Sarwono Sutikno

An implementation of ElGamal elliptic curves cryptosystems

The concept of public key cryptography was first introduced by Diffie and Hellman in 1976 using discrete logarithm problem as base of difficulty. In 1985, T. ElGamal proposed public key cryptosystem scheme based on discrete logarithm problem. Elliptic curve cryptosystems were first proposed in 1985 independently by Neil Koblitz and Victor Miller. Elliptic curve cryptosystems are unique in using elliptic curve groups for arithmetic. This cryptosystem is based on discrete logarithm problem in the group of points of an elliptic curve defined over a finite field. The discrete logarithm problem in an elliptic curve group appears to be much harder than the discrete logarithm problem in other groups. Hence elliptic curves cryptosystem can match the security of other cryptosystems while using smaller key. In this paper we will discuss a VLSl implementation of elliptic curves cryptosystem for ElGamal encryption scheme.

An architecture of F(2/sup 2N/) multiplier for elliptic curves cryptosystem

The elliptic curves cryptosystem is a public key cryptosystem which has the potential to become the dominant encryption method for information and communication systems. This cryptosystem has the same security level compared with other public key cryptosystems, in spite of the relatively short key length that is employed. A short key length makes the encryption and decryption process much faster, requires a lower bandwidth for data and provides a more efficient implementation. An implementation of the elliptic curves cryptosystem needs a high performance finite field arithmetic module. In this paper we discuss an architecture of a finite field F(2/sup 2n/) multiplier using normal basis representations. The proposed architecture offers lower computational time and lower complexity compared with other architectures.

The measurement design of information security management system

Information is an asset, such as important business assets, has value to an organization and consequently must be well protected. In organizations, information becomes an important and must remain available, and its existence should be maintained from unauthorized access. The use of information by unauthorized parties could be used for negative purposes which would be detrimental to the organization. Therefore, information security must be implemented correctly in order to avoid the impact of loss to the organization. Information security must satisfy the elements of confidentiality, integrity and availability. The international standard ISO / IEC 27000: 2014, SNI ISO / IEC 27001: 2013 and SNI ISO / IEC 27002: 2013 are a standard for Information Security Management System that can be used for the organization. These standard are able to test the security of the information and to measure the effectiveness of an implemented Information Security Management System (ISMS) which has been adopted as SNI ISO / IEC 27004: 2013. The standardization of Information Security Management Systems need an adjustment, the version of ISO / IEC 27004. The latter has adopted the development of ISO / IEC 27000, ISO / IEC 27001 and ISO / IEC 27002 which is required the measurement design of Information Security Management System. This study results in the design of the size of the Information Security Management System in accordance with the rules of international standards and the latest ISO standards. So it can be a reference for various organizations. This study aims to make a measurement design of Information Security Management System by adopting the best practices based on information security standard defined by ISO / IEC.

Design and implementation of arithmetic processor F/sub 2//sup 155/ for elliptic curve cryptosystems

Since Diffie and Hellman first introduced the concept of public key cryptography in 1976, the potential usage of discrete logarithm problems in public key cryptosystems has been recognized. Then, in 1985, ElGamal proposed a public key cryptosystem scheme based on this problem. Elliptic curve cryptosystems is a cryptosystem that is based on discrete logarithm problems but using the elliptic curve group so it is more difficult than the discrete logarithm problem itself. In this paper we will describe how to design and implement an arithmetic processor with an efficient architecture and apply it to the elliptic curve cryptosystem.

Model design of information security governance assessment with collaborative integration of COBIT 5 and ITIL (case study: INTRAC)

Management of information without regard to risk the achievement of enterprise goals can have an impact on organizational performance, financial loss or organizations credibility. The risk control for the negative effects and utilization of chance in achieving enterprise goals is called information security. Information security are generally solved by partial and limited. It also happens to INTRAC that apply only management area of information security by adopting ISO/IEC 27001:2009 and ISO/IEC 27002:2005. This study aims to develop process assessment model that support the implementation of information security governance on an organization. The method used in this study is qualitative method. Based on the validation by expert judgment, information security governance model has been prepared in accordance with the requirements of information security, particularly in the INTRAC.

Transaction Level Modeling for Early Verification on Embedded System Design

Time-to-market pressure and productivity gap are two factors that encourage the Electronic Design Automation (EDA) industry and researcher of embedded system to enhanche embedded system design method. Current embedded system design approach, Register Transfer Level, is not sufficient to fulfill the embedded system design necessity. It needs a new design method above RTL, higher abstraction layer. Electronic System Level is general term that used to name system above RTL. ESL definition so far is a system above RTL including hardware and software. In this paper we designed a Transaction Level Modeling for early verification on embedded system design. This modeling is used to know functionality fulfillment at early stage. We specify four kind model for early verification purpose.

The New Block Cipher: BC2

In this paper, we propose a new block cipher called BC2 (Block Cipher 2). We make a cipher using components that are believed secure. The structure of BC2 is very simple. We use Feistel network with input-output 128 bits, matrix Maximum Distance Separable (MDS) 8x8 with branch number 9 to give high diffusion, a function affine equivalent to the inverse function in GF(2^8) that we get from Camellia and Hierocrypt S-Box for confusion and we make FN function, based on FL function of Camellia. We use a heuristic method to count the minimum number of active substitution box at Feistel Network. And we also construct a new key schedule that is fast and secure.

Peer-to-peer Electronic Cash Using Identity Based Signcryption Dany Eka SAPUTRA, Sarwono SUTIKNO, and Suhono Harso SUPANGKAT

Indonesia e-cash system faced with some challenges. Lack of proper network infrastructure impedes the distribution of e-cash throughout the country. Most existing e-cash scheme designed for usage with proper network infrastructure, mainly for validating the transaction. Existing peer-to-peer e-cash scheme also require proper network infrastructure, either for public key request or deposit the received e-cash. This paper proposed a novel ecash scheme by building its e-cash data as chain of transaction (block chain) using identitybased signcryption as its security mechanism. The combination of block chain and identitybased signcryption make the e-cash peer-to-peer, transferable, and able to operate on ad hoc network. The Markov chain evaluation show that the proposed scheme can achieve security against forgery and double spending.

DPA-countermeasure with knowledge growing system

This paper discusses the needs and security threats on an embedded system on the current information era. This paper provides security view information on the hardware by looking at aspects of threats, vulnerabilities, encryption and decryption, and information attack side. This paper also describes the KGS (knowledge growing system) as techniques for the prevention from the DPA (differential power analysis) attacks on cryptographic device to be used in future research plans.

Power analysis attack on implementation of DES

This paper discusses the needs and security threats on an embedded system on the current information era. This paper provides security view information on the hardware by looking at aspects of threats, vulnerabilities, encryption and decryption, and information attack side. This paper also describes the KGS (knowledge growing system) as techniques for the prevention of dpa attacks and other power analysis in algorithm cryptography to be used in future research plans.