International Association for Cryptologic Research

International Association
for Cryptologic Research


Sang-Jae Moon


Secure Deniable Authenticated Key Establishment for Internet Protocols
In 2005, Boyd et al.'s deniable authenticated key establishment protocols for Internet Key Exchange (IKE) have been infiltrated by Chou et al. with the key-compromise impersonation (KCI) attack. In order to conquer their defects, we propose two protocol variants based on Boyd et al.'s deniable schemes for IKE in order to protect against the KCI attack and the man-in-the-middle (MITM) attack, while preserving the deniability and authenticity.
An Improved and Efficient Countermeasure against Power Analysis Attacks
Recently new types of differential power analysis attacks (DPA) against elliptic curve cryptosystems (ECC) and RSA systems have been introduced. Most existing countermeasures against classical DPA attacks are vulnerable to these new DPA attacks which include refined power analysis attacks (RPA), zero-value point attacks (ZPA), and doubling attacks. The new attacks are different from classical DPA in that RPA uses a special point with a zero-value coordinate, while ZPA uses auxiliary registers to locate a zero value. So, Mamiya et al proposed a new countermeasure against RPA, ZPA, classical DPA and SPA attacks using a basic random initial point. His countermeasure works well when applied to ECC, but it has some disadvantages when applied to general exponentiation algorithms (such as RSA and ElGamal) due to an inverse computation. This paper presents an efficient and improved countermeasure against the above new DPA attacks by using a random blinding concept on the message different from Mamiya's countermeasure and show that our proposed countermeasure is secure against SPA based Yen's power analysis which can break Coron's simple SPA countermeasure as well as Mamiya's one. The computational cost of the proposed scheme is very low when compared to the previous methods which rely on Coron's simple SPA countermeasure. Moreover this scheme is a generalized countermeasure which can be applied to ECC as well as RSA system.
How to Generate Universally Verifiable Signatures in Ad-Hoc Networks
KyungKeun Lee JoongHyo Oh SangJae Moon
This paper addresses the problem of making signatures of one domain (an ad-hoc network) available in another domain (the Internet). Universal verifiability is a highly desirable property when signed documents need to be permanently non-repudiable so as to prevent dishonest signers from disavowing signatures they have produced. As a practical solution, we construct a new signature scheme where a valid signature should be generated by a couple of distinct signing keys. In the random oracle model, the signature scheme is provably secure in the sense of existential unforgeability under adaptive chosen message attacks assuming the hardness of the computational Diffie-Hellman problem in the Gap Diffie-Hellman groups.

Program Committees

Asiacrypt 1996
Asiacrypt 1991