• Journal of the Korea Institute of Military Science and Technology
• /
• v.15 no.1
• /
• pp.46-56
• /
• 2012

Traitor Tracing schemes are broadcast encryption systems where at least one of the traitors who were implicated in the construction of a pirate decoder can be traced. This traceability is required in various contents delivery system like satellite broadcast, DMB, pay-TV, DVD and so on. In this paper, we propose a public key traitor tracing scheme with key-update method. If the system manager can update a secret key which is stored in an authorized decode, it makes a pirate decoder useless by updating a secret key A pirate decoder which cannot update a secret key does not decrypt contents in next session or during tracing a traitor, this scheme has merits which will make a pirate decoder useless, therefore this scheme raises the security to a higher level.

• Journal of Broadcast Engineering
• /
• v.21 no.3
• /
• pp.412-424
• /
• 2016

Broadcast encryption (BE) is a cryptographic primitive that enables a sender to broadcast a message to a set of receivers in a secure channel. The efficiency of BE is measured by three factors: ciphertext transmission cost, user storage cost, and computational cost for decryption. In general, BE is applied to the environments where a large number of receivers should be accommodated, so that the transmission cost is considered as being the most important factor. In this paper, we suggest a new BE system, using Shamir's secret sharing method, which considerable reduces the transmission cost. In comparison to the previous Subset Difference (SD) system, the transmission size of our BE is longer until $r{\leq}\sqrt{n}$, but get shorter when $r{\geq}\sqrt{n}$ for number of revoked users and n number of total users. We show that the advantage can be achieved at the slight expense of both the storage and computational costs.

• Journal of the Korea Society of Computer and Information
• /
• v.18 no.9
• /
• pp.79-89
• /
• 2013

Recently, the need for outsourcing sensitive data has grown due to the wide spreading of cost-effective and flexible cloud service. However, there is a fundamental concern in using such service since users have to trust external servers. Therefore, searchable encryption can be a very valuable tool to meet the security requirements of data outsourcing. However, most of work on searchable encryption focus only on privacy preserving search function and relatively lacks research on encryption mechanism used to actually encrypt data. Without a suitable latter mechanism, searchable encryption cannot be deployed in real world cloud services. In this paper, we analyze previously used and possible data encryption mechanisms for multi-user searchable encryption system and discuss their pros and cons. Our results show that readily available tools such as broadcast encryption, attribute-based encryption, and proxy re-encryption do not provide suitable solutions. The main problem with existing tools is that they may require separate fully trusted servers and the difficulty in preventing collusion attacks between outsiders and semi-trusted servers.

• Journal of Communications and Networks
• /
• v.13 no.5
• /
• pp.428-441
• /
• 2011

A trace-and-revoke scheme is a type of broadcast encryption scheme for content protection on various platforms such as pay-per-view TV and DVD players. In 2006, Boneh and Waters (BW) presented a fully collusion-resistant trace-and-revoke scheme. However, a decisive drawback of their scheme is to require composite-order groups. In this paper, we present a new trace-and-revoke scheme that works in prime-order groups. Our scheme is fully collusion-resistant and achieves ciphertexts and private keys of size O($\sqrt{N}$) for N users. For the same level of security, our scheme is better than the BW scheme in all aspects of efficiency. Some superior features include 8.5 times faster encryption, 12 times faster decryption, and 3.4 times shorter ciphertexts. To achieve our goal, we introduce a novel technique where, by using asymmetric bilinear maps in prime-order groups, the cancellation effect same as in composite-order groups can be obtained.

• Proceedings of the Korean Society of Broadcast Engineers Conference
• /
• 2006.11a
• /
• pp.307-312
• /
• 2006

Protection to the multimedia contents is inevitable to ensure that only authorized users be able to access the protected contents for consumption. Since protection mechanisms need to be designed efficiently by exploiting the type of the contents, we propose a protection scheme for the video bitstream encoded by Scalable Video Coding (SVC) technique. Our scheme exploits the property of SVC in which a video is encoded into spatial, temporal, and quality scalability layers. By applying our proposed protection scheme to the appropriate scalability layers we can effectively control the SVC contents completely or partially. Each layer can be flexibly protected with different encryption keys or even with different encryption algorithms. The algorithms that are used to protect each layer are described by the standardized protection description tool, which is the MPEG-21 Intellectual Property Management and Protection (IPMP) Components. In this paper, we present the design of the proposed layered SVC protection scheme, its implementation and experimental results. The experiment result shows that the proposed layered SVC protection scheme is very effective and can easily be applied.

