• Journal of Information Processing Systems
• /
• v.7 no.1
• /
• pp.159-172
• /
• 2011

A designated verifier signature is a special type of digital signature, which convinces a designated verifier that she has signed a message in such a way that the designated verifier cannot transfer the signature to a third party. A strong designated verifier signature scheme enhances the privacy of the signer such that no one but the designated verifier can verify the signer's signatures. In this paper we present two generic frame works for constructing strong designated verifier signature schemes from any secure ring signature scheme and any deniable one-pass authenticated key exchange protocol, respectively. Compared with similar protocols, the instantiations of our construction achieve improved efficiency.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.11 no.2
• /
• pp.27-35
• /
• 2001

Based on the development of mobile communication, the future mobile communication systems are expected to provide higher quality of multimedia services for users than today\`s systems. Therefore, many technical factors are needed in this systems. Especially the secrecy and the safety would be obtained through the introduction of the security for mobile communication. In this paper, we presents a digital nominative proxy signature scheme that processes a user\`s digital signature and encryption using the proxy-agent who has more computational power than origins in mobile communication. The proposed scheme provides non-repudiation and prevents creating illegal signature by the origin and proxy-agent in a phase of proxy signature processing. Also this scheme satisfies the confidentiality and safety in the mobile communication through a confirming signature by the right receiver.

• The Journal of Society for e-Business Studies
• /
• v.9 no.3
• /
• pp.227-241
• /
• 2004

With the expansion of internet usage and the advanced technology for information and communication, the international e-Trade environment gradually migrates from the VAN/EDI to the global Internet-based e-Traed on an ebXML framework. In an effort to provide a Internet-based e-Trade environment with a security and trust, this paper analyzes security components and proposed the SSL and ebXML security technologies in order to assure of the trust and security over Internet-based e-Trade. In addition, this paper presents 3-phase methodology to realize the secure and trustworthy Internet-based e-Trade. In summary, as the first phase, the e-Trade business processes are re-engineered and the digital signature council for mutual recognition is orgainzed. And as the second phase, the Internet-based e-Trade system and the concerned digital signature technology are implemented. Finally as third phase, the PKI mutual recognition agreement is signed by parties concerned and then the Internet-based e-trade business is started. Furthermore, this paper presents the promising Internet-based e-Trade models where the digital signature can be applied.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.31 no.6C
• /
• pp.651-657
• /
• 2006

This paper propose the technique for the execution authentication of digital signature with TTS(traceable trust server) to guarantee the safe execution of mobile agents. That is to say, it is focused on improving the processing speed of systems and the traffic of network which are problems in the existing studies. The digital signature is used to guarantee the efficient and safe execution and the integrity of mobile agents. The certificate of it is chained with synthesis function, cryptographic algorithm based on public key, and hash function. And white hosts can be protected against the threat of being used maliciously. Then, we prove the efficiency of system overhead and the traffic of network by the analysis. In case the certificate chain of a digital signature is used, the safe execution of mobile agents can be protected against attackers that wish to insert a newly created certificate after cutting off the chain after striking space key 2 times.

• Journal of the Korea Society of Computer and Information
• /
• v.16 no.8
• /
• pp.109-118
• /
• 2011

Recently, electronic documents are deployed in many areas. However, trust concerns arise owing to the fact that detecting whether an electronic document is modified or not is not an easy process. To facilitate this process, many word processors provide digital signature capabilities on themselves. However, there were not much research on the security of digital signature function of various programs including Microsoft Word and Hancom Hangul. Therefore, in this paper, we analyze the security of Microsoft Word and Hancom Hangul, and propose improvements for their digital signature schemes.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.34 no.1
• /
• pp.1-9
• /
• 2024

Multivariate Quadratic (MQ)-based digital signature schemes have advantages such as ease of implementation and small signature sizes, making them promising candidates for post-quantum cryptography. To enhance the efficiency of such MQ-based digital signature schemes, utilizing sparse matrices have been proposed, including HiMQ, which has been standardized by Korean Telecommunications Technology Association standard. However, HiMQ shares a similar key structure with Rainbow, which is a representative MQ-based digital signature scheme and was broken by the MinRank attack proposed in 2022. While HiMQ was standardized by a TTA and recommended parameters were provided, these parameters were based on cryptanalysis as of 2020, without considering recent attacks. In this paper, we examine attacks applicable to MQ-based digital signatures, specifically targeting HiMQ, and perform a security analysis. The most effective attack against HiMQ is the combined attack, an improved version of the MinRank attack proposed in 2022, and none of the three recommended parameters satisfy the desired security strength. Furthermore, HiMQ-128 and HiMQ-160 do not meet the minimum security strength requirement of 128-bit security level.

• Journal of Digital Convergence
• /
• v.12 no.1
• /
• pp.389-395
• /
• 2014

In a biometric signature scheme, a user's biometric key is used to sign the document. It also requires the user be authenticated with biometric recognition method, prior to signing the document. Because the biometric recognition is launched every time the signature session started, it is not suitable for electronic commerce applications such as shopping malls where large number of documents to sign are required. Therefore, to commercialize biometric based signature schemes, the new proxy signature scheme is needed to ease the burden of the signer. In the proxy signature scheme, the signer can delegate signing activities to trustful third parties. In this study, the biometric based signature delegation method is proposed. The proposed scheme is suitable for applications where a lot of signing are required. It is consisted of biometric key generation, PKI based mutual authentication, signature generation and verification protocols.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.9 no.4
• /
• pp.85-97
• /
• 1999

A blind signature scheme is a protocol allowing verifier to obtain a valid signature for a message m from a signer without him seeing the message. This means that the bank in collaboration with the shop cannot trace the electronic cash to user. However anonymous electronic cash also facilitates fraud and criminal acts such as money laundering anonymous blackmailing and illegal purchaes. Therefore in this paper we propose fair blind signature scheme based on KCDSA which is a domestic digital signature scheme and it apply a electronic cash system. In particularly a proposed electronic cash system have an anonymity control ability which trace a user who make use a electronic cash illegally in association with a trusted center.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.20 no.5
• /
• pp.49-57
• /
• 2010

The fault cryptanalysis is a physical attack in which the key stored inside of the device can be extracted by occurring some faults when the device performs cryptographic algorithm. Since the international signature standard DSA(Digital Signature Algorithm) was known to be vulnerable to some fault analysis attacks, many researchers have been investigating the countermeasure to prevent these attacks. In this paper we propose a new countermeasure to compute DSA signature that has its immunity in the presence of faults. Since additional computational overhead of our proposal is only an inverse operation in signature process, the proposed DSA scheme can be implemented more efficiently compared to previous countermeasures.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.6 no.1
• /
• pp.115-129
• /
• 2010

As the fixed mobile communication tools using the internet are developed, the off-line services are serviced through on-line on the internet. our society is divided into the real world and the cyber world. In the cyber world, the authentication to the user is absolutely required. The authentication is divided into the real-name authentication and the anonymous authentication by the kind of the internet service provider. There are some ISPs needed the real-name authentication and there are others ISPs needed the anonymity authentication. The research about the anonymity authentication is steadily established to these days. In this paper, we analyze the problem about blind signature, group signature, ring signature, and traceable signature. And we propose a method of anonymity authentication using the public certificate. In the proposal, the anonymity certificate have the new structure and management. Certificate Authority issues several anonymity certificates to a user through the real-name authentication. Several anonymity certificates give non-linked and non-traceability to the attacker.