• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.12 no.6
• /
• pp.81-92
• /
• 2002

In some practical circumstances, the ability of a signer should be restricted. In group signature schemes, a group member of a group may be allowed to generate signatures up to a certain number of times according to his/her position in the group. In proxy signature schemes, an original signer may want to allow a proxy signer to generate a certain number of signatures on behalf of the original signer. In the paper, we present signature schemes, called c-times signature schemes, that restrict the signing ability of a signer up to c times for pre-defined value c at set-up. The notion of c-times signature schemes are formally defined, and generic transformation from a signature scheme to a c-times signature scheme is suggested. The proposed scheme has a self-enforcement property such that if a signer generates c+1 or more signatures, his/her signature is forged. As a specific example, we present a secure c-times signature scheme $^c$DSA based on the DSA (Digital Signature Algorithm) by using a threshold scheme. Our transformation can be applied to other ElGamal-like signature schemes as well.

• ETRI Journal
• /
• v.34 no.3
• /
• pp.421-428
• /
• 2012

An aggregate signature scheme is a digital signature scheme that allows aggregation of n distinct signatures by n distinct users on n distinct messages. In this paper, we present an aggregate signcryption scheme (ASC) that is useful for reducing the size of certification chains (by aggregating all signatures in the chain) and for reducing message size in secure routing protocols. The new ASC scheme combines identity-based encryption and the aggregation of signatures in a practical way that can simultaneously satisfy the security requirements for confidentiality and authentication. We formally prove the security of the new scheme in a random oracle model with respect to security properties IND-CCA2, AUTH-CMA2, and EUF-CMA.

• Journal of Korean Society of Coastal and Ocean Engineers
• /
• v.21 no.2
• /
• pp.154-163
• /
• 2009

Incident wave angles are conventionally estimated by the directional spectrum analysis of wave data collected from in-situ sensors. The in-situ measurements are limited in monitoring incident wave angles in the wide surf zone, since the techniques are typically expensive, labor-intensive, and point-measuring. In this study, estimation of incident wave angles using wave crest features captured in digital video imagery is proposed to observe incident wave directions over the surf zone. Line signatures of wave crests having high image pixel intensities are extracted by moving an interrogation window to identify high intensity pixels in sequential video images. Wave angles are computed by taking the first derivative of the extracted crest signatures, i.e. local slope of the crest signatures in the two-dimensional physical plane. Compared to the wave angle estimates obtained by the directional spectrum analysis, video-based wave angle estimates show good agreements in general.

• Journal of Electrical Engineering and information Science
• /
• v.1 no.2
• /
• pp.87-95
• /
• 1996

This paper presents a (k,n) threshold digital signature scheme with no trusted dealer. Our idea is to use the EIGamal signature scheme modified for group use. Among many digital signature schemes, our modification has a nice property for our purpose. We also show a (k.n) threshold fail stop signature scheme and two (k.n) threshold undeniable signature schemes. We use [10] as the original fail stop signature scheme, and use [3] and [2] as the original undeniable signature schemes. Since all these schemes are based on the discrete log problem, we can use the same technique.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.20 no.5
• /
• pp.37-48
• /
• 2010

Designated verifier signatures allow a signer to prove the validity of a signature to a specifically designated verifier. The designated verifier can be convinced but unable to prove the source of the message to a third party. Unlike conventional digital signatures, designated verifier signatures make it possible for a signer to repudiate his/her signature against anyone except the designated verifier. Recently, two designated verifier signature schemes, Zhang et al.'s scheme and Kang et al.'s scheme, have been shown to be insecure by concrete attacks. In this paper, we find the essential reason that the schemes open attacks while those were given with its security proofs, and show that Huang-Chou scheme and Du-Wen scheme have the same problem. Indeed, the security proofs of all the schemes reflect no message attackers only. Next, we show that Huang-Chou scheme is insecure by presenting universal forgery attack. Finally, we show that Du-Wen scheme is, indeed, secure by completing its defective security proof.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.34 no.1
• /
• pp.1-9
• /
• 2024

Multivariate Quadratic (MQ)-based digital signature schemes have advantages such as ease of implementation and small signature sizes, making them promising candidates for post-quantum cryptography. To enhance the efficiency of such MQ-based digital signature schemes, utilizing sparse matrices have been proposed, including HiMQ, which has been standardized by Korean Telecommunications Technology Association standard. However, HiMQ shares a similar key structure with Rainbow, which is a representative MQ-based digital signature scheme and was broken by the MinRank attack proposed in 2022. While HiMQ was standardized by a TTA and recommended parameters were provided, these parameters were based on cryptanalysis as of 2020, without considering recent attacks. In this paper, we examine attacks applicable to MQ-based digital signatures, specifically targeting HiMQ, and perform a security analysis. The most effective attack against HiMQ is the combined attack, an improved version of the MinRank attack proposed in 2022, and none of the three recommended parameters satisfy the desired security strength. Furthermore, HiMQ-128 and HiMQ-160 do not meet the minimum security strength requirement of 128-bit security level.

