Publications & Research Reports (2004/10/16)

 

A. Journal papers

  1. An Efficient Redundant-Binary Number to Binary Number Converter
    (S.M. Yen, C.S. Laih, C.H. Chen and J.Y. Lee)

    IEEE Journal of Solid State Circuits, Vol.27, No.1, pp.109-112, Jan. 1992.

     

  2. Secure Addition Sequence and its Applications on the Server-Aided Secret Computation Protocols
    (C.S. Laih and S.M. Yen)

    IEICE Trans. on Fundamentals of Electronics, Communications and Computer Sciences, Vol.E77-A, No.1, pp.81-88, Jan. 1994.

    Server aided secret computation (SASC) protocol also called the verifiable implicit asking protocol, is a protocol such that a powerful untrusted auxiliary device (server) can help a smart card (client) for computing a secret function efficiently. In this paper, we extend the concept of addition sequence to the secure addition sequence and develop an efficient algorithm to construct such sequence. By incorporating the secure addition sequence into the SASC protocol the performance of SASC protocol can be further enhanced.

  3. Analysis and Improvement of an Access Control Scheme with User Authentication
    (S.M. Yen and C.S. Laih)

    IEE Proceedings: Computers and Digital Techniques, Vol.141, No.5, pp.271-273, Sept. 1994.

    Both user authentication and access control are required for data protection in computer systems. Recently, Harn and Lin proposed an access control scheme with integration of user authentication. In their scheme, the above two functions are combined together to prevent the possible security threats between these two protection modules. In this paper, it is shown that there are some redundant information and verification operations in their scheme. We present one more compact and efficient alternative with the same security and characteristics. Also, a batch-type multiple-access request verification is suggested to improve the efficiency of the system and a password updating process is proposed to facilitate the dynamic operations.

  4. Multi-Exponentiation
    (S.M. Yen, C.S. Laih and A.K. Lenstra)

    IEE Proceedings: Computers and Digital Techniques, Vol.141, No.6, Nov. 1994.

    In several cryptographic protocols the product of a small number of exponentiations is required, but the separate exponentiation results are not needed. In this paper we present a simultaneous exponentiation algorithm that takes advantage of this situation and that is substantially faster than the ordinary approach using separate exponentiations.

  5. Fast Algorithms for the LUC Digital Signature Computation
    (S.M. Yen and C.S. Laih)

    IEE Proceedings: Computers and Digital Techniques, Vol.142, No.2, pp.165-169, March 1995.

    Recently, a digital signature scheme based on a special type of Lucas function has been proposed which is free from the multiplicative attack on the RSA digital signature. A disadvantage of this new digital signature scheme, LUC, is that it takes more computation than the RSA does. An important property, V(x+y)=V(x)*V(y)-V(x-y), of this special type of Lucas function is exploited to develop fast algorithms to make the LUC digital signature perform more efficiently. A parallel architecture for the proposed fast algorithms is developed. Besides the fast algorithm constructions, another contribution of this paper is to study and to show that there exist many similar computational and mathematical aspects between the exponentiation and the special type of Lucas function considered in this paper.

  6. Improved Digital Signature Algorithm
    (S.M. Yen and C.S. Laih)

    IEEE Trans. on Computers, Vol.44, No.5, May 1995.

    In this paper, a digital signature algorithm is developed which is an improved version of the Digital Signature Algorithm (DSA) proposed by the NIST. The security of the improved version is the same as the original one while it benefits the signature signer and performs more efficiently.

  7. Improved Digital Signature Suitable for Batch Verification
    (S.M. Yen and C.S. Laih)

    IEEE Trans. on Computers, Vol.44, No.7, July 1995.

    In this paper, an improved digital signature is developed based on the famous Schnorr or Brickell-McCurley schemes. It is shown that both the new scheme and the previous two originals rely on the same security assumptions. The novel feature of this proposed signature is that it can be verified in a batch manner and the improved efficiency is approximately proportional to the number of signatures to be verified.

  8. More About the Active Attack on the Server-Aided Secret Computation Protocol
    (S.M. Yen and C.S. Laih)

    IEE Electronics Letters, Vol.28, No.24, p.2250, 1992.

     

  9. On the Design of Dynamic Access Control Scheme with User Authentication
    (S.M. Yen and C.S. Laih)

    Computer Mathematics with Applications, Vol.25, No.7, pp.27-32, Apr. 1993.

     

  10. Server-Aided Honest Computation for Cryptographic Applications
    (S.M. Yen and C.S. Laih)

    Computer Mathematics with Applications, Vol.26, No.12, pp.61-64, June 1993.

    A lot of discussions for smart card based identification and digital signature schemes have been considered in the literature. In this paper, a novel approach is proposed for smart cards to perform signature validation and identification verification efficiently with the help of the powerful signature signer and the identity prover.

