• Title/Summary/Keyword: elliptic curve cryptography

Search Result 166, Processing Time 0.019 seconds

Scalable ECC Processor supporting multiple elliptic curves over prime field (소수체 상의 다중 타원곡선을 지원하는 Scalable ECC 프로세서)

  • Park, Byung-Gwan;Shin, Kyung-Wook
    • Proceedings of the Korean Institute of Information and Commucation Sciences Conference
    • /
    • 2017.10a
    • /
    • pp.247-249
    • /
    • 2017
  • NIST에서 표준으로 정의된 P-192, P-224, P-256, P-384 타원곡선 상의 스칼라 곱셈(scalar multiplication) 연산을 지원하는 Scalable 타원곡선 암호(Elliptic Curve Cryptography; ECC) 프로세서의 설계에 대해 기술한다. 투영(projective) 좌표계를 이용하여 하드웨어 자원 소모가 큰 나눗셈 연산을 제거하였으며, GF(p) 상의 덧셈, 뺄셈, 곱셈 등의 유한체 연산을 지원한다. 워드 기반 몽고메리 곱셈기를 이용하여 다양한 크기의 필드(field)에서 고정된 하드웨어 자원을 통하여 곱셈 연산을 수행하도록 하였으며, 필드의 크기에 따라 연산 사이클이 증가하거나 감소한다. 설계된 Scalable ECC 프로세서는 Verilog HDL로 모델링 되었으며, Modelsim을 이용한 기능검증을 하였다. Xilinx Virtex5 FPGA 디바이스 합성결과 5,376-비트 RAM과 970 슬라이스로 구현되었으며, 최대 55 MHz의 동작 주파수를 갖는다.

  • PDF

Design of Improved Authentication Protocol for Sensor Networks in IoT Environment (사물인터넷 환경에서 센서 네트워크에 대한 개선된 인증 프로토콜 설계)

  • Kim, Deuk-Hun;Kwak, Jin
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.25 no.2
    • /
    • pp.467-478
    • /
    • 2015
  • Recently interest in Internet of Things(IoT) is increasing, and a variety of the security technologies that are suitable for Internet of Things has being studied. Especially sensor network area of the device is an increased using and diversified for a low specification devices because of characteristic of the Internet of Things. However, there is difficulty in directly applying the security technologies such as the current authentication technologies to a low specification device, so also increased security threats. Therefore, authentication protocol between entities on the sensor network communication in Internet of Things has being studied. In 2014, Porambage et al. suggested elliptic curve cryptography algorithm based on a sensor network authentication protocol for advance security of Internet of Things environment, but it is vulnerability exists. Accordingly, in this paper, we analyze the vulnerability in elliptic curve cryptography algorithm based on authentication protocol proposed by Porambage et al. and propose an improved authentication protocol for sensor networks in Internet of Things environment.

Chameleon Hash-Based Mutual Authentication Protocol for Secure Communications in OneM2M Environments (OneM2M 환경에서 안전한 통신을 위한 카멜레온 해쉬 기반의 상호인증 프로토콜)

  • Kim, Sung-soo;Jun, Moon-seog;Choi, Do-hyeon
    • The Journal of Korean Institute of Communications and Information Sciences
    • /
    • v.40 no.10
    • /
    • pp.1958-1968
    • /
    • 2015
  • Things intelligence communication (M2M or IoT) service activation and global company of OneM2M-related business on aggressive investing and has led to the acceleration of change in the ICT market. But a variety of hacking security technology because of the possibility of secure communication (data exposure, theft, modification, deletion, etc.) has been issued as an important requirement. In this paper, we propose a mutual authentication protocol for secure communications chameleon hash based on the M2M environment. The results of performance analysis efficiency is encryption and decryption an average of 0.7%, calculated rate showed good results as compared to the target algorithm, equivalent to a 3%(Average 0.003 seconds) difference, mutual authentication and encryption region by using the key update advantage of ECC(Elliptic Curve Cryptography)based Chameleon hash function is signed of the operational efficiency, using a collision message verifiable properties demonstrated strong security of the communication section.

