• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.13 no.2
• /
• pp.49-61
• /
• 2003

Electronic voting schemes must provide universal verifiability and receipt-freeness, as well as basic properties such as privacy, eligibility, to make the election fair and transparent. But it is difficult to provide both universal verifiability and receipt-freeness because they are mutually contradictory in their objective. To date, most electronic voting schemes provide only one of these properties and those few that provide both properties are not practical due to heavy computational load. In this paper, we present an efficient electronic voting scheme that provides both properties. The proposed scheme uses a trusted third party called HR(Honest Randomizer) and requires only one-way untappable channels from HRs to voters. Among the schemes that assume only one-way untappable channel this scheme requires the least amount of computation. Among the schemes that provide both properties, this scheme uses the weakest physical assumption. We also discuss the security of the system and compare our scheme with other related schemes.

• Journal of Internet Computing and Services
• /
• v.19 no.2
• /
• pp.1-7
• /
• 2018

Due to advances in DNA sequencing technologies, its medical value continues to grow. However, once genome data leaked, it cannot be revoked, and disclosure of personal genome information impacts a large group of individuals. Therefore, secure techniques for managing genomic big data should be developed. We first propose a privacy-preserving inner product protocol for large data sets using the homomorphic encryption of Gentry et al., and then we introduce an efficient privacy-preserving DNA matching protocol based on the proposed protocol. Our efficient protocol satisfies the requirements of correctness, confidentiality, and privacy.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2020.05a
• /
• pp.264-267
• /
• 2020

클라우드가 보편적으로 활용되면서 클라우드 서버에 정보를 저장하거나 연산을 하는 일은 일상이 되었다. 그러나, 이러한 클라우드 컴퓨팅 서비스가 급격히 증가하면서, 개인정보보호와 데이터 보안성, 기밀성 및 시스템의 안정성에 대한 우려가 높아지고 있다. 클라우드는 데이터를 위탁받아 연산하는 과정에서 사용자들의 개인정보를 유출시킬 수 있는 문제점이 있다. 이러한 문제점을 해결하기 위한 방법 중 현재 가장 각광 받고 있는 해결책은 바로 동형암호기술이다. 동형암호는 이전 암호체계와 다르게 사용자의 암호화된 데이터를 복호화하지 않고서도 연산할 수 있어서, 이를 이용하게 되면 사용자 데이터의 기밀성을 보장하면서도 원하는 결과를 얻을 수 있다. 그러나, 동형암호를 클라우드 컴퓨팅 환경에 적용하는데 가장 큰 장애물은 바로 연산 오버헤드가 대단히 크다는 점이다. 본 연구에서는 최신 동형암호 기술을 소개하고 연산속도를 증가시키기 위한 솔루션들에 대해 알아보고자 한다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2021.11a
• /
• pp.189-192
• /
• 2021

5G와 사물인터넷(IoT) 시대에 데이터의 크로스컴퓨팅은 연구, 의료, 금융, 민생 분야 등에 더 많은 지원을 할 수 있고 프라이버시 안전성이 중요해지고 있다. SMPC (Secure Multi-party Computation)은 서로 믿지 않는 참여자 간의 프라이버시 보호 시너지 컴퓨팅 문제를 해결하고, 데이터 수요자에게 원본 데이터를 누설하지 않는 범위 하에서의 다자간 컴퓨팅 능력을 제공한다. IoT 장치는 전력 소모와 지연에 제한을 받기 때문에 대부분의 장치가 여전히 경량화 보안 메커니즘에 속하고 IoT에서 트래픽의 데이터 통합관리가 어렵기 때문에 통신 중 신원인식과 데이터를 주고받는 단계에서 프라이버시 유출의 문제가 발생할 수 있고 심지어 DDOS공격, RelayAttack공격 등 사이버의 목적이 될 수도 있다. 본 논문에서 IoT 네트워크 데이터 통신 특징을 분석하고 동형 암호에 기반의 SMPC 연산 아키텍처를 제안한다. 제안하는 이키텍처에서 동형 암호를 사용함으로써 장치 데이터의 안전을 보장하는 동시에 전체 네트워크 안전성도 확보한다. SMPC 및 동형암호 기술의 지속적 발전에 따라 제안하는 아키텍처가 계속 개선할 잠재력이 있다.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.12 no.4
• /
• pp.1553-1571
• /
• 2018

Currently, many of schemes for smart grid data aggregation are based on a one-level gateway (GW) topology. Since the data aggregation granularity in this topology is too single, the control center (CC) is unable to obtain more fine-grained data aggregation results for better monitoring smart grid. To improve this issue, Shen et al. propose an efficient privacy-preserving cube-data aggregation scheme in which the system model consists of two-level GW. However, a risk exists in their scheme that attacker could forge the signature by using leaked signing keys. In this paper, we propose a secure and fine-grained electricity consumption aggregation scheme for smart grid, which employs the homomorphic encryption to implement privacy-preserving aggregation of users' electricity consumption in the two-level GW smart grid. In our scheme, CC can achieve a flexible electricity regulation by obtaining data aggregation results of various granularities. In addition, our scheme uses the forward-secure signature with backward-secure detection (FSBD) technique to ensure the forward-backward secrecy of the signing keys. Security analysis and experimental results demonstrate that the proposed scheme can achieve forward-backward security of user's electricity consumption signature. Compared with related schemes, our scheme is more secure and efficient.

