• Journal of KIISE:Computer Systems and Theory
• /
• v.37 no.6
• /
• pp.348-353
• /
• 2010

A threshold decryption scheme is a multi-party public key cryptosystem that allows any sufficiently large subset of participants to decrypt a ciphertext, but disallows the decryption otherwise. When performing a threshold decryption, a third party is often involved to guarantee fairness among the participants. To maintain the security of the protocol as high as possible, it is desirable to lower the level of trust and the amount of information given to the third party. In this paper, we present a threshold decryption scheme which allows the anonymity of the participants as well as the fairness by employing a semi-trusted third party (STTP) which follows the protocol properly with the exception that it keeps a record of all its intermediate computations. Our solution preserves the security and fairness of the previous scheme and reveals no information about the identities of the participants and the plaintext even though an attacker is allowed to access the storage of the STTP.

• Journal of KIISE:Information Networking
• /
• v.28 no.3
• /
• pp.309-320
• /
• 2001

This paper deals with security issues in a mobile agent system, especially protecting agent data from malicious agent servers. For this purpose, one-time key generation system, OKGS in short, is proposed. In OKGS, we integrate notions of a one-way hash function and a coupler. One-way function plays a major role in ensuring confidentiality and integrity of agent data. And the notion of a coupler is used to establish inter-relationship among consecutive encryption keys for agent data, i.e. all agent keys form a unidirectional chain. With these two features of OKGS, therefore, only the agent owner, who creates the agent bearing data, can decrypt and protect all the agent data which are gathered in the itinerary.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.13 no.12
• /
• pp.6071-6080
• /
• 2012

Regarding the official authentication method which is a strong encrypt method for financial transactions, there has recently been a concern for the problem of storage. As a solution for such problems, this study provides the anonymous authentication method based on the smart card used for such a purpose by utilizing the pseudo ID replacing the user's personal data. Such an anonymous authentication method makes it possible to prevent any inside leakage, intermediary attack, limited re-transmission attack, service-denying attack, directional safety attack and secret inspector attack in regard to the user's personal data. As a result, there would be no concern for the leakage of any personal data. In comparative analysis, after executing the comparison and analysis process through the experiment for the authentication process by using the previously-used smart card, the new one has shown about 10% a high level of efficiency for the encrypt and decrypt process together with excellent features in terms of flexibility in regard to the user's anonymity and tracking ability.

• The Journal of the Korea Contents Association
• /
• v.14 no.12
• /
• pp.565-573
• /
• 2014

We have various e-commerce like on-line banking, stock trading, shopping using a PC or SmartPhone. In e-commerce, two parties use the certificate for identification and non-repudiation but, the attack on the certificate user steadily has been increasing since 2005. The most of hacking is stealing the public certificate and private key files. After hacking, the stolen public certificate and private key file is used on e-commerce to fraud. Generally, the private key file is encrypted and saved only with the user's password, and an encrypted private key file can be used after decrypted with user password. If a password is exposed to hackers, hacker decrypt the encrypted private key file, and uses it. For this reason, the hacker attacks user equipment in a various way like installing Trojan's horse to take over the user's certificate and private key file. In this paper, I propose the management method to secure private key of PKI using One Time Password certification technique. As a result, even if the encrypted private key file is exposed outside, the user's private key is kept safely.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2007.06a
• /
• pp.837-840
• /
• 2007

Recently, Not only PC environment but also movile environment using XML for translating data. But the mobile delevopment is more limited but need highler security than PC environment Because there is some important service such as mobile banking. In this paper, We development the system to encrypt and decrypt the XML data in order to protect data, And the system is observing the recommendation of the XML Encryption Syntax and Processing by W3C. When encrypting the data, We use the entryption algorithm DES, Triple-DES, AES, SEED and RSA. and consideration of the mobile environment Last, We test the system at WIPI environment.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.14 no.6
• /
• pp.139-147
• /
• 2014

