• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제10권2호
• /
• pp.881-896
• /
• 2016

Certificate-based cryptography is a useful public key cryptographic primitive that combines the merits of traditional public key cryptography and identity-based cryptography. It not only solves the key escrow problem inherent in identity-based cryptography, but also simplifies the cumbersome certificate management problem in traditional public key cryptography. In this paper, by giving a concrete attack, we first show that the certificate-based encryption scheme without bilinear pairings proposed by Yao et al. does not achieve either the chosen-ciphertext security or the weaker chosen-plaintext security. To overcome the security weakness in Yao et al.'s scheme, we propose an enhanced certificate-based encryption scheme that does not use the bilinear pairings. In the random oracle model, we formally prove it to be chosen-ciphertext secure under the computational Diffie-Hellman assumption. The experimental results show that the proposed scheme enjoys obvious advantage in the computation efficiency compared with the previous certificate-based encryption schemes. Without costly pairing operations, it is suitable to be employed on the computation-limited or power-constrained devices.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제8권7호
• /
• pp.2554-2571
• /
• 2014

Certificate-based cryptography is a new cryptographic paradigm that provides an interesting balance between identity-based cryptography and traditional public key cryptography. It not only simplifies the complicated certificate management problem in traditional public key cryptography, but also eliminates the key escrow problem in identity-based cryptography. As an extension of the signcryption in certificate-based cryptography, certificate-based signcryption provides the functionalities of certificate-based encryption and certificate-based signature simultaneously. However, to the best of our knowledge, all constructions of certificate-based signcryption in the literature so far have to be based on the costly bilinear pairings. In this paper, we propose a certificate-based signcryption scheme that does not depend on the bilinear pairings. The proposed scheme is provably secure in the random oracle model. Due to avoiding the computationally-heavy paring operations, the proposed scheme significantly reduces the cost of computation and outperforms the previous certificate-based signcryption schemes.

• Journal of Communications and Networks
• /
• 제10권1호
• /
• pp.10-17
• /
• 2008

In traditional digital signature schemes, certificates signed by a trusted party are required to ensure the authenticity of the public key. In Asiacrypt 2003, the concept of certificateless signature scheme was introduced. The advantage of certificateless public key cryptography successfully eliminates the necessity of certificates in the traditional public key cryptography and simultaneously solves the inherent key escrow problem suffered in identity-based cryptography. Recently, Yap et al. proposed an efficient certificateless signature scheme and claimed that their scheme is existentially unforgeable in the random oracle model. In this paper, we show that the certificateless signature scheme proposed by Yap et al. is insecure against public key replacement attacks. Furthermore, we propose an improved certificateless signature scheme, which is existentially unforgeable against adaptive chosen message attacks under the computational Diffie-Hellman assumption in the random oracle model and provide the security proof of the proposed scheme.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제8권11호
• /
• pp.4203-4225
• /
• 2014

Fuzzy identity-based cryptography introduces the threshold structure into identity-based cryptography, changes the receiver of a ciphertext from exact one to dynamic many, makes a cryptographic scheme more efficient and flexible. In this paper, we propose the first fuzzy identity-based signcryption scheme in lattice-based cryptography. Firstly, we give a fuzzy identity-based signcryption scheme that is indistinguishable against chosen plaintext attack under selective identity model. Then we apply Fujisaki-Okamoto method to obtain a fuzzy identity-based signcryption scheme that is indistinguishable against adaptive chosen ciphertext attack under selective identity model. Thirdly, we prove our scheme is existentially unforgeable against chosen message attack under selective identity model. As far as we know, our scheme is the first fuzzy identity-based signcryption scheme that is secure even in the quantum environment.

• 정보보호학회논문지
• /
• 제10권3호
• /
• pp.37-48
• /
• 2000

서울Visual cryptography scheme is a simple method in which can be directly decoded the secret information in human visual system without performing any cryptographic computations. This scheme is a kind of secret sharing scheme in which if a secret of image type is scattered to n random images(slides) and any threshold (or more) of them are stacked together the original image will become visible. In this paper we consider (2, n) visual cryptography scheme and propose a new construction method in which the number of expanded pixels can be reduced by using the sample matrix. The proposed scheme can futhermore distribute the multiple secret image to each group according to the difference of relative contrast.

