• Journal of KIISE:Computing Practices and Letters
• /
• v.14 no.8
• /
• pp.773-777
• /
• 2008

Today's mobile devices have characteristic of random mobility in the heterogeneous networks. Thus they should have various kinds of security requirements. To satisfy these requirements, there are many researches on security and authentication for mobile devices. TCG(Trusted Computing Group) designed TPM(Trusted Platform Module) for providing privacy and authentication to users. Also TCG suggest a protocol, called DAA(Direct Anonymous Attestation) which uses zero knowledge proof theory. In this paper, we will implement DAA protocol using Java and show the efficiency and the problems in the DAA protocol. Finally, we will suggest an efficient mobile DAA model through Java test module for the DAA protocol.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.14 no.1
• /
• pp.245-251
• /
• 2014

Mix network plays a key role in electronic voting to preserve anonymity and lots of mixnet schemes have been proposed so far. However, they requires complex and costly zero-knowledge proofs to provide their correct mixing operations. In 2010, Seb$\acute{e}$ et al. proposed an efficient and lightweight mixnet scheme based on a cryptographic secure hash function instead of zero-knowledge proofs. In this paper, we present a more efficient and faster mixnet scheme than Seb$\acute{e}$ et al.'s scheme under the same assumption. Also, our scheme is secure.

• Journal of KIISE:Information Networking
• /
• v.31 no.2
• /
• pp.179-187
• /
• 2004

Password authenticated key exchange protocols for the symmetric model are easier to design, analyze and are more efficient than ones for the asymmetric model, but they are most likely to be broken by server's compromise. Though the protocols with provable security for the asymmetric model such as PAK-X and SNAPI-X are introduced, they need large amount of computation compared with the standard Diffie-Hellman key exchange. We present a systematic and efficient way to transform password authenticated key exchange protocols for the symmetric model into protocols for the asymmetric model. Thus, an efficient protocol for the asymmetric model can be constructed by a systematic protocol with low computation.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.3
• /
• pp.517-526
• /
• 2021

Recently, the acceleration of the development of quantum computers has raised the issue of the safety of factorization and discrete logarithm based digital signature schemes used in existing Internet environments. To solve the issue, several digital signature schemes are presented that are safe in post-quantum computing environments, including standardization work by the National Institute of Standards and Technology(NIST). In this paper, we design and present a multi-signature scheme based on the TACHYON announced by Behnia et al. in 2018 CCS conference, and prove the security. Multi-signature schemes are key techniques that can distribute the dependence of cryptocurrency-wallet on private keys in the cryptocurrency field, which has recently received much attention as an digital signature application, and many researchers and developers have recently been interested. The multi-signature scheme presented in this paper enables public key aggregation in a plain public key model, which does not require additional zero-knowledge proof, and can construct an effective scheme with only an aggregated public key.

• Information Systems Review
• /
• v.25 no.4
• /
• pp.47-65
• /
• 2023

In this paper, we investigate how the online voting system can be a trust-based system from a technical perspective. Under four principles of voting, we finely evaluate the existing belief that offline voting is safer and more reliable than online voting based on procedural processes, technical principles. Many studies have suggested the ideas for implementing online voting system, but they have not attempted to strictly examine the technologies of online voting system from the perspective of voting requirements, and usually verification has been insufficient in terms of practical acceptance. Therefore, this study aims to analyze how the technologies are utilized to meet the demanding requirements of voting based on the technologies proven in the field. In addition to general data encryption, online voting requires more technologies for preventing data manipulation and verifying voting results. Moreover, high degree of confidentiality is required because voting data should not be exposed not only to outsiders but also to managers or the system itself. To this end, the security techniques such as Blind Signature, Bit Delegation and Key Division are used. In the case of blockchain-based voting, Mixnet and Zero-Knowledge Proof are required to ensure anonymity. In this study, the current status of the online voting system is analyzed based on the field system that actually serves. This study will enhance our understanding on online voting security technologies and contribute to build a more trust-based voting mechanism.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.2
• /
• pp.299-308
• /
• 2019

As the utilization value of personal information becomes higher, discussions about providing personal information are being conducted actively. One of the most common methods of providing personal information is that a group obtains a personal information with a consent of individual. However, the above method has 2 problems. First, more information is exposed than the information required by organization for utilization of personal information. Second, trusted party should provide organization with an authentication of personal information whenever they require personal information. To solve these problems, we propose a personal information management system with blockchain using zk-SNARK(zero-knowledge Succinct Non-interactive ARgument of Knowledge) for privacy. Our proposal enables individuals to guarantee reliability of their information and protect their privacy concurrently using zk-SNARK when they provid organization with their personal information. In addition, it is possible to manage the personal information data while ensuring the integrity of the data using blockchain and it is possible to share the personal information more conveniently than existing systems.