• Proceedings of the Korean Information Science Society Conference
• /
• 1998.10a
• /
• pp.494-496
• /
• 1998

이 논문은 안전한 통신을 보장하고, 전자결재 기능을 제공하는 SEED(Secure Environment for Exchanging Digital Signatures)의 설계 구현에 대해 기술한다. SEEDS는 일반 기업이나 단체에서 근거리망을 통해 서류를 결재하고 교환하는데 개발된 전자결재스템이다. 따라서 SEEDS는 사무환경 특성에 적합한 시스템 구조와 암호화 알고리즘을 기반으로 하는 중재결재 방식을 사용하며, 결재된 서류뿐만 아니라 통신 메시지의 보안을 위해 새롭게 개발한 키 교환 메시지 전송 프로토콜을 사용한다.

• Proceedings of the IEEK Conference
• /
• 2000.07b
• /
• pp.902-905
• /
• 2000

Because of the rapid growth of Internet and multimedia applications, how to protect IPR (intellectual property rights) has become a critical issue. Is one of the ways to overcome the problem of the protection of IPR. Digital watermarking call be applied to multimedia data, such as digital images, digital video, and digital audio. In this paper, we propose a digital watermarking technique for digital images to authenticate an owner or an image by embedding visually recognizable patterns, such as logos, signatures, or stamps into images In BDCT (block discrete cosine transform) frequency domain. The proposed method sorts the components of an original image twice. At the same time, the method, also, rearranges the components of a watermark twice in order to be more robust, and finally embeds the watermark into the image. From the experimental results, the conjunction of three similarity measurements shows that our proposed method is robust to image cropping, image filtering, and JPEG (the Joint Photographic Experts Group) both subjectively and objectively.

• The Journal of Information Technology
• /
• v.2 no.2
• /
• pp.89-105
• /
• 1999

In this paper, we present a countermeasure for a various trouble occurred in secure communication of document image. We Propose a security system for transmission of document image using mixing algorithm that the third party cannot conceive secure transmission of information instead of existing scheme which depend on crypto-degree of security algorithm, itself. For this, RM, DM and RDM algorithm for mixing of secure bits are proposed and applied to digital signature for mixing for secure document and mixing for non-secure document by secure document. Security system for document image involves not only security scheme for document image transmission itself, but also digital signature scheme. The transmitter embeds secretly the signatures onto secure document, embeds it to non-secure document and transfers it to the receiver. The receiver makes a check of any forgery on the signature and the document. Because the total amount of transmitted data and the image quality are about the same to those of the original document image, respectively, the third party cannot notice the fact that signatures and secure document are embedded on the document image. Thus, the probability of attack will be reduced.

• Journal of Communications and Networks
• /
• v.11 no.6
• /
• pp.574-588
• /
• 2009

Although much research has been conducted in the area of authentication in wireless networks, vehicular ad-hoc networks (VANETs) pose unique challenges, such as real-time constraints, processing limitations, memory constraints, frequently changing senders, requirements for interoperability with existing standards, extensibility and flexibility for future requirements, etc. No currently proposed technique addresses all of the requirements for message and entity authentication in VANETs. After analyzing the requirements for viable VANET message authentication, we propose a modified version of TESLA, TESLA++, which provides the same computationally efficient broadcast authentication as TESLA with reduced memory requirements. To address the range of needs within VANETs we propose a new hybrid authentication mechanism, VANET authentication using signatures and TESLA++ (VAST), that combines the advantages of ECDSA signatures and TESLA++. Elliptic curve digital signature algorithm (ECDSA) signatures provide fast authentication and non-repudiation, but are computationally expensive. TESLA++ prevents memory and computation-based denial of service attacks. We analyze the security of our mechanism and simulate VAST in realistic highway conditions under varying network and vehicular traffic scenarios. Simulation results show that VAST outperforms either signatures or TESLA on its own. Even under heavy loads VAST is able to authenticate 100% of the received messages within 107ms. VANETs use certificates to achieve entity authentication (i.e., validate senders). To reduce certificate bandwidth usage, we use Hu et al.'s strategy of broadcasting certificates at fixed intervals, independent of the arrival of new entities. We propose a new certificate verification strategy that prevents denial of service attacks while requiring zero additional sender overhead. Our analysis shows that these solutions introduce a small delay, but still allow drivers in a worst case scenario over 3 seconds to respond to a dangerous situation.