RSA 공개키 알고리즘을 이용한 크립토시스템 설계

최재연 한국지식정보기술학회 2022 한국지식정보기술학회 논문지 Vol.17 No.2

The public key used in RSA encryption is openly registered in the public system so that other users of the system can send private messages, and the registrant of the public key has his or her own private key. The RSA authentication scheme is vulnerable to so-called 'chosen cryptogram attack'. This kind of attack can be applied to authentication of unpredictable messages only, the forger is forced to select cryptograms at random. The only known cryptosystem which can be adapted for both authentication and secrecy at the same time is the RSA system. The key to guaranteeing personal information in a public key cryptography system is that it is extremely difficult to derive a private key for decryption from a public key. In this paper, public and private keys are designed so that messages can be transmitted and received safely using the RSA algorithm exposed to various attacks. The proposed method shows relatively good performance in key generation, confidential data is very secure and reliable, and the proposed algorithm increases the randomness of the key used. This method provides more security due to random key generation and is more economical to develop compared to other public key encryption algorithms, and encryption algorithms consume significant amounts of computing resources such as CPU time, memory and battery power. However, this could be improved in the future by making this method compatible for encrypting multimedia data that must be transmitted securely over an unsecured channel. However, this could be improved in the future by making this method compatible for encrypting multimedia data that must be transmitted securely over an unsecured channel.

Duplication free public keys based on SIS-type problems

Lee, H.S.,Lee, J.,Lim, S. Academic Press 2017 Finite fields and their applications Vol.48 No.-

In the public key cryptography, we say that two public keys are duplicated if they share a private key in common. We point out that no duplicate public keys exist in the RSA public key scheme since there is a one-to-one correspondence between the set of problems and the set of solutions for integer factorization problem. Contrary to the integer factorization problem, there is no such one-to-one correspondence with Short Integer Solution (SIS)-type problems and this necessitates to study its effect on duplicate public keys of the schemes based on SIS. In this paper, we analyze the existence of duplicate public keys with four types of SIS problem: SIS, SIS with full rank solution set, basic Inhomogeneous SIS (ISIS), ISIS with the defining matrix A as a public parameter. As a result, we show that there is no provable way to exclude duplicate public keys of the schemes based on the basic SIS, basic ISIS, and SIS with a full rank solution set. However, we show that if A is given in the systematic form and the given set of solutions forms a matrix of rank (m-n) over Z<SUB>q</SUB>, then it guarantees duplication free public keys. We also prove that the schemes based on ISIS with the matrix A as a public parameter always guarantee duplication free public keys.

RSA와 타원곡선암호의 성능 비교 분석

최재연 한국지식정보기술학회 2024 한국지식정보기술학회 논문지 Vol.19 No.3

본 논문에서는 RSA와 타원곡선암호의 비교 분석을 제시한다. 현재 디지털 암호 및 공개 키 암호화 부문에서 많은 연구들은 RSA 기반 암호화 시스템으로 수행되고, 타원 곡선을 기반으로 한 암호화 시스템은 RSA 암호화 시스템의 대안으로 제시된다. RSA 암호 시스템의 보안은 정수 인수분해 문제(IFP)를 기반으로 하는 반면, 타원곡선암호의 보안은 타원 곡선의 이산 로그 문제를 기반으로 한다. 타원곡선암호에 대한 중요한 관심은 타원 곡선의 이산 로그 문제를 해결하는 가장 잘 알려진 알고리즘이 꽉찬 지수 시간이 걸리는 반면 RSA의 정수 인수분해 문제를 해결하는 데는 일부 지수 시간이 걸린다는 것이다. 동일 수준의 보안에서 RSA보다 타원곡선암호에서 훨씬 더 작은 매개변수를 사용할 수 있음을 입증한다. RSA 알고리즘에는 2048비트의 키 크기가 필요한 반면 타원곡선암호에는 224비트의 키 크기가 필요하다. 보안 수준 비트가 80비트, 112비트, 128비트, 192비트, 256비트 데이터에 대한 암호화 및 복호화 시간을 기준으로 RSA와 타원곡선암호의 성능을 비교분석하여 제시한다. 이 분석에 따르면 타원곡선암호는 RSA보다 적은 메모리를 사용하며 특히 메모리가 제한된 장치에서는 RSA보다 우수하다. In this paper, we present a comparative analysis of elliptic curve cryptography and RSA known as one of the public key encryption algorithm methods. Currently, much research in the field of digital cryptography and public key cryptography is conducted with encryption systems based on public key cryptography algorithms, and encryption systems based on elliptic curves are presented as an alternative to public key encryption systems. The efficiency of an encryption algorithm is determined by several parameters, one of which is the length of the key. In order to provide strong security, public key cryptography systems use larger key sizes, and larger key sizes allow degradation of processing performance. As a result, processing speed decreases and memory usage increases. The encryption algorithms with small key sizes and high security are increasingly required in the end. The security of public key cryptography systems is based on the integer factorization problem, while the security of elliptic curve cryptography is based on the discrete logarithm problem of elliptic curves. An important concern about elliptic curve cryptography is that the best known algorithms for solving the discrete logarithm problem of elliptic curves take full exponential time, while solving integer factorization in public key cryptography takes partial exponential time. We demonstrate that much smaller parameters can be used in elliptic curve cryptography than in public key cryptography systems at the same level of security. We present a comparative analysis of performance and security based on key length comparison and encryption and decryption time for data according to security strength in public key cryptography systems and elliptic curve cryptography.