The ballast water may be discharged into another sea area with marine organisms, it caused problems to disturb the marine ecosystem. So, in order to remove these environmental risk factors, the IMO has mandated the installation of BWTS to the all ships. Our monitoring system diagnose and predict a failure of BWTS by analyzing the sensor information of BWTS collected from which the ships scattered in the ocean of several. This paper presents the design and implementation of communication modules for BWTS remote monitoring considering the satellite communication charge fee. In the our study, we implemented the safety and cost-saving communication modules by LabVIEW program. The collected sensor informations is encrypted and compressed by LabVIEW modules running on RIO. Then they will be transfer to the land server and will be decrypt to enable monitoring in the land server. For the verification, we build the test modules which can verify from collecting the sensor data to consuming them in the monitoring server. We carried out 20 times for the data pattern in all of case. So, we verified the excellent functionality and reliability through the experimental result.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.16 no.8
• /
• pp.1701-1710
• /
• 2012

Recently, it has been found that it is important to use a smart grid to reduce greenhouse-gas emissions worldwide. A smart grid is a digitally enabled electrical grid that gathers, distributes, and acts on information regarding the behavior of all participants (suppliers and consumers) to improve the efficiency, importance, reliability, economics, and sustainability of electricity services. The smart grid technology uses two-way communication, where users can monitor and limit the electricity consumption of their home appliances in real time. Likewise, power companies can monitor and limit the electricity consumption of home appliances for stabilization of the electricity supply. However, if information regarding the measured electricity consumption of a user is leaked, serious privacy issues may arise, as such information may be used as a source of data mining of the electricity consumption patterns or life cycles of home residents. In this paper, we propose a data transaction protocol for privacy protection in a smart grid. In addition, a power company cannot decrypt an encrypted home appliance ID without the user's password.

• Journal of the Institute of Electronics Engineers of Korea CI
• /
• v.46 no.1
• /
• pp.20-34
• /
• 2009

We newly propose a multiple and unlinkable identity-based public key encryption scheme which allows the use of a various number of identity-based public keys in different groups or applications while keeping a single decryption key so that the decryption key can decrypt every ciphertexts encrypted with those public keys. Also our scheme removes the use of certificates as well as the key escrow problem so it is functional and practical. Since our public keys are unlinkable, the user's privacy can be protected from attackers who collect and trace the user information and behavior using the known public keys. Furthermore, we suggest a decryption key renewal protocol to strengthen the security of the single decryption key. Finally, we prove the security of our scheme against the adaptive chosen-ciphertext attack under the random oracle model.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.17 no.3
• /
• pp.235-241
• /
• 2017

With the coming of the digital era, encryption has become common in everyday life. Almost anyone can easily acquire encryption software and use it to prevent unwanted third parties from accessing one's private information. However, the spread of encryption has also seriously hindered law enforcement during the investigation of cybercrimes, which hides incriminating digital evidence in encrypted hard drives and files. Therefore, many countries have attempted to compel criminals to decrypt encrypted evidence and it has been inevitable to examine privilege against self-incrimination as basic right on the side of constitution. This study analyzed the past court decisions on the issue of compelled decryption in the US and whether the Government can compel a defendant to disclose his password in Korean legal system on the constitutional side. Finally, this study suggests an approach to create a legal procedure to make it a crime for a suspect or defendant to refuse to disclose his password to law enforcement for criminal cases in Korea.

• Journal of the Institute of Electronics Engineers of Korea SD
• /
• v.40 no.6
• /
• pp.400-407
• /
• 2003

In this paper an optical encryption system, which can decrypt the original image by using the autocorrelation terms of a JTC, is proposed. Unlike the classical JTC, the joint input plane of the proposed system is composed in a frequency domain not a spatial domain, thus it needs only one Fourier transformation. To use like this, the phase component appeared in the output plane of JTC should be considered. We presents the effect of phase and provides the solution. An original image is encrypted to a complex-valued random image. The original image is reconstructed using the autocorrelation terms which is the main drawback of JTC, therefore the proposed system is more suitable for JTC and real time processing. By computer simulation and optical experiment, the analysis for the phase effect and the performance of the proposed system are confirmed.