• Journal of Internet Computing and Services
• /
• v.20 no.6
• /
• pp.105-117
• /
• 2019

Bitcoin, which can be classified as a cryptocurrency, has attracted attention from various industries because it is an innovative digital currency and the beginning of a Blockchain system. However, as the research on Bitcoin progressed, several security vulnerabilities and possible attacks were analyzed. Among them, the security problem caused by the transparency of the Blockchain database prevents the Blockchain system from being applied to various fields. This vulnerability is further classified as the weak anonymity of participating nodes and privacy problem due to disclosure of transaction details. In recent years, several countermeasures have been developed against these vulnerabilities. In this paper, we first describe the main features of the public and private Blockchain, and explain privacy, unlinkability and anonymity. And, three public Blockchain platforms, Dash, Zcash and Monero which are derived from Bitcoin, and Hyperledger Fabric which is a private Blockchain platform, are examined. And we analyze the operating principles of the protocols applied on each platform. In addition, we classify the applied technologies into anonymity and privacy protection in detail, analyze the advantages and disadvantages, and compare the features and relative performance of the platforms based on the computational speed of the applied cryptographic mechanisms.

• ETRI Journal
• /
• v.42 no.3
• /
• pp.446-458
• /
• 2020

In this study, an efficient scheme for hiding data directly in partially encrypted versions of high efficiency video coding (HEVC) videos is proposed. The content owner uses stream cipher to selectively encrypt some HEVC-CABAC bin strings in a format-compliant manner. Then, the data hider embeds the secret message into the encrypted HEVC videos using the specific coefficient modification technique. Consequently, it can be used in third-party computing environments (more generally, cloud computing). For security and privacy purposes, service providers cannot access the visual content of the host video. As the coefficient is only slightly modified, the quality of the decrypted video is satisfactory. The encrypted and marked bitstreams meet the requirements of format compatibility, and have the same bit rate. At the receiving end, data extraction can be performed in the encrypted domain or decrypted domain that can be adapted to different application scenarios. Several standard video sequences with different resolutions and contents have been used for experimental evaluation.

• Journal of Internet Computing and Services
• /
• v.17 no.2
• /
• pp.77-85
• /
• 2016

Internet cookie technology is designed for solving unreliable problem of HTTP's inherent property and notifying user's previous activity to web site's server, so it is useful to provide suitable service for individual user. However, the cookie techniques are becoming more sophisticated such as the third cookie and super cookie. And its included information is applied for advertisement and target marketing strategy, so the problem occurs that user's personal information is collected excessively. However, our law does not recognize the internet cookie as personal information so user cannot know where own internet cookie is stored and applicable. Therefore, in this paper, we explain the internet cookie technology, the privacy invasion and right to be forgotten for solving problem due to the internet cookie. And we analysis the relationship between the information of internet cookie and personal information, and then present the improvement requirement on the law and technology to use internet cookie securely and conveniently.

• Journal of Internet Computing and Services
• /
• v.9 no.3
• /
• pp.43-50
• /
• 2008

Authenticated Encryption scheme in RFID system is the important issue for ID security. But, implementing authenticated Encryption scheme in RFID systems is not an easy proposition and systems are often delivered for reasons of complexity, limited resources, or implementation, fail to deliver required levels of security. RFID system is so frequently limited by memory, performance (or required number of gates) and by power drain, that lower levels of security are installed than required to protect the information. In this paper, we design a new authenticated encryption scheme based on the EC(Elliptic Curve)'s x-coordinates and scalar operation. Our scheme will be offers enhanced security feature in RFID system with respect to user privacy against illegal attack allowing a ECC point addition and doubling operation.

• Journal of the Korea Society of Computer and Information
• /
• v.13 no.5
• /
• pp.195-202
• /
• 2008

In this paper, To improve the effectiveness of security enforcement, the first contribution in this work is that we present a clustered heterogeneous WSN(Wareless Sensor Network) architecture, composed of not only resource constrained sensor nodes, but also a number of more powerful high-end devices acting as cluster heads. Compared to sensor nodes, a high-end cluster head has higher computation capability, larger storage, longer power supply, and longer radio transmission range, and it thus does not suffer from the resource scarceness problem as much as a sensor node does. A distinct feature of our heterogeneous architecture is that cluster heads are equipped with TC(trusted computing) technology, and in particular a TCG(Trusted Computing Group) compliant TPM (Trusted Platform Module) is embedded into each cluster head. According the TCG specifications, TPM is a tamper-resistant, self-contained secure coprocessor, capable of performing cryptographic functions. A TPM attached to a host establishes a trusted computing platform that provides sealed storage, and measures and reports the integrity state of the platform.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.9 no.12
• /
• pp.5135-5149
• /
• 2015