  11. New Digital Signature Scheme Based On Discrete Logarithm
    (S.M. Yen and C.S. Laih)

    IEE Electronics Letters, Vol.29, No.12, pp.1120-1121, June 1993.

    In this letter, a new digital signature scheme is developed. Security of the proposed scheme is based on solving the discrete logarithm hard problem. The scheme is both efficient and easy for implementation. With precomputation, the proposed scheme is efficient for smart card applications.

  12. Common-Multiplicand Multiplication and Its Applications to Public Key Cryptography
    (S.M. Yen and C.S. Laih)

    IEE Electronics Letters, Vol.29, No.17, pp.1583-1584, Aug. 1993.

    In this letter, efficient computations of {X*Y_i| i=1,2,...,t; t>=2} which is called as the common-multiplicand multiplication problem are considered . An algorithm is proposed for this problem and it is very useful for the modular exponentiation computations of public key cryptography.

  13. Parallel Computation of the Cascade Exponentiation
    (C.S. Laih, C.C. Chang and S.M. Yen)

    International Journal of Information Management and Engineering, Vol.1, No.3, pp.8-11, 1994.

     

  14. Cryptanalysis of Secure Addition Chain for SASC Applications
    (S.M. Yen)

    IEE Electronics Letters, Vol.31, No.3, pp.175-176, Feb. 1995.

    Security analysis of a recently proposed technique, the secure addition chain (SAC), used to improve the performance of server-aided secret computation (SASC) protocol is given. It is shown that without precautions taken the secret information can be easily derived from the secure addition chain and the SASC protocol with the aid of SAC will be insecure at all. Countermeasure is also given based on a recommended nonuniformly distributed random number generator.

  15. Comment: Fast Square-and-Multiply Exponentiation for RSA
    (S.M. Yen)

    IEE Electronics Letters, Vol.31, No.9, p.712, April 1995.

    The purpose of this Comment is to show that the exponentiation algorithm proposed by Hui and Lam is well known but not new. Above all, the performance analysis given is inappropriate. In addition, an error exists in their listed algorithm.

  16. Multi-signature for Specified Group of Verifiers
    (C.S. Laih and S.M. Yen)

    Journal of Information Science and Engineering, Vol.12, No.2, pp.143-152, 1996.

    In this paper, a multi-signature for specified group of verifiers is proposed. In the scheme, a group of signers together can create a digital multi-signature for a specified group of verifiers and only all the verifiers in the group together can check the validity of the signature. The most important feature in the new signature is that the transferability of the signature is not allowed.

  17. Correction to: Improved Digital Signature Algorithm
    (S.M. Yen and P. Suvannapattanan)

    IEEE Trans. on Computers, Vol.45, No.7, p.864, July 1996.

     

  18. Cryptanalysis and Repair of the Multi-Verifier Signature with Verifier Specification
    (S.M. Yen)

    Computers and Security, Vol.15, No.6, pp.537-544, 1996.

    The purpose of this paper is to show that the verification process of the Laih-Yen group-oriented verifier specified signature scheme is vulnerable. A more insight look at the model of multi-verifier digital signature with verifier specification is given. Through this model research, deeper understanding and rigorous cryptanalysis of group-oriented signature verification is then possible. Finally, the Laih-Yen scheme is repaired.

  19. Improved normal basis inversion in GF(2^m)
    (S.M. Yen)

    IEE Electronics Letters, Vol.33, No.3, pp.196-197, Jan. 1997.

    Recently Fenn et al. developed a fast finite field inversion algorithm in GF(2^m) over the normal basis representation which uses about the half time complexity compared with the traditional approaches. In this Letter, further extensive improvement to this algorithm is presented.

  20. Shared Authentication Token Secure Against Replay and Weak Key Attacks
    (S.M. Yen and K.H. Liao)

    Information Processing Letters, Vol.62, No.2, pp.77-80, April 1997.

    In this paper, an authentication scheme that uses a novel design of shared tamper resistant cryptographic token is originally proposed which can be very useful to enhance the security of most remote login systems. Conceptually, the proposed scheme is a weak key protected one-time password system.

  21. Improved Common-Multiplicand Multiplication and Fast Exponentiation by Exponent Decomposition
    (S.M. Yen)

    IEICE Trans. on Fundamentals, Vol.E80-A, No.6, pp.1160-1163, June 1997.

    The technique of common-multiplicand multiplication, CMM, is modified and the similar approach is utilized to enhance the performance of a recently proposed fast exponentiation algorithm by exponent decomposition. On average, the improved exponentiation, its original version, and the traditional right to left binary exponentiation algorithm take 1.292m+11, 1.375m+3, and 1.5m multiplications, respectively where m is the bit length of the exponent.

