• The Journal of Korean Association of Computer Education
• /
• 제14권4호
• /
• pp.43-51
• /
• 2011

Recently, by the development of information technology, we can get various information from anywhere in real time. However, personal information is exposed to threats which may incur unwanted information leakage. Cryptography serves as a primary study to prevent this leakage. However, some theories of cryptography are based on complex mathematical theories which make many people confused. Therefore, in this paper, we develope a software which is helpful to understand RSA algorithm, which is widely used algorithm in digital signature to protect personal information.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• 제19권6호
• /
• pp.63-70
• /
• 2009

Many research results show that RSA system mounted using conventional binary exponentiation algorithm is vulnerable to some physical attacks. Recently, Schmidt and Hurbst demonstrated experimentally that an attacker can exploit secret key using faulty signatures which are obtained by skipping the squaring operations. Based on similar assumption of Schmidt and Hurbst's fault attack, we proposed new fault analysis attacks which can be made by skipping the multiplication operations or computations in looping control statement. Furthermore, we applied our attack to Montgomery ladder exponentiation algorithm which was proposed to defeat simple power attack. As a result, our fault attack can extract secret key used in Montgomery ladder exponentiation.

• KIPS Transactions on Computer and Communication Systems
• /
• 제2권2호
• /
• pp.83-92
• /
• 2013

RSA-CRT is a widely used algorithm that provides high performance implementation of the RSA-signature algorithm. Many previous studies on each operation step have been published to verify the physical leakages of RSA-CRT when used in smart devices. This paper proposes SAED (subtraction algorithm analysis on equidistant data), which extracts sensitive information using the event information of the subtraction operation in a reduction algorithm. SAED is an attack method that uses algorithm-dependent power signal changes. An adversary can extract a key using differential power analysis (DPA) of the subtraction operation. This paper indicates the theoretical rationality of SAED, and shows that its results are better than those of other methods. According to our experiments, only 256 power traces are sufficient to acquire one block of data. We verify that this method is more efficient than those proposed in previously published studies.

• Proceedings of the Korea Society for Industrial Systems Conference
• /
• 한국산업정보학회 2000년도 춘계학술대회논문집
• /
• pp.85-92
• /
• 2000

본 연구에서는 인터넷 쇼핑몰 패키지용 전자지불시스템에서 구매자가 인터넷상에서 안전한 지불을 하기 위해 사용하는 전자지갑인 CM-Wallet을 SET프로토콜기준에 따라 개발하였다. CM-Wallet은 RSA 1024bit, Triple DES 168bit 암호키 및 전자서명, 이중서명을 생성함으로서 메시지 보안도가 SET 기준을 만족하였다. 그리고, 복잡한 절차는 내부적으로 처리하여 구매자가 사용하기 쉽게 화면으로 보여지는 절차를 간소화하였으며, 전자지갑을 사용할 때 복잡한 절차에 대한 불편함을 해소하였다.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 한국정보보호학회 1998년도 종합학술발표회논문집
• /
• pp.167-181
• /
• 1998

전자 상거래를 비롯한 많은 정보보호 응용분야가 공개키 암호 시스템을 기반으로 설계되고 있으며, 이러한 현상 때문에 PKI의 중요성이 날로 증가하고 있다. 또한 PKI에서 믿음의 근간이 되는 것은 루트 CA이며, 루트 CA의 안전성을 증가시키기 위한 연구가 지속되고 있다. 루트 CA의 안전성을 향상시키는 가장 좋은 접근 방법은 비밀 공유 방식을 이용하는 것이다. 본 논문에서는 기존에 발표된 RSA 키 생성 프로토콜과 서명문 생성 프로토콜을 분석하고 새로운 서명문 생성 프로토콜을 제안한다. 또한 실제 루트 CA에 이러한 결과들을 적용하는 방안을 제시한다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 한국정보처리학회 2007년도 춘계학술발표대회
• /
• pp.1104-1106
• /
• 2007