Communications among multi-party must be fast, cost effective and secure. Today's computing environments such as internet conference, multi-user games and many more applications involve multi-party. All participants together establish a common session key to enable multi-party and secure exchange of messages. Multi-party password-based authenticated key exchange scheme allows users to communicate securely over an insecure network by using easy-to-remember password. Kwon et al. proposed a practical three-party password-based authenticated key exchange (3-PAKE) scheme to allow two users to establish a session key through a server without pre-sharing a password between users. However, Kwon et al.'s scheme cannot meet the security requirements of key authentication, key confirmation and anonymity. In this paper, we present a novel, simple and efficient multi-party password-based authenticated key exchange (M-PAKE) scheme based on the elliptic curve cryptography for mobile environment. Our proposed scheme only requires two round-messages. Furthermore, the proposed scheme not only satisfies security requirements for PAKE scheme but also achieves efficient computation and communication.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.4
• /
• pp.987-997
• /
• 2018

Blockchain has tamper-free, so many applications are developing to leverage tamper-free features of blockchain. MIT Media Labs proposed BlockCerts, educational certificate blockchain System, to solve problems of legacy certificate verifications. Existing educational certificate blockchain Systems are based on public blockchain such as bitcoin, Ethereum, so any entity can participate educational institute in principal. Moreover, the exisitng educational certricate blockchain system utilizes the integrity of blockchain, but the confidentiality of the educational certificate is not provided. This paper propose a digital certificate system based on private blockchain, name HyperCerts. Therefore, only trusted entity can participate in the private blockchain network, Hyperledger, as the issuer of digital certificate. Furthermore, the practical byzantine fault tolerance is used as consensus algorithm, HyperCerts reduce dramatically the latency of issuing digital certificate and required computing power. HyperCerts stores the hash value of digital certificate into the ledger, so breach of personal information by malicious entity in the private blockchain is protected.

• KIPS Transactions on Computer and Communication Systems
• /
• v.11 no.8
• /
• pp.259-268
• /
• 2022

With prosperous usage of cloud services to improve management efficiency due to the explosive increase in data volume, various cryptographic techniques are being applied in order to preserve data privacy. In spite of the vast computing resources of cloud systems, decrease in storage efficiency caused by redundancy of data outsourced from multiple users acts as a factor that significantly reduces service efficiency. Among several approaches on privacy-preserving data deduplication over encrypted data, in this paper, the research results for improving efficiency of encrypted data deduplication using trusted execution environment (TEE) published in the recent USENIX ATC are analysed in terms of security and efficiency of the participating entities. We present a way to improve the stability of a key-managing server by integrating it with individual clients, resulting in secure deduplication without independent key servers. The experimental results show that the communication efficiency of the proposed approach can be improved by about 30% with the effect of a distributed key server while providing robust security guarantees as the same level of the previous research.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.15 no.1
• /
• pp.1-14
• /
• 2015

To conform to new emerging computing paradigm, various researches and challenges are being done. New information technologies make easy to access and acquire information in various ways. In other side, however, it also makes illegal access more powerful and various threat to system security. In this paper, we suggest a new extended access control method that make it possible to conform to security policies enforcement even with discrepancy between policy based constraints rules and query based constraints rules, based on their semantic information. New method is to derive security policy rules using context tree structure and to control the exceed granting of privileges through the degree of the semantic discrepancy. In addition, we illustrate prototype system architecture and make performance comparison with existing access control methods.

• Journal of KIISE
• /
• v.43 no.4
• /
• pp.497-508
• /
• 2016

With a cloud storage service, data owners can easily access their outsourced data in cloud storage on different devices and at different locations, and can share their data with others. However, as the users no longer physically have possession of their outsourced data and the cloud still facing the existence of internal/external threats, the task of checking the data integrity is formidable. Over recent years, numerous schemes have been proposed to ensure data integrity in an untrusted cloud. However, the existing public auditing schemes use a third-party auditor(TPA) to execute high computation to check data integrity and may still face many security threats. In this paper, we first demonstrate that the scheme proposed by Zhang et al. is not secure against our two threat models, and then we propose a self-certified public auditing scheme to eliminate the security threats and guarantee a constant communication cost. Moreover, we prove the securities of our public auditing scheme under three security models.