• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.13 no.3
• /
• pp.111-117
• /
• 2003

The XTR public key system has advantage of short key length and fast computing speed. So, the XTR is used usefully in complicated operation. In this paper, we propose a new algorithm of double exponentiation operation and a proxy signature protocol based on the XTR. The double exponentiation operation should be executed to apply XTR for the proxy signature protocol. But this algorithm is inappropriate, because two secret key has to be blown in existent operation algorithm. New algorithm enable double exponentiation operation with proxy signer's secret key and public information. And the XTR is used to generation and verification of proxy at proxy signature protocol. Therefore proxy signature based on the XTR has basic advantage of the XTR. These advantage can be used in internet as well as mobile.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2002.11a
• /
• pp.261-265
• /
• 2002

본 논문에서는 XTR에 기반한 블라인드 서명인 블라인드 XTR-DSA 스킴을 이용하여 전자화폐 시스템에서 블랙메일링 공격을 막는 방법을 제안한다. 인출과정에서 은행이 블라인드 XTR-DSA 스킴을 이용하여 서명을 하면 효과적으로 블랙메일러에게 표시된 화폐를 발행할 수 있다. 기존의 방법에서는 블랙메일러에게 표시된 화폐를 발행하기 위해 사용자의 개인키를 은행에 전달해야했으나 본 논문에서 제안하는 블라인드 XTR-DSA 스킴을 이용할 경우 사용자의 개인키 전달이 필요 없게 되어 기존의 방법보다 더욱 효율적이다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.12 no.6
• /
• pp.125-135
• /
• 2002

The electronic payment system based on blind signature is susceptible to the blackmailing attack as opposed to keep the lifestyle of users private. In this paper. we suggest an efficient electronic cash system using a blind XTR-DSA scheme, which improves the method of defeating blackmailing in online electronic cash systems of ［6,9］. In case of blackmailing, to issue the marked coins we use the blind XTR-DSA scheme at withdrawal. In ［6,9］, to cheat the blackmailer who takes the marked coins the decryption key of a user had to be transferred to the Bank. But in our proposed method the delivery of the decryption key is not required. Also, in the most serious attack of blackmailing. kidnapping, we can defeat blackmailing with a relatively high probability of 13/18 compared with 1/2 in ［9］ and 2/3 in ［6］. If an optimal extension field of XTR suggested in ［7］ is used, then we can implement our system more efficiently.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2002.11a
• /
• pp.571-574
• /
• 2002

Lenstra와 Verheul에 의해 주장된 XTR은 짧은 키 길이와 빠른 연산 속도의 장점을 가지고 있기 때문에 복잡한 연산에 유용하게 사용될 수 있다. 또한 본 서명자의 부재시 위임 서명자가 대신 서명할 수 있는 대리 서명은 본 서명자가 대리 서명시 사용 될 비밀 정보를 생성하여 대리 서명자에게 전송한다. 대리 서명자는 전송된 비밀 정보의 유용성을 판별한 후 유용하다면 이 정보를 사용하여 서명하게 된다. 이러한 대리 서명 과정에서 발생하는 연산들은 XTR을 이용하여 속도의 향상을 가져올 수 있고, 짧은 키 길이로 동일한 안정성을 가진다. 따라서 유선에서 뿐만 아니라 무선에서도 효율성을 가질 수 있다.

• Review of KIISC
• /
• v.13 no.4
• /
• pp.80-87
• /
• 2003

최근 무선 인터넷의 발달과 함께 제약사항이 많은 무선 단말기에 적용 가능한 암호학적 알고리즘들의 필요성이 대두되었다. 그 중 2000년 Lenstra에 의해 제안된 XTR은 GF$p^{(6)}$상의 서브그룹(subgroup)에서 안전한 암호 연산을 수행하며, 기존의 알고리즘에 비해 파라미터 선택과, 원소들의 트레이스(trace)를 이용한 효율적인 암호 연산으로 인해 무선 단말기 환경에 적용되기에 알맞다. 본 고에서는 XTR 공개키 알고리즘의 개념과 수학적인 배경에 대해 연구하고, 현재까지 제안된 XTR 공개키 암호 알고리즘의 효율성을 분석하여 앞으로 무선 환경에서의 응용분야를 논한다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.12 no.6
• /
• pp.17-28
• /
• 2002

