• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.4
• /
• pp.733-744
• /
• 2012

Dynamic threshold public-key encryption provides dynamic setting of the group of all users, receivers and the threshold value. Over recent years, there are many studies on the construction of scheme, called ID-based dynamic threshold encryption, which combines the ID-based encryption with dynamic threshold encryption. In this paper, we analyze the ID-based dynamic threshold encryption proposed by Xing and Xu in 2011, and show that their scheme has a structural problem. We propose a conversion method from ID-based encryption which uses the bilinear map to ID-based dynamic threshold encryption. Additionally, we prove this converted scheme has CPA security under the full model.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.16 no.4
• /
• pp.1286-1306
• /
• 2022

Searchable symmetric encryption (SSE) provides a safe and effective solution for retrieving encrypted data on cloud servers. However, the existing SSE schemes mainly focus on single keyword search in single client, which is inefficient for multiple keywords and cannot meet the needs for multiple clients. Considering the above drawbacks, we propose a scheme enabling dynamic multi-client and Boolean query in searchable symmetric encryption for cloud storage system (DMC-SSE). DMC-SSE realizes the fine-grained access control of multi-client in SSE by attribute-based encryption (ABE) and novel access control list (ACL), and supports Boolean query of multiple keywords. In addition, DMC-SSE realizes the full dynamic update of client and file. Compared with the existing multi-client schemes, our scheme has the following advantages: 1) Dynamic. DMC-SSE not only supports the dynamic addition or deletion of multiple clients, but also realizes the dynamic update of files. 2) Non-interactivity. After being authorized, the client can query keywords without the help of the data owner and the data owner can dynamically update client's permissions without requiring the client to stay online. At last, the security analysis and experiments results demonstrate that our scheme is safe and efficient.

• Journal of Korea Multimedia Society
• /
• v.11 no.6
• /
• pp.852-859
• /
• 2008

In this paper, we propose a dynamic keyed block encryption algorithm. Most existing encryption algorithms are designed such that the key is not changed. Therefore, they have a disadvantage that plaintext could be easily exposed by differential and linear cryptanalysis. In the proposed algorithm, several key generators are designed, and a key generator is attached to the encryption procedure. After performing the encryption procedure, ciphertext and the initial key generating values are transferred to the receiver's key generator for decryption. Through simulation, the proposed algorithm is verified to satisfy the requirements of real-time processing and proved to have a high strength. It can be applied to practical use.

• Journal of Korea Multimedia Society
• /
• v.5 no.6
• /
• pp.683-696
• /
• 2002

The existing block encryption algorithms have been designed for the encryption key value to be unchanged and applied to the round functions of each block, and enciphered. Therefore, it has such a weak point that the plaintext or encryption key could be easily exposed by differential cryptanalysis or linear cryptanalysis, both are the most powerful methods for decoding block encryption of a round-repeating structure. In order to overcome with this weak point, an encryption algorithm using a mote efficient key should be designed. In this paper, a block encryption algorithm which is designed for each encryption key value to be applied to each round block with different value is proposed. This algorithm needs a short processing time in an encryption and decryption, has a high intensity, can apply to electronic commerce and various applications of data protection.

• Journal of the Korea Society of Computer and Information
• /
• v.13 no.4
• /
• pp.169-175
• /
• 2008

The existing block encryption algorithms have been designed for the encryption key value to be unchanged and applied to the round functions of each block. and enciphered. Therefore, it has such a weak point that the plaintext or encryption key could be easily exposed by differential cryptanalysis or linear cryptanalysis, both are the most powerful methods for decoding block encryption of a round repeating structure. Dynamic cipher has the property that the key-size, the number of round, and the plaintext-size are scalable simultaneously. Dynamic network is the unique network satisfying these characteristics among the networks for symmetric block ciphers. We analyze the strength of Dynamic network for meet-in-the-middle attack, linear cryptanalysis, and differential cryptanalysis. Also, In this paper we propose a new network called Dynamic network for symmetric block ciphers.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.12 no.9
• /
• pp.4271-4294
• /
• 2018

