• Journal of KIISE:Information Networking
• /
• v.35 no.6
• /
• pp.465-473
• /
• 2008

The MQV protocol has been regarded as the most efficient authenticated Diffie- Hellman key exchange protocol, and standardized by many organizations including the US NSA. In Crypto 2005, Hugo Krawczyk showed vulnerabilities of MQV to several attacks and suggested a hashed variant of MQV, called HMQV, which provides the same superb performance of MQV and provable security in the random oracle model. In this paper we suggest an efficient authenticated Diffie-Hellman key exchange protocol providing the same functionalities and security of HMQV without random oracles. So far there are no authenticated Diffie-Hellman protocols which are provably secure without using random oracles and achieve the same level of security goals of HMQV efficiently yet.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2006.06a
• /
• pp.197-201
• /
• 2006

추이 서명 스킴은 edge에 대한 서명을 연결하여 경로에 대한 서명을 만드는 서명 스킴이다. 본 논문은 강한 Diffie-Hellman 가정을 이용하여 랜덤 오라클을 가정하지 않은 추이서명 스킴을 제안한다

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.17 no.3
• /
• pp.35-42
• /
• 2007

We describe the problem of reducing the key material in the Even-Mansour cipher without security degradation. Even and Mansour proposed a block cipher based on XORing secret key material just prior to and after applying random oracle permutation P such that $C=k_2\bigoplus P(M\bigoplus k_1)$. Recently, Gentry and Ramzan showed that this scheme in the random permutation oracle can be replaced by the four-round Feistel network construction in the random function oracle and also proved that their scheme is super-pseudorandom. In this paper we reduce the key size from 2n to n, which is the optimal key size of Even-Mansour cipher in the random function oracle model and also give almost the same level of security.

• Journal of the Institute of Electronics Engineers of Korea CI
• /
• v.46 no.1
• /
• pp.46-55
• /
• 2009

We study the problem of searching documents containing each of several keywords (conjunctive keyword search) over encrypted documents. A conjunctive keyword search protocol consists of three entities: a data supplier, a storage system such as database, and a user of storage system. A data supplier uploads encrypted documents on a storage system, and then a user of the storage system searches documents containing each of several keywords. Recently, many schemes on conjunctive keyword search have been suggested in various settings. However, the schemes require high computation cost for the data supplier or user storage. Moreover, up to now, their securities have been proved in the random oracle model. In this paper, we propose efficient conjunctive keyword search schemes over encrypted documents, for which security is proved without using random oracles. The storage of a user and the computational and communication costs of a data supplier in the proposed schemes are constant. The security of the scheme relies only on the hardness of the Decisional Bilinear Diffie-Hellman (DBDH) problem.

• Proceedings of the Korean Society of Broadcast Engineers Conference
• /
• 2007.02a
• /
• pp.169-172
• /
• 2007

최근 DMB 서비스와 같이 저 전력 무선 환경에서 유료 콘텐츠 서비스가 활발히 이루어지고 있다. 이러한 콘텐츠 서비스를 정당한 서비스 수신자에게 제공하기 위해서는 서비스 제공자와 수신자 사이에 안전한 키 교환이 필요하다. 본 논문에서는 모바일 콘텐츠 서비스를 위한 효율적 인 ID-기반의 그룹 키 교환, 즉 다수의 서비스 수신자들(클라이언트)과 서비스 제공자(서버) 사이의 인증된 동적 그룹 키 교환 프로토콜을 제안한다 제안한 프로토콜은 클라이언트의 계산량이 낮아 저 전력 모바일 환경에 적합하며, 또한 가입과 탈퇴 발생 시에도 효율적으로 키 교환을 수행할 수 있다. 제안한 그룹 키 교환 프로토콜은 랜덤 오라클 모델에서 그 안전성을 제공한다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.16 no.1
• /
• pp.23-33
• /
• 2006

Key Agreement protocols are among the most basic and widely used cryptographic protocols. In this paper we present an efficient O-based authenticated key agreement (AKA) protocol by using bilinear maps, especially well suited to unbalanced computing environments : an ID-based AKA protocol for Server and Client. Particularly, considering low-power clients' devices, we remove expensive operations such as bilinear maps from a client side. Our protocol uses signcryption and provide security in random oracle model.

• Proceedings of the Korean Information Science Society Conference
• /
• 2001.10a
• /
• pp.712-714
• /
• 2001

낮은 엔트로피의 패스워드를 이용하여 안전한 인증 및 키교환을 위해 Diffie-Hellman에 기반한 AMP(Authentication and key agreement via Memorable Password) 프로토콜이 제안되었다. 본 논문에서는 타원곡선 암호화가 가질수 있는 높은 보안성과 효율성을을 위해 타원곡선이산대수문제(Elliptic Curve Discrete Logarithm Problem)에 기반한 EC-AMP (Elliptic Curve-AMP)프로토콜을 제안한다. EC-AMP는 랜덤 오라클(random oracle) 모델에서 여러 가지 공격에 대해 안전하므로 인증 및 키교환이 필요한 네트워크 환경에 패스워드를 이용함으로 얻을수 있는 편의성과 타원곡선이산대수문제가 제공하는 안전성을 보장할 수 있다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.15 no.2
• /
• pp.65-72
• /
• 2005

Quite recently, Zhou, Lu and Cao proposed a proxy-protected signature scheme based on the RSA assumption and two proxy-protectcd schemes based on the hardness of integer factorization. Dey also provided a security proof for each signature scheme in the random oracle model. In this paper, we show that their schemes do not satisfy a security requirement necessary for proxy signature schemes. This results in generating proxy signature without fay Permission from an original signer.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.9 no.1
• /
• pp.85-102
• /
• 1999

In this paper, we propose an EC-SRP(Elliptic Curve - Secure Remote Password) protocol that uses ECDLP(Elliptic Curve Discrete Logarithm Problem) instead SRP protocols’s DLP. Since EC-SRP uses ECDLP, it inherits the high performance and security those are the properties of elliptic curve. And we reduced the number of elliptic curve scalar multiplication to improve EC-SRP protocol’s performance. Also we have proved BC-SRP protocol is a secure AKC(Authenticated Key Agreement with Key Confirmation) protocol in a random oracle model.

• Journal of Korea Multimedia Society
• /
• v.12 no.4
• /
• pp.530-539
• /
• 2009

In this paper we introduce the notion of certificateless proxy re-encryption which enjoys the advantages of certificateless cryptography while providing the functionalities of proxy re-encryption. We give precise definitions for secure certificateless proxy re-encryption schemes and also present a concrete scheme from bilinear pairing. Our scheme is unidirectional and compatible with current certificateless encryption deployments, In addition, we show that our scheme has chosen ciphertext security in the random oracle model. Finally, we extend the proposed scheme for appling multiple KGC environment.