• Journal of the Korea Convergence Society
• /
• v.9 no.11
• /
• pp.75-81
• /
• 2018

Anonymity and privacy issues are becoming important as all transactions in the blockchain are open to users. Public blockchains appear to guarantee anonymity by using public-key addresses on behalf of users, but they can weaken anonymity by tracking with various analytic techniques based on transaction graph. In this paper, we propose a scheme to protect anonymity and privacy by converging various security techniques such as k-anonymity, mixing, blind signature, multi-phase processing, random selection, and zero-knowledge proof techniques with incentive mechanism and contributor participation. Through performance analysis, our proposed scheme shows that it is difficult to invade privacy and anonymity through collusion attacks if the number of contributors is larger than that of conspirators.

• Smart Media Journal
• /
• v.12 no.9
• /
• pp.95-102
• /
• 2023

As the utilization value of personal information increases, discussions on how to provide personal information are active, but information required by institutions to utilize personal information is being exposed more than necessary. Therefore, personal privacy protection is essential to overcome the problems and limitations of personal information protection. In this study, a decentralized identity information management model that overcomes the problems and limitations of the centralized identity management method of personal information and manages and selectively provides personal information by the information owner himself and demonstrates the excellence of personal information by implementing the Smart Personal Information Provision System (SPIPS) in the PBFT consensus algorithm through experiments.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.6
• /
• pp.999-1012
• /
• 2020

As the utilize of personal health records increases in recent years, research on cryptographic protocol for protecting personal information of personal health records has been actively conducted. Currently, personal health records are commonly encrypted and outsourced to the cloud. However, this method is limited in verifying the integrity of personal health records, and there is a problem with poor data availability because it is essential to use it in decryption. To solve this problem, this paper proposes a verifiable cloud-based personal health record management scheme using Redactable signature scheme and zero-knowledge proof. Verifiable cloud-based personal health record management scheme can be used to verify the integrity of the original document while preserving privacy by deleting sensitive information by using Redactable signature scheme, and to verify that the redacted document has not been deleted or modified except for the deleted part of the original document by using the zero-knowledge proof. In addition, it is designed to increase the availability of data than the existing management schemes by designing to recover deleted parts only when necessary through the Redact Recovery Authority. And we propose a verifiable cloud-based personal health record management model using the proposed scheme, and analysed its efficiency by implementing the proposed scheme.

• The KIPS Transactions:PartC
• /
• v.10C no.5
• /
• pp.541-548
• /
• 2003

A fair exchange protocol enable two parties to exchange secrets with fairness, so that neither can gain any information advantage by quitting prematurely or otherwise misbehaving. Therefore a fair exchange is the most important for electronic transactions between untrusted parties. To design new fair exchange, after describing basic concepts, definitions and existing protocols and designing a non-interactive OT protocol using ELGamal's public key system, I will design new protocol to support fair exchange. In my designed new protocol, untrusted parties exchange secrets obliviously and verify that their received secrets are true by using transformed Zero Knowledge Interactive Proof extended to duplex. At this time, concerned two parties can't decrypt the other's ciphertext. .After all of the steps, two parties can do it. It is the most important to provide perfect fairness and anonymity to untrusted parties in this protocol.

• KIPS Transactions on Computer and Communication Systems
• /
• v.2 no.3
• /
• pp.133-142
• /
• 2013

Recently, smart devices for various services have been developed using converged telecommunications, and the markets for near field communication (NFC) mobile services is expected to grow rapidly. In particular, the realization of mobile NFC payment services is expected to go commercial, and it is widely attracting attention both on a domestic and global level. However, this realization would increase privacy infringement, as personal information is extensively used in the NFC technology. One example of such privacy infringement would be the case of the Google wallet service. In this paper, we propose an mutual authentication scheme based on NTRU for secure channel in OTA and an zero-knowledge proof scheme NTRU based on for protecting user information in NFC mobile payment systems without directly using private financial information of the user.

• Journal of Digital Convergence
• /
• v.19 no.8
• /
• pp.205-217
• /
• 2021

Decentralized SSI(Self Sovereign Identity) has become an alternative to a new digital identity solution, but an efficient de-identification technique has not been proposed due to the unique algorithmic characteristics of data transactions. In this study, to ensure the decentralized operation of SSI, we propose a de-identification technique that does not remove identifiers by restructuring the verification results of ZKP (Zero Knowledge Proof) into a form that can be provided to the outside by the verifier. In addition, it is possible to provide restructured de-identification data without the consent of data subject by proposing the concept of differential sovereignty management for each entity participating in verification. As a result, the proposed model satisfies the domestic personal information protection law in a decnetralized SSI, in addition provides secure and efficient de-identification processing and sovereignty management.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.6
• /
• pp.1265-1270
• /
• 2012

In this paper, we propose a new closest vector problem based interactive proof that is useful for authentication. Contribution of this paper is that the proposed protocol does not use a special form of a lattice, but a general lattice, which makes the protocol design very simple and easy to be proved. We prove its security in terms of completeness, soundness, simulatability.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.19 no.3
• /
• pp.37-44
• /
• 2023

In the future society, a means to verify the identity of the information owner is required at the beginning of most services that the information owner encounters, and the emergence and gradual spread of digital identification that proves the identity of the information owner is essential. In addition, as the utilization value of personal information increases, discussions on how to provide personal information are active. Therefore, there is a need for a personal information management method necessary for building a hyper-connected society that is safe from various hacking, forgery, alteration, and theft by allowing the owner to directly manage and provide personal information management. In this study, a decentralized identity information management model that overcomes the problems and limitations of the centralized identity management method of personal information and manages and selectively provides personal information by the information owner himself and implemented a smart personal information provision system(SPIPS: Smart Personal Information Provision System) using a smartphone.

• Review of KIISC
• /
• v.4 no.1
• /
• pp.20-29
• /
• 1994

Shamir가1984년 개인정보(ID)를 이용한 암호시스템의 개념을 제안한 이래 Fiat-Shamir방식을 필두로 하여 Ohta, Guillou 등이 개인정보에 기반을 둔 서명법과 영지식 대화형 증명방식을 조합한 각종 개인식별 방식 및 디지탈 서명 방식들이 제안되어 왔다. 또한, Okamoto 등이 개인 정보를 이용한 키분배 방식을 제안하였다. 본고에서는 지금까지 제안된 개인정보를 이용한 암호시스템의 대표적인 방식들에 대해 그들의 특징과 장단점을 비교 분석하였다.

• The Magazine of the IEIE
• /
• v.21 no.5
• /
• pp.1-14
• /
• 1994

정보사회로의 발전에 따라 부수적으로 발생하는 정보의 불법도청, 악용, 개조 등 역기능에 대비하기 위한 정보보호의 필요성이 증대하고 있다. 본고에서는 이를 위한 정보보호 이론의 역사적 발전과정을 고찰하였다. 사용하는 용어를 정의한 후 각종 대칭형 및 비대칭형 암호 시스템에 대하여 소개하며, 개인 식별 정보를 이용한 암호 시스템, 그리고 영지식 상호증명에 대하여 기술하였다. 또한 정보사회의 정보 보호 기술의 응용분야를 기술하며, 향후 정보보호 이론의 발전 방향을 제시하였다.