• Title, Summary, Keyword: cryptographic

Search Result 730, Processing Time 0.03 seconds

Efficient Bit-Parallel Multiplier for Binary Field Defind by Equally-Spaced Irreducible Polynomials (Equally Spaced 기약다항식 기반의 효율적인 이진체 비트-병렬 곱셈기)

  • Lee, Ok-Suk;Chang, Nam-Su;Kim, Chang-Han;Hong, Seok-Hie
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.18 no.2
    • /
    • pp.3-10
    • /
    • 2008
  • The choice of basis for representation of element in $GF(2^m)$ affects the efficiency of a multiplier. Among them, a multiplier using redundant representation efficiently supports trade-off between the area complexity and the time complexity since it can quickly carry out modular reduction. So time of a previous multiplier using redundant representation is faster than time of multiplier using others basis. But, the weakness of one has a upper space complexity compared to multiplier using others basis. In this paper, we propose a new efficient multiplier with consideration that polynomial exponentiation operations are frequently used in cryptographic hardwares. The proposed multiplier is suitable fer left-to-right exponentiation environment and provides efficiency between time and area complexity. And so, it has both time delay of $T_A+({\lceil}{\log}_2m{\rceil})T_x$ and area complexity of (2m-1)(m+s). As a result, the proposed multiplier reduces $2(ms+s^2)$ compared to the previous multiplier using equally-spaced polynomials in area complexity. In addition, it reduces $T_A+({\lceil}{\log}_2m+s{\rceil})T_x$ to $T_A+({\lceil}{\log}_2m{\rceil})T_x$ in the time complexity.($T_A$:Time delay of one AND gate, $T_x$:Time delay of one XOR gate, m:Degree of equally spaced irreducible polynomial, s:spacing factor)

Design of Systolic Multipliers in GF(2$^{m}$ ) Using an Irreducible All One Polynomial (기약 All One Polynomial을 이용한 유한체 GF(2$^{m}$ )상의 시스톨릭 곱셈기 설계)

  • Gwon, Sun Hak;Kim, Chang Hun;Hong, Chun Pyo
    • The Journal of Korean Institute of Communications and Information Sciences
    • /
    • v.29 no.8C
    • /
    • pp.1047-1054
    • /
    • 2004
  • In this paper, we present two systolic arrays for computing multiplications in CF(2$\^$m/) generated by an irreducible all one polynomial (AOP). The proposed two systolic mays have parallel-in parallel-out structure. The first systolic multiplier has area complexity of O(㎡) and time complexity of O(1). In other words, the multiplier consists of m(m+1)/2 identical cells and produces multiplication results at a rate of one every 1 clock cycle, after an initial delay of m/2+1 cycles. Compared with the previously proposed related multiplier using AOP, our design has 12 percent reduced hardware complexity and 50 percent reduced computation delay time. The other systolic multiplier, designed for cryptographic applications, has area complexity of O(m) and time complexity of O(m), i.e., it is composed of m+1 identical cells and produces multiplication results at a rate of one every m/2+1 clock cycles. Compared with other linear systolic multipliers, we find that our design has at least 43 percent reduced hardware complexity, 83 percent reduced computation delay time, and has twice higher throughput rate Furthermore, since the proposed two architectures have a high regularity and modularity, they are well suited to VLSI implementations. Therefore, when the proposed architectures are used for GF(2$\^$m/) applications, one can achieve maximum throughput performance with least hardware requirements.

Construction of UOWHF based on Block Cipher (유니버설 일방향 해쉬 함수에 대한 블록 암호 기반 구성 방법)

  • 이원일
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.14 no.1
    • /
    • pp.101-111
    • /
    • 2004
  • Preneel, Govaerts, and Vandewalle considered the 64 basic ways to construct a collision resistant hash function from a block cipher. They regarded 12 of these 64 schemes as secure, though no proofs or formal claims were given. Black, Rogaway, and Shrimpton presented a more proof-centric look at the schemes from PGV. They proved that, in the black box model of block cipher, 12 of 64 compression functions are CRHFs and 20 of 64 extended hash functions are CRHFs. In this paper, we present 64 schemes of block-cipher-based universal one way hash functions using the main idea of PGV and analyze these schemes in the black box model. We will show that 30 of 64 compression function families UOWHF and 42 of 64 extended hash function families are UOWHF. One of the important results is that, in this black box model, we don't need the mask keys for the security of UOWHF in contrast with the results in general security model of UOWHF. Our results also support the assertion that building an efficient and secure UOWHF is easier than building an efficient and secure CRHF.