  22. On the Security of A One-time Signature
    (S.M. Yen)

    IEE Electronics Letters, Vol.33, No.8, pp.677-679, April 1997.

    Recently Wu and Sung reported a one-time digital signature based on any one-way function in their article about password authentication. Owing to its general construction and potential applications, including to develop one-time password scheme, indepth security analysis is considered in this Letter. It will be shown to suffer a signature forgery problem.

  23. High Performance Nonce-Based Authentication and Key Distribution Protocols Against Password Guessing Attacks
    (S.M. Yen and M.T. Liu)

    IEICE Trans. on Fundamentals of Electronics, Communications and Computer Sciences, Vol.E80-A, No.11, pp.2209-2217, Nov. 1997.

    A family of nonce-based authentication and key distribution protocols based on the trusted third-party model are proposed which are not only efficient on the view points of computation and communication, but also secure against on-line and off-line password guessing attacks. A new concept of implicit or indirect challenge-response authentication which can be used to combine the processes of identity authentication and data integrity assurance during key distribution and to make the entire protocol be more concise and efficient is introduced in this paper. In the proposed family of protocols, specific protocol can be chosen such that the secure session key to be distributed is selected by specific participant in the protocol. Detailed security analyses of every protocols are given.

  24. An Improved Authenticated Multiple-Key Agreement Protocol
    (S.M. Yen and M. Joye)

    Electronics Letters, Vol.34, No.18, Sept. 1998.

    Recently, Harn and Lin developed a two-phase authenticated key agreement protocol which enables two parties to share multiple secret keys. The first phase of their protocol is the most important part that can be used to deliver a sequence of temporary random public keys to the other one in an authenticated approach. In this short paper, we demonstrate an improved version of this novel scheme after giving some detail cryptanalysis of the original Harn-Lin scheme.

  25. ID-based Secret-Key Cryptography
    (M. Joye and S.M. Yen)

    ACM Operating Systems Review, Vol.32, No.4, pp.33-39, Oct. 1998.

    This report introduces ID-based secret-key cryptography, in which secret keys are privately and uniquely binded to an identity. This enables to extend public-key cryptography features at the high throughput rate of secret-key cryptography. As applications, efficient login protocols, an enhanced version of Kerberos, and an ID-based MAC algorithm are presented.

    ID-based systems were initially developed in the context of public-key cryptography by removing the need of explicit public keys. The idea was to derive, in a publicly known way, a public key from an identity. Similarly, in secret-key cryptography, ID-based systems allow authorized entities to derive a secret key from an identity. So, large databases maintaining the correspondence between an identity and the corresponding secret key are no longer required, resulting in better performances and higher security.

  26. Cryptanalysis of an Authentication and Key Distribution Protocol
    (S.M. Yen)

    IEEE Communications Letters, Vol.3, No.1, pp.7-8, Jan. 1999.

    In this technical note, we wish to point out that a recently proposed authentication and key distribution protocol is not secure from both the view points of authentication and key distribution requirements.

  27. Checking Before Output May Not Be Enough Against Fault-Based Cryptanalysis
    (S.M. Yen and M. Joye)

    IEEE Trans. on Computers, Vol.49, No.9, pp.967-970, Sept. 2000.

    In order to avoid fault-based attacks on cryptographic security modules (e.g., smart-cards), some authors suggest that the computation results should be checked for faults before being transmitted. In this paper, we describe a potential fault-based attack where key bits leak only through the information whether the device produces after a temporary fault a correct answer or not. This information is available to the adversary even if a check is performed before output.

  28. Improved One-time Password Scheme
    (S.M. Yen)

    Information & Management.

    In this paper, the conventional secret key based authentication and the famous Lamport's one-time password scheme are combined to develop a new type of password scheme. This new scheme possesses the advantage of Lamport-scheme having replay attack resistance without the need to maintain a table of unexpired passwords. At the same time, the password can be authenticated using a single interaction and also can be employed as the long-term means of identity proving, in a similar way to conventional timestamp based authentication.

  29. Optimal Left-to-right Binary Signed-Digit Recoding
    (M. Joye and S.M. Yen)

    IEEE Trans. on Computers -- Special issue on Computer Arithmetic, Vol.49, No.7, pp.740-748, July 2000.

    This paper describes new methods for producing optimal binary signed-digit representations. This can be useful in the fast computation of exponentiations. Contrary to existing algorithms, the digits are scanned from left to right (i.e., from the most significant position to the least significant position). This may lead to better performances in both hardware and software.

  30. PayFair: A Prepaid Internet Micropayment Scheme Ensuring Customer Fairness
    (S.M. Yen)

    IEE Proceedings: Computers and Digital Techniques, Vol.148, No.6, pp.207-213, Nov. 2001.