A High Performance Modular Multiplier for ECC (타원곡선 암호를 위한 고성능 모듈러 곱셈기)

  • Choe, Jun-Yeong;Shin, Kyung-Wook
    • Journal of IKEEE
    • /
    • v.24 no.4
    • /
    • pp.961-968
    • /
    • 2020
  • This paper describes a design of high performance modular multiplier that is essentially used for elliptic curve cryptography. Our modular multiplier supports modular multiplications for five field sizes over GF(p), including 192, 224, 256, 384 and 521 bits as defined in NIST FIPS 186-2, and it calculates modular multiplication in two steps with integer multiplication and reduction. The Karatsuba-Ofman multiplication algorithm was used for fast integer multiplication, and the Lazy reduction algorithm was adopted for reduction operation. In addition, the Nikhilam division algorithm was used for the division operation included in the Lazy reduction. The division operation is performed only once for a given modulo value, and it was designed to skip division operation when continuous modular multiplications with the same modulo value are calculated. It was estimated that our modular multiplier can perform 6.4 million modular multiplications per second when operating at a clock frequency of 32 MHz. It occupied 456,400 gate equivalents (GEs), and the estimated clock frequency was 67 MHz when synthesized with a 180-nm CMOS cell library.

Cloud Security and Privacy: SAAS, PAAS, and IAAS

  • Bokhari Nabil;Jose Javier Martinez Herraiz
    • International Journal of Computer Science & Network Security
    • /
    • v.24 no.3
    • /
    • pp.23-28
    • /
    • 2024
  • The multi-tenancy and high scalability of the cloud have inspired businesses and organizations across various sectors to adopt and deploy cloud computing. Cloud computing provides cost-effective, reliable, and convenient access to pooled resources, including storage, servers, and networking. Cloud service models, SaaS, PaaS, and IaaS, enable organizations, developers, and end users to access resources, develop and deploy applications, and provide access to pooled computing infrastructure. Despite the benefits, cloud service models are vulnerable to multiple security and privacy attacks and threats. The SaaS layer is on top of the PaaS, and the IaaS is the bottom layer of the model. The software is hosted by a platform offered as a service through an infrastructure provided by a cloud computing provider. The Hypertext Transfer Protocol (HTTP) delivers cloud-based apps through a web browser. The stateless nature of HTTP facilitates session hijacking and related attacks. The Open Web Applications Security Project identifies web apps' most critical security risks as SQL injections, cross-site scripting, sensitive data leakage, lack of functional access control, and broken authentication. The systematic literature review reveals that data security, application-level security, and authentication are the primary security threats in the SaaS model. The recommended solutions to enhance security in SaaS include Elliptic-curve cryptography and Identity-based encryption. Integration and security challenges in PaaS and IaaS can be effectively addressed using well-defined APIs, implementing Service Level Agreements (SLAs), and standard syntax for cloud provisioning.

Efficient Multi-Bit Encryption Scheme Using LWE and LWR (LWE와 LWR을 이용한 효율적인 다중 비트 암호화 기법)

  • Jang, Cho Rong;Seo, Minhye;Park, Jong Hwan
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.28 no.6
    • /
    • pp.1329-1342
    • /
    • 2018
  • Recent advances in quantum computer development have raised the issue of the security of RSA and elliptic curve cryptography, which are widely used. In response, the National Institute of Standards and Technology(NIST) is working on the standardization of public key cryptosystem which is secure in the quantum computing environment. Lattice-based cryptography is a typical post-quantum cryptography(PQC), and various lattice-based cryptographic schemes have been proposed for NIST's PQC standardization contest. Among them, EMBLEM proposed a new multi-bit encryption method which is more intuitive and efficient for encryption and decryption phases than the existing LWE-based encryption schemes. In this paper, we propose a multi-bit encryption scheme with improved efficiency using LWR assumption. In addition, we prove the security of our schemes and analyze the efficiency by comparing with EMBLEM and R.EMBLEM.