Entity Authentication Scheme for Secure WEB of Things Applications (안전한 WEB of Things 응용을 위한 개체 인증 기술)

  • Park, Jiye;Kang, Namhi
    • The Journal of Korean Institute of Communications and Information Sciences
    • /
    • v.38B no.5
    • /
    • pp.394-400
    • /
    • 2013
  • WoT (Web of Things) was proposed to realize intelligent thing to thing communications using WEB standard technology. It is difficult to adapt security protocols suited for existing Internet communications into WoT directly because WoT includes LLN(Low-power, Lossy Network) and resource constrained sensor devices. Recently, IETF standard group propose to use DTLS protocol for supporting security services in WoT environments. However, DTLS protocol is not an efficient solution for supporting end to end security in WoT since it introduces complex handshaking procedures and high communication overheads. We, therefore, divide WoT environment into two areas- one is DTLS enabled area and the other is an area using lightweight security scheme in order to improve them. Then we propose a mutual authentication scheme and a session key distribution scheme for the second area. The proposed system utilizes a smart device as a mobile gateway and WoT proxy. In the proposed authentication scheme, we modify the ISO 9798 standard to reduce both communication overhead and computing time of cryptographic primitives. In addition, our scheme is able to defend against replay attacks, spoofing attacks, select plaintext/ciphertext attacks, and DoS attacks, etc.

2-Subset Difference Broadcast Encryption System Based on Secret Sharing Method (비밀분산 기반의 2-Subset Difference 브로드캐스트 암호시스템)

  • Lee, Jae Hwan;Park, Jong Hwan
    • Journal of Broadcast Engineering
    • /
    • v.20 no.4
    • /
    • pp.580-597
    • /
    • 2015
  • Broadcast encryption system is a cryptographic primitive that enables a sender to broadcast a message to a set of receivers in a secure channel. Out of previous proposed broadcast encryption systems, the most effective is the one that uses the Subset Difference(SD) method in a binary tree structure. The SD method has been realized by two underlying approaches: Pseudo-Random Generator(PRG) and Secret Sharing(SS). 2-SD method is the generalized version of the SD method by which two subsets of revoked receivers can be dealt with by one subset (in an SD-based broadcast encryption system). The primary advantage of the 2-SD method is to further reduce the size of transmission overhead, compared to the SD method. Until now, however, there is no known broadcast encryption system that is based on such a 2-SD technique using either PRG or SS basis. In this paper, we suggest a new 2-SD broadcast encryption system using the SS-based technique that was suggested by Jae Hwan Lee et al. in 2014[9]. The new system can reduce the size of ciphertext by 25% of the one in the previous SS-based broadcast encryption system. Also, on a theoretical note, ours is the first 2-SD broadcast encryption system that is provably secure.

Broadcast Encryption System Using Secret Sharing and Subset Difference Methods (비밀분산 기법과 Subset Difference 기법을 이용한 브로드캐스트 암호시스템)

  • Lee, Jae Hwan;Park, Jong Hwan
    • Journal of Broadcast Engineering
    • /
    • v.20 no.1
    • /
    • pp.92-109
    • /
    • 2015
  • Broadcast encryption is a cryptographic primitive that allows a sender to securely broadcast a message to a set of receivers. The most influential broadcast encryption system was proposed in 2001 by Naor, Naor, Lotspiech, based on a pseudo-random generator and the Subset Difference (SD) method. In this paper, we suggest a new broadcast encryption system that is based on secret sharing and SD methods. On an efficiency aspect, our system achieves O(r) transmission cost, O($log^2n$) storage cost, and O(1) computational cost for the number n of users and the number r of revoked users. Compared to O(log n) computational cost in the previous SD method, our system has the advantage that it needs only constant-sized computational cost for decryption, regardless of the number n or r. On a security aspect, our system can achieve tighter security reduction than the previous SD method and the gap of security loss is about O(n log n). Moreover, our result shows that it is possible to give the effect of the SD method while using an information-theoretically secure key distribution technique as in the Complete Subtree method.

Study on implementation of Secure HTML5 Local Storage (안전한 HTML5 로컬스토리지 구현에 대한 연구)

  • Myeong, Hee-Won;Paik, Jung-Ha;Lee, Dong-Hoon
    • Journal of Internet Computing and Services
    • /
    • v.13 no.4
    • /
    • pp.83-93
    • /
    • 2012
  • HTML5 has developed not to have browser dependancy considering interoperability as same as maintaining compatability with lower versions of HTML. HTML5, the newest web standardization is on going of being structured. Along with the smart phone boom, HTML5 is spotlighted because it can be applied to cross platforms in mobile web environments. Specially the local Storage that has been listed in new features in HTML5 supports offline function for web application that enables web application to be run even when the mobile is not connected to 3G or wifi. With Local storage, development of server-independent web application can be possible. However Local storage stores plaintext data in it without applying any security measure and this makes the plaintext data dangerous to security threats that are already exist in other client side storages like Cookie. In the paper we propose secure Local storage methods to offer a safe way to store and retrieve data in Local storage guaranteeing its performance. Suggested functions in this paper follow localStorage standard API and use a module that provide cryptographic function. We also prove the efficiency of suggested secure Local storage based on its performance evaluation with implementation.