    In this paper, a software based prepaid micropayment scheme is developed. Same as all existing prepaid micropayment schemes, profits of the merchants are protected. Furthermore, in this proposed scheme, fairness for the customers is also promised. More precisely, in this new scheme, the merchant after receiving prepaid money can only claim that a customer has already spent a specific amount of money by showing the required cryptographic witness which can only be received from that customer using as a payment. Most importantly, in this new scheme, no public key signature computation is required. Finally, it will be shown that owing to the simplicity and high performance of the scheme, it can also be employed by a small electronic equipment as the general purpose resource access control.

  31. RSA Speedup with Chinese Remainder Theorem Immune against Hardware Fault Cryptanalysis
    (S.M. Yen, SeungJoo Kim, SeonGan Lim, and SangJae Moon)

    IEEE Trans. on Computers -- Special issue on CHES, Vol.52, No.4, pp.461-472, April 2003..

    This article considers the problem of how to prevent the fast RSA signature and decryption computation with residue number system (or called the CRT-based approach) speedup from a hardware fault cryptanalysis in a highly reliable and efficient approach. The CRT-based speedup for RSA signature has been widely adopted as an implementation standard ranging from large servers to very tiny smart IC cards. However, giving a single erroneous computation result, a hardware fault cryptanalysis can totally break the RSA system by factoring the public modulus. Some countermeasures by using a simple verification function (e.g., raising a signature to the power of public key) or fault detection (e.g., an expanded modulus approach) have been reported in the literature, however it will be pointed out in this paper that very few of these existing solutions are both sound and efficient. Unreasonably, in these methods, they assume that a comparison instruction will always be fault free when developing countermeasures against hardware fault cryptanalysis. Researches show that the expanded modulus approach proposed by Shamir is superior to the approach of using a simple verification function when other physical cryptanalysis (e.g., timing cryptanalysis) is considered. So, we intend to improve Shamir's method. In this paper, the new concept of fault infective CRT computation and fault infective CRT recombination are proposed. Based on the new concept, two novel protocols are developed with rigorous proof of security. Two possible parameter settings are provided for the protocols. One setting is to select a small public key $e$ and the proposed protocols can have comparable performance to Shamir's scheme. The other setting is to have better performance than Shamir's scheme (i.e., having comparable performance to conventional CRT speedup) but with a large public key. Most importantly, we wish to emphasize the importance of developing and proving the security of physically secure protocols without relying on unreliable or unreasonable assumptions, e.g., always fault free instructions. In this paper, related protocols are also considered and are carefully examined to point out possible weakness.

  32. Physical Cryptanalysis By Exploiting Countermeasures
    (S.M. Yen and some other authors)

    An international journal, (to submit).

    TRecently, many research works have been reported about how physical cryptanalysis can be carried out on cryptographic devices by exploiting any possible leaked information through side channels. In this paper, we demonstrate a new type of safe-error based hardware fault cryptanalysis which is mounted on a recently reported countermeasure against simple power analysis attack. This safe-error based attack is developed by inducing a temporary random computational fault other than a temporary memory fault which was explicitly assumed in the first published safe-error based attack (in which more precisions on timing and fault location are assumed) proposed by Yen and Joye. Analysis shows that the new safe-error based attack proposed in this paper is powerful and feasible because the cryptanalytic complexity (especially the computational complexity) is quite small and the assumptions made are more reasonable. Existing research works considered many possible countermeasures against each kind of physical cryptanalysis. This paper and a few previous reports clearly show that a countermeasure developed against one physical attack does not necessarily thwart another kind of physical attack. However, almost no research has been done on dealing the possible mutual relationship between different kinds of physical cryptanalysis when choosing a specific countermeasure. Most importantly, in this paper we wish to emphasize that a countermeasure developed against one physical attack if not carefully examined may benefit another physical attack tremendously. This issue has never been explicitely noticed previously but its importance can not be overlooked because of the attack found in this paper. Notice that almost all the issues considered in this paper on a modular exponentiation also applies to a scalar multiplication over an elliptic curve.

  33. Memory Efficient and High Performance Multi-Exponentiation Algorithms Based on Euclidean Chain
    (S.M. Yen and some other authors)

    An international journal, (to submit).

    In this paper, a brand new algorithm for the evaluation of multi-exponentiation, e.g., X^a Y^b, is proposed based on the Euclidean chain. The multi-exponentiation computation becomes particularly important for more and more important public-key cryptographic schemes. However, till now, much less attention has ever been paid on this research topic. The proposed algorithm is both simple for implementation and is efficient from the viewpoints of time and space. For 512-bit exponents $a$ and $b$, the conventional approach and the proposed algorithm will need on average 896 and 811 multiplications, respectively. Furthermore, the proposed algorithm needs less amount of registers than the conventional one. This algorithm can be very useful for the implementation of quite many modern public-key based cryptosystems using small portable device, e.g., smart IC card.

