Jung Hee Cheon
Seoul National University
Network
Latest external collaboration on country level. Dive into details by clicking on the dots.
Publication
Featured researches published by Jung Hee Cheon.
public key cryptography | 2003
Jae Choon Cha; Jung Hee Cheon
In this paper we propose an identity(ID)-based signature scheme using gap Diffie-Hellman (GDH) groups. Our scheme is proved secure against existential forgery on adaptively chosen message and ID attack under the random oracle model. Using GDH groups obtained from bilinear pairings, as a special case of our scheme, we obtain an ID-based signature scheme that shares the same system parameters with the ID-based encryption scheme (BF-IBE) by Boneh and Franklin [BF01], and is as efficient as the BF-IBE. Combining our signature scheme with the BF-IBE yields a complete solution of an ID-based public key system. It can be an alternative for certificate-based public key infrastructures, especially when efficient key management and moderate security are required.
international cryptology conference | 2000
Ki Hyoung Ko; Sang Jin Lee; Jung Hee Cheon; Jae Woo Han; Ju-Sung Kang; Choonsik Park
The braid groups are infinite non-commutative groups naturally arising from geometric braids. The aim of this article is twofold. One is to show that the braid groups can serve as a good source to enrich cryptography. The feature that makes the braid groups useful to cryptography includes the followings: (i) The word problem is solved via a fast algorithm which computes the canonical form which can be efficiently manipulated by computers. (ii) The group operations can be performed efficiently. (iii) The braid groups have many mathematically hard problems that can be utilized to design cryptographic primitives. The other is to propose and implement a new key agreement scheme and public key cryptosystem based on these primitives in the braid groups. The efficiency of our systems is demonstrated by their speed and information rate. The security of our systems is based on topological, combinatorial and group-theoretical problems that are intractible according to our current mathematical knowledge. The foundation of our systems is quite different from widely used cryptosystems based on number theory, but there are some similarities in design.
theory and application of cryptographic techniques | 2013
Jung Hee Cheon; Jean-Sébastien Coron; Jinsu Kim; Moon Sung Lee; Tancrède Lepoint; Mehdi Tibouchi; Aaram Yun
We extend the fully homomorphic encryption scheme over the integers of van Dijk et al.(DGHV) into a batch fully homomorphic encryption scheme, i.e. to a scheme that supports encrypting and homomorphically processing a vector of plaintexts as a single ciphertext.
international cryptology conference | 2016
Jung Hee Cheon; Pierre-Alain Fouque; Changmin Lee; Brice Minaud; Hansol Ryu
Multilinear maps serve as a basis for a wide range of cryptographic applications. The first candidate construction of multilinear maps was proposed by Garg, Gentry, and Halevi in 2013, and soon afterwards, another construction was suggested by Coron, Lepoint, and Tibouchi CLT13, which works over the integers. However, both of these were found to be insecure in the face of so-called zeroizing attacks, by Hu and Jia, and by Cheon, Han, Lee, Ryu and Stehle. To improve on CLT13, Coron, Lepoint, and Tibouchi proposed another candidate construction of multilinear maps over the integers at Crypto 2015 CLT15. This article presents two polynomial attacks on the CLT15 multilinear map, which share ideas similar to the cryptanalysis of CLT13. Our attacks allow recovery of all secret parameters in time polynomial in the security parameter, and lead to a full break of the CLT15 multilinear map for virtually all applications.
international conference on information security and cryptology | 2004
Hyo-Jin Yoon; Jung Hee Cheon; Yongdae Kim
An identity (ID)-based signature scheme allows any pair of users to verify each other’s signatures without exchanging public key certificates. With the advent of Bilinear maps, several ID-based signatures based on the discrete logarithm problem have been proposed. While these signatures have an advantage in the fact that the system secret can be shared by several parties using a threshold scheme (thereby overcoming the security problem of RSA-based ID-based signature schemes), they all share the same efficiency disadvantage. To overcome this, some schemes have focused on finding ways to verify multiple signatures at the same time (i.e. the batch verification problem). While they had some success in improving efficiency of verification, each had a slightly diversified definition of batch verification. In this paper, we propose a taxonomy of batch verification against which we analyze security of well-known ID-based signature schemes. We also propose a new ID-based signature scheme that allows for all types of multiple signature batch verification, and prove its security in random oracle model.
the cryptographers track at the rsa conference | 2003
Jung-Yeun Lee; Jung Hee Cheon; Seungjoo Kim
Montgomery Prime Hashing (MPH) is a scheme for message authentication based on universal hashing.I n MPH, roughly speaking, the hash value is computed as the Montgomery residue of the message with respect to a secret modulus.The modulus value is structured in a way that allows fast, compact implementations in both hardware and software.The set of allowed modulus values is large, and as a result, MPH achieves good, provable security. MPH performance is comparable to that of other high-speed schemes such as MMH. An advantage of MPH is that the secret key (i.e., the modulus) is small, typically 128-256 bits, while in MMH the secret key is typically much larger.I n applications where MMH key length is problematic, MPH may be an attractive alternative.
international conference on information security and cryptology | 2001
Jung Hee Cheon; Munju Kim; Kwangjo Kim; Jung-Yeun Lee; SungWoo Kang
Impossible differential attacks against Rijndael and Crypton have been proposed up to 5-round. In this paper we expand the impossible differential attacks to 6-round. Although we use the same 4-round impossible differential as in five round attacks, we put this impossible differential in the middle of 6-round. That is, we will consider one round before the impossible differential and one more round after. The complexity of the proposed attack is bigger than that of the Square attack, but still less than that of the exhaustive search.
international cryptology conference | 2003
Jung Hee Cheon; Byungheup Jun
We propose the first polynomial time algorithm for the braid Diffie-Hellman conjugacy problem (DHCP) on which the braid key exchange scheme and the braid encryption scheme are based [9]. We show the proposed method solves the DHCP for the image of braids under the Lawrence-Krammer representation and the solutions play the equivalent role of the original key for the DHCP of braids. Given a braid index n and a canonical length l, the complexity is about O(n 14.4 l 3.2) or O(n 4τ + 2e l 2e ) bit operations for τ = log2 7 ≈ 2.8 and e> log2 3 ≈ 1.57.
fast software encryption | 2004
Jung Hee Cheon; Dong Hoon Lee
We develop several tools to derive linear independent multivariate equations from algebraic S-boxes. By applying them to maximally nonlinear power functions with the inverse exponents, Gold exponents, or Kasami exponents, we estimate their resistance against algebraic attacks. As a result, we show that S-boxes with Gold exponents have very weak resistance and S-boxes with Kasami exponents have slightly better resistance against algebraic attacks than those with the inverse exponents.
financial cryptography | 2015
Jung Hee Cheon; Miran Kim; Kristin E. Lauter
These days genomic sequence analysis provides a key way of understanding the biology of an organism. However, since these sequences contain much private information, it can be very dangerous to reveal any part of them. It is desirable to protect this sensitive information when performing sequence analysis in public. As a first step in this direction, we present a method to perform the edit distance algorithm on encrypted data to obtain an encrypted result. In our approach, the genomic data owner provides only the encrypted sequence, and the public commercial cloud can perform the sequence analysis without decryption. The result can be decrypted only by the data owner or designated representative holding the decryption key.