• Journal of KIISE:Computer Systems and Theory
• /
• v.31 no.5_6
• /
• pp.353-359
• /
• 2004

The illegal copying and redistribution of digitally-stored information is a crucial problem to distributors who electronically sell digital data. Fingerprinting scheme is a techniques which supports copyright protection to track redistributors of electronic information using cryptographic techniques. Anonymous fingerprinting schemes, differ from symmetric fingerprinting, prevent the merchant from framing a buyer by making the fingerprinted version known to the buyer only. And the scheme, differ from asymmetric fingerprinting, allows the buyer to purchase goods without revealing her identity to the merchant. In this paper, a new anonymous fingerprinting scheme based on secret sharing is introduced. The merchant finds a sold version that has been distributed, and then he is able to retrieve a buyer's identity and take her to court. And Schnorr's digital signature prevents the buyer from denying the fact he redistributed. The buyer's anonymity relies on the security of discrete logarithm and secure two-party computations.

• Journal of KIISE:Computer Systems and Theory
• /
• v.34 no.7
• /
• pp.288-295
• /
• 2007

The illegal copying and redistribution of digitally-stored information is a crucial problem to distributors who electronically sell digital data. fingerprinting scheme is a technique which supports copyright protection to track redistributors of electronic information using cryptographic techniques. Anonymous asymmetric fingerprinting scheme prevents the merchant from framing a buyer by making the fingerprinted version known to the buyer only. And this scheme allows the buyer to purchase goods without revealing her identity to the seller. In this paper, a new anonymous asymmetric fingerprinting scheme with TTP is introduced. The buyer's fingerprint is generated by the Fingerprint Certificate Authority which is a TTP. When the seller embeds the fingerprint in the digital data, the protocol uses the homomorphic encryption scheme. Thus the seller cannot know the buyer's fingerprint and the buyer's anonymity is guaranteed by using anonymous key pair.

• Journal of KIISE:Computer Systems and Theory
• /
• v.36 no.5
• /
• pp.396-403
• /
• 2009

An anonymous asymmetric fingerprinting protocol combined with watermarking techniques, is one of the copyright protection technologies keeping both right of a seller and that of a buyer, where a seller and an anonymous buyer perform such a protocol that employs various cryptographic tools in order that the seller does not know the exact watermarked copy that the buyer receives, while inserting an invisible non-removable fingerprint i.e., each different unique watermark, into each copy of the digital content to be sold. In such a protocol innocent buyers are kept anonymous during transactions, however, the unlawful reseller is unambiguously identified with a real identity as a copyright violator. In 2007, Yong and Lee proposed an anonymous asymmetric fingerprinting scheme with trusted third party. In this paper we point out the weakness of their scheme such as: the buyer with intention can remove the fingerprint in the watermarked content, because he/she can decrypt the encrypted fingerprint with a symmetric key using man-in-the-middle-attack; a real identity of a buyer can be revealed to the seller through the identification process even though he/she is honest. Furthermore, we propose an improved secure and efficient anonymous asymmetric fingerprinting scheme which enables to reduce the number of communication between the participants.

• KIPS Transactions on Computer and Communication Systems
• /
• v.11 no.4
• /
• pp.127-132
• /
• 2022

An anonymous encrypted communication networks that make it difficult to identify the trace of a user's access by passing through several virtual computers and/or networks, such as Tor, provides user and data privacy in the process of Internet communications. However, when it comes to abuse for inappropriate purposes, such as sharing of illegal contents, arms trade, etc. through such anonymous encrypted communication networks, it is difficult to detect and take appropriate countermeasures. In this paper, by extending the website fingerprinting technique that can identify access to a specific site even in anonymous encrypted communication, a method for specifying and classifying service types of websites for not only well-known sites but also unknown sites is proposed. This approach can be used to identify hidden sites that can be used for malicious purposes.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.10 no.4
• /
• pp.47-57
• /
• 2000

This paper proposes efficient anonymous fingerprinting with improved automatic identification of redistributors in electronic commerce of digital contents. The proposed scheme by Domingos in Eletronic Letters is inefficient in electronic commerce, because of pass numbers in registration protocol and exponential computations in identification protocol. Our scheme is reduced 2-pass in registraton protocol and is required only 1 time exponential computation than his in identification protocol. According to electronic commerce of digital contents used in ordinary life, our schemes values are increased.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.16 no.6
• /
• pp.151-155
• /
• 2006

In 2005, Yong and Lee proposed a buyer-seller fingerprinting protocol using symmetric and commutative encryptions. They claimed that their protocol was practical and anonymous since they used symmetric and commutative encryptions. However, an attacker can get the content embedded with one or more honest buyers' fingerprints using man-in-the-middle attack. In this letter, we point out the weakness and propose methods for improving to their protocol.