 

B. Important Crypto-orient Conference Papers

  1. Two Efficient Server-Aided Secret Computation Protocols Based on the Addition Sequence
    (C.S. Laih, S.M. Yen and L. Harn)

    In Proc. of the ASIACRYPT'91, and in the Lecture Notes in Computer Science, Springer-Verlag.

     

  2. The Fast Cascade Exponentiation Algorithm and its Applications on Cryptography
    (S.M. Yen and C.S. Laih)

    In Proc. of the AUSCRYPT'92, and in the Lecture Notes in Computer Science, Springer-Verlag.

     

  3. Secure Addition Sequence and its Applications on the Server-Aided Secret Computation Protocols
    (C.S. Laih and S.M. Yen)

    In Proc. of the AUSCRYPT'92, and in the Lecture Notes in Computer Science, Springer-Verlag.

     

  4. On Verifiable Implicit Asking Protocols for RSA Computation
    (T. Matsumoto, H. Imai, C.S. Laih and S.M. Yen)

    In Proc. of the AUSCRYPT'92, and in the Lecture Notes in Computer Science, Springer-Verlag.

     

  5. Weighted One-way Hash Chain and Its Applications
    (S.M. Yen and Y. Zheng)

    In Proc. of the 3rd International Workshop on Information Security--ISW 2000 (Sydney, Australia), Lecture Notes in Computer Science, Vol.1975, Springer-Verlag, pp. 135-148, 2000. 

     

  6. Practical Key Recovery Scheme
    (S.M. Yen)

    In Proc. of the 6th Australasian Conference on Information Security and Privacy--ACISP 2001, Lecture Notes in Computer Science, Vol.2119, Springer-Verlag, pp. 104-114, 2001.

     

  7. RSA Speedup with Residue Number System Immune from Hardware Fault Cryptanalysis
    (S.M. Yen, Seung-Joo Kim, Seon-Gan Lim, and Sang-Jae Moon)

    In Proc. of the 4th International Conference on Information Security and Cryptology--ICISC 2001, Lecture Notes in Computer Science, Vol.2288, Springer-Verlag, pp. 397-413, 2002.

     

  8. A Countermeasure Against One Physical Cryptanalysis May Benefit Another Attack
    (S.M. Yen, Seung-Joo Kim, Seon-Gan Lim, and Sang-Jae Moon)

    In Proc. of the 4th International Conference on Information Security and Cryptology--ICISC 2001, Lecture Notes in Computer Science, Vol.2288, Springer-Verlag, pp. 414-427, 2002.

     

  9. Observability Analysis -- Detecting When Improved Cryptosystems Fail
    (M. Joye, J-J Quisquater, S.M. Yen, and M. Yung)

    In Proc. of the Cryptographer's Track at the RSA Conference 2002, Topics in Cryptology--CT-RSA 2002, Lecture Notes in Computer Science, Vol.2271, Springer-Verlag, pp. 17-29, 2002

     

  10. New Minimal Modified Radix-r Representation with Application to Cryptography
    (M. Joye and S.M. Yen)

    In Proc. of the 5th International Workshop on Practice and Theory in Public Key Cryptosystems--PKC 2002, Lecture Notes in Computer Science, Vol.2274, Springer-Verlag, pp. 375-384, 2002

     

  11. Generation and Release of Secrets Using One-way Cross-trees
    (M. Joye and S.M. Yen)

    In Proc. of the 5th International Workshop on Practice and Theory in Public Key Cryptosystems--PKC 2002, Lecture Notes in Computer Science, Vol.2274, Springer-Verlag, pp. 346-356, 2002.

     

  12. The Montgomery Powering Ladder
    (M. Joye and S.M. Yen)

    In Proc. of the CHES 2002, Lecture Notes in Computer Science, Vol.2523, Springer-Verlag, pp. 291-302, 2003.

     

  13. Improved Probabilistic Micropayment Scheme   (received the Best Paper Award)
    (S.M. Yen, C.N. Chen, and H.C. Lin)

    In Proc. of the 3rd International Workshop on Information Security Applications--WISA 2002 (Jeju Island, Korea), August 28-30, 2002.

     

  14. Hardware Fault Attack on RSA with CRT Revisited
    (S.M. Yen, S.J. Moon, and J.C. Ha)

    In Proc. of the ICISC 2002, Lecture Notes in Computer Science, Vol.2587, Springer-Verlag, pp.374-388, 2003.

     

  15. Permanent Fault Attack on RSA with CRT
    (S.M. Yen, S.J. Moon, and J.C. Ha)

    In Proc. of the ACISP 2003, Lecture Notes in Computer Science, Vol.2727, Springer-Verlag, pp.285-296, 2003.

