• Proceedings of the Korea Information Processing Society Conference
• /
• 2010.11a
• /
• pp.1275-1278
• /
• 2010

1984년 A.Shamir에 의해 처음 소개된 ID 기반 공개키 암호시스템은 ID나 메일, 주소, 소속 등 유일하게 특정할 수 있는 것을 사용자의 공개키로 사용함으로써 송신자의 공개키에 대한 정당성 확인 과정을 필요 없게 하는 방식으로 전자서명에 적용되어 다양한 방식으로 제안되었다. 하지만 ID 기반 그룹 서명에서는 그룹 관리자만이 사용자의 서명키를 생성하기 때문에 그룹 내 사용자로 위장이 가능한 문제점을 가지고 있다. 본 논문에서는 ID기반 서명에서의 문제점인 키 위탁 문제를 해결할 수 있고, 그룹 관리자만이 부담하고 있는 그룹 구성원들의 개인 서명키 생성 및 사용자 식별 연산을 소그룹 관리자를 이용하여 연산량을 분산시킬 수 있는 그룹 서명 방식을 제안한다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.14 no.5
• /
• pp.165-176
• /
• 2004

Al-Riyami and Paterson$^{[1]}$ suggested the new public key paradigm which is called the certificateless public key system. This system takes the advantages of both traditional PKC and ID-based PKC. It does not require the use of certificates of the public key and does not have the key escrow problem caused from the ID-based cryptosystem. In this paper, we propose an efficient certificateless public key encryption scheme which satisfies mutual authentication. The security of our protocol is based on the hardness of two problems; the computational Diffie-Hellman problem(CDHP) and the bilinear Diffie-Hellman problem(BDHP). We also give a formal security model for both confidentiality and unforgeability, and then show that our scheme is probably secure in the random oracle model.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.20 no.6
• /
• pp.1109-1122
• /
• 2016

Certificateless public key cryptography is a technique that can solve the certificate management problem of a public key cryptosystem and clear the key escrow issue of ID-based cryptography using the public key in user ID. Although the studies were actively in progress, many existing schemes have been designed without taking into account the safety of the secret value with the decryption key exposure attacks. If previous secret values and decryption keys are exposed after replacing public key, a valid private key can be calculated by obtaining the partial private key corresponding to user's ID. In this paper, we propose a new security model which ensures the security against the key exposure attacks and show that several certificateless public key encryption schemes are insecure in the proposed security model. In addition, we design a certificateless public key encryption scheme to be secure in the proposed security model and prove it based on the DBDH(Decisional Bilinear Diffie-Hellman) assumption.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.6
• /
• pp.1281-1293
• /
• 2017

In 2001, Boneh and Franklin proposed Identity-Based Encryption(IBE) that does not require a certificate like Public Key Infrastructure(PKI) by using user's Identity as a public key. However, IBE has a key escrow problem because the Private Key Generator(PKG), who is a trusted authority, generates a secret key of every user. Also, it does not support efficient revocation when the user's secret key is exposed or the system needs to revoke the user. Therefore, in order to use IBE as PKI that currently used, it is necessary to solve the key escrow problem and the revocation problem. In this paper, to solve those two problems, we suggest Accountable Authority Revocable IBE(A-RIBE) based on Accountable Authority IBE that mitigates the key escrow problem and Revocable IBE that solves the revocation problem. Also, we define the security model suitable foe A-RIBE, and analyze the principle of designing A-RIBE according to based A-IBE and RIBE and their advantage and disadvantage.

• Journal of Korea Multimedia Society
• /
• v.7 no.7
• /
• pp.922-933
• /
• 2004

In recent years, peer-to-peer network have a greate deal of attention for distributed computing or collaborative application, and work of ID-based public key systems have been focusing on the area of cryptography. In this paper, we propose ID-based group key management protocols for secure communication in autonomous peer group. Each member obtains his public/private key pair derived from his identification string from Private Key Generator. No central server participates in group key management protocol instead, all group members share the burden of group key management by the collaboration of themselves, so that our scheme avoids the single point of failure problem. In addition, our scheme considers the nature of dynamic peer group such as frequent joining and leaving of a member.