Analysis of Blockchain Platforms from the Viewpoint of Privacy Protection (프라이버시 보호 관점에서의 블록체인 플랫폼 분석)

  • Park, Ji-Sun;Shin, Sang Uk
    • Journal of Internet Computing and Services
    • /
    • v.20 no.6
    • /
    • pp.105-117
    • /
    • 2019
  • Bitcoin, which can be classified as a cryptocurrency, has attracted attention from various industries because it is an innovative digital currency and the beginning of a Blockchain system. However, as the research on Bitcoin progressed, several security vulnerabilities and possible attacks were analyzed. Among them, the security problem caused by the transparency of the Blockchain database prevents the Blockchain system from being applied to various fields. This vulnerability is further classified as the weak anonymity of participating nodes and privacy problem due to disclosure of transaction details. In recent years, several countermeasures have been developed against these vulnerabilities. In this paper, we first describe the main features of the public and private Blockchain, and explain privacy, unlinkability and anonymity. And, three public Blockchain platforms, Dash, Zcash and Monero which are derived from Bitcoin, and Hyperledger Fabric which is a private Blockchain platform, are examined. And we analyze the operating principles of the protocols applied on each platform. In addition, we classify the applied technologies into anonymity and privacy protection in detail, analyze the advantages and disadvantages, and compare the features and relative performance of the platforms based on the computational speed of the applied cryptographic mechanisms.

High-Speed Implementation and Efficient Memory Usage of Min-Entropy Estimation Algorithms in NIST SP 800-90B (NIST SP 800-90B의 최소 엔트로피 추정 알고리즘에 대한 고속 구현 및 효율적인 메모리 사용 기법)

  • Kim, Wontae;Yeom, Yongjin;Kang, Ju-Sung
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.28 no.1
    • /
    • pp.25-39
    • /
    • 2018
  • NIST(National Institute of Standards and Technology) has recently published SP 800-90B second draft which is the document for evaluating security of entropy source, a key element of a cryptographic random number generator(RNG), and provided a tool implemented on Python code. In SP 800-90B, the security evaluation of the entropy sources is a process of estimating min-entropy by several estimators. The process of estimating min-entropy is divided into IID track and non-IID track. In IID track, the entropy sources are estimated only from MCV estimator. In non-IID Track, the entropy sources are estimated from 10 estimators including MCV estimator. The running time of the NIST's tool in non-IID track is approximately 20 minutes and the memory usage is over 5.5 GB. For evaluation agencies that have to perform repeatedly evaluations on various samples, and developers or researchers who have to perform experiments in various environments, it may be inconvenient to estimate entropy using the tool and depending on the environment, it may be impossible to execute. In this paper, we propose high-speed implementations and an efficient memory usage technique for min-entropy estimation algorithm of SP 800-90B. Our major achievements are the three improved speed and efficient memory usage reduction methods which are the method applying advantages of C++ code for improving speed of MultiMCW estimator, the method effectively reducing the memory and improving speed of MultiMMC by rebuilding the data storage structure, and the method improving the speed of LZ78Y by rebuilding the data structure. The tool applied our proposed methods is 14 times faster and saves 13 times more memory usage than NIST's tool.

Performance Analysis and Comparison of Stream Ciphers for Secure Sensor Networks (안전한 센서 네트워크를 위한 스트림 암호의 성능 비교 분석)

  • Yun, Min;Na, Hyoung-Jun;Lee, Mun-Kyu;Park, Kun-Soo
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.18 no.5
    • /
    • pp.3-16
    • /
    • 2008
  • A Wireless Sensor Network (WSN for short) is a wireless network consisting of distributed small devices which are called sensor nodes or motes. Recently, there has been an extensive research on WSN and also on its security. For secure storage and secure transmission of the sensed information, sensor nodes should be equipped with cryptographic algorithms. Moreover, these algorithms should be efficiently implemented since sensor nodes are highly resource-constrained devices. There are already some existing algorithms applicable to sensor nodes, including public key ciphers such as TinyECC and standard block ciphers such as AES. Stream ciphers, however, are still to be analyzed, since they were only recently standardized in the eSTREAM project. In this paper, we implement over the MicaZ platform nine software-based stream ciphers out of the ten in the second and final phases of the eSTREAM project, and we evaluate their performance. Especially, we apply several optimization techniques to six ciphers including SOSEMANUK, Salsa20 and Rabbit, which have survived after the final phase of the eSTREAM project. We also present the implementation results of hardware-oriented stream ciphers and AES-CFB fur reference. According to our experiment, the encryption speeds of these software-based stream ciphers are in the range of 31-406Kbps, thus most of these ciphers are fairly acceptable fur sensor nodes. In particular, the survivors, SOSEMANUK, Salsa20 and Rabbit, show the throughputs of 406Kbps, 176Kbps and 121Kbps using 70KB, 14KB and 22KB of ROM and 2811B, 799B and 755B of RAM, respectively. From the viewpoint of encryption speed, the performances of these ciphers are much better than that of the software-based AES, which shows the speed of 106Kbps.