Efficient Design and Performance Analysis of a Hardware Right-shift Binary Modular Inversion Algorithm in GF(p)

  • Choi, Piljoo;Lee, Mun-Kyu;Kong, Jeong-Taek;Kim, Dong Kyue
    • JSTS:Journal of Semiconductor Technology and Science
    • /
    • v.17 no.3
    • /
    • pp.425-437
    • /
    • 2017
  • For efficient hardware (HW) implementation of elliptic curve cryptography (ECC), various sub-modules for the underlying finite field operations should be implemented efficiently. Among these sub-modules, modular inversion (MI) requires the most computation; therefore, its performance might be a dominant factor of the overall performance of an ECC module. To determine the most efficient MI algorithm for an HW ECC module, we implement various classes of MI algorithms and analyze their performance. In contrast to the common belief in previous research, our results show that the right-shift binary inversion (RS) algorithm performs well when implemented in hardware. In addition, we present optimization methods to reduce the area overhead and improve the speed of the RS algorithm. By applying these methods, we propose a new RS-variant that is both fast and compact. The proposed MI module is more than twice as fast as the other two classes of MI: shifting Euclidean (SE) and left-shift binary inversion (LS) algorithms. It consumes only 15% more area and even 5% less area than SE and LS, respectively. Finally, we show that how our new method can be applied to optimize an HW ECC module.

Improvement on Bailey-Paar's Optimal Extension Field Arithmetic (Bailey-Paar 최적확장체 연산의 개선)

  • Lee, Mun-Kyu
    • Journal of KIISE:Computer Systems and Theory
    • /
    • v.35 no.7
    • /
    • pp.327-331
    • /
    • 2008
  • Optimal Extension Fields (OEFs) are finite fields of a special form which are very useful for software implementation of elliptic curve cryptosystems. Bailey and Paar introduced efficient OEF arithmetic algorithms including the $p^ith$ powering operation, and an efficient algorithm to construct OEFs for cryptographic use. In this paper, we give a counterexample where their $p^ith$ powering algorithm does not work, and show that their OEF construction algorithm is faulty, i.e., it may produce some non-OEFs as output. We present improved algorithms which correct these problems, and give improved statistics for the number of OEFs.

Initial Authentication Protocol of Hadoop Distribution System based on Elliptic Curve (타원곡선기반 하둡 분산 시스템의 초기 인증 프로토콜)

  • Jeong, Yoon-Su;Kim, Yong-Tae;Park, Gil-Cheol
    • Journal of Digital Convergence
    • /
    • v.12 no.10
    • /
    • pp.253-258
    • /
    • 2014
  • Recently, the development of cloud computing technology is developed as soon as smartphones is increases, and increased that users want to receive big data service. Hadoop framework of the big data service is provided to hadoop file system and hadoop mapreduce supported by data-intensive distributed applications. But, smpartphone service using hadoop system is a very vulnerable state to data authentication. In this paper, we propose a initial authentication protocol of hadoop system assisted by smartphone service. Proposed protocol is combine symmetric key cryptography techniques with ECC algorithm in order to support the secure multiple data processing systems. In particular, the proposed protocol to access the system by the user Hadoop when processing data, the initial authentication key and the symmetric key instead of the elliptic curve by using the public key-based security is improved.

Zero-knowledge Based User Remote Authentication Over Elliptic Curve (타원곡선상의 영지식기반 사용자 원격인증 프로토콜)

  • Choi, Jongseok;Kim, Howon
    • KIPS Transactions on Computer and Communication Systems
    • /
    • v.2 no.12
    • /
    • pp.517-524
    • /
    • 2013
  • Although password-based authentication as known as knowledge-based authentication was commonly used but intrinsic problems such as dictionary attack remain unsolved. For that the study on possession-based authentication was required. User remote authentication using smartcard is proceeding actively since Lee et al. proposed user remote authentication using knowledge-based information(password) and possession-base information(smartcard) in 2002. in 2009, Xu et al. proposed a new protocol preserving user anonymity and Shin et al. proposed enhanced scheme with analysis of its vulnerabilities on user anonymity and masquerading attack in 2012. In this paper, we analyze Shin et al. scheme on forward secrecy and insider attack and present novel user authentication based on elliptic curve cryptosystem which is secure against forward secrecy, insider attack, user anonymity and masquerading attack.