• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 1994.11a
• /
• pp.166-179
• /
• 1994

Diffie-Hellman 의 공개 키 암호 프로토콜이 제안된 이후 이산 대수 문제의 어려움이 프로토콜의 안전도와 깊이 연관되었다. 유한체를 이용한 암호 기법을 ElGamal 이 세웠으나, Index-Calculus 알고리듬에 의해 유한체위 에서 이산 대수 문제가 subexponential 알고리듬이되 어 ElGamal 기법의 안전도가 약해졌다. Nonsupersingular타원 곡선을 선택하여 유한체대신 ElGamal 암호 기법에 적용하면 안전한 암호 시스템을 설계할 수 있다. 이 논문에서는 콤퓨터 구현시 용이한 nonsupersingular 타원 곡선을 선택하는 방법, 유한체위에서의 연산, 평문을 타원 곡선의 원소로 임베드(Imbedding) 하는 방법 등 타원 곡선을 암호시스템에 적응하기 어려운 점들에 대한 해결 방법을 소개하고, 실제로 콤퓨터로 구현하여 그 실행 결과와 ElGamal 기법을 개선한 Schnorr 기법을 실행한 결과를 밝혔다.

• Proceedings of the Korea Multimedia Society Conference
• /
• 2003.05b
• /
• pp.246-249
• /
• 2003

현재의 인터넷의 발달로 인해 전자 상거래의 E-비즈니스 서비스를 이용하고 있는 사용자가 증가하고 있다. E-비즈니스 서비스에는 이용료나 상품의 가격을 지불하게 된다. 현재의 기존 화폐로 지불할 경우 E-비즈니스 서비스에 적용하는데 많은 취약성을 가지고 있다. 이로 인해 전자 화폐가 제안되고 연구하게 되었다 전자 화폐는 화폐를 전자적으로 구현하여 사용하는 것으로써 현재 많은 전자 화폐가 연구되고 있다. 본 논문에서는 익명성을 제공하는 방법으로는 은닉서명을 이용한 기존의 논문들을 분석하고 ElGamal 방식을 사용하여 익명성을 제공해주는 소액전자지불시스템을 제안한다.

• Journal of the Korea Society of Computer and Information
• /
• v.29 no.8
• /
• pp.103-112
• /
• 2024

This study was initiated with the aim of authenticating that inputs have not been tampered with without disclosing them in the case of computations where multiple inputs are entered by participants using the same key. In general, in the authentication stage, authentication is performed after the input value is disclosed, but we do not want to reveal the inputs until the end. This is a case of deviating from the traditional security model in which malicious participants exist in cryptography, but it is a malicious attack method that can actually occur enough. Privacy infringement or distortion of calculation results can occur due to malicious manipulation of input values. To prevent this, this study studied a method that can authenticate that the message is not a modified message without disclosing the message using the signature system, zero-knowledge proof, and commitment scheme. In particular, by modifying the ElGamal signature system and combining it with the commitment scheme and zero-knowledge proof, we designed and proved a verification protocol that the input data is not a modified data, and the efficiency was improved by applying batch verification between authentication.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.9 no.4
• /
• pp.23-36
• /
• 1999

As the blind signature(10) does not reveal any information about the message or its signature it has been used for preventing the information leakage and for providing the anonymity in secure electronic payment systems. Unfortunately this perfect anonymity could be misused by criminals as blind signatures prevent linking the withdrawal of money nd the payment made 표 the same customer. Therefore we should provide publicly verifiable mechanism if it is required for the judge to trace the blackmailed messages. In this paper we propose a modified blind signature scheme which additionally provides the role of message recovery after analyzing the existing meta-ELGamal scheme(12) suggested by Horster. And we suggest a new fair blind multi-signature scheme based on the oblivious transfer protocol with which a judge can publicly verify its fairness and correctness if needed. Proposed scheme can also applicable to the diverse electronic payment applications.

