Mun-Kyu Lee

Security Notions and Advanced Method for Human Shoulder-Surfing Resistant PIN-Entry

The personal identification number (PIN) is a well-known authentication method used in various devices, such as ATMs, mobile devices, and electronic door locks. Unfortunately, the conventional PIN-entry method is vulnerable to shoulder-surfing attacks. Consequently, various shoulder-surfing resistant methods have been proposed. However, the security analyses used to justify these proposed methods are not based on rigorous quantitative analysis, but instead on the results of experiments involving a limited number of human attackers. In this paper, we propose new theoretical and experimental techniques for quantitative security analysis of PIN-entry methods. We first present new security notions and guidelines for secure PIN-entry methods by analyzing the existing methods under the new framework. On the basis of these guidelines, we develop a new PIN-entry method that effectively obviates human shoulder-surfing attacks by significantly increasing the amount of short-term memory required in an attack.

Information Security and Cryptology – ICISC 2012

We demonstrate that, by using a recently proposed leveled homomorphic encryption scheme, it is possible to delegate the execution of a machine learning algorithm to a computing service while retaining confidentiality of the training and test data. Since the computational complexity of the homomorphic encryption scheme depends primarily on the number of levels of multiplications to be carried out on the encrypted data, we define a new class of machine learning algorithms in which the algorithm’s predictions, viewed as functions of the input data, can be expressed as polynomials of bounded degree. We propose confidential algorithms for binary classification based on polynomial approximations to least-squares solutions obtained by a small number of gradient descent steps. We present experimental validation of the confidential machine learning pipeline and discuss the trade-offs regarding computational complexity, prediction accuracy and cryptographic security.

Sliding Window Method for NTRU

The NTRU cryptosystem is a ring-based public key system using hard problems over lattices. There has been an extensive research on efficient implementation of NTRU operations, including recent results such as Bailey et al.s software implementation over a resource-constrained device and Gaubatz et al.s hardware implementation using only 3,000 gates. In this paper, we present a new algorithm to improve further the performance of NTRU. We speed up the encryption and decryption operations of NTRU up to 32% using some temporary memory, and if we can use precomputation, then the speed-up becomes up to 37%. Our method is based on the observation that specific sub-operations are repeated frequently in the underlying polynomial operations of NTRU.

Secure bimodal PIN-entry method using audio signals

A Personal Identification Number (PIN) is a multiple-digit sequence widely used for user authentication. It is desirable for a PIN-entry method to be secure against two main security threats, random guessing attacks and recording attacks. Although there have been many proposals for challenge-response-based PIN-entry methods, it is well known that the only way to prevent both attacks is to physically prevent attackers from observing the challenge-response pairs, which motivates the development of PIN-entry methods that use secure secondary channels such as audio signals. To provide a guideline for designing an audio-based PIN-entry method, we propose a simple framework to transform a non-audio-based method into an audio-based one. We also present a new PIN-entry method that improves the performance of this simple transformation. Most audio-based methods in the literature are unimodal methods, that is, they transmit almost all required information through an audio channel because it was believed that this approach maximized the users performance. In this paper, however, we show that a carefully designed bimodal system may be more usable than a unimodal one. We present a new PIN-entry method whose audio channel only transmits the minimal required data while most of the challenge information is transmitted through the efficient visual channel. Our user study shows that the PIN-entry time of the proposed method is shorter than those of the previous audio-based methods, while its error rate is kept as low as that of the previous methods.

Improved cancelable fingerprint templates using minutiae-based functional transform

Since Ratha et al. introduced the functional transform for cancelable fingerprint templates, a few simulation attacks to this method have been proposed. The attacks are based on the fact that the transform depends only on the predefined parameters. That is, the attacker may fully simulate the transform and partially invert it if the parameters are available. Although an original template is transformed using different parameters for different systems, even the compromise of only one of these systems may reveal the original template, which may be a serious potential threat from a practical viewpoint. In this paper, we propose an improved functional transform, whose parameters are decided by the original template, as well as predefined user-specific keys. Because the information on the original template will not be available to the attacker even when a system is compromised, the proposed method significantly improves the security of the original template by preventing the attacker from reconstructing the transform. Copyright

Fast Exponentiation Using Split Exponents

We propose a new method to speed up discrete logarithm (DL)-based cryptosystems by considering a new variant of the DL problem, where the exponents are formed as e1 + e2 for some fixed a and two integers e1, ae2 with a low weight representation. We call this class of exponents split exponents, and we show that with certain choice of parameters the DL problem on split exponents is essentially as secure as the standard DL problem, while the exponentiation operation using exponents of this class is significantly faster than best exponentiation algorithms given for standard exponents. For example, the speed of scalar multiplication on the standard Koblitz curve K163 is estimated to be accelerated by up to 51.5 % and 23.5 % at the cost of memory for one precomputed point, compared to the TNAF and window TNAF methods, respectively. As for security, we show that the provable security of the DL problem using split exponents is only by a small constant, e.g., 1/4, worse than the security of the standard DL problem. Split exponents can be adopted to speed up various DL-based cryptosystems. We exemplify this on the recent CCA-secure public key encryption of Bellare, Kohno, and Shoup.

Efficient parallel exponentiation in GF(q n ) using normal basis representations

Von zur Gathen proposed an efficient parallel exponentiation algorithm in finite fields using normal basis representations. In this paper we present a processor-efficient parallel exponentiation algorithm in GF(qn) which improves upon von zur Gathens algorithm. We also show that exponentiation in GF(qn) can be done in O((log2 n)2 / logq n) time using n / (log2 n)2 processors. Hence we get a processor-time bound of O(n / logq n), which matches the best known sequential algorithm. Finally, we present an efficient on-line processor assignment scheme which was missing in von zur Gathens algorithm.

Reliability of low temperature poly-Si TFT employing counter-doped lateral body terminal

A new low-temperature poly-Si TFT employing a counter-doped lateral body terminal is proposed and fabricated, in order to enhance the stability of poly-Si driving circuits. The LBT structure effectively suppresses the kink effect by collecting the counter-polarity carriers and suppresses the hot carrier effect by reducing the peak lateral field at the drain junction. The proposed device is immune to dynamic stress, so that it is suitable for low voltage and high speed driving circuits of AMLCD.

Secure and user friendly PIN entry method

Personal identification number (PIN) is a common user authentication method widely used for ATMs and mobile phones. However, an attacker can obtain the PIN easily by looking over a users shoulder. We present a new PIN entry method which makes this kind of attack significantly harder.

User Authentication Based on Distance Estimation Using Ultrasonic Sensors

User authentication is a mechanism that enables a user of a system to prove his identity and to have access to the system. Traditionally, there are three categories of authentication mechanisms based on what we know, what we are, and what we have. In this paper, we show some possible weaknesses in the third class of schemes and we propose a new user authentication scheme based on distance estimation using ultrasonic communication.