Communication cost is the most important factor in Wireless Sensor Networks (WSNs), as exchanging control keying messages consumes a large amount of energy from the constituent sensor nodes. Time-based Dynamic Keying and En-Route Filtering (TICK) can reduce the communication costs by utilizing local time values of the en-route nodes to generate one-time dynamic keys that are used to encrypt reports in a manner that further avoids the regular keying or re-keying of messages. Although TICK is more energy efficient, it employs no re-encryption operation strategy that cannot determine whether a healthy report might be considered as malicious if the clock drift between the source node and the forwarding node is too large. Secure SOurce-BAsed Loose Synchronization (SOBAS) employs a selective encryption en-route in which fixed nodes are selected to re-encrypt the data. Therefore, the selection of encryption nodes is non-adaptive, and the dynamic network conditions (i.e., The residual energy of en-route nodes, hop count, and false positive rate) are also not focused in SOBAS. We propose an energy efficient selection of re-encryption nodes based on fuzzy logic. Simulation results indicate that the proposed method achieves better energy conservation at the en-route nodes along the path when compared to TICK and SOBAS.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.9 no.11
• /
• pp.4680-4700
• /
• 2015

Broadcast encryption is an efficient way to distribute confidential information to a set of receivers using broadcast channel. It allows the broadcaster to dynamically choose the receiver set during each encryption. However, most broadcast encryption schemes in the literature haven't taken into consideration the receiver's privacy protection, and the scanty privacy preserving solutions are often less efficient, which are not suitable for practical scenarios. In this paper, we propose an efficient dynamic anonymous broadcast encryption scheme that has the shortest ciphertext length. The scheme is constructed over the composite order bilinear groups, and adopts the Lagrange interpolation polynomial to hide the receivers' identities, which yields efficient decryption algorithm. Security proofs show that, the proposed scheme is both secure and anonymous under the threat of adaptive adversaries in standard model.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.13 no.3
• /
• pp.43-51
• /
• 2017

MANET consists of only wireless nodes having limited processing capability. It processes routing and data transmission through cooperation among each other. And it is exposed to many attack threats due to the dynamic topology by movement of nodes and multi-hop communication. Therefore, the reliability of transmitted data between nodes must be improved and security of integrity must be high. In this paper, we propose a method to increase the reliability of transmitted data by providing a secure cryptography protocol. The proposed method used a hierarchical structure to provide smooth cryptographic services. The cluster authentication node issues the cluster authentication key pair and unique key to the nodes. The nodes performs the encryption through two steps of encryption using cluster public key and block encryption using unique key. Because of this, the robustness against data forgery attacks was heightened. The superior performance of the proposed method can be confirmed through comparative experiment with the existing security routing method.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.1
• /
• pp.59-74
• /
• 2014

The social network service is a online service letting users express the personality and enhancing the human network. However, these features result in side effects which diffuse personal information and make users access to treacherous information. Therefore, various access control models have been proposed. However, the access control mechanisms which encrypt data are only able to be applied for controlling access from direct node, and the access control mechanisms without data encryption allow service provider to access all the information. Moreover, both mechanisms do not consider dynamic changes in reliability of the users. In this paper, we propose relationship-based dynamic access control model including encryption of sensitive data, which consider the characteristics of SNS and improves the security of SNS.

• Journal of Communications and Networks
• /
• v.13 no.5
• /
• pp.518-524
• /
• 2011

A high assurance IP encryption (HAIPE) compliant protocol accelerator is proposed for military networks consisting of red (or classified) networks and black (or unclassified) networks. The boundary between red and black sides is assumed to be protected via a HAIPE device. However, the IP layer encryption introduces challenges for bandwidth on demand satellite communication. The problems experienced by transmission control protocol (TCP) over satellites are well understood: While standard modems (on the black side) employ TCP performance enhancing proxy (PEP) which has been shown to work well, the HAIPE encryption of TCP headers renders the onboard modem's PEP ineffective. This is attributed to the fact that under the bandwidth-on-demand environment, PEP must use traditional TCP mechanisms such as slow start to probe for the available bandwidth of the link (which eliminates the usefulness of the PEP). Most implementations recommend disabling the PEP when a HAIPE device is used. In this paper, we propose a novel solution, namely broadband HAIPE-embeddable satellite communications terminal (BHeST), which utilizes dynamic network performance enhancement algorithms for high latency bandwidth-on-demand satellite links protected by HAIPE. By moving the PEP into the red network and exploiting the explicit congestion notification bypass mechanism allowed by the latest HAIPE standard, we have been able to regain PEP's desired network enhancement that was lost due to HAIPE encryption (even though the idea of deploying PEP at the modem side is not new). Our BHeST solution employs direct video broadcast-return channel service (DVB-RCS), an open standard as a means of providing bandwidth-on-demand satellite links. Another issue we address is the estimation of current satellite bandwidth allocated to a remote terminal which is not available in DVBRCS. Simulation results show that the improvement of our solution over FIX PEP is significant and could reach up to 100%. The improvement over the original TCP is even more (up to 500% for certain configurations).