• International Journal of Internet, Broadcasting and Communication
• /
• v.10 no.3
• /
• pp.11-25
• /
• 2018

While being believed that decrypting any RSA ciphertext is as hard as factorizing the RSA modulus, it was also shown that, if additional information is available, breaking the RSA cryptosystem may be much easier than factoring. For example, Coppersmith showed that, given the 1/2 fraction of the least or the most significant bits of one of two RSA primes, one can factorize the RSA modulus very efficiently, using the lattice-based technique. More recently, introducing the so called cold boot attack, Halderman et al. showed that one can recover cryptographic keys from a decayed DRAM image. And, following up this result, Heninger and Shacham presented a polynomial-time attack which, given 0.27-fraction of the RSA private key of the form (p, q, d, $d_p$, $d_q$), can recover the whole key, provided that the given bits are uniformly distributed. And, based on the work of Heninger and Shacham, this paper presents a different approach for recovering RSA private key bits from decayed key information, under the assumption that some random portion of the private key bits is known. More precisely, we present the algorithm of recovering RSA private key bits from erased key material and elaborate the formula of describing the number of partially-recovered RSA private key candidates in terms of the given erasure rate. Then, the result is justified by some extensive experiments.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.3
• /
• pp.349-356
• /
• 2020

GIFT is a PRESENT-like cryptographic algorithm proposed in CHES 2017 and used S-box that can be implemented through a bit-slice technique[1]. Since bit-permutation is used as a linear layer, it can be efficiently implemented in hardware, but bit-slice implementation in software requires a specific conversion process, which is costly. In this paper, we propose a new bit-permutation that enables efficient bit-slice implementation and GIFT-64-variant using it. GIFT-64-variant has better safety than the existing GIFT in terms of differential and linear cryptanalysis.

• The KIPS Transactions:PartC
• /
• v.10C no.6
• /
• pp.825-834
• /
• 2003

In this paper, we propose a new certified e-mail system which reduces user's computational overhead and distributes confidentiality of TTP(Trusted Third Partty). Based on the traditional cryptographic schemes and server-supported signiture for fairness and confidentiality of message, we intend to minimize to computation overhead of mobile device on public key algorithm. Therefore, our proposal becomes to be suitable for mail user sho uses mobile devices such as cellular phone and PDA. Moreover, the proposed system is fault-tolerant, secure against mobile adversary and conspiracy attack, since it is based on the threshold cryptography on server-side.

• The Transactions of The Korean Institute of Electrical Engineers
• /
• v.66 no.12
• /
• pp.1899-1904
• /
• 2017

This paper presents a new one-time password approach generated based on $4{\times}4$ pattern schedule. It demonstrates generation of passkey from initial seed of random codes and mapping out in table pattern schedule which will produce a new form of OTP scheme in protecting information or data. The OTP-2FA has been recognized by many organizations as a landmark to authentication techniques. OTP is the solution to the shortcomings of the traditional user name/password authentication. With the application of OTP, some have benefited already while others have had second thoughts because of some considerations like cryptographic issue. This paper presents a new method of algorithmic approach based on table schedule (grid authentication). The generation of OTP will be based on the random parameters that will be mapped out in rows and columns allowing the user to form the XY values to get the appropriate values. The algorithm will capture the values and extract the predefined characters that produce the OTP codes. This scheme can work in any information verification system to enhance the security, trust and confidence of the user.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.5
• /
• pp.1099-1103
• /
• 2016

The user's secret key can be retrieved by the leakage informations of power consumption occurred during the execution of scalar multiplication for elliptic curve cryptographic algorithm which can be embedded on a security device. Recently, a carry random recoding method is proposed to prevent simple power and differential power analysis attack by recoding the secret key. In this paper, we show that this recoding method is still vulnerable to the differential power analysis attack due to the limitation of the size of carry bits, which is a different from the original claim.

