WEKO3
アイテム
{"_buckets": {"deposit": "dfe103ea-0718-42a3-9512-12383bfc97f8"}, "_deposit": {"created_by": 3, "id": "1132", "owners": [3], "pid": {"revision_id": 0, "type": "depid", "value": "1132"}, "status": "published"}, "_oai": {"id": "oai:uec.repo.nii.ac.jp:00001132", "sets": ["14"]}, "author_link": ["7091"], "control_number": "1132", "item_10006_alternative_title_1": {"attribute_name": "その他(別言語等)のタイトル", "attribute_value_mlt": [{"subitem_alternative_title": "低資源装置向き暗号方式の安全性解析と設計", "subitem_alternative_title_language": "ja"}]}, "item_10006_date_granted_11": {"attribute_name": "学位授与年月日", "attribute_value_mlt": [{"subitem_dategranted": "2009-03-24"}]}, "item_10006_degree_grantor_9": {"attribute_name": "学位授与機関", "attribute_value_mlt": [{"subitem_degreegrantor": [{"subitem_degreegrantor_name": "電気通信大学"}]}]}, "item_10006_degree_name_8": {"attribute_name": "学位名", "attribute_value_mlt": [{"subitem_degreename": "博士(工学)"}]}, "item_10006_description_10": {"attribute_name": "学位授与年度", "attribute_value_mlt": [{"subitem_description": "2008", "subitem_description_type": "Other"}]}, "item_10006_description_7": {"attribute_name": "抄録", "attribute_value_mlt": [{"subitem_description": "Recent tremendous increase on applications of lightweight devices such as smart cards, RFIDtags, etc., has led a high demand for secure cryptographic schemes on these devices. However,since theoretically a certain amount of memory and computation is necessary for guaranteeingsecurity, designing a theoretically provable secure cryptographic scheme in such constrainedenvironment has been a challenging task. Moreover, due to the limited resources,countermeasures towards side-channel attacks (kind of physical attacks) are very limited,and it makes such devices to be a frequent target for such attacks. Therefore, here, not onlytheoretical security, but practical security needs sufficient analysis as well. We propose amethod to analyze a cryptographic scheme for lightweight devices and a method to constructsecure identification schemes for lightweight devices.In the first part, we show a number theoretic analysis on multi-prime RSA, a cryptographicscheme suitable for lightweight devices. In RSA, the most widely used factoring basedcryptographic scheme, a composite integer N = p1p2 is set as the public key. To reducethe cost of computations, a variant called multi-prime RSA, where N = p1p2 ¢ ¢ ¢ pk has beenproposed. However, a side-channel attack has indicated that one can get several bits of thesecret factors of N in RSA. The main concern is how severe such attack will affect multiprimeRSA if it is extensible to multi-prime RSA. In this work, we use a new lattice theorybased algorithm to find how many bits of each factor of N are sufficient to factorize N. Ouranalysis shows that when each factor of N has the same bit length, for k = 3, 3/5 part fromeach factor are sufficient to factorize N. Since this is smaller than the previous results where2/3 part of each factor were necessary, our result makes such attack become more dangerous.In the second part, we concentrate on the new design of a secure identification schemefor lightweight devices with fast online authentication. We focus on the implementation onRFID tags, where both the memory and the power consumption are very small. The previousscheme GPS has a fast online authentication, but it requires large memory since it needs alarge size of randomness to guarantee the security. In this work, we propose two new schemes,GPS+ and GPS++ and prove their security. Although we have to use a slightly strongernumber theoretic assumption than GPS, both of them have fast online authentication andbetter storage requirements compared to GPS. GPS+ achieves a faster online authenticationcompared to GPS by limiting the number of use and allowing authentication errors, whileGPS++ applies some additional computation to online authentication to reduce the memoryrequirement for guaranteeing security.", "subitem_description_type": "Abstract"}]}, "item_creator": {"attribute_name": "著者", "attribute_type": "creator", "attribute_value_mlt": [{"creatorNames": [{"creatorName": "Santoso, Bagus", "creatorNameLang": "en"}], "nameIdentifiers": [{"nameIdentifier": "7091", "nameIdentifierScheme": "WEKO"}]}]}, "item_files": {"attribute_name": "ファイル情報", "attribute_type": "file", "attribute_value_mlt": [{"accessrole": "open_date", "date": [{"dateType": "Available", "dateValue": "2016-09-16"}], "displaytype": "detail", "download_preview_message": "", "file_order": 0, "filename": "9000000332.pdf", "filesize": [{"value": "939.3 kB"}], "format": "application/pdf", "future_date_message": "", "is_thumbnail": false, "licensetype": "license_free", "mimetype": "application/pdf", "size": 