• Journal of KIISE:Computer Systems and Theory
• /
• v.34 no.7
• /
• pp.288-295
• /
• 2007

The illegal copying and redistribution of digitally-stored information is a crucial problem to distributors who electronically sell digital data. fingerprinting scheme is a technique which supports copyright protection to track redistributors of electronic information using cryptographic techniques. Anonymous asymmetric fingerprinting scheme prevents the merchant from framing a buyer by making the fingerprinted version known to the buyer only. And this scheme allows the buyer to purchase goods without revealing her identity to the seller. In this paper, a new anonymous asymmetric fingerprinting scheme with TTP is introduced. The buyer's fingerprint is generated by the Fingerprint Certificate Authority which is a TTP. When the seller embeds the fingerprint in the digital data, the protocol uses the homomorphic encryption scheme. Thus the seller cannot know the buyer's fingerprint and the buyer's anonymity is guaranteed by using anonymous key pair.

• Journal of the Korea Society of Computer and Information
• /
• v.25 no.6
• /
• pp.65-72
• /
• 2020

Today, the Internet of Things is used in many places, including homes, industrial sites, and hospitals, to give us convenience. Many services generate new value through real-time data collection, storage and analysis as devices are connected to the network. Many of these fields are creating services and applications that utilize sensors and communication functions within IoT devices. However, since everything can be hacked, it causes a huge privacy threat to users who provide data. For example, a variety of sensitive information, such as personal information, lifestyle patters and the existence of diseases, will be leaked if data generated by smarwatches are abused. Development of IoT must be accompanied by the development of security. Recently, Differential Privacy(DP) was adopted to privacy-preserving data processing. So we propose the method that can aggregate health data safely on smartwatch platform, based on DP.

• Journal of Digital Convergence
• /
• v.17 no.7
• /
• pp.285-292
• /
• 2019

With the popularization of PC, SNS and IoT, a lot of data is generated and the amount is increasing exponentially. Artificial neural network learning is a topic that attracts attention in many fields in recent years by using huge amounts of data. Artificial neural network learning has shown tremendous potential in speech recognition and image recognition, and is widely applied to a variety of complex areas such as medical diagnosis, artificial intelligence games, and face recognition. The results of artificial neural networks are accurate enough to surpass real human beings. Despite these many advantages, privacy problems still exist in artificial neural network learning. Learning data for artificial neural network learning includes various information including personal sensitive information, so that privacy can be exposed due to malicious attackers. There is a privacy risk that occurs when an attacker interferes with learning and degrades learning or attacks a model that has completed learning. In this paper, we analyze the attack method of the recently proposed neural network model and its privacy protection method.

• KIPS Transactions on Computer and Communication Systems
• /
• v.11 no.2
• /
• pp.51-58
• /
• 2022

Blockchain technology is a system in which data from users participating in blockchain networks is distributed and stored. Bitcoin and Ethereum are attracting global attention, and the utilization of blockchain is expected to be endless. However, the need for blockchain data privacy protection is emerging in various financial, medical, and real estate sectors that process personal information due to the transparency of disclosing all data in the blockchain to network participants. Although studies using smart contracts, homomorphic encryption, and cryptographic key methods have been mainly conducted to protect existing blockchain data privacy, this paper proposes data privacy using matrix character relocation techniques differentiated from existing papers. The approach proposed in this paper consists largely of two methods: how to relocate the original data to matrix characters, how to return the deployed data to the original. Through qualitative experiments, we evaluate the safety of the approach proposed in this paper, and demonstrate that matrix character relocation will be sufficiently applicable in private blockchain environments by measuring the time it takes to revert applied data to original data.

• Journal of Internet of Things and Convergence
• /
• v.9 no.2
• /
• pp.77-82
• /
• 2023

As the method of collecting and utilizing structured and unstructured data develops due to the influence of the Fourth Industrial Revolution, unwanted personal information data is also being collected and utilized, and hackers are attempting various attacks to steal information. As a result, the importance of information protection has increased, and various protection techniques have emerged, among which many studies have been conducted using decentralized techniques of blockchain and various algorithms to strengthen the security of biometric authentication techniques. This paper proposed a public blockchain biometric authentication system that allows users to protect their data in a safer biometric authentication method in the public blockchain and use it in the blockchain through signature with authenticated information.