• Journal of the Korean Institute of Intelligent Systems
• /
• v.15 no.1
• /
• pp.65-68
• /
• 2005

Privacy preservation is crucial in ubiquitous computing environment in which lots of privacy- sensitive information can be collected and distributed without appropriate control. The anonymity-based approach is a famous one used for privacy preservation communication, which allows users to use pseudonyms instead of real ID so as not to reveal their identities. This approach is effective in that it can hide the identity of users. However, it makes it difficult to provide ID-based services like buddy service, dangerous area alert, P2P communication in the ubiquitous computing. We proposes a system architecture which enables ID-based services in the ubiquitous computing environment employing anonymity - based privacy - preserving approach.

• Journal of Information Science Theory and Practice
• /
• v.6 no.3
• /
• pp.25-36
• /
• 2018

Anonymity plays an increasingly important role on social media. This is reflected by more and more applications enabling anonymous interactions. However, do social media users behave different when they are anonymous? In our research, we investigated social media services meant for solely anonymous use (Jodel) and for widely spread non-anonymous sharing of pictures and videos (Instagram). This study examines the impact of anonymity on the behavior of users on Jodel compared to their non-anonymous use of Instagram as well as the differences between the user types: producer, consumer, and participant. Our approach is based on the uses and gratifications theory (U>) by E. Katz, specifically on the sought gratifications (motivations) of self-presentation, information, socialization, and entertainment. Since Jodel is mostly used in Germany, we developed an online survey in German. The questions addressed the three different user types and were subdivided according to the four motivation categories of the U>. In total 664 test persons completed the questionnaire. The results show that anonymity indeed influences users' usage behavior depending on user types and different U> categories.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.10 no.5
• /
• pp.2407-2426
• /
• 2016

A group signature scheme allows any member to sign on behalf of a group. It is applied to practical distributed security communication environments, such as privacy-preserving, data mining. In particular, the excellent features of group signatures, including membership joining and revocation, anonymity, traceability, non-frameability and controllable linkability, make group signature scheme more attractive. Among these features, non-frameability can guarantee that a member's signature cannot be forged by any other (including issuer), and controllable linkability supports to confirm whether or not two group signatures are created by the same signer while preserving anonymity. Until now, only Hwang et al.'s group schemes (proposed in 2013 and 2015) can support all of these features. In this paper, we present a new dynamic group signature scheme which can achieve all of the above excellent features. Compared with their schemes, our scheme has the following advantages. Firstly, our scheme achieves more efficient membership revocation, signing and verifying. The cost of update key in our scheme is two-thirds of them. Secondly, the tracing algorithm is simpler, since the signer can be determined without the judging step. Furthermore, in our scheme, the size of group public key and member's private key are shorter. Lastly, we also prove security features of our scheme, such as anonymity, traceability, non-frameability, under a random oracle model.

• Journal of the Korea Society of Computer and Information
• /
• v.15 no.12
• /
• pp.109-116
• /
• 2010

Due to the increasing interest and demands of user privacy, remote user authentication schemes using smart card has been researched in active. Recently, a lot of suggestion have been made in order to provide user's anonymity and trace a malicious user. In 2008, Kim et al. proposed a traceable anonymity authentication scheme. In 2009, Choi et al. pointed out that Kim's protocol was insecure against outsider attacker and proposed an improved scheme. But Kim's and Choi's schemes fail to provide the user's anonymity or compute some values in the protocol. In this paper, we analyse those problems and suggest two improved schemes to resolve those problems.

• International Journal of Internet, Broadcasting and Communication
• /
• v.13 no.2
• /
• pp.67-75
• /
• 2021

As pass the three revised bills, the Personal Information Protection Act was revised to have a larger application for personal information. For an industrial development through an efficient and secure usage of personal information, there is a need to revise the existing anonymity processing method. This paper modifies the Zero Knowledge Proofs algorithm among the anonymity processing methods to modify the anonymity process calculations by taking into account the reliability of the used service company. More detail, the formula of ZKP (Zero Knowledge Proof) used by ZK-SNAKE is used to modify the personal information for pseudonymization processing. The core function of the proposed algorithm is the addition of user variables and adjustment of the difficulty level according to the reliability of the data user organization and the scope of use. Through Setup_p, the additional variable γ can be selectively applied according to the reliability of the user institution, and the degree of agreement of Witness is adjusted according to the reliability of the institution entered through Prove_p. The difficulty of the verification process is adjusted by considering the reliability of the institution entered through Verify_p. SimProve, a simulator, also refers to the scope of use and the reliability of the input authority. With this suggestion, it is possible to increase reliability and security of anonymity processing and distribution of personal information.