• Journal of KIISE:Information Networking
• /
• v.36 no.6
• /
• pp.471-480
• /
• 2009

One of the principal impediments to the achievement of a scalable access control for a large number of subscribers in a public broadcast is to distribute key update messages reliably to all stateless receivers. However, in a public broadcast, the rekeying messages can be dropped or compromised during the transmission over an insecure broadcast channel, or transmitted to the receivers while it was off-line. In this study, we propose a novel group key management scheme that features a mechanism that allows the legitimate receivers to recover the current group key even if they lose key update messages for long-term sessions using short hint messages and member computation. The performance analysis result shows that the proposed scheme has advantages of the scalable and efficient rekeying compared with the previous reliable group key distribution schemes. The proposed key management scheme targets a conditional access system in a media broadcast where there is no feedback channel from receivers to the broadcasting station.

• Journal of Broadcast Engineering
• /
• v.15 no.2
• /
• pp.192-204
• /
• 2010

As illegal distribution of the terrestial DTV broadcast program occurs very frequently in on-line, the needs to protect broadcast program have increased. In this paper, a new approach to implement a system for terrestial DTV broadcast program protection based on program protection information(PPI) is proposed. In our approach, the broadcast program is recorded with encryption according to redistribution condition of the PPI and packaged into a file with key information and PPI together. And we also define a set of domain protocol for supporting user fair-use of broadcast program. In the proposed system, copy control can also be provided by process of home domain management. Implementation results show that our system can protect broadcast programs with efficiency and can support conditional distribution within home domain in order to satisfy user fair-use.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.16 no.2
• /
• pp.445-466
• /
• 2022

As everything linking to the internet, people can subscribe to various services from a service provider to facilitate their lives through the Internet of Things (IoT). An obligatory thing for the service provider is that they should push the service data safely and timely to multiple IoT terminal devices regularly after the IoT devices accomplishing the service subscription. In order to control the service message received by the legal devices as while as keep the confidentiality of the data, the public key encryption algorithm is utilized. While the existing public encryption algorithms for push service are too complicated for IoT devices, and almost of the current subscription schemes based on push mode are relying on centralized organization which may suffer from centralized entity corruption or single point of failure. To address these issues, we design a secure subscription-push service scheme based on blockchain and edge computing in this article, which is decentralized with secure architecture for the subscription and push of service. Furthermore, inspired by broadcast encryption and multicast encryption, a new encryption algorithm is designed to manage the permissions of IoT devices together with smart contract, and to protect the confidentiality of push messages, which is suitable for IoT devices. The edge computing nodes, in the new system architecture, maintain the blockchain to ensure the impartiality and traceability of service subscriptions and push messages, meanwhile undertake some calculations for IoT devices with limited computing power. The legalities of subscription services are guaranteed by verifying subscription tags on the smart contract. Lastly, the analysis indicates that the scheme is reliable, and the proposed encryption algorithm is safe and efficient.

• Journal of Broadcast Engineering
• /
• v.19 no.5
• /
• pp.590-605
• /
• 2014

The purpose of this paper is to propose a service system for a digital hologram video, which has not been published yet. This system assumes the existing service framework for 2-dimensional or 3-dimensional image/video, which includes data acquisition, processing, transmission, reception, and reconstruction. This system includes acquisition of color and depth image pairs from a image acquisition system with vertical rigs, rectification of acquired image pairs and generating digital hologram. Also it is designed to reduce the CGH (computer-generated hologram) generation time to 1/3. It also includes some additional and optional functions such as watermarking, compression, and encryption.

• Journal of Broadcast Engineering
• /
• v.17 no.2
• /
• pp.374-387
• /
• 2012

In this paper, we implement a new hardware for finding the significant coefficients of a digital hologram and ciphering them using discrete wavelet packet transform (DWPT). Discrete wavelet transform (DWT) and packetization of subbands is used, and the adopted ciphering technique can encrypt the subbands with various robustness based on the level of the wavelet transform and the threshold of subband energy. The hologram encryption consists of two parts; the first is to process DWPT, and the second is to encrypt the coefficients. We propose a lifting based hardware architecture for fast DWPT and block ciphering system with multi-mode for the various types of encryption. The unit cell which calculates the repeated arithmetic with the same structure is proposed and then it is expanded to the lifting kernel hardware. The block ciphering system is configured with three block cipher, AES, SEED and 3DES and encrypt and decrypt data with minimal latency time(minimum 128 clocks, maximum 256 clock) in real time. The information of a digital hologram can be hided by encrypting 0.032% data of all. The implemented hardware used about 200K gates in $0.25{\mu}m$ CMOS library and was stably operated with 165MHz clock frequency in timing simulation.