• Journal of Korea Multimedia Society
• /
• v.6 no.4
• /
• pp.620-629
• /
• 2003

Fingerprinting schemes are techniques applied to protect the copyright on digital goods. These enable the merchants to identify the source of illegal redistribution. Let us assume the following situations connectedly happen: As a beginning, buyer who bought digital goods illegally distributed it, next the merchant who found it revealed identity of the buyer/traitor, then the goods is illegally distributed again. After this, we describe it as“The second illegal redistribution”. In most of anonymous fingerprinting, upon finding a redistributed copy, a merchant extracts the buyer's secret information from the copy and identifies a traitor using it. Thus the merchant can know the traitor's secret information (digital fingerprints) after identification step. The problem of the second illegal distribution is that there is a possibility of the merchant's fraud and the buyer's abuse: that is a dishonest employee of the merchant might just as well have redistributed the copy as by the buyer, or the merchant as such may want to gain money by wrongly claiming that the buyer illegally distributed it once more. The buyer also can illegally redistribute the copy again. Thus if the copy turns up, one cannot really assign responsibility to one of them. In this paper, we suggest solution of this problem using two-level fingerprinting. As a result, our scheme protects the buyer and the merchant under any conditions in sense that (1) the merchant can obtain means to prove to a third party that the buyer redistributed the copy. (2) the buyer cannot worry about being branded with infamy as a traitor again later if he never distribute it.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.14 no.3
• /
• pp.145-153
• /
• 2004

Digital fingerprinting schemes are cryptographic methods that a seller can identify a traitor who illegally redistributed digital contents by embedding it into buyer's information. Recently, Josep Domingo-Ferrer suggested an anonymous digital fingerprinting scheme based on committed oblivious transfer protocol. It is significant in the sense that it is completely specified from a computation point of view and is thus readily implementable. But this scheme has the serious problem that it cannot provide the security of buyers. In this paper, we first show how to break the existing committed oblivious transfer-based fingerprinting schemes and then suggest secure fingerprinting scheme by introducing oblivious transfer protocol with two-lock cryptosystem based on discrete logarithm. All computations are performed efficiently and the security degree is strengthened in our proposal.

• KIPS Transactions on Software and Data Engineering
• /
• v.9 no.6
• /
• pp.187-194
• /
• 2020

This paper proposes a website fingerprinting method using ensemble learning over a Tor network that guarantees client anonymity and personal information. We construct a training problem for website fingerprinting from the traffic packets collected in the Tor network, and compare the performance of the website fingerprinting system using tree-based ensemble models. A training feature vector is prepared from the general information, burst, cell sequence length, and cell order that are extracted from the traffic sequence, and the features of each website are represented with a fixed length. For experimental evaluation, we define four learning problems (Wang14, BW, CW_T, CW_H) according to the use of website fingerprinting, and compare the performance with the support vector machine model using CUMUL feature vectors. In the experimental evaluation, the proposed statistical-based training feature representation is superior to the CUMUL feature representation except for the BW case.

• Proceedings of the Korea Multimedia Society Conference
• /
• 2002.11b
• /
• pp.229-233
• /
• 2002

디지털 핑거프린팅(digital fingerprinting)은 멀티미디어 컨텐츠에 구매자의 정보를 삽입하여 불법적으로 컨텐츠를 재분배한 부정자(traitor)를 추적하는 기법이다. 기존에 제안된 대부분의 핑거프린팅 기법은 부정자를 식별하는 단계(identification protocol) 또는 그 증거를 제 3자에게 제출하여 확신받는 단계(trial protocol)까지만 고려했다. 대개의 경우 판매자는 해당 컨텐츠에서 부정자의 정보를 추출하여 그 신원을 확인하므로 재분배자 식별 단계를 거친 판매자는 해당구매자의 정보를 알 수 있게 된다. 따라서 판매자는 이를 이용하여 원 컨텐츠에 해당 구매자의 정보를 삽입할 수 있으며, 이로 인해 또 다른 문제가 발생할 수 있다. 본 논문에서는 재분배자 식별 단계 이후, 판매자가 불법적으로 구매자의 정보를 컨텐츠에 삽입할 가능성을 제기하고, 이 문제를 해결하기 위해 2단계 핑거프린팅 기법을 이용한 익명 핑거프린팅 방식을 제안한다.