• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.8 no.7
• /
• pp.2532-2553
• /
• 2014

In Asiacrypt 2003, Al-Riyami and Paterson proposed the notion of certificateless cryptography, a technique to remove key escrow from traditional identity-based cryptography as well as circumvent the certificate management problem of traditional public key cryptography. Subsequently much research has been done in the realm of certificateless encryption and signature schemes, but little to no work has been done for the identification primitive until 2013 when Chin et al. rigorously defined certificateless identification and proposed a concrete scheme. However Chin et al.'s scheme was proven in the random oracle model and Canetti et al. has shown that certain schemes provable secure in the random oracle model can be insecure when random oracles are replaced with actual hash functions. Therefore while having a proof in the random oracle model is better than having no proof at all, a scheme to be proven in the standard model would provide stronger security guarantees. In this paper, we propose the first certificateless identification scheme that is both efficient and show our proof of security in the standard model, that is without having to assume random oracles exist.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.11 no.7
• /
• pp.3629-3647
• /
• 2017

Certificate-based cryptography is a useful public key cryptographic primitive that combines the merits of traditional public key cryptography and identity-based cryptography. It not only solves the key escrow problem inherent in identity-based cryptography, but also simplifies the cumbersome certificate management problem in traditional public key cryptography. So far, four short certificate-based signature schemes have been proposed. However, three of them fail in achieving the existential unforgeability under adaptive chosen-message attacks and the remaining one was not constructed in the normal framework of certificate-based signature. In this paper, we put forward a new short certificate-based signature scheme. The proposed scheme is devised in the normal framework of certificate-based signature and overcomes the security weaknesses in the previous short certificate-based signature schemes. In the random oracle model, we formally prove that it achieves the existential unforgeability against adaptive chosen-message attacks. Performance comparison shows that it is efficient and practical.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.11 no.11
• /
• pp.5625-5641
• /
• 2017

Certificateless public key cryptography resolves the certificate management problem in traditional public key cryptography and the key escrow problem in identity-based cryptography. In recent years, some good results have been achieved in speeding up the computation of bilinear pairing. However, the computation cost of the pairing is much higher than that of the scalar multiplication over the elliptic curve group. Therefore, it is still significant to design cryptosystem without pairing operations. A multi-signer universal designated multi-verifier signature scheme allows a set of signers to cooperatively generate a public verifiable signature, the signature holder then can propose a new signature such that only the designated set of verifiers can verify it. Multi-signer universal designated multi-verifier signatures are suitable in many different practical applications such as electronic tenders, electronic voting and electronic auctions. In this paper, we propose a certificateless multi-signer universal designated multi-verifier signature scheme and prove the security in the random oracle model. Our scheme does not use pairing operation. To the best of our knowledge, our scheme is the first certificateless multi-signer universal designated multi-verifier signature scheme.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.16 no.5
• /
• pp.1687-1707
• /
• 2022

With the development of multiuser online meetings, more group-oriented technologies and applications for instance collaborative work are becoming increasingly important. Authenticated Group Key Agreement (AGKA) schemes provide a shared group key for users with after their identities are confirmed to guarantee the confidentiality and integrity of group communications. On the basis of the Public Key Cryptography (PKC) system used, AGKA can be classified as Public Key Infrastructure-based, Identity-based, and Certificateless. Because the latter type can solve the certificate management overhead and the key escrow problems of the first two types, Certificateless-AGKA (CL-AGKA) protocols have become a popular area of research. However, most CL-AGKA protocols are vulnerable to Public Key Replacement Attacks (PKRA) due to the lack of public key authentication. In the present work, we present a CL-AGKA scheme that can resist PKRA in order to solve impersonation attacks caused by those attacks. Beyond security, improving scheme efficiency is another direction for AGKA research. To reduce the communication and computation cost, we present a scheme with only one round of information interaction and construct a CL-AGKA scheme replacing the bilinear pairing with elliptic curve cryptography. Therefore, our scheme has good applicability to communication environments with limited bandwidth and computing capabilities.

• The Journal of Fisheries Business Administration
• /
• v.35 no.1
• /
• pp.57-85
• /
• 2004

To develop an blue tourism website(BTW) for electronic commerce(EC), information requirements of BTW are defined firstly. We defined information requirements of BTW from two aspects, i.e., front office and back office. Information requirements for front office were derived by consumer purchasing decision process. And information requirements for back office were derived by tourism value chain. Total 29 functions are identified as critical EC related functions of BTW. Among them, 25 functions were investigated into BTW. BTWs were searched by search engines - Yahoo and Empas - to Korean websites. There are 12 specialized BTWs, except one cyber museum website. For 12 websites, 25 functions were probed. By the results, in need recognition stage of blue tourism, only weather information was provided in most websites. In information search stage of blue tourism, package recommendation and various contents were provided in most websites. In consumption stage of blue tourism, traffic information were provided in most websites. And in after - sales service stage of blue tourism, bulletin board function was implemented in most websites. The rest of the functions were scarcely implemented. On the whole, it was concluded that most EC related functions of BTW in Korea were not implemented properly. To improve the status quo, it is expected in the dimension of individual website, that marketing planning, customized service, intelligent service, reinforcing purchasing assistance functions, customer relationship management, and escrow service etc. need to be implemented. And it is expected in the dimension of blue tourism industry, that standardizing product catalog, security assistance policy, information sharing by industrial database, finding referral model of BTW, elevating information mind, revising related laws etc. are needed.

• Asia pacific journal of information systems
• /
• v.16 no.3
• /
• pp.67-93
• /
• 2006

Some consumers prefer online and others prefer offline. What makes them prefer online or offline? There has been a lack of theoretical development to adequately explain consumers' channel switching behavior between traditional physical stores and new virtual stores. Through consumers' purchase decision processes, this study examined the reasons why consumers changed channels depending on purchase process stages. Consumer's purchase decision process could be divided into three stages: pre-purchase stage, purchase stage, and post-purchase stage. We used the intention of channel selection as a surrogate dependent variable of channel selection. And some constructs, that is, channel function, channel benefits, customer relationship benefits, and perceived behavioral control, were selected as independent variables. In buying look-and-feel products, it was identified that consumers preferred virtual stores to physical stores at pre-purchase stage. To put it concretely, all constructs except channel benefits were more influenced to consumers at virtual stores. This result implied that information searching function, which is a main function at pre-purchase stage, was better supported by virtual stores than physical stores. In purchase stage, consumers preferred physical stores to virtual stores. Specially, all constructs influenced much more to consumers at physical stores. This result implied that although escrow service and trusted third parties were introduced, consumers felt that financial risk, performance risk, social risk, etc. still remained highly online. Finally, consumers did not prefer any channel at post-purchase stage. But three independent variables, i.e. channel function, channel benefits, and customer relationship benefits, were significantly preferred at physical stores rather than virtual stores at post-purchase stage. So we concluded that physical stores were a little more preferred to virtual stores at post-purchase stage. Through this study, it was identified that most consumers might switch channels according to purchase process stages. So, first of all, sales representatives should decide that what benefits should be given them through virtual stores at the pre-purchase stage and through physical stores at the purchase and post-purchase stages, and then devise collaborative channel strategies.