• Journal of Internet Computing and Services
• /
• v.21 no.6
• /
• pp.51-56
• /
• 2020

Cryptocurrencies, including Bitcoin, has decentralization, distribution and P2P properties unlike traditional currencies relies on trusted central party such as banks. All transactions are stored transparently and distributively, hence all participants can check the details of those transactions. Due to the properties of cryptographic hash function, deletion or modification of the stored transations is computationally not possible. However, cryptocurrencies only provide pseudonymity, not anonymity, which is provided by traditional currencies. Therefore many researches were conducted to provide anonymity to cryptocurrencies such as mix-based methods. In this paper, I will propose more efficient hybrid mix-based method for anonymity than previous mix-based one.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.2
• /
• pp.139-149
• /
• 2023

CBDC has characteristics similar to e-payments in which all records are kept by logs, so it is difficult to satisfy the anonymity level of cash. Therefore, in this study, the CBDC model that encrypts all transaction contents using the Diffie-Hellman key sharing algorithm was presented to enhance anonymity. The proposed model provides unlinkability anduntraceability. In addition, a CBDC certificate that uses pseudonym is used. Through this certificate, illegal transactions that require tracking can be tracked later by authorized institutions.

• Journal of Internet Computing and Services
• /
• v.11 no.3
• /
• pp.139-148
• /
• 2010

In the sensor network security area, previous works were mainly concentrated on achieving authentication, confidentiality, integrity and availability. But the ID exposure issue is recently an increasing concern in research community. To protect the ID exposure from various attacks, the most common approach is to make use of a dynamic pseudonym rather than the real ID. However, if a node's secret key (or hash key) and the current pseudonym (such as a random number) are exposed, the attacker can easily generate the previous/next pseudonyms. In this paper, we propose a security infra-structure scheme for enabling strong anonymity of sensor nodes. Our scheme ensures that the probability being able to generate a pseudonym is very low even if a sensor node has been compromised with an attacker. Security analyses have proven that our scheme is suitable for sensor network environments in terms of preserving of forward anonymity as well as backward anonymity.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.10 no.2
• /
• pp.327-333
• /
• 2009

In 2004, Das et al. proposed a scheme for preserving a user anonymity. However, In 2005, Chien and Chen pointed out that Das et al. scheme fail to protect the user anonymity, and proposed a new scheme. And then in 2007, Hu et al. pointed out that Chien and Chen scheme also has some problems; it is Strong masquerading server/user attack, Restricted replay attack, Denial of service attack. it also slow wrong password detection, and proposed a new scheme. In 2008, Bindu et al. repeatedly pointed out on Chien and Chen scheme and proposed their scheme. However, we point out that all of their scheme also has some problems; it is not to protect the user anonymity and Denial of service attack. In addition, Bindu et al. is vulnerable to Strong masquerading server/user attack. Therefore, we demonstrate that their scheme also have some problems; it is the user anonymity and denial of service attack as above.

• The Journal of Society for e-Business Studies
• /
• v.18 no.2
• /
• pp.81-93
• /
• 2013

Remote user authentication is a method, in which remote server verifies the legitimacy of a user over an common communication channel. Currently, smart card based remote user authentication schemes have been widely adopted due to their low computational cost and convenient portability for the mutual authentication. 2009 years, Wang et al.'s proposed a dynamic ID-based remote user authentication schemes using smart cards. They presented that their scheme preserves anonymity of user, has the feature of storing password chosen by the server, and protected from several attacks. However, in this paper, I point out that Wang et al.'s scheme has practical vulnerability. I found that their scheme does not provide anonymity of a user during authentication. In addition, the user does not have the right to choose a password. And his scheme is vulnerable to limited replay attacks. In particular, the parameter y to be delivered to the user is ambiguous. To overcome these security faults, I propose an enhanced authentication scheme, which covers all the identified weakness of Wang et al.'s scheme and an efficient user authentication scheme that preserve perfect anonymity to both the outsider and remote server.