• The KIPS Transactions:PartC
• /
• v.12C no.4 s.100
• /
• pp.489-494
• /
• 2005

In 2002, Shundong Xia proposed a new ID-based group signature scheme with strong separability. The nature of a strong separability is to divide group manager's role into a membership manager and a revocation manager Jianhong et al showed that the scheme was not coalition-resistant. In this letter, we first propose two new attacks, forgery and link attacks, for Xia-You's scheme. We also propose a new ID-based group signature scheme that Is resistant to coalition, forgery and link attacks

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.4
• /
• pp.733-744
• /
• 2012

Dynamic threshold public-key encryption provides dynamic setting of the group of all users, receivers and the threshold value. Over recent years, there are many studies on the construction of scheme, called ID-based dynamic threshold encryption, which combines the ID-based encryption with dynamic threshold encryption. In this paper, we analyze the ID-based dynamic threshold encryption proposed by Xing and Xu in 2011, and show that their scheme has a structural problem. We propose a conversion method from ID-based encryption which uses the bilinear map to ID-based dynamic threshold encryption. Additionally, we prove this converted scheme has CPA security under the full model.

• Review of KIISC
• /
• v.8 no.3
• /
• pp.5-18
• /
• 1998

인터넷을 통한 상거래가 21세기에 중요한 상거래 수단이 될 전망이다. 인터넷 상거래 시스템은 공개키 암호시스템에 바탕을 두고 실현되고 있다. 공개키 암호 시스템의 폭넓은 사용은 사용자 공개키가 신뢰성이 있어야 안전성을 보장받을 수 있다. 공개키 기반 구조는 이를 위하여 구축되어야 한다. 따라서 안전하고 신뢰성 있게 공개키를 관리하고 공표하기 위한 공개키 기반 구조는 인터넷전자상거래 시스템뿐만 아니라 정부 기간 통신망에서도 매우 중요한 역할을 수행할 것이다. 공개키 기반 구조는 기본적으로 공개키를 CA의 서명용 비밀키로 서명한 공개키 인즌서를 활용한다. 본 고에서는 공개키 기반 구조를 정의하고, 공개키 기반 구조에서 사용될 보안 알고리듬을 살펴보며, X.509 인증서 구조와 종류, 보안 알고리듬 및 보안 정책을 식별하기위한 OID(Object ID) 와 통신 개체를 확인하기 위한 X.500 DN(Distinguished Name)를 정의하고, 믿음의 연결 고리인 인증경로, 인증 경로의 검증 방안, 새로운 요구사항인 인증 경로의 제한, 인증서 발행 및 발급을 위한 인증서 정책, 그리고 인증서 관리 방법 등을 인터넷 공개키 구조인 PKIX문서를 중심으로 기술한다. 또한 공개키 기반 구조를 위한 규격을 제시한다.

• Convergence Security Journal
• /
• v.15 no.5
• /
• pp.3-8
• /
• 2015

Most mobile cloud computing system use public key cryptography to provide data security and mutual authentication. A variant of traditional public key technologies called Identity-Based Cryptography(IBC) has recently received considerable attention. The certificate-free approach of IBC may well match the dynamic qualities of cloud environment. But, there is a need for a lightweight secure framework that provides security with minimum processing overhead on mobile devices. In this paper, we propose to use hierarchical ID-Based Encryption in mobile cloud computing. It is suitable for a mobile network since it can reduce the workload of root Public Key Generators by delegating the privilege of user authentication and private key generation. The Identity-Based Encryption and Identity-Based Signature are also proposed and an ID-Based Authentication scheme is presented to secure data processing. The proposed scheme is designed by one-way hash functions and XOR operations, thus has low computation costs for mobile users.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 1995.11a
• /
• pp.307-313
• /
• 1995

본 논문에서는 기존에 제안된 이동통신용 키분배 방식의 문제점을 분석하고, Girault가 제안한 자체인증 공개키(Self-certified public keys) 개념을 이용한, 인증자에 기반을 둔(Certification-based) 방식이 아닌 개인식별정보에 기반을 둔(Identity-based) 방식이면서도 사용자가 자신의 비밀키를 선택할수 있는, 이동 퉁신망에 적용가능한 "역설적인" ID-based 키분배 방식을 제안한다. 제안한 방식의 안전성은 고차 잉여류 문제(${\gamma}$$^{th}$ -residuosity problem)와 이산대수(discrete logarithm) 문제에 근거한다. 문제에 근거한다.