• Journal of Information Processing Systems
• /
• 제13권4호
• /
• pp.970-986
• /
• 2017

Certificateless public key cryptography (CL-PKC) is a new benchmark in modern cryptography. It not only simplifies the certificate management problem of PKC, but also avoids the key escrow problem of the identity based cryptosystem (ID-PKC). In this article, we propose a certificateless blind signature protocol which is based on elliptic curve cryptography (CLB-ECC). The scheme is suitable for the wireless communication environment because of smaller parameter size. The proposed scheme is proven to be secure against attacks by two different kinds of adversaries. CLB-ECC is efficient in terms of computation compared to the other existing conventional schemes. CLB-ECC can withstand forgery attack, key only attack, and known message attack. An e-cash framework, which is based on CLB-ECC, has also been proposed. As a result, the proposed CLB-ECC scheme seems to be more effective for applying to real life applications like e-shopping, e-voting, etc., in handheld devices.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제7권6호
• /
• pp.1480-1491
• /
• 2013

Certificate-based cryptography is a new cryptographic primitive which eliminates the necessity of certificates in the traditional public key cryptography and simultaneously overcomes the inherent key escrow problem suffered in identity-based cryptography. However, to the best of our knowledge, all existed constructions of certificate-based encryption so far have to be based on the bilinear pairings. The pairing calculation is perceived to be expensive compared with normal operations such as modular exponentiations in finite fields. The costly pairing computation prevents it from wide application, especially for the computation limited wireless sensor networks. In order to improve efficiency, we propose a new certificate-based encryption scheme that does not depend on the pairing computation. Based on the decision Diffie-Hellman problem assumption, the scheme's security is proved to be against the chosen ciphertext attack in the random oracle. Performance comparisons show that our scheme outperforms the existing schemes.

• 정보보호학회논문지
• /
• 제26권6호
• /
• pp.1413-1419
• /
• 2016

최근의 양자컴퓨터 기술 발전과 PQCrypto2016에서 미국 NIST의 포스트 양자 암호 표준 공모사업 발표로 인해 포스트 양자 암호에 대한 관심과 연구가 활발히 이루어지고 있다. 양자 컴퓨터와 관련된 대표적인 알고리즘인 Grover 알고리즘과 Shor 알고리즘으로 인해, 현재 사용되고 있는 다양한 대칭키 암호와 이산대수 기반의 공개키 암호의 안전성 재고가 필요한 상황에서 양자 컴퓨터에도 강인한 암호인 포스트 양자 암호 연구의 필요성이 발생하였다. 본 논문에서는 다양한 포스트 양자 암호 중 해시 기반 서명 기법의 최신 기술 동향과 전망에 대해 알아본다.

• 디지털콘텐츠학회 논문지
• /
• 제13권4호
• /
• pp.531-538
• /
• 2012

시각암호는 복잡한 암호학적 연산 없이 분산된 영상을 중첩함으로써, 인간의 시각에 의해 비밀영상을 직접 복원할 수 있는 방법이다. 최근까지 시각암호 분야는 크게 복호화 된 영상의 해상도를 향상시키기 위한 비밀 분산법, 분산된 영상의 크기가 변하지 않는 비밀 분산법 그리고 크기조절에 강인한 비밀 분산법 등에 관하여 연구되고 있다. 시각암호 그 자체는 단순히 분산된 영상만 이용하기 때문에 공격받기 쉽다. 따라서 비밀영상을 안전하게 공유할 수 있는 시각암호 구조가 필요하기 때문에 본 논문에서는 실제 사용될 수 있는 기본적인 시각암호 구조에서 커버영상을 이용해 개선된 시각암호 구조를 제안한다. 제안된 방법은 커버영상의 변조를 줄임으로써 steganalysis를 어렵게 하여 확률적으로 높은 안전성을 제공한다. 또한 잡음을 생성하지 않고, 비밀영상을 온전히 복원할 수도 있음을 보였다.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제8권7호
• /
• pp.2532-2553
• /
• 2014

In Asiacrypt 2003, Al-Riyami and Paterson proposed the notion of certificateless cryptography, a technique to remove key escrow from traditional identity-based cryptography as well as circumvent the certificate management problem of traditional public key cryptography. Subsequently much research has been done in the realm of certificateless encryption and signature schemes, but little to no work has been done for the identification primitive until 2013 when Chin et al. rigorously defined certificateless identification and proposed a concrete scheme. However Chin et al.'s scheme was proven in the random oracle model and Canetti et al. has shown that certain schemes provable secure in the random oracle model can be insecure when random oracles are replaced with actual hash functions. Therefore while having a proof in the random oracle model is better than having no proof at all, a scheme to be proven in the standard model would provide stronger security guarantees. In this paper, we propose the first certificateless identification scheme that is both efficient and show our proof of security in the standard model, that is without having to assume random oracles exist.