Go to the main menu
Skip to content
Go to bottom
REFERENCE LINKING PLATFORM OF KOREA S&T JOURNALS
> Journal Vol & Issue
Journal of the Korea Institute of Information Security and Cryptology
Journal Basic Information
Journal DOI :
Korea Institutes of Information Security and Cryptology
Editor in Chief :
Volume & Issues
Volume 12, Issue 6 - Dec 2002
Volume 12, Issue 5 - Oct 2002
Volume 12, Issue 4 - Aug 2002
Volume 12, Issue 3 - Jun 2002
Volume 12, Issue 2 - Apr 2002
Volume 12, Issue 1 - Feb 2002
Selecting the target year
A fast scalar multiplication on elliptic curves
Journal of the Korea Institute of Information Security and Cryptology, volume 12, issue 2, 2002, Pages 3~10
For efficient implementation of scalar multiplication in Kobliz elliptic curves, Frobenius endomorphism is useful. Instead of binary expansion of scalar, using Frobenius expansion of scalar we can speed up scalar multiplication and so fast scalar multiplication is closely related to the expansion length of integral multipliers. In this paper we propose a new idea to reduce the length of Frobenius expansion of integral multipliers of scalar multiplication, which makes speed up scalar multiplication. By using the element whose norm is equal to a prime instead of that whose norm is equal to the order of a given elliptic curve we optimize the length of the Frobenius expansion. It can reduce more the length of the Frobenius expansion than that of Solinas, Smart.
New Cyclic Relative Difference Sets Constructed from d-Homogeneous Functions with Difference-balanced Property
Journal of the Korea Institute of Information Security and Cryptology, volume 12, issue 2, 2002, Pages 11~20
In this paper, for many prime power q, it is shown that new cyclic relative difference sets with parameters (equation omitted) can be constructed by using d-homogeneous functions on
with difference-balanced property, where
is a finite field with
elements. Several new cyclic relative difference sets with parameters (equation omitted) are constructed by using p-ary sequences of period
-1 with ideal autocorrelation property introduced by Helleseth and Gong and d-form sequences.
Implementation of RSA modular exponentiator using Division Chain
Journal of the Korea Institute of Information Security and Cryptology, volume 12, issue 2, 2002, Pages 21~34
In this paper we propos a new hardware architecture of modular exponentiation using a division chain method which has been proposed in (2). Modular exponentiation using the division chain is performed by receding an exponent E as a mixed form of multiplication and addition with divisors d=2 or
and respective remainders r. This calculates the modular exponentiation in about
E multiplications on average which is much less iterations than
E of conventional Binary Method. We designed a linear systolic array multiplier with pipelining and used a horizontal projection on its data dependence graph. So, for k-bit key, two k-bit data frames can be inputted simultaneously and two modular multipliers, each consisting of k/2+3 PE(Processing Element)s, can operate in parallel to accomplish 100% throughput. We propose a new encoding scheme to represent divisors and remainders of the division chain to keep regularity of the data path. When it is synthesized to ASIC using Samsung 0.5 um CMOS standard cell library, the critical path delay is 4.24ns, and resulting performance is estimated to be abort 140 Kbps for a 1024-bit data frame at 200Mhz clock In decryption process, the speed can be enhanced to 560kbps by using CRT(Chinese Remainder Theorem). Futhermore, to satisfy real time requirements we can choose small public exponent E, such as 3,17 or
, in encryption and verification process. in which case the performance can reach 7.3Mbps.
Implementation of RSA Exponentiator Based on Radix-
Modular Multiplication Algorithm
Journal of the Korea Institute of Information Security and Cryptology, volume 12, issue 2, 2002, Pages 35~44
In this paper, an implementation method of RSA exponentiator based on Radix-
modular multiplication algorithm is presented and verified. We use Booth receding algorithm to implement Radix-
modular multiplication and implement radix-16 modular multiplier using 2K-byte memory and CSA(carry-save adder) array - with two full adder and three half adder delays. For high speed final addition we use a reduced carry generation and propagation scheme called pseudo carry look-ahead adder. Furthermore, the optimum value of the radix is presented through the trade-off between the operating frequency and the throughput for given Silicon technology. We have verified 1,024-bit RSA processor using Altera FPGA EP2K1500E device and Samsung 0.3
technology. In case of the radix-16 modular multiplication algorithm, (n+4+1)/4 clock cycles are needed and the 1,024-bit modular exponentiation is performed in 5.38ms at 50MHz.