IPv6 환경에서 SEcure Neighbor Discovery(SEND) 프로토콜은 Neighbor Discovery 프로토콜의 위협 요소를 제거하고 단말 노드의 안전한 통신을 위한 환경을 제공함으로써 보다 안정적으로 인터넷 서비스를 제공할 수 있게 되었다. 하지만 SEND 프로토콜을 Mobile IPv6와 연동하는 과정에서 모바일 노드가 다른 네트워크로 이동하였을 경우 SEND 프로토콜 동작 과정에서의 취약점을 발견하고 기존의 방식과 차별화된 RSA기반의 위임 정보에 기반한 대리 서명 기법을 사용하여 문제를 해결하였다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• 제12권5호
• /
• pp.95-105
• /
• 2002

This paper describes an efficient method to implement a hardware circuit of RSA public key cryptographic algorithm, which is important to public-key cryptographic system for an authentication, a key exchange and a digital signature. The RSA algorithm needs a modular exponential for its cryptographic operation, and the modular exponential operation is consists of repeated modular multiplication. In a numerous algorithm to compute a modular multiplication, the Montgomery algorithm is one of the most widely used algorithms for its conspicuous efficiency on hardware implementation. Over the past a few decades a considerable number of studies have been conducted on the efficient hardware design of modular multiplication for RSA cryptographic system. But many of those studies focused on the decrease of operating time for its higher performance. The most important thing to design a hardware circuit, which has a limit on a circuit area, is a trade off between a small circuit area and a feasible operating time. For these reasons, we modified the Montgomery algorithm for its efficient hardware structure for a system having a limit in its circuit area and implemented the refined algorithm in the IESA system developed for ETRI's smart card emulating system.

• Proceedings of the Korean Society of Broadcast Engineers Conference
• /
• 한국방송공학회 2008년도 동계학술대회
• /
• pp.89-93
• /
• 2008

본 논문에서는 단순전력 분석(SPA)과 오류주입공격(FA)에 안전한 중국인의 나머지 정리를 이용한 RSA 암호 시스템(CRT-RSA)에 대하여 논한다. CRT-RSA를 이용한 서명 알고리즘은 스마트카드와 같은 내장형 장치(embedded device)에서 널리 사용된다. 하지만 이러한 장치들은 전력분석 공격과 오류주입 공격에 취약하다. 2005년 Giraud가 처음으로 단순전력분석과 오류주입공격에 모두 안전한 대응 방법을 제안하였다. 본 논문에서는 Giraud의 대응 방법에 대한 다른 공격방법을 소개하고, 제시한 공격 방법에도 안전한 대응 방법을 제안한다. 본 논문에서 제안하는 대응 방법은 세 개의 메모리와 덧셈과 뺄셈연산을 추가적으로 요구한다. 추가적으로 요구되는 연산량은 모듈러 지수승 연산에 필요한 연산량에 비교하면 크게 고려하지 않아도 될 연산량이다. 그러므로 본 논문에서 제안하는 대응 방법은 내장형 장치와 같은 환경에서 안전하고 효율적으로 이용될 수 있다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• 제1권1호
• /
• pp.3-15
• /
• 1991

in 1984 Shamir proposed the concept of ID(identity)-based cryptosystem and digital signature scheme wich does not require any public file for storing the user' s public keys. In this paper, the concept of the ID-based cryptosystem based on discrete logarithm problem using the conven-tional public-key cryptosystems is described, and the implementation method of the ID-based cryptosystem is also presented. The new digital signaturw schme based on the ID-based crypto-system is proposed and possible atacks are considered and analyzed for the security of digital signature scheme. The proposed ID-based schemes are particularrly useful for smart card and personal identification card application.

• Journal of the Institute of Electronics Engineers of Korea TC
• /
• 제47권1호
• /
• pp.91-98
• /
• 2010

This paper proposes authority delegation for secure social community creation and mutual authentication scheme between the community members using proxy signature in community-based ubiquitous networks. In community-based ubiquitous network, User's context-awareness information is collected and used to provide context-awareness network service and application service for someone who need it. For the many reason, i.e. study, game, information sharing, business and conference, social community could be created by members of a social group. However, in community-based ubiquitous network, this kind of the context-awareness information could be abused and created by a malicious nodes for attack the community. Also, forgery community could be built up to attack the community members. The proposed scheme using the proxy signature provides a mutual authentication and secure secret key exchange between community members, and supports secure authority delegation that can creates social community. Also, when delegation of signing authority and mutual authentication, this scheme reduces total computation time compared to the RSA signature scheme.