939300.0, "url": {"label": "9000000332.pdf", "url": "https://uec.repo.nii.ac.jp/record/1132/files/9000000332.pdf"}, "version_id": "685fbbb1-e459-4313-82dd-5e89c3baa7fc"}]}, "item_language": {"attribute_name": "言語", "attribute_value_mlt": [{"subitem_language": "eng"}]}, "item_resource_type": {"attribute_name": "資源タイプ", "attribute_value_mlt": [{"resourcetype": "thesis", "resourceuri": "http://purl.org/coar/resource_type/c_46ec"}]}, "item_title": "Analysis and Design of Cryptographic Schemes for Lightweight Devices", "item_titles": {"attribute_name": "タイトル", "attribute_value_mlt": [{"subitem_title": "Analysis and Design of Cryptographic Schemes for Lightweight Devices", "subitem_title_language": "en"}]}, "item_type_id": "10006", "owner": "3", "path": ["14"], "permalink_uri": "https://uec.repo.nii.ac.jp/records/1132", "pubdate": {"attribute_name": "PubDate", "attribute_value": "2009-03-24"}, "publish_date": "2009-03-24", "publish_status": "0", "recid": "1132", "relation": {}, "relation_version_is_last": true, "title": ["Analysis and Design of Cryptographic Schemes for Lightweight Devices"], "weko_shared_id": -1}
Analysis and Design of Cryptographic Schemes for Lightweight Devices
https://uec.repo.nii.ac.jp/records/1132
https://uec.repo.nii.ac.jp/records/113278bad4b9-1000-42c6-ab8a-798bd9d0b5e3
名前 / ファイル | ライセンス | アクション |
---|---|---|
9000000332.pdf (939.3 kB)
|
|
Item type | 学位論文 / Thesis or Dissertation(1) | |||||
---|---|---|---|---|---|---|
公開日 | 2009-03-24 | |||||
タイトル | ||||||
言語 | en | |||||
タイトル | Analysis and Design of Cryptographic Schemes for Lightweight Devices | |||||
言語 | ||||||
言語 | eng | |||||
資源タイプ | ||||||
資源タイプ識別子 | http://purl.org/coar/resource_type/c_46ec | |||||
資源タイプ | thesis | |||||
その他(別言語等)のタイトル | ||||||
その他のタイトル | 低資源装置向き暗号方式の安全性解析と設計 | |||||
言語 | ja | |||||
著者 |
Santoso, Bagus
× Santoso, Bagus |
|||||
抄録 | ||||||
内容記述タイプ | Abstract | |||||
内容記述 | Recent tremendous increase on applications of lightweight devices such as smart cards, RFIDtags, etc., has led a high demand for secure cryptographic schemes on these devices. However,since theoretically a certain amount of memory and computation is necessary for guaranteeingsecurity, designing a theoretically provable secure cryptographic scheme in such constrainedenvironment has been a challenging task. Moreover, due to the limited resources,countermeasures towards side-channel attacks (kind of physical attacks) are very limited,and it makes such devices to be a frequent target for such attacks. Therefore, here, not onlytheoretical security, but practical security needs sufficient analysis as well. We propose amethod to analyze a cryptographic scheme for lightweight devices and a method to constructsecure identification schemes for lightweight devices.In the first part, we show a number theoretic analysis on multi-prime RSA, a cryptographicscheme suitable for lightweight devices. In RSA, the most widely used factoring basedcryptographic scheme, a composite integer N = p1p2 is set as the public key. To reducethe cost of computations, a variant called multi-prime RSA, where N = p1p2 ¢ ¢ ¢ pk has beenproposed. However, a side-channel attack has indicated that one can get several bits of thesecret factors of N in RSA. The main concern is how severe such attack will affect multiprimeRSA if it is extensible to multi-prime RSA. In this work, we use a new lattice theorybased algorithm to find how many bits of each factor of N are sufficient to factorize N. Ouranalysis shows that when each factor of N has the same bit length, for k = 3, 3/5 part fromeach factor are sufficient to factorize N. Since this is smaller than the previous results where2/3 part of each factor were necessary, our result makes such attack become more dangerous.In the second part, we concentrate on the new design of a secure identification schemefor lightweight devices with fast online authentication. We focus on the implementation onRFID tags, where both the memory and the power consumption are very small. The previousscheme GPS has a fast online authentication, but it requires large memory since it needs alarge size of randomness to guarantee the security. In this work, we propose two new schemes,GPS+ and GPS++ and prove their security. Although we have to use a slightly strongernumber theoretic assumption than GPS, both of them have fast online authentication andbetter storage requirements compared to GPS. GPS+ achieves a faster online authenticationcompared to GPS by limiting the number of use and allowing authentication errors, whileGPS++ applies some additional computation to online authentication to reduce the memoryrequirement for guaranteeing security. | |||||
学位名 | ||||||
学位名 | 博士(工学) | |||||
学位授与機関 | ||||||
学位授与機関名 | 電気通信大学 | |||||
学位授与年度 | ||||||
内容記述タイプ | Other | |||||
内容記述 | 2008 | |||||
学位授与年月日 | ||||||
学位授与年月日 | 2009-03-24 |