XTR is a new method to represent elements of a subgroup of a multiplicative group of a finite field GF( $p^{6m}$) and it can be generalized to the field GF( $p^{6m}$)$^{[6,9]}$ This paper progress optimal extention fields for XTR among Galois fields GF ( $p^{6m}$) which can be aplied to XTR. In order to select such fields, we introduce a new notion of Generalized Opitimal Extention Fields(GOEFs) and suggest a condition of prime p, a defining polynomial of GF( $p^{2m}$) and a fast method of multiplication in GF( $p^{2m}$) to achieve fast finite field arithmetic in GF( $p^{2m}$). From our implementation results, GF( $p^{36}$ )longrightarrowGF( $p^{12}$ ) is the most efficient extension fields for XTR and computing Tr( $g^{n}$ ) given Tr(g) in GF( $p^{12}$ ) is on average more than twice faster than that of the XTR system on Pentium III/700MHz which has 32-bit architecture.$^{［6,10］/ ［6,10］/6,10］}$

• Journal of the Korea Society of Computer and Information
• /
• v.9 no.2
• /
• pp.105-113
• /
• 2004

If the protocol has fast operations and short key length, it can be efficient user authentication protocol Lenstra and Verheul proposed XTR. XTR have short key length and fast computing speed. Therefore, this can be used usefully in complex arithmetic. In this paper, to design efficient user authentication protocol we used a subgroup of Galois Field to problem domain. Proposed protocol does not use GF($p^6$) that is existent finite field, and uses GF($p^2$) that is subgroup and solves problem. XTR-ElGamal based user authentication protocol reduced bit number that is required when exchange key by doing with upside. Also, Proposed protocol provided easy calculation and execution by reducing required overhead when calculate. In this paper, we designed authentication protocol that is required to do user authentication.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.12 no.1
• /
• pp.55-66
• /
• 2002

Electronic cash system based on anonymous coins have been invented by David Chaum. However, von Solms and Naccache discovered that such anonymous coins also very well suited to support criminals in Blacoailing. In this paper, we suggest a method that a client informs a bank of the information about blackmailing attack by using Schnorr identification protocol of XTR version at the stage of identification, whenever he is blackmailed. In general, blackmailing is the most serious among the various drawbacks of electronic cash system. Especially, blackmiling to be done when the client is kidnapped brings a fatal result to electronic cash system. But if the Schnorr identification protocol of XTR version is used, we can efficiently defeat blackmailing without assumption required in the existing method to defeat blackmailing.

• The Journal of Society for e-Business Studies
• /
• v.9 no.1
• /
• pp.209-220
• /
• 2004

If protocol has fast operations and short key length, it can be efficient user authentication protocol. Lenstra and Verheul proposed XTR. XTR have short key length and fast computing speed. Therefore, this can be used usefully in complex arithmetic. In this paper, to design efficient user authentication protocol we used a subgroup of Galois Field to problem domain. Proposed protocol does not use GF(p/sup 6/) that is existent finite field, and uses GF(p²) that is subgroup and solves problem. XTR-ElGamal based user authentication protocol reduced bit number that is required when exchange key by doing with upside. Also, proposed protocol provided easy calculation and execution by reducing required overhead when calculate. In this paper, we designed authentication protocol with y/sub i/ = g/sup b.p/sup 2(i-1)//ㆍv mol q, 1(equation omitted) 3 that is required to do user authentication.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2001.11a
• /
• pp.432-436
• /
• 2001

본 논문에서는 XTR을 이용해 Schnorr 개인식별 프로토콜을 구성하여 블랙메일링 공격이 있을 경우에 은행에게 블랙메일링 공격에 대한 정보를 개인식별 과정에서 알려주는 방법을 제안한다. 본 논문에서 제안한 XTR 버전의 Schnorr 개인식별 프로토콜을 사용하면 기존의 방법들이 블랙메일링 공격을 막기 위해 필요로 하는 가정들을 사용하지 않고도 효과적으로 블랙메일링 공격을 막을 수 있는 새로운 방법이 된다.