공개키 공격에 안전한 비대칭 워터마킹

이덕(De Li),김종원(Jong-Weon Kim),최종욱(Jong-Uk Choi) 한국컴퓨터정보학회 2008 한국컴퓨터정보학회논문지 Vol.13 No.7

In this paper, we proposed an algorithm for an effective public key and private key generation to implement a secure asymmetric watermarking system against the public key attack. The public key and private key generation is based on the linear transformation using a special matrix and the keys are designed to be able to have high correlation value. We also proposed a counter plan of public key attack. This method uses a multiple public key generation and distribution. As the results, the correlation value between the public key and the private key is high in the watermarked image. After the public key attack. this can detect the correlation by using other public key.

불연계성을 갖는 다중 공개키 암호 시스템

박소영(Soyoung Park),이상호(Sang-Ho Lee) 대한전자공학회 2009 電子工學會論文誌-CI (Computer and Information) Vol.46 No.1

본 논문에서는 서로 다른 그룹 및 응용 서비스에서 다수의 아이디 기반 공개키를 사용하되, 하나의 복호키를 이용하여 각 공개키로 암호화된 암호문을 모두 복호화 할 수 있는 불연계성을 갖는 다중 아이디 기반 공개키 암호 시스템을 새롭게 제안한다. 공개키는 서로 불연계성을 갖기 때문에, 공격자가 알려진 공개키를 이용하여 사용자 정보나 행동 패턴을 수집하거나 추적할 수 없으므로, 사용자 프라이버시가 보장되고, 인증서를 필요로 하지 않을 뿐만 아니라, 아이디 기반 암호 스킴이 갖는 key escrow문제도 해결하였다. 반면에, 다수의 공개키에 대해서 하나의 복호키가 사용되므로, 복호키의 안전성을 제공하기 위해 복호키 갱신 프로토콜도 함께 제공한다. 마지막으로, 제안한 암호 시스템이 랜덤 오라클 모델에서 선택적 암호문 공격(adaptively chosen-ciphertext attack)에 대해 안전함을 증명한다. We newly propose a multiple and unlinkable identity-based public key encryption scheme which allows the use of a various number of identity-based public keys in different groups or applications while keeping a single decryption key so that the decryption key can decrypt every ciphertexts encrypted with those public keys. Also our scheme removes the use of certificates as well as the key escrow problem so it is functional and practical. Since our public keys are unlinkable, the user's privacy can be protected from attackers who collect and trace the user information and behavior using the known public keys. Furthermore, we suggest a decryption key renewal protocol to strengthen the security of the single decryption key. Finally, we prove the security of our scheme against the adaptive chosen-ciphertext attack under the random oracle model.

Quantum Public-key Cryptosystem without Quantum Channels between Any Two Users using Non-orthogonal States

Xiaoyu Li,Yuwen Chen 보안공학연구지원센터 2015 International Journal of Security and Its Applicat Vol.9 No.9

A quantum public-key cryptosystem without quantum channels between any two users using non-orthogonal states is provided in this paper. Every user keeps a set of quantum particles in non-orthogonal states in a key management center (KMC) as the public key while he or she keeps the states of them as the private key. By the help of KMC users can accomplish secret communication and message authentication. The laws of quantum physics guarantee the unconditional security of this cryptosystem. No entangled states or complex quantum operations are needed. On the other hand there are no quantum channels needed to connecting any two users. So the public-key cryptosystem is easier to carry out and more robust in practice.

Optical Asymmetric Cryptography Modifying the RSA Public-key Protocol

전석희,길상근 한국광학회 2020 Current Optics and Photonics Vol.4 No.2

A new optical asymmetric cryptosystem is proposed by modifying the asymmetric RSA public-key protocol required in a cryptosystem. The proposed asymmetric public-key algorithm can be optically implemented by combining a two-step quadrature phase-shifting digital holographic encryption method with the modified RSA public-key algorithm; then two pairs of public-private keys are used to encrypt and decrypt the plaintext. Public keys and ciphertexts are digital holograms that are Fourier-transform holograms, and are recorded on CCDs with 256-gray-level quantized intensities in the optical architecture. The plaintext can only be decrypted by the private keys, which are acquired by the corresponding asymmetric publickey-generation algorithm. Schematically, the proposed optical architecture has the advantage of producing a complicated, asymmetric public-key cryptosystem that can enhance security strength compared to the conventional electronic RSA public-key cryptosystem. Numerical simulations are carried out to demonstrate the validity and effectiveness of the proposed method, by evaluating decryption performance and analysis. The proposed method shows feasibility for application to an asymmetric public-key cryptosystem.