     

  16. Amplified Differential Power Cryptanalysis of Some Enhanced Rijndael Implementations
    (S.M. Yen)

    In Proc. of the ACISP 2003, Lecture Notes in Computer Science, Vol.2727, Springer-Verlag, pp.106-117, 2003.

     

  17. Differential Fault Analysis on AES Key Schedule
    (C.N. Chen and S.M. Yen)

    In Proc. of the ACISP 2003, Lecture Notes in Computer Science, Vol.2727, Springer-Verlag, pp.118-129, 2003.

     

  18. Radix-r Non-Adjacent Form
    (T. Takagi, S.M. Yen, and B.C. Wu)

    In Proc. of the ISC 2004, Lecture Notes in Computer Science, Vol.????, Springer-Verlag, pp.???-???, 2004.

     

  19. Adaptive-CCA on OpenPGP Revisited
    (H.C. Lin, S.M. Yen, and G.T. Chen)

    In Proc. of the ICICS 2004, Lecture Notes in Computer Science, Vol.????, Springer-Verlag, pp.???-???, 2004.

     

  20. Improvement on Ha-Moon Randomized Exponentiation Algorithm
    (S.M. Yen, C.N. Chen, S.J. Moon, and J.C. Ha)

    In Proc. of the ICISC 2004, Lecture Notes in Computer Science, Vol.????, Springer-Verlag, pp.???-???, 2004.

     

  21. Side-Channel Security of Montgomery Ladder Revisited
    (S.M. Yen, L.C. Ko, S.J. Moon, and J.C. Ha)

    (to submit)

     

  22. Hybrid Cryptanalysis: How Physical Cryptanalysis and Block Cipher Cryptanalysis Can Benefit Each Other
    (Raphael C.W. Phan and S.M. Yen)

    (to submit)

     

  23. A CRT-Based RSA Countermeasure against Physical Cryptanalysis
    (C.K. Kim, J.C. Ha, S.H. Kim, S. Kim, S.M. Yen, and S.J. Moon)

    (to submit)

 

C. International Conference Papers

  1. On the Design of Conference Key Distribution Systems for the Broadcasting Networks
    (C.S. Laih and S.M. Yen)

    In Proc. of the IEEE INFOCOM'93, pp.1406-1413, 1993.

     

  2. Internet Micropayment Based on Unbalanced One-way Binary Tree
    (S.M. Yen, L.T. Ho and C.Y. Huang)

    In Proc. of the International Workshop on Cryptographic Techniques and E-Commerce--CrypTEC '99 (Hong Kong), pp.155-162, 5-8 July 1999.

     

  3. PayFair: A Prepaid Internet Micropayment Scheme Promising Customer Fairness
    (S.M. Yen, J.M. Lee, L.T. Ho, and J.G. Lee)

    In Proc. of the International Workshop on Cryptographic Techniques and E-Commerce--CrypTEC '99 (Hong Kong), pp.213-221, 5-8 July 1999.

     

  4. Cryptanalysis of Two Protocols for RSA with CRT Based on Fault Infection
    (S.M. Yen and D. Kim)

    In Proc. of the Workshop on Fault Diagnosis and Tolerance in Cryptography--DFTC 2004 (Florence, Italy), pp.381-385, June 30, 2004.

     

  5. A Secure and Practical CRT-Based RSA to Resist Side Channel Attacks
    (C.K. Kim, J.C. Ha, S.H. Kim, S. Kim, S.M. Yen, and S.J. Moon)

    In Proc. of the International Conference on Computational Science and Its Applications--ICCSA 2004 (Assisi, Italy), Lecture Notes in Computer Science, Vol.3043, Springer-Verlag, pp.150-158, 2004.

     

  6. An Efficient Off-line Electronic Cash System with Revocable Anonymity
    (K.Z. Chiou, W.S. Chen, and S.M. Yen)

    In Proc. of the IASTED Internet & Multimedia Systems & Applications--IMSA 2004 (Hawaii, USA), August 16-18, 2004.

 

D. Other Conference Papers

  1. A Special Form of d in the RSA Suitable for the Server-Aided Secret Computation
    (C.S. Laih and S.M. Yen)

    In Proc. of the ISCOM'91, pp.593-597, Dec. 1991.

     

  2. An Improved Access Control with User Authentication
    (S.M. Yen and C.S. Laih)

    In Proc. of the 1992 Telecommunication Conference.

     

  3. On the Design of Fast Cascade Exponentiation Algorithm
    (S.M. Yen and C.S. Laih)

    In Proc. of the ICS'92.

     

  4. Security Consideration of Using Cryptographic Hash Chain
    (S.M. Yen and P.Y. Kuo)

    In Proc. of the 8th National Conference on Information Security, May 15, 1998.

