• Journal of KIISE:Computer Systems and Theory
• /
• v.35 no.9_10
• /
• pp.441-451
• /
• 2008

Currently, the X.509 proxy certificate is widely used to delegate an entity's right to another entity in the computational grid environment. However it has two drawbacks: the potential security threat caused by intraceability of a delegation chain and the inefficiency caused by an interactive communication between the right grantor and the right grantee on the delegation protocol. To address these problems for computational grids, we propose a new delegation protocol without additional cost. We use an ID-based key generation technique to generate a proxy private key which is a means to exercise the delegated signing right. By applying the ID-based key generation technique, the proposed protocol has the delegation traceability and the non-interactive delegation property. Since the right delegation occurs massively in the computational grid environment, our protocol can contribute the security enhancement by providing the delegation traceability and the efficiency enhancement by reducing the inter-domain communication cost.

• Proceedings of the Korea Contents Association Conference
• /
• 2011.05a
• /
• pp.11-12
• /
• 2011

원 서명자를 대신해 거래 관련 제 3자가 서명을 수행하는 대리서명의 실행이 필요한 경우 원 서명자의 서명 위임 사실을 증명하는 위임장이 요구되어진다. 위임장을 전자 거래에 적용하기 위해서는 전자위임장에 관한 표준 프로파일 정의, 전자위임장의 배포 및 검증 방법에 대한 처리 기준이 마련되어야 하며 이를 기반으로 하는 사무 처리 모델이 제시되어야 한다. 이러한 전자위임장 기반구조상에서 다양한 유형의 온/오프라인 거래에 전자위임장을 적용함으로써 전자거래의 활성화에 기여할 수 있을 것으로 판단된다.

• Journal of Korea Multimedia Society
• /
• v.6 no.3
• /
• pp.518-526
• /
• 2003

According to the development of mobile communications, the future mobile communication systems are expected to provide high quality multimedia service to users. Therefore, many technical factors we needed in these systems. Especially the confidentiality and the security would be obtained through the introduction of the security for mobile communications. In this paper, we propose an efficient Proxy-Signcryption scheme, which can be performed digital signature and encryption by using the proxy agent who has more computational power under mobile communications environment. The proposed scheme provides non-repudiation and prevents creating illegal signature by the origin and proxy agent in a phase of proxy signature processing. This scheme also keeps the confidentiality and the security in mobile communication by means of confirming the signature by right receiver.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.17 no.3
• /
• pp.55-67
• /
• 2007

In ad hoc network, especially in the environment which the system authority only exists at the beginning of the network, it is very important problem how to issue the certificates in self-initialized public key scheme that a node generates its certificate with public and private key pair and is signed that by the system authority. In order to solve this problem, early works present some suggestions; remove the system authority itself and use certificate chain, or make nodes as system authorities for other nodes' certificates. In this paper, we suggest another solution, which can solve many problem still in those suggestions, using proxy signature and threshold signature, and prove its performance using simulation and analyse its security strength in many aspects.

• Journal of the Korea Convergence Society
• /
• v.7 no.1
• /
• pp.49-55
• /
• 2016

In a delegate authentication, a user can lend his/her own authentication data to the third parties to let them be authenticated instead of himself/herself. The user authentication schemes based on the memory of unique data such as password, are vulnerable to this type of attack. Biometric authentication could minimize the risk of delegate authentication since it uses the biometric data unique by each person. Group authentication scheme is used to prove that each group member belongs to the corresponding group. For applications such as an electronic voting or a mobile meeting where the number of group members is changing dynamically, a new group authentication method is needed to reflect the status of group in real time. In this paper, we propose biometric authentication based dynamic group signature scheme. The proposed scheme is composed of biometric key generation, group public key creation, group signature generation, group signature verification and member update protocols. The proposed member update protocol is secure against colluding attacks of existing members and could reflect group status in real time.

• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.47 no.1
• /
• pp.91-98
• /
• 2010

This paper proposes authority delegation for secure social community creation and mutual authentication scheme between the community members using proxy signature in community-based ubiquitous networks. In community-based ubiquitous network, User's context-awareness information is collected and used to provide context-awareness network service and application service for someone who need it. For the many reason, i.e. study, game, information sharing, business and conference, social community could be created by members of a social group. However, in community-based ubiquitous network, this kind of the context-awareness information could be abused and created by a malicious nodes for attack the community. Also, forgery community could be built up to attack the community members. The proposed scheme using the proxy signature provides a mutual authentication and secure secret key exchange between community members, and supports secure authority delegation that can creates social community. Also, when delegation of signing authority and mutual authentication, this scheme reduces total computation time compared to the RSA signature scheme.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.33 no.10C
• /
• pp.749-757
• /
• 2008

In this paper, we propose an authentication scheme for EVPT (Emergency Vehicle Priority Transit) service in Vehiclar Ad-hoc Networks (VANET) enable a variety of vehicle comfort services, traffic management applications, and infotainment services. These are the basis for a new generation of preventive and active safety functions. By intelligently controlling signalling at intersections, providing additional information to the driver and warning the driver in critical situations. we therefore focus on vehicle-to-infrastructure communication for the authentication between emergency vehicles and traffic lights system. This authentication process should identify the vehicle, and provide privacy protection.

• Proceedings of the Korea Multimedia Society Conference
• /
• 2002.11b
• /
• pp.224-228
• /
• 2002

DRM(Distal Right Management)은 컨텐츠의 불법 사용을 방지하여 저작권을 보호하고, 컨턴츠의 생성·유통·사용 관리 등에 필요한 모든 처리를 지원하는 종합 솔루션이다. DRM 체계에서 사용자(customer)는 컨텐츠를 정당하게 사용하기 위해서 클리어링하우스(clrearinghouse)로부터 라이센스를 발급받아야 한다. 일반적으로 라이센스(license)는 사용자의 공개키로 암호화된다. 그래서 사용자의 계산적 부담이 크다. 특히 무선 DRM 환경이라면, 사용자의 부담은 더 클 것이다. 따라서 본 논문은 익명성을 갖는 제안 1회용 대리서명 기법과 Y.Zheng의 Singcryption 기법을 적용하여 사용자의 계산량을 줄이고, 익명성을 갖는 효율적인 라이센스 다운로드 방식을 제안한다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.11 no.5
• /
• pp.43-52
• /
• 2001

Y. Zheng introduced a new type of cryptograghic primitive as \"signcryption\", which combines a function of digital signature scheme with a symmetric key encryption algorithm. Signcryption doesn\`t only provide authenticity and confidentiality in a single step, but also give more efficient computation than the traditional \"signature-then-encryption\". And C. Gamage proposed a proxy-signcryption that efficiently combines a proxy signature with the signcryption. But, in the proposed signcryption schemes, one who obtains the sender\`s private key can recover the original message of a signcrypted text. That is, forward secrecy is not offered by the signcryption scheme with respect to the sender\`s private key. In this paper, we will propose a modified signcryption of Zheng\`s signcryption and a variant of proxy-signcryption with forward secrecy.ith forward secrecy.

• Journal of KIISE:Computer Systems and Theory
• /
• v.30 no.7_8
• /
• pp.408-416
• /
• 2003

An electronic cash system has to provide the security, to prevent the double spending and to support the divisibility of electronic cash for the easy of use. Divisible electronic cash system allows an electronic cash to be divided into subdivisions. Each subdivision is worth any desired value, but all values must add up to the original cash value. Divisible scheme brings some advantages. It reduces to make the change and also there is no necessity that a customer must withdraw a cash of the desired value whenever transactions occur. In this paper, we present an electronic cash protocol which provides the divisibility based on the double hash chain technique. Electronic cash is constructed in the form of coins. Coins, generated by the double hush chain, have different denominations. The divisibility based on the double hash chain technique. Electronic cash is constructed in the form of coins. Coins, generated by the double hash chain, have different denominations. The divisibility of an electronic cash is satisfied by the payment certificate, which is a pair of bank´s proxy signature received from the bank. When a customer pays the coin of subdivision, the fairness of that coin is certified by a customer´s signing instead of a bank. Although the proposed method does not guarantee user´s anonymity, it generates coins which cannot be forged, and the customer can use an electronic cash conveniently and efficiently with its divisibility.