Password-Based Key Exchange Protocols for Cross-Realm

이영숙 (사)디지털산업정보학회 2009 디지털산업정보학회논문지 Vol.5 No.4

Authentication and key exchange are fundamental for establishing secure communication channels over public insecure networks. Password-based protocols for authenticated key exchange are designed to work even when user authentication is done via the use of passwords drawn from a small known set of values. There have been many protocols proposed over the years for password authenticated key exchange in the three-party scenario, in which two clients attempt to establish a secret key interacting with one same authentication server. However, little has been done for password authenticated key exchange in the more general and realistic four-party setting, where two clients trying to establish a secret key are registered with different authentication servers. In fact, the recent protocol by Yeh and Sun seems to be the only password authenticated key exchange protocol in the four-party setting. But, the Yeh-Sun protocol adopts the so called “hybrid model”, in which each client needs not only to remember a password shared with the server but also to store and manage the server’s public key. In some sense, this hybrid approach obviates the reason for considering password authenticated protocols in the first place; it is difficult for humans to securely manage long cryptographic keys. In this work, we introduce a key agreement protocol and a key distribution protocol, respectively, that requires each client only to remember a password shared with its authentication server.

센서 네트워크에서의 공개키 기반 분배 연구 동향 분석

국윤주,김귀남,김점구 한국융합보안학회 2009 융합보안 논문지 Vol.9 No.1

센서 네트워크는 초경량, 저전력의 많은 센서들이 넓은 지역에 배치되어 환경을 감시하거나 군 사적 목적으로 사용되는 등 다양한 분야에 활용될 수 있다. 이러한 센서 네트워크는 센서 노드들 의 자원 제약으로 인해 기존 네트워크의 보안 기능을 그대로 적용하기가 어렵다. 해결해야 할 보 안 요구 사항 중에서 키 분배 방법은 노드 간의 안전한 통신을 위해서 꼭 필요하다. 키 분배 방법 으로는 랜덤 키 사전 분배 방법, Q-합성수 랜덤 키 사전 분배 방법, 그리드 기반 키 분배 방법, 위 치 기반 키 분배 방법 등이 제안되어 왔으며, 최근 연구결과에서는 공개키 방식의 키 분배 방법도 센서 네트워크 환경에 적합함을 보여주고 있다. 본 논문에서는 공개키 방식의 키 분배 기법에 관 한 최근 연구 동향을 살펴보고자 한다. 이는 차후 공개 키 기반의 키 분배 기법에 관한 연구 및 개 발에 있어서 도움이 될 것이라고 예상한다. Wireless Sensor Networks are comprised of many of the sensors with Lightweight, low-power are placed in a large area of the wireless environment, such as surveillance of poor environment or military purposes, which are used in various fields. In sensor networks, sensor nodes due to resource constraints of the existing network security features difficult to accept. To solve the key distribution to security requirements for secure communication between nodes is necessary. Key distribution methods are random key pre-distribution method, Q-composit random key pre-distribution method, Grid-based key distribution methods, and location-based key distribution method. Results of a recent study is showed that the public key system is suitable for sensor network environment. This thesis on the public key of a key distribution technique presents a recent study to look at trends. The future of public key-based key distribution techniques be helpful in research and development is expected.

Privacy-Preserving Key-Updatable Public Key Encryption with Keyword Search Supporting Ciphertext Sharing Function

( Fen Wang ),( Yang Lu ),( Zhongqi Wang ),( Jinmei Tian ) 한국인터넷정보학회 2022 KSII Transactions on Internet and Information Syst Vol.16 No.1

Public key encryption with keyword search (PEKS) allows a user to make search on ciphertexts without disclosing the information of encrypted messages and keywords. In practice, cryptographic operations often occur on insecure devices or mobile devices. But, these devices face the risk of being lost or stolen. Therefore, the secret keys stored on these devices are likely to be exposed. To handle the key exposure problem in PEKS, the notion of key-updatable PEKS (KU-PEKS) was proposed recently. In KU-PEKS, the users’ keys can be updated as the system runs. Nevertheless, the existing KU-PEKS framework has some weaknesses. Firstly, it can’t update the keyword ciphertexts on the storage server without leaking keyword information. Secondly, it needs to send the search tokens to the storage server by secure channels. Thirdly, it does not consider the search token security. In this work, a new PEKS framework named key-updatable and ciphertext-sharable PEKS (KU-CS-PEKS) is devised. This novel framework effectively overcomes the weaknesses in KU-PEKS and has the ciphertext sharing function which is not supported by KU-PEKS. The security notions for KU-CS-PEKS are formally defined and then a concrete KU-CS-PEKS scheme is proposed. The security proofs demonstrate that the KU-CS-PEKS scheme guarantees both the keyword ciphertext privacy and the search token privacy. The experimental results and comparisons bear out that the proposed scheme is practicable.