     

  5. Improved Micro-payment System
    (S.M. Yen and P.Y. Kuo)

    In Proc. of the 8th National Conference on Information Security, May 15, 1998.

     

  6. Further Cryptanalysis of the Multi-verifier Signature with Verifier Specification 
    (an invited paper) (S.M. Yen and H.K. Lo)

    In Proc. of the 8th National Conference on Information Security, May 15, 1998.

     

  7. Generation and Release of Secrets Using One-way Cross-trees  (received a Paper Award)
    (M. Joye and S.M. Yen)

    In Proc. of the 1998 International Computer Symposium, Workshop and Cryptography and Information Security, pp.23-28, 17-19th December 1998. 

     

  8. Internet Micropayment Based on Unbalanced One-way Binary Tree
    (S.M. Yen, L.T. Ho and C.Y. Huang)

    In Proc. of the 9th National Conference on Information Security, May 1999.

     

  9. PayFair: A Prepaid Internet Micropayment Scheme Promising Customer Fairness
    (S.M. Yen, J.M. Lee, L.T. Ho, and J.G. Lee)

    In Proc. of the 9th National Conference on Information Security, May 1999.

     

  10. Cryptographically Strong On-Line Key Renewal Protocol
    (S.M. Yen and M.T. Liu)

    In Proc. of the 9th National Conference on Information Security, May 1999.

     

  11. Security Paradoxes: How Improving a Cryptosystem May Weaken It
    (M. Joye, J.J. Quisquater, S.M. Yen, and M. Young)

    In Proc. of the 9th National Conference on Information Security, May 1999.

     

  12. Improved Private Information Download Protocol
    (S.M. Yen, R.L. Oyan, and Y.Y. Lee)

    In Proc. of the 2000 International Computer Symposium, Workshop on Cryptography and Information Security, December 6-8 2000.

     

  13. Remarks on Some Proxy Signature Schemes
    (S.M. Yen, C.P. Hung, and Y.Y. Lee)

    In Proc. of the 2000 International Computer Symposium, Workshop on Cryptography and Information Security, December 6-8 2000.

     

  14. A New Side Channel To Leak Information Using Fault-Based Cryptanalysis
    (S.M. Yen, M. Joye and T.C. Li)

    In Proc. of the 2000 Workshop on Internet and Distributed Systems, May 2000.

     

  15. 監聽與隱私權之科技面探討
    (an invited paper) (S.M. Yen)

    In 傳播與法律系列研討會--第七場: 監聽vs.隱私, 政治大學, 6 May 2000.

     

  16. Secure Evaluation of Modular Functions
    (M. Joye, P. Paillier, and S.M. Yen)

    In Proc. of the 2001 International Workshop on Cryptology and Network Security, CNS 2001, pp. 227-229, Taipei, Taiwan, September 26-28, 2001.

     

  17. Differential Power Cryptanalysis of A Rijndael Implementation
    (S.M. Yen and S.Y. Tseng)

    In Proc. of the ISC 2002 (Information Security Conference 2002), Taiwan, May 2002.

     

  18. A DFA on Rijndael   (received the Best Paper Award)
    (S.M. Yen and J.Z. Chen)

    In Proc. of the ISC 2002 (Information Security Conference 2002), Taiwan, May 2002.

     

  19. Differential Fault Analysis on AES Key Schedule  (received the Best Paper Award)
    (C.N. Chen and S.M. Yen)

    In Proc. of the ISC 2003 (Information Security Conference 2003), Taiwan, May 2003.

     

  20. Randomized Exponentiation Algorithm Against Power Analysis (one candidate of the Best Paper Award)
    (S.M. Yen, M.H. Wu, and Y.H. Kuo)

    In Proc. of the ISC 2004 (Information Security Conference 2004), pp. 172-179, Taiwan, June 2004.

     

  21. An Improved Transformed Masking for Rijndael Implementation with Only Additive Masking (one candidate of the Best Paper Award)
    (S.M. Yen and S.H. Wu)

    In Proc. of the ISC 2004 (Information Security Conference 2004), pp. 152-159, Taiwan, June 2004.

     

  22. Provably Secure Signcryption Scheme Based on RSA Cryptosystem  (received the Best Student Paper Award)
    (S.F. Tzeng and S.M. Yen)

    In Proc. of the ISC 2004 (Information Security Conference 2004), pp. 1-8, Taiwan, June 2004.

     

  23. An Anonymous Micropayment System with Smart Card (one candidate of the Best Paper Award)
    (S.Y. Lin and S.M. Yen)

    In Proc. of the ISC 2004 (Information Security Conference 2004), pp. 136-143, Taiwan, June 2004.

