• Journal of applied mathematics & informatics
• /
• v.29 no.3_4
• /
• pp.869-877
• /
• 2011

In this paper, we propose an efficient two-flow zero-knowledge blind identification protocol on the elliptic curve cryptographic (ECC) system. A. Saxena et al. first proposed a two-flow blind identification protocol in 2005. But it has a weakness of the active-intruder attack and uses the pairing operation that causes slow implementation in smart cards. But our protocol is secure under such attacks because of using the hash function. In particular, it is fast because we don't use the pairing operation and consists of only two message flows. It does not rely on any underlying signature or encryption scheme. Our protocol is secure assuming the hardness of the Discrete-Logarithm Problem in bilinear groups.

• Journal of Korea Multimedia Society
• /
• v.21 no.4
• /
• pp.485-492
• /
• 2018

Recently, the numerous authentication and key distribution protocol for NFC payment environment have been proposed using public key cryptosystems. However, these protocol are vulnerable to quantum computing attack because quantum computing can solve factoring and discrete logarithm problem effectively using Grover and Shor's algorithm. For these reason, the secure authentication and key distribution have become a very important security issue in order to prevent quantum computing attacks. Therefore, to ensure user's payment information and privacy, we propose a secure quantum resistant authentication and key distribution protocol for NFC payment environments.

• Journal of Digital Contents Society
• /
• v.8 no.4
• /
• pp.631-637
• /
• 2007

In this paper, I propose an adaptive cryptographic protocol which is basic protocol for fair exchange of secrets. For this, I investigate the verifiable oblivious transfer protocol based on discrete logarithm problem proposed by Lein Harn etc. And I propose a new adaptive cryptographic protocol that has the additional funtions on the existing method. This proposed method has the additional functions that enable to authenticate sender and to protect denial of what he/she has sent message to the other. To do this, I make use of bit commitment scheme using pseudo-random sequence generator.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2003.11c
• /
• pp.1901-1904
• /
• 2003

이산대수 기반 암호 시스템은 도메인 구성상 공통의 도메인 파라미터(Domain parameter)를 사용하여, 다른 공개키 암호 시스템보다 키 분배의 경우 계산량이 적고 도메인 구성에 용이하다는 장점이 있다. 특히, 이러한 장점으로 다양한 환경에 적용 가능하도록 도메인을 구성한 수 있기 때문에 도메인 파라미터와 공개키/비밀키 쌍의 생성과 검증을 인증기관이 수행하거나 사용자가 수행함에 따라서 도메인의 구성에 많은 차이점이 나타난다. 본 논문에서는 도메인을 구성한 때 파라미터의 생성과 검증, 키 생성과 검증의 주체에 따른 장 단점을 분석하여 사용 환경에 적합한 시스템을 설계할 수 있도록 도메인 구성 방법에 대하여 기술한다.

• The Transactions of the Korea Information Processing Society
• /
• v.5 no.8
• /
• pp.2083-2090
• /
• 1998

In this paper, we propose two authentication exchange schemes which combine public key-based mutual authentication with a Diffie-Hellman key derivation exchange. The security of key exchange of the proposed schemes depends on the discrete logarithm problem. The ,securtly of the etity authentication depends on that of the signature mechanism to be used in the proposed scheme. In comparisun with the Kerberos, X.509 exchanges, and ISO 3-way authentication protocol, the proposed schemes are not only simple and efficient. but also are resistant to the full range of replay and interceptiun attacks.

• The Transactions of the Korea Information Processing Society
• /
• v.6 no.12
• /
• pp.3613-3621
• /
• 1999

In this paper, we analyzed the suity of key distribution protocol based on discrete logarithm for the purpose of designing key distribution protocol systematically. We also propose the efficient key agreement protocol with direct authentication. In comparison with Station-to-Station protocol, it provides the direct authentication using the Diffie-Hellman problem without signature.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2003.12a
• /
• pp.422-427
• /
• 2003

보안 시스템에서 비밀키 노출은 가장 심각한 문제 중 하나이며, 피할 수 없는 문제로 여겨진다. 최근에 키 전개(key-evolving) 패러다임이 비밀키 노출이 가져올 수 있는 피해를 최소화시키기 위한 수단으로 도입되었다. 이 패러다임에서는 프로토콜 전 구간이 여러 시간 구간으로 나누어진다. 시간 구간 i 에서 서명자는 비밀키 SK$_{j}$ 를 가지게 되며, 이를 주기적으로 갱신하게 된다. 반면 공개키 PK는 프로토콜 전 구간동안 변함이 없다. 이러한 개념을 기반으로 하여 본 논문에서는 안전한 비밀키 갱신이 가능한 Schnorr 형 서명 기법을 제시한다. 이 서명 기법은 다음과 같은 특징을 갖는다. 만약 모든 시간 구간에 있는 비밀키들이 노출되지 않는다면, 아직 노출되지 않은 시간 구간의 서명을 위조할 수 없다. 즉, 모든 시간 구간의 비밀키를 알아야 어떤 시간 구간의 서명을 위조할 수 있다. 이 서명 기법은 위조 불가능하게 안전하며, 이산 로그 (Discrete Logarithm Problem)의 어려운 문제에 기반한 Schnorr 서명 기법에서 유도되었다.

• Proceedings of the Korean Information Science Society Conference
• /
• 2001.10a
• /
• pp.712-714
• /
• 2001

낮은 엔트로피의 패스워드를 이용하여 안전한 인증 및 키교환을 위해 Diffie-Hellman에 기반한 AMP(Authentication and key agreement via Memorable Password) 프로토콜이 제안되었다. 본 논문에서는 타원곡선 암호화가 가질수 있는 높은 보안성과 효율성을을 위해 타원곡선이산대수문제(Elliptic Curve Discrete Logarithm Problem)에 기반한 EC-AMP (Elliptic Curve-AMP)프로토콜을 제안한다. EC-AMP는 랜덤 오라클(random oracle) 모델에서 여러 가지 공격에 대해 안전하므로 인증 및 키교환이 필요한 네트워크 환경에 패스워드를 이용함으로 얻을수 있는 편의성과 타원곡선이산대수문제가 제공하는 안전성을 보장할 수 있다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2015.10a
• /
• pp.763-766
• /
• 2015

Smart Healthcare System as an Open Platform (Shesop) is an integrated healthcare system and have several features, one of them is Steppy Application. Steppy does count your step and display on Shesop website. In this system security issues are not properly addressed, while Personal Health Record (PHR) patient stored in the cloud platform could be at risk. In fact, the huge electronic information available online, people needs reliable and effective technique for privacy preserving. In order to improve the security of data which are displayed on the Shesop website, so that anyone who access could not tamper without permission. Recently Xu et al. showed a pseudonym scheme using smart card as a solution in e-health systems which uses discrete logarithm problem with cyclic group. In this paper, we adopt their scheme and use it application into smartphone using Near Field Communication (NFC) to construct security in Steppy apps.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.13 no.3
• /
• pp.1546-1565
• /
• 2019

Signcryption schemes offer the possibility to simultaneously sign and encrypt a message. In order to guarantee the authentication of both signer and receiver in the most efficient way during the signcryption, certificate based solutions have been proposed in literature. We first compare into detail three recently proposed certificate based signcryption systems relying on the elliptic curve discrete logarithm problem and without the usage of compute intensive pairing operations. Next, we demonstrate how the performance of these certificate based systems can be improved by using the Elliptic Curve Qu Vanstone (ECQV) implicit certificates. What is more, generalized signcryption schemes are easily derived from these schemes and the anonymity feature of sender and receiver is already inherently included or can be very efficiently obtained without a significant additional cost.