Semi-systolic Architecture over GF
Journal of the Korea Institute of Information Security and Cryptology, volume 12, issue 2, 2002, Pages 45~52
In this contributions, we propose a new MSB(most significant bit) algorithm based on AOP(All One Polynomial) and two parallel semi-systolic architectures to computes
over finite field
. The proposed architectures are based on standard basis and use the property of irreducible AOP(All One Polynomial) which is all coefficients of 1. The proposed parallel semi-systolic architecture(PSM) has the critical path of
per cell and the latency of m+1. The modified parallel semi-systolic architecture(WPSM) has the critical path of
per cell and has the same latency with PSM. The proposed two architectures, PSM and MPSM, have a low latency and a small hardware complexity compared to the previous architectures. They can be used as a basic architecture for exponentiation, division, and inversion. Since the proposed architectures have regularity, modularity and concurrency, they are suitable for VLSI implementation. They can be used as a basic architecture for algorithms, such as the Diffie-Hellman key exchange scheme, the Digital Signature Algorithm(DSA), and the ElGamal encryption scheme which are needed exponentiation operation. The application of the algorithms can be used cryptosystem implementation based on elliptic curve.
An Efficient Hardware Implementation of AES Rijndael Block Cipher Algorithm
Journal of the Korea Institute of Information Security and Cryptology, volume 12, issue 2, 2002, Pages 53~64
This paper describes a design of cryptographic processor that implements the AES (Advanced Encryption Standard) block cipher algorithm, "Rijndael". An iterative looping architecture using a single round block is adopted to minimize the hardware required. To achieve high throughput rate, a sub-pipeline stage is added by dividing the round function into two blocks, resulting that the second half of current round function and the first half of next round function are being simultaneously operated. The round block is implemented using 32-bit data path, so each sub-pipeline stage is executed for four clock cycles. The S-box, which is the dominant element of the round block in terms of required hardware resources, is designed using arithmetic circuit computing multiplicative inverse in GF(
) rather than look-up table method, so that encryption and decryption can share the S-boxes. The round keys are generated by on-the-fly key scheduler. The crypto-processor designed in Verilog-HDL and synthesized using 0.25-
CMOS cell library consists of about 23,000 gates. Simulation results show that the critical path delay is about 8-ns and it can operate up to 120-MHz clock Sequency at 2.5-V supply. The designed core was verified using Xilinx FPGA board and test system.
Full-Round Differential Attack on the Original Version of the Hash Function Proposed at PKC'98
Journal of the Korea Institute of Information Security and Cryptology, volume 12, issue 2, 2002, Pages 65~76
Shin et al. proposed the new hash function with 160-bit output length at PKC'98. This hash function is based on the advantages of the existing hash functions, such as SHA-1, RIPEMD-160, HAVAL, and etc.
Recently, Han et al. cryptanalyzed the hash function proposed at PKC'98 and proposed the method finding a collision pair with
probability at FSE 2002, supposing that boolean functions satisfy SAC(Strict Avalanche Criterian).
This paper improves the method and shows that we can find a collision pair from the original version of the hash function with
probability through the improved method. And we point out that the problem of the function comes from shift values dependent on message.
Design and Implementation of High-Speed Certification Path Discovery on Enterprise PKI
Journal of the Korea Institute of Information Security and Cryptology, volume 12, issue 2, 2002, Pages 77~87
In the field of secure information systems including electronic commercials, public key infrastructure(PKI) is widely used for secure services. The more PKI domains are established, the more needs we required for cross-domain certifications. Furthermore, each country has many certificate authorities(CA) which requires more complex cross certification. We may need a fast algorithm in order to fad the possible certification paths. This will be more indispensible in the growing PKI systems. Thus, in this paper we design a high-speed certification path discovery algorithm and implement it. Also we investigate the feature of operation of the system.
A Group Key Management Architecture in Mobile Network Environments
Journal of the Korea Institute of Information Security and Cryptology, volume 12, issue 2, 2002, Pages 89~100
In this paper, we propose a group key management architecture for the secure group communications in mobile netwowrks and authenticated key agreement protocol for this system. Most of existing group key management schemes un certificates based on the public key for the purpose of user authentication and key agreement in secure fashion however, we use the ICPK(Implicitly Certified Public key) to reduce the bandwidth for a certificate exchanging and to improve a computational efficiency. In this architecture, we use two-tier approach to deal with key management where the whole group is divided into two parts; the first is a cell groups consisted of mobile hosts and another is a control group consisted of cell group managers. This approach can provide flexibility of key management such that the affection for a membership change is locally restricted to the cell group which is an autonomous area of the CGM(Cell Group Manager).
A Study on Standards for Performance Evaluation of Biometric Recognition Systems
Journal of the Korea Institute of Information Security and Cryptology, volume 12, issue 2, 2002, Pages 101~110
The purpose of this research is to establish Korean standards of best practice and common criteria for testing and evaluating the performance of biometric recognition systems. First of all, research activities in leading countries such as USA, Great Britain and Germany have been studied and analyzed. Then, the standards of best practice and common criteria are proposed in the aspects of sensors, algorithms, and application systems. The results of this work will be utilized fur test and evaluation of commercial biometric products by KISA and provided to private industries for their own evaluation of products.
