{min}=n_{LR}$, $q_{min}=n_{RL}$; divide into $n=n_{LR}+n_{RL}$, $l(n_{LR})=l(n_{RL})=l(\sqrt{n})$. The proposed method is more effective from minimum 17.79% to maxmimum 90.17% than the method that reduces using $\sqrt{n}$ information.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.38B no.12
• /
• pp.944-953
• /
• 2013

Recently, a storage media is becoming smaller and storage capacity is also becoming larger than before. However, important data was leaked through a small storage media. To solve these serious problem, many security companies manufacture secure USBs with secure function, such as data encryption, user authentication, not copying data, and management system for secure USB, etc. But various attacks, such as extracting flash memory from USBs, password hacking or memory dump, and bypassing fingerprint authentication, have appeared. Therefore, security techniques related to secure USBs have to concern many threats for them. The basic components for a secure USB are secure authentication and data encryption techniques. Though existing secure USBs applied password based user authentication, it is necessary to develop more secure authentication because many threats have appeared. And encryption chipsets are used for data encryption however we also concern key managements. Therefore, this paper suggests mutual device authentication based on PUF (Physical Unclonable Function) between USBs and the authentication server and key management without storing the secret key. Moreover, secure USB is systematically managed with metadata and authentication information stored in authentication server.

• The Journal of Korea Institute of Information, Electronics, and Communication Technology
• /
• v.13 no.5
• /
• pp.425-431
• /
• 2020

Recent advancements in industries and technologies have resulted in an increase in the volume of transportation, management, and distribution of logistics. Radio-frequency identification (RFID) technologies have been developed to efficiently manage such a large amount of logistics information. The use of RFID for management is being applied not only to the logistics industry, but also to the power transmission and energy management field. However, due to the limitation of program development capacity, the RFID device is limited in development, and this limitation is vulnerable to security because the existing strong encryption method cannot be used. For this reason, we designed a chaotic system for security with simple operations that are easy to apply to such a restricted environment of RFID. The designed system is a two-dimensional tent map chaotic system. In order to solve the problem of a biased distribution of signals according to the parameters of the chaotic dynamical system, the system has a cryptographic parameter(𝜇₁), a distribution parameter(𝜇₂), and a parameter(𝜃), which is the constant point, ID value, that can be used as a key value. The designed RFID authentication system is similar to random numbers, and it has the characteristics of chaotic signals that can be reproduced with initial values. It can also solve the problem of a biased distribution of parameters, so it is deemed to be more effective than the existing encryption method using the chaotic system.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.14 no.3
• /
• pp.13-25
• /
• 2004

The key exchange protocols are very crucial tools to provide the secure communication in the broadband satellite access network. They should be required to satisfy various requirements such as security, key confirmation, and key freshness. In this paper, we present the guideline of security functions in BSAN(Broadband Satellite Access Network), and analyze the specification of the security primitives and the hey exchange Protocols for the authenticated key agreement between RCST(Return Channel Satellite Terminal) and NCC(fretwork Control Centre). In addition, we propose the security specification for a domestic broad satellite network based on the analysis on the analysis profile of ETSI(European Telecommunications Standards Institute) standards. The key exchange protocols proposed in ETSI standard are vulnerable to man-in-the-middle attack and they don't provide key confirmation. To overcome this shortcoming, we propose the 4 types of the key exchange protocols which have the resistant to man-in-the-middle-attack, key freshness, and key confirmation, These proposed protocols can be used as a key exchange protocol between RCST and NCC in domestic BSAN. These proposed protocols are based on DH key exchange protocol, MTI(Matsumoto, Takashima, Imai) key exchange protocol, and ECDH(Elliptic Curve Diffie-Hellman).

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.10 no.4
• /
• pp.81-93
• /
• 2000

In a methodological approach to improve the processing performance of modulo exponentiation which is the primary arithmetic in RSA crypto algorithm, we present a new RSA hardware architecture based on high-radix modulo multiplication and CRT(Chinese Remainder Theorem). By implementing the modulo multiplier using radix-16 arithmetic, we reduced the number of PE(Processing Element)s by quarter comparing to the binary arithmetic scheme. This leads to having the number of clock cycles and the delay of pipelining flip-flops be reduced by quarter respectively. Because the receiver knows p and q, factors of N, it is possible to apply the CRT to the decryption process. To use CRT, we made two s/2-bit multipliers operating in parallel at decryption, which accomplished 4 times faster performance than when not using the CRT. In encryption phase, the two s/2-bit multipliers can be connected to make a s-bit linear multiplier for the s-bit arithmetic operation. We limited the encryption exponent size up to 17-bit to maintain high speed, We implemented a linear array modulo multiplier by projecting horizontally the DG of Montgomery algorithm. The H/W proposed here performs encryption with 15Mbps bit-rate and decryption with 1.22Mbps, when estimated with reference to Samsung 0.5um CMOS Standard Cell Library, which is the fastest among the publications at present.