• The Journal of the Korea Contents Association
• /
• v.5 no.3
• /
• pp.83-91
• /
• 2005

The digital signature can be verified and disavowed only with cooperation of the signer in 'undeniable signature scheme. A signed confidential document of a company can be copied and delivered to a rival company. If a conventional signature scheme is used to sign the document, it can be confirmed as authentic by verifying the signature without the signer's cooperation. However, if the company doesn't want the document to be verified as authentic by the rival company, it is recommended to use the undeniable signature scheme. Convertible undeniable signature scheme has additional property that the signer can convert undeniable signature to the ordinary one. The document signed by undeniable signature scheme that is no longer confidential can be opened to public use by converting the signature to the ordinary one. In this study, the efficient multipurpose convertible undeniable signature scheme based on El-Gamal signature scheme is proposed. The proposed scheme satisfies undeniable property and can convert undeniable signature to the ordinary one. The number of public keys and signatures are less than those of Boyar's convertible signature scheme. It also reduces the number of communication steps of the signature confirmation protocol.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.14 no.2
• /
• pp.15-22
• /
• 2004

For an ElGamal-type signature scheme using a generate g of order q, it has been well-known that the message nonce should be chosen randomly in the interval (0, q-1) for each message to be signed. In (2), H. Kuwakado and H. Tanaka proposed a polynomial time algorithm that gives the private key of the signer if two signatures with message nonces 0＜$k_1$, $k_2$$\leq$Ο(equation omitted) are available. Recently, R. Gallant, R. Lambert, and S. Vanstone suggested a method to improve the efficiency of elliptic curve crytosystem using integer decomposition. In this paper, by applying the integer decomposition method to the algorithm proposed by Kuwakado and Tanaka, we extend the algorithm to work in the case when ｜$k_1$ ｜,｜$k_2$, ｜$\leq$Ο(equation mitted) and improve the efficiency and completeness of the algorithm.

• Proceedings of the Korean Information Science Society Conference
• /
• 1998.10c
• /
• pp.703-705
• /
• 1998

타원 곡선 암호 시스템은 기존의 암호 시스템에 비해 단위 비트당 키 길이가 작으며, 속도가 빠르다는 장점을 가지고 있으며 이러한 장점을 이용하여 휴대 통신 기기에 적용할 수 있다. 이에 본 논문에서는 타원 곡선에 대한 사항에 대하여 살펴보며, 이산 로그 문제에 기반한 전자 서명 알고리즘인 ElGamal 스킴을 타원 곡선에 적용한 타원 곡선 전자 서명 구현 방안을 제시하고자 한다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.1 no.1
• /
• pp.3-15
• /
• 1991

in 1984 Shamir proposed the concept of ID(identity)-based cryptosystem and digital signature scheme wich does not require any public file for storing the user' s public keys. In this paper, the concept of the ID-based cryptosystem based on discrete logarithm problem using the conven-tional public-key cryptosystems is described, and the implementation method of the ID-based cryptosystem is also presented. The new digital signaturw schme based on the ID-based crypto-system is proposed and possible atacks are considered and analyzed for the security of digital signature scheme. The proposed ID-based schemes are particularrly useful for smart card and personal identification card application.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 1992.11a
• /
• pp.41-54
• /
• 1992

본 논문에서는 정보를 효율적으로 저장, 관리, 전송할 수 있는 기능을 담당하는 분산 디렉토리 시스템（X. 500시리즈）의 모델과 MHS와의 연계 방안을 알아 보고, 이 시스템에서의 인증 방식 중의 하나인 상세 인증（strong authentication）의 문제점과 그 해결 방안을 제시하였다. 또한 X. 509 권고안에서의 디지털 서명을 생성하는 구체적인 방법으로 특정 성질을 갖는 공개키 암호 방식인 RSA를 이용하였으나 본 논문에서는 ElGamal 방식을 분산 디렉토리 시스템에 적용시킴으로써 RSA 방식이 아닌 다른 방식도 X. 509에 적용 가능하다는 것을 보였다.

• Journal of KIISE:Computer Systems and Theory
• /
• v.31 no.1_2
• /
• pp.112-117
• /
• 2004

In this paper, we propose a suitable multiplication architecture for cellular automata in a finite field $GF(2^m)$. Proposed least significant bit first multiplier is based on irreducible all one Polynomial, and has a latency of (m+1) and a critical path of $ 1-D_{AND}＋1-D{XOR}$.Specially it is efficient for implementing VLSI architecture and has potential for use as a basic architecture for division, exponentiation and inverses since it is a parallel structure with regularity and modularity. Moreover our architecture can be used as a basic architecture for well-known public-key information service in $GF(2^m)$ such as Diffie-Hellman key exchange protocol, Digital Signature Algorithm and ElGamal cryptosystem.