 

E. Technical reports and other publication

For a complete list of technical reports please refer to LCIS Technical Reports

  1. Minimum Weight Signed-Digit for Fast Exponentiation
    (S.M. Yen)

    Technical Report TR-96-?, 1996.

     

  2. Cryptanalysis and Further Study of the Multi-verifier Signature with Verifier Specification
    (S.M. Yen)

    Technical Report of project NSC-86-2213-E-212-001, (supported by the National Science Council), Sept. 1997.

     

  3. Model of Authentication Token and Its Cryptanalysis
    (S.M. Yen)

    Technical Report, 1997.

     

  4. On the Pseudo-Random Number Generator Attack of Tamper-Proof Devices
    (S.M. Yen)

    Technical Report, 1997.

     

  5. An Improved Cryptographic Checksum Algorithm Based on Stream Ciphers
    (S.M. Yen, M. Joye, and P.Y. Kuo)

    Technical Report TR-98-1, February 1998.

     

  6. Secure Evaluation of Modular Functions
    (M. Joye and S.M. Yen)

    Technical Report TR-98-3, March 1998.

     

  7. Key Sequence Generation and Release Using Cryptographic Hash Chains
    (S.M. Yen and M. Joye)

    Technical Report TR-98-6ID, March 1998.

     

  8. Two Protocol Attacks on Okamoto and Uchiyama's Cryptosystem
    (M. Joye, J.J. Quisquater, and S.M. Yen)

    Technical Report TR-98-7, May 1998.

     

  9. Comparisons of PayWord and Millicent Micropayment Systems
    (S.M. Yen)

    Technical Report TR-98-13, July 1998.

     

  10. Cryptanalysis of Batch Verifying Multiple RSA Digital Signatures
    (S.M. Yen)

    Technical Report TR-98-16, Sept. 1998.

     

  11. Vulnerability of the SVP Micropayment Scheme
    (S.M. Yen)

    Technical Report TR-99-2, Jan. 1999.

     

  12. Cryptanalysis of Kwon-Kang-Song Authentication Protocol
    (S.M. Yen and R.L. Oyan)

    Technical Report TR-99-8, Sept. 1999.

     

  13. Efficient Multi-Exponentiation Algorithm Based on Vector Division Chain
    (S.M. Yen and T.C. Li)

    Technical Report TR-99-10, Aug. 1999.

     

  14. Memory Efficient High Performance Multi-Exponentiation Algorithms Based on Euclidean Chain
    (S.M. Yen and T.C. Li)

    Technical Report TR-99-11, Sept. 1999.

     

  15. Remarks on the SRP Password-based Key Exchange Protocol
    (S.M. Yen and R.L. Oyan)

    Technical Report TR-99-12, Oct. 1999.

     

  16. Improved Private Key Download Protocol
    (S.M. Yen and R.L. Oyan)

    Technical Report TR-99-13, Oct. 1999.

     

  17. Adaptive Exponentiation Computation by Functionally Equivalent Recoding and Its Cryptographic Impact
    (S.M. Yen)

    Technical Report TR-2K-5, Feb 28, 2000.

     

  18. Improved Key Escrow with Limited Time Span
    (S.M. Yen, M.S. Chang, and S.J. Kim)

    Technical Report TR-2K-6, March 31, 2000.

     

  19. Simultaneous Signed-Digits Recoding and Multi-Computation Algorithms for the Applications on Elliptic Curve Cryptography
    (S.M. Yen)

    Technical Report TR-2K-7, April 20, 2000.

     

  20. Address and Data Scrambling
    (S.M. Yen and C.N. Chen)

    Technical Report TR-2K-8, November 13, 2000.

     

  21. On the Resistance of Physical Cryptanalysis over Exponentiation Using Division Chain
    (S.M. Yen)

    Technical Report TR-2K1-1, January 2001.

     

  22. Differential Fault Cryptanalysis on the IDEA Cipher
    (S.M. Yen and S.M. Yang)

    Technical Report TR-2K1-3, February 2001.

     

  23. Comments on the UPayWord Micropayment Scheme
    (S.M. Yen and C.K. Hwang)

    Technical Report TR-2K1-6, April 2001.

     

  24. Side-channel Resistance Based on Randomized Euclidean Chain and Randomized Vector Division Chain
    (S.M. Yen)

    Technical Report TR-2K1-12, May 25, 2001.

     

  25. A Differential Fault Attack on Rijndael Implementation
    (S.M. Yen and J.Z. Chen)

    Technical Report TR-2K2-1, Feb. 24, 2002.

     

 


Master's and PhD. Thesis

Master's Thesis

PhD Thesis


 

Homepage of SM Yen

Last modified: July 26, 2004

Sung-Ming Yen <yensm@csie.ncu.edu.tw>