• Journal of KIISE
• /
• v.44 no.10
• /
• pp.1112-1123
• /
• 2017

As content providers further offload content-centric services to the cloud, data retrieval over the cloud typically results in many redundant items because there is a prevalent near-duplication of content on the Internet. Simply fetching all data from the cloud severely degrades efficiency in terms of resource utilization and bandwidth, and data can be encrypted by multiple content providers under different keys to preserve privacy. Thus, locating near-duplicate data in a privacy-preserving way is highly dependent on the ability to deduplicate redundant search results and returns best matches without decrypting data. To this end, we propose an efficient near-duplicate detection scheme for encrypted data in the cloud. Our scheme has the following benefits. First, a single query is enough to locate near-duplicate data even if they are encrypted under different keys of multiple content providers. Second, storage, computation and communication costs are alleviated compared to existing schemes, while achieving the same level of search accuracy. Third, scalability is significantly improved as a result of a novel and efficient two-round detection to locate near-duplicate candidates over large quantities of data in the cloud. An experimental analysis with real-world data demonstrates the applicability of the proposed scheme to a practical cloud system. Last, the proposed scheme is an average of 70.6% faster than an existing scheme.

• KIPS Transactions on Computer and Communication Systems
• /
• v.6 no.9
• /
• pp.397-406
• /
• 2017

In case of using the existing encrypted algorithm for massive data encryption service under the cloud environment, the problem that requires much time in data encryption come to the fore. To make up for this weakness, a partial encryption method is used generally. However, the existing partial encryption method has a disadvantage that the encrypted data can be inferred due to the remaining area that is not encrypted. This study proposes a partial encryption method of increasing the encryption speed and complying with the security standard in order to solve this demerit. The proposed method consists of 3 processes such as header formation, partial encryption and block shuffle. In step 1 Header formation process, header data necessary for the algorithm are generated. In step 2 Partial encryption process, a part of data is encrypted, using LEA (Lightweight Encryption Algorithm), and all data are transformed with XOR of data in the unencrypted part and the block generated in the encryption process. In step 3 Block shuffle process, the blocks are mixed, using the shuffle data stored with the random arrangement form in the header to carry out encryption by transforming the data into an unrecognizable form. As a result of the implementation of the proposed method, applying it to a mobile device, all the encrypted data were transformed into an unrecognizable form, so the data could not be inferred, and the data could not be restored without the encryption key. It was confirmed that the proposed method could make prompt treatment possible in encrypting mass data since the encryption speed is improved by approximately 273% or so compared to LEA which is Lightweight Encryption Algorithm.

• Journal of the Institute of Electronics Engineers of Korea CI
• /
• v.43 no.1 s.307
• /
• pp.1-8
• /
• 2006

This thesis proposes Arithmetic Shift Register(ASR) which can be used as pseudo random number generator. Arithmetic Shift. Register is defined as progression that multiplies random number D , not 0 or 1 at initial value which is not 0, and it is represented as ASR-D in this thesis. Irreducible polynomial that t which makes $'D^k=1'$ satisfies uniquely as $'t=2^n-1'$ over. $GF(2^n)$ is the characteristic polynomial of ASR-D , and the cycle of Arithmetic Shift Register has maximum cycle as $'2^n-1'$. Galois Linear Feedback Shift Register corresponds to ASR-2-1. Therefore, Arithmetic Shift Register proposed in this thesis generalizes Galois Linear Feedback Shift Register. Linear complexity of ASR-D over$GF(2^n)$ is $'n{\leq}LC{\leq}\frac{n^2+n}{2}'$ and in comparison with existing Linear Feedback Shift Register stability is high. The Software embodiment of arithmetic shift register proposed in this thesis is efficient than that of existing Linear Shift Register and hardware complexity is equal. Arithmetic shift register proposed in this thesis can be used widely in various fields such as cipher, error correcting codes, Monte Carlo integral, and data communication etc along with existing linear shift register.

• Journal of KIISE:Computer Systems and Theory
• /
• v.36 no.5
• /
• pp.396-403
• /
• 2009

An anonymous asymmetric fingerprinting protocol combined with watermarking techniques, is one of the copyright protection technologies keeping both right of a seller and that of a buyer, where a seller and an anonymous buyer perform such a protocol that employs various cryptographic tools in order that the seller does not know the exact watermarked copy that the buyer receives, while inserting an invisible non-removable fingerprint i.e., each different unique watermark, into each copy of the digital content to be sold. In such a protocol innocent buyers are kept anonymous during transactions, however, the unlawful reseller is unambiguously identified with a real identity as a copyright violator. In 2007, Yong and Lee proposed an anonymous asymmetric fingerprinting scheme with trusted third party. In this paper we point out the weakness of their scheme such as: the buyer with intention can remove the fingerprint in the watermarked content, because he/she can decrypt the encrypted fingerprint with a symmetric key using man-in-the-middle-attack; a real identity of a buyer can be revealed to the seller through the identification process even though he/she is honest. Furthermore, we propose an improved secure and efficient anonymous asymmetric fingerprinting scheme which enables to reduce the number of communication between the participants.