Integrated Security Manager with AgEnt-based vulnerability scanner automatically generating vulnerability analysis code(ISMAEL)
Journal of the Korea Institute of Information Security and Cryptology, volume 12, issue 2, 2002, Pages 111~122
Malicious attackers generally attempt to intrude the target systems by taking advantage of existing system vulnerabilities and executing readily available code designed to exploit blown vulnerabilities. To the network security administrators, the rat and minimal step in providing adequate network security is to identify existing system vulnerabilities and patch them as soon as possible. Network-based vulnerability analysis scanners (NVAS), although widely used by network security engineers, have shortcomings in that they depend on limited information that is available and generally do not have access to hast-specific information. Host-based vulnerability analysis scanner (HVAS) can serve as an effective complement to NVAS. However, implementations of HVAS differ from one platform to another and from one version to another. Therefore, to security engineers who often have to maintain a large number of heterogeneous network of hosts, it is impractical to develop and manage a large number of HVAS. In this paper, we propose an agent-based architecture named ISMAEL and describe its prototype implementation. Manager process provides various agent processes with descriptiom on vulnerabilities to check, and an agent process automatically generates, compiles, and executes an Java code to determine if the target system is vulnerable or not. The result is sent back to the manager process, and data exchange occurs in % format. Such architecture provides maximal portability when managing a group of heterogeneous hosts and vulnerability database needs to be kept current because the manager process need not be modified, and much of agent process remains unchanged. We have applied the prototype implementation of ISMAEL and found it to be effective.
A Study on Secure Kerberos Authentication using Trusted Authority in Network Structure
Journal of the Korea Institute of Information Security and Cryptology, volume 12, issue 2, 2002, Pages 123~133
In Network Environment, Kerberos certification mechanism to require Kerberos server in other area unconditionally belief. Also, Kerberos server in cooperation area must be share server of other area and secret key. To solve these two problems, this paper proposed safe security mechanism of doing to ably IETF CAT's PKINIT/PKCROSS a1gorithm with Public Key Infrastructure and use Directory System and service between realms do trust and prove each Kerberos trust center base. Also, Although Kerberos server of each area must be foreknowing each server's secret key and public key, Obtain through Trust center and acquire each area's public key and common symmetric key, Application server excluded process that must register key in Key Distribution Center.
A Secure Active Packet Transfer using Cryptographic Techniques
Journal of the Korea Institute of Information Security and Cryptology, volume 12, issue 2, 2002, Pages 135~145
Active networks represent a new approach to network architecture. Nodes(routers, switches, etc.) can perform computations on user data, while packets can carry programs to be executed on nodes and potentially change the state of them. While active networks provide a flexible network iufrastructure, they are more complex than traditional networks and raise considerable security problems. Nodes are Public resources and are essential to the proper and contract running of many important systems. Therefore, security requirements placed upon the computational environment where the code of packets will be executed must be very strict. Trends of research for active network security are divided into two categories: securing active nodes and securing active packets. For example, packet authentication or monitoring/control methods are for securing active node, but some cryptographic techniques are for the latter. This paper is for transferring active packets securely between active nodes. We propose a new method that can transfer active packets to neighboring active nodes securely, and execute executable code included in those packets in each active node. We use both public key cryptosystem and symmetric key cryptosystem in our scheme
On the security of SFLASH
Journal of the Korea Institute of Information Security and Cryptology, volume 12, issue 2, 2002, Pages 147~152
SFLASH, one of the asymmetric signature schemes in NESSIE project, was suggested and accepted in the fat phase. In the latest, results about attacking the affine parts of SFLASH was published. In this paper, we have that an attacker knowing one linear part and two affine parts can easily forge signatures for arbitrary messages without information of the other linear part and the secret suing. It follows that the security of SFLASH depends only on the linear par, which is used in the last step when a signature is being generated. Also, we show that an attacker can obtain partial information of the linear part by the forging method using hem public key and secret elements and we discuss the length of secret key.
A Study of Secure Mobile Multicast Architecture and Protocol based on Adaptive Service Mode
Journal of the Korea Institute of Information Security and Cryptology, volume 12, issue 2, 2002, Pages 153~172
In this paper, we propose an architecture and a protocol fur Secure Mobile Multicast(SMM) offering efficient and secure multicast services to many mobile nodes. In this framework, we use Indirect and Direct Service Mode adaptively, according to the movement of mobile nodes around the overlapped service area, to provide reliably secure multicast with low latency, minimum key update, and minimum data loss.