• Journal of KIISE:Computer Systems and Theory
• /
• v.26 no.7
• /
• pp.743-751
• /
• 1999

공개키 암호 시스템에서 모듈러 지수 연산은 주된 연산으로, 이 연산은 내부적으로 모듈러 곱셈을 반복적으로 수행함으로써 계산된다. 본 논문에서는 GF(2m)상에서 수행할 수 있는 Montgomery 알고리즘을 분석하여 right-to-left 방식의 모듈러 지수 연산에서 공통으로 계산 가능한 부분을 이용하여 모듈러 제곱과 모듈러 곱셈을 동시에 수행하는 선형 시스톨릭 어레이를 설계한다. 본 논문에서 설계한 시스톨릭 어레이는 기존의 곱셈기보다 모듈러 지수 연산시 약 0.67배 처리속도 향상을 가진다. 그리고, VLSI 칩과 같은 하드웨어로 구현함으로써 IC 카드에 이용될 수 있다.Abstract One of the main operations for the public key cryptographic system is the modular exponentiation, it is computed by performing the repetitive modular multiplications. In this paper, we analyze Montgomery's algorithm and design a linear systolic array to perform modular multiplication and modular squaring simultaneously. It is done by using common-multiplicand modular multiplication in the right-to-left modular exponentiation over GF(2m). The systolic array presented in this paper improves about 0.67 times than existing multipliers for performing the modular exponentiation. It could be designed on VLSI hardware and used in IC cards.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2014.05a
• /
• pp.221-223
• /
• 2014

Power analysis attack on cryptographic hardware device aims to study the power consumption while performing operations using secrets keys. Power analysis is a form of side channel attack which allow an attacker to compute the key encryption from algorithm using Simple Power Analysis (SPA), Differential Power Analysis (DPA) or Correlation Power Analysis (CPA). The theoretical weaknesses in algorithms or leaked informations from physical implementation of a cryptosystem are usually used to break the system. This paper describes how power analysis work and we provide an overview of countermeasures against power analysis attacks.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.6 no.4
• /
• pp.97-106
• /
• 1996

In this paper, we define an equivalence relation on the group of all permutations over the finite field GF($2^n$) and show each equivalence class has common cryptographic properties. And, we classify all exponent permutations over GF($2^7$) and GF($2^8$). Then, three applications of our results are described. We suggest a method for designing $n\;{\times}\;2n$ S(ubstitution)-boxes by the concatenation of two exponent permutations over GF($2^n$) and study the differential and linear resistance of them. And we can easily indicate that the conjecture of Beth in Eurocrypt '93 is wrong, and discuss the security of S-box in LOKI encryption algorithm.

• Journal of the Korea Society of Computer and Information
• /
• v.28 no.2
• /
• pp.55-62
• /
• 2023

Radio waves must pass through the unstable atmosphere for successful wireless data transmission from space to ground stations. Data link algorithms required by the International Space Data Systems Advisory Committee (CCSDS) must be capable of detecting and resynchronizing cryptographic and receiver-side errors. However, error recovery is not part of the CCSDS requirements. This paper proposes an algorithm that enables robustness and error recovery against various noises. We experimented with environments such as Gaussian, Salt, Pepper, and S&P noise through noise reduction filters, filters that improve sharpness, and EDSR. In addition, we compare similar algorithms SES Alarmed and DSES Alarmed.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.17 no.2
• /
• pp.504-519
• /
• 2023

Heart disease is becoming the top reason of death all around the world. Diagnosing cardiac illness is a difficult endeavor that necessitates both expertise and extensive knowledge. Machine learning (ML) is becoming gradually more important in the medical field. Most of the works have concentrated on the prediction of cardiac disease, however the precision of the results is minimal, and data integrity is uncertain. To solve these difficulties, this research creates an Integrated Accurate-Secure Heart Disease Prediction (IAS) Model based on Deep Convolutional Neural Networks. Heart-related medical data is collected and pre-processed. Secondly, feature extraction is processed with two factors, from signals and acquired data, which are further trained for classification. The Deep Convolutional Neural Networks (DCNN) is used to categorize received sensor data as normal or abnormal. Furthermore, the results are safeguarded by implementing an integrity validation mechanism based on the hash algorithm. The system's performance is evaluated by comparing the proposed to existing models. The results explain that the proposed model-based cardiac disease diagnosis model surpasses previous techniques. The proposed method demonstrates that it attains accuracy of 98.5 % for the maximum amount of records, which is higher than available classifiers.