• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.11 no.5
• /
• pp.17-30
• /
• 2001

In this paper, we implemented a scalar multiplier needed at an elliptic curve cryptosystem over standard basis in $GF(2^{163})$. The scalar multiplier consists of a radix-16 finite field serial multiplier and a finite field inverter with some control logics. The main contribution is to develop a new fast finite field inverter, which made it possible to avoid time consuming iterations of finite field multiplication. We used an algorithmic transformation technique to obtain a data-independent computational structure of the Extended Euclid GCD algorithm. The finite field multiplier and inverter shown in this paper have regular structure so that they can be easily extended to larger word size. Moreover they can achieve 100% throughput using the pipelining. Our new scalar multiplier is synthesized using Hyundai Electronics 0.6$\mu\textrm{m}$ CMOS library, and maximum operating frequency is estimated about 140MHz. The resulting data processing performance is 64Kbps, that is it takes 2.53ms to process a 163-bit data frame. We assure that this performance is enough to be used for digital signature, encryption & decryption and key exchange in real time embedded-processor environments.

• Journal of the Korea Society of Computer and Information
• /
• v.10 no.5 s.37
• /
• pp.161-170
• /
• 2005

The Certificate Revocation List(CRL) or the Online Certificate Status Protocol(OCSP)has been used to validate certificates. However, the CRL cannot validate certificates in realtime because of the Time-Gap problem and the OCSP server overloads in a large scale secure system. In addition, the client cannot access a wired LAN until the client has been authenticated by the authentication server on the IEEE 802. 1x framework. Therefore, the client cannot validate the authentication server's certificate using a certificate validation server. Thus, the client cannot authenticate the authentication server in realtime. To solve these problems this paper designed a secure system that can protect the content of communications and authenticate users in realtime on a wireless LAN The designed certificate validation protocol was proved that the stability and efficiency of the system was very high, the result of the validation had the presence, the speed of the validation was not affected by the system scale, the number of authorities user must trust was reduced to one, and the overload of the validation server was Protected. And the designed user authentication and key exchange protocols were Proved that the mutual authentication was possible in realtime and the fact of the authentication could be authorized by the CA because of using the authorized certificates.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.20 no.5
• /
• pp.23-36
• /
• 2010

Signcryption is a cryptographic primitive which offers authentication and confidentiality simultaneously with a cost lower than signing and encrypting the message independently. We propose a new cryptographic notion called Identity-based online/offline signcryption. The notion of online/offline scheme can be divided into two phases, the first phase is performed offline prior to the arrival of a message to be signed or encrypted and the second phase is performed online phase after knowing the message and the public key of recipient. The Online phase does not require any heavy computations such as pairings or exponents. It is particularly suitable for power-constrained devices such as smart cards. In this paper, we propose ID-based signcryption scheme and ID-based online/offline signcryption scheme where the confidentiality and authenticity are simultaneously required to enable a secure and trustable communication environment. To our best knowledge, this is the first ID-based online/offline signcryption scheme that can be proven secure in the standard model.