• Journal of KIISE
• /
• v.44 no.4
• /
• pp.344-351
• /
• 2017

An attribute based signature system is a cryptographic system where users produce signatures based on some predicate of attributes, using keys issued by one or more attribute authorities. If a private key is leaked during signature generation, the signature can be forged. Therefore, signing operation computations should be performed using secure hardware, which is called tamper resistant hardware in this paper. However, since tamper resistant hardware does not provide high performance, it cannot perform many operations requiring attribute based signatures in a short time frame. This paper proposes a new attribute based signature system using high performance general hardware and low performance tamper resistant hardware. The proposed signature scheme consists of two signature schemes within a existing attribute based signature scheme and a digital signature scheme. In the proposed scheme, although the attribute based signature is performed in insecure environments, the digital signature scheme using tamper resistant hardware guarantees the security of the signature scheme. The proposed scheme improves the performance by 11 times compared to the traditional attribute based signature scheme on a system using only tamper resistant hardware.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2023.11a
• /
• pp.212-213
• /
• 2023

최근 네트워크 환경에서 통신되는 데이터의 신뢰성을 제공하기 위해 서명기술이 필요하다. 다양한 서명기술들 중 속성기반서명은 사용자들이 가지고 있는 속성을 기반으로 서명을 수행하기 때문에, 각 서명자들의 익명성을 보장할 수 있는 서명기술이다. 하지만 속성기반서명을 수행시 익명성을 악용하는 사용자들이 존재하는데, 이들은 잡히는 위험이 없이 일부 목적(금전, 이익)을 위해 의도적으로 자신의 서명비밀키와 속성을 공개할 수 있다. 서명권한이 없는 제 3자는 이를 이용해 서명을 수행할 수 있다. 본 논문에서는 적절한 수준의 익명성과 추적성이 제공되는 속성기반서명 기법을 제안한다. 본 제안방식은 검증자가 서명 검증시 문제가 생긴 서명에 관해 AA에게 서명을 보낸 서명자의 신원을 요청하여 확인할 수 있다.

• Journal of the Institute of Electronics Engineers of Korea CI
• /
• v.46 no.1
• /
• pp.78-87
• /
• 2009

An attribute-based signature scheme is a signature scheme where a signer's private key is associate with an attribute set and a signature is associated with an access structure. Attribute-based signature schemes are useful to provide anonymity and access control for role-based systems and attribute-based systems where an identity of object is represented as a set of roles or attributes. In this paper, we formally define the definition of attribute-based signature schemes and propose the first efficient attribute-based signature scheme that requires constant number of pairing operations for verification where a policy is represented as a disjunctive normal form (DNF). To construct provably secure one, we introduce a new interactive assumption and prove that our construction is secure under the new interactive assumption and the random oracle model.

• Convergence Security Journal
• /
• v.14 no.6_1
• /
• pp.147-155
• /
• 2014

Encryption and authentication system in National Defense is divided into three system; KMI, MPKI, and GPKI. In this paper, we report inherent problem and security threaten in MPKI and propose an attribute-based authentication scheme using attribute-based signature in order to improve user authentication. In our scheme, access structure is used by Monotone Span Program, and system server provides service after user authentication.

• Journal of the Korean Institute of Intelligent Systems
• /
• v.20 no.5
• /
• pp.701-709
• /
• 2010

This paper presents an efficient signature recognition method by using the hybrid similarity criterion, which is in inverse proportion to distance and in proportion to correlation between the images. The distance is applied to express the spacial property of image, and the correlation is also applied to express the statistical property. The proposed criterion provides the robust recognition to both the geometrical variations such as position, size, and rotation and the shape variation. The normalized cross-correlation(NCC), which is calculated by considering 4 directions based on the histogram of binary image, is applied to express rapidly and accurately the similarity between the images. The proposed method has been applied to the problem for recognizing the 20 truck images of 288*288 pixels and the 105(3 persons * 35 images) signature images of 256*256 pixels, respectively. The experimental results show that the proposed method has a superior recognition performance that appears the image characters well. Especially, the hybrid criterion of NCC and ordinal distance has a superior recognition performance to the hybrid criterion using city-block or Euclidean distance.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.29 no.2C
• /
• pp.342-347
• /
• 2004

An ID certificate is digitally signed by a certificate authority for authentication and an attribute certificate is digitally signed by an attribute certificate authority for authorization. In many applications in web, there should be a mechanism to bind attributes to proper identities. The dependencies between them should be maintained. So we analyzed some known binding methods, selective revocation methods and cryptographic binding methods. And we proposed a binding mechanism using one-time attribute certificates in order to solve their problems.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.14 no.6
• /
• pp.31-45
• /
• 2004

Public Key Infrastructure(PKI) provides a strong authentication. Privilege Management Infrastructure(PMI) as a new technology can provide user's attribute information. The main function of PMI is to give more specified authority and role to user. To authenticate net and role, we have used digital signature. Role Based Access Control(RBAC) is implemented by digital signature. RBAC provides some flexibility for security management. NEIS(National Education Information System) can not always provide satisfied quality of security management. The main idea of the proposed RNEIS(Roll Based NEIS) is that user's role is stored in AC, access control decisions are driven by authentication policy and role. Security manager enables user to refer to the role stored in user's AC, admits access control and suggests DB encryption by digital signature.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2002.11a
• /
• pp.592-596
• /
• 2002

Can speak that DTD is meta data that define meaning of expressed data on XML document. Therefore, In case DTD information is damaged this information to base security of XML document dangerous. Not that attach digital signature on XML document at send-receive process of XML document in this research, proposed method to attach digital signature to DTD. As reading DTD file to end first, do parsing, and store abstracted element or attribute entitys in hash table. Read hash table and achieve message digest if parsing is ended. Compose and create digital signature with individual key after achievement. When sign digital, problem that create entirely other digest cost because do not examine about order that change at message digest process is happened. This solved by method to create DTD's digital signature using DOM that can embody tree structure for standard structure and document.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.14 no.6
• /
• pp.15-24
• /
• 2004

Electronic commerce is widely used with the development of information communication technologies in internet using public key certificates. And the study for access control in Web application and DB system is also progressed actively. There are many verification method for PKC(Public Key Certificates), which are CRL, OCSP, SCVP and others. But their certificates verification methods for PKC cannot to be applied to PMI(Privilege Management Infrastructure) which is using AC(Attribute certificates) because of synchronization of PKC and AC. It is because AC has no public key, AC Verifier must get the PKC and verify the validity on PKC and AC. So in this paper we proposed the new AC-based certificate verification model. which provide the synchronization in two certificates(AC and PKC).

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2007.10a
• /
• pp.803-806
• /
• 2007

Along with the developing of mobile communication technology, plenty of data transmission turn into possible in mobile environment. As the foundation, it can provide diverse mobile service. Especially the service which use electronic signature, and as the transmission of XML technology among the terminal digital signature information. By now, allowed plenty of validity confirmation questions that the digital signatures about the characteristic induced application of physical property XML. For this question, it can be solved through XML by Canonical XML 1.0 standards provided in W3C. But, because the question in the XML namespace attribute inheritance, proposed the restrictive solution. In order to solve this problem, proposes candidate plan of Canonical XML 1.1 standardized in W3C, and also even more standardization. In this paper, in order to support the widespread XML standardization in the moving environment. Standardizes Canonical XML 1.1 standard as the underlies, safeguarding the theoretical mutual identity of the XML documents, and constructing and realizing the XML standardization system.