• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2002.11a
• /
• pp.233-236
• /
• 2002

디지털 서명의 정당성을 검증하기 위해서는 서명자 공개키의 유효성을 인증해야 한다. 이 때, PKI 기반의 인증서를 통해 인증을 수행한다면, 무선 인터넷이라는 특성에 따른 보안상의 문제가 있을 뿐만 아니라 비효율적이다. 그런데 별도의 인증서 검증이 필요 없는 개인식별정보 자체를 공개키고 사용한다면 인증서 검증을 위한 무선 인터넷에서 유선 인터넷으로의 접속 없이 서명의 검증이 가능하게 되고, 무선망만을 이용한 통신이 가능하게 된다. 본 논문에서는 이와 같이 이동 통신 환경에 적합하도록 개인식별정보를 공개키고 사용하는 디지털 서명 알고리즘을 제안한다.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 1997.11a
• /
• pp.101-110
• /
• 1997

본고에서는 수신된 데이터의 무결성과 데이터에 대한 수신자의 인증을 위해 기존의 디지탈 다중 서명을 분석하여 더욱 향상된 디지탈 다중 서명 방식을 제안하고자 한다. 기존의 디지탈 다중 서명 방식이 ID-based한 특징을 갖는데 비해 제안한 디지탈 다중 서명 방식은 이산 대수에 근거해 계산하고 있다. 이 방식은 형식면에서 더욱 간편하고, 계산적인 면에서 랜덤수를 저장하지 않으므로서 현실적이며 효율적이라 할 수 있다.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 1995.11a
• /
• pp.275-287
• /
• 1995

개인정보에 기초한 암호법은 통신자간 인증문제를 극복하고 공개 키 화일을 제거할 수 있는 방안으로 많이 연구되고 있다. Ham-Yang은 AMV 서명 기법에 기반하여 사용자 인증, 디지탈 서명과 키 분배가 가능한 개인정보에 기초한 암호법을 제시하였다. 본 논문에서는 이를 분석하고 Moon의 서명기법을 사용하여 개인정보에 기초한 사용자 인증, 디지탈 서명과 키 분배 시스템을 제안한다. 이 시스템의 안전성은 이산대수에 근거하며, 연산량과 시스템 구현 측면에서 효율적이다 대화형 간접 인증 키 분배 방식을 개선하였고 E-mail 등의 일방향 통신에 적합한 키 분배 방안을 제시한다

• International Journal of Internet, Broadcasting and Communication
• /
• v.13 no.2
• /
• pp.60-66
• /
• 2021

Blockchain is a technology that enables trust-based consensus and verification based on a decentralized network. Distributed ID (DID) is based on a decentralized structure, and users have the right to manage their own ID. Recently, interest in self-sovereign identity authentication is increasing. In this paper, as a method for transparent and safe sovereignty management of data, among data pseudonymization techniques for blockchain use, various methods for data encryption processing are examined. The public key technique (homomorphic encryption) has high flexibility and security because different algorithms are applied to the entire sentence for encryption and decryption. As a result, the computational efficiency decreases. The hash function method (MD5) can maintain flexibility and is higher than the security-related two-way encryption method, but there is a threat of collision. Zero-knowledge proof is based on public key encryption based on a mutual proof method, and complex formulas are applied to processes such as personal identification, key distribution, and digital signature. It requires consensus and verification process, so the operation efficiency is lowered to the level of O (log_eN) ~ O(N²). In this paper, data encryption processing for blockchain DID, based on zero-knowledge proof, was proposed and a one-way encryption method considering data use range and frequency of use was proposed. Based on the content presented in the thesis, it is possible to process corrected zero-knowledge proof and to process data efficiently.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.41 no.2
• /
• pp.277-284
• /
• 2016

Various network attacks such as DDoS(Distributed Denial of service) and orm are one of the biggest problems in the modern society. These attacks reduce the quality of internet service and caused the cyber crime. To solve the above problem, signature based IDS(Intrusion Detection System) has been developed by network vendors. It has a high detection rate by using database of previous attack signatures or known malicious traffic pattern. However, signature based IDS have the fatal weakness that the new types of attacks can not be detected. The reason is signature depend on previous attack signatures. In this paper, we propose a k-means clustering based malicious traffic detection method to complement the problem of signature IDS. In order to demonstrate efficiency of the proposed method, we apply the bayesian theorem.

• The Transactions of the Korea Information Processing Society
• /
• v.4 no.10
• /
• pp.2501-2511
• /
• 1997

This paper presents an authentication model for security on satellite command & control communications. The proposed authentication scheme is based on the modified Shamir's signature scheme using a satellite ID(Identity) and the model uses time stamp for protection of command replay attack from unauthorized center. The message authentication with command counter that includes an available key and the algorithm is for loading and execution of commands in the model. Two-way scheme for key change and confirmation between satellite control center and satellite is also proposed.

• Convergence Security Journal
• /
• v.5 no.1
• /
• pp.29-34
• /
• 2005

Internet becomes absolutely necessary tools due to rapid progress of information technology. Educational correspondence about an age of information demand is focused on a learner and remote education based on information technology WBI(Web Based Instruction) is a formation that remotly educate a learner using web, possible mutual reaction between instructor and learner, submit various studying material, has a good point to overcome spatial restriction. Internal and external standardization working is accelerated and recently XML security studies are activated using XML which is next generation web standard document format. In this paper, we propose multi-Certification of agent system using XML digital signature to satisfy security requirement.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.15 no.3
• /
• pp.31-42
• /
• 2005

We consider a network storage model whose administrator can not be fully trusted. In this model, we assume that all data stored are encrypted for data confidentiality and one owner distributes the decryption key for each time period to users. In this paper, we propose three privilege management schemes. In the first scheme, called Temporal Privilege Management (TPM), we use a symmetric encryption based on one-way function chains for key encapsulation. In the second scheme, called Asymmetric Temporal Privilege Management (ATPM), anyone can encrypt the data using the public key of owner, but only privileged users can decrypt the encrypted data. Finally, we present a scheme to restrict writers' privilege using ID-based signatures in ATPM. In our schemes, the privilege managements are based on the time and the addition of users is efficient. Specially, applying TPM and ATPM, we can solve the back-issue problem.

• Proceedings of the Korea Information Assurance Society Conference
• /
• 2004.05a
• /
• pp.297-302
• /
• 2004

Internet becomes absolutely necessary tools due to rapid progress of information technology. Educational correspondence abount an age of information demand is a education focused on a learner and remote education based on information technology. WBI(Web Based Instruction) is a formation that remotly educate a learner using web, possible mutual reaction between instructor and learner, submint various studying material, has a good point to overcome spatial restriction. Internal and external standardization working is accelerated and recently XML security studies are activated using XML which is next generation web standard document format. And XML electronic signature raise interworking between digital signature systems used by various field of using XML document. Using these merit and complementing defect are main contents that users have to pay about Certification service to get CA certificate from 2004 june. This paper propose multiplex Certification remote education agent system using XML digital signature to satisfy security requirement.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.19 no.10
• /
• pp.2481-2490
• /
• 2015

The issue of PHR is maintained on the server will be in the hospital. PHR information stored on the server, such as a patient's illness and treatment is very sensitive information. Therefore, patients should be guaranteed the protection of privacy. In addition, the PHR should be allowed to group access of it's approach. Therefore, in this paper the proposed group signature using hierarchical identity-based encryption schemes into can guarantee the PHR data privacy. The session key generated by group signature, it is use a tiered approach. The generated session keys safe PHR data transmission is possible. The proposed method is average 80% than the PKI encryption and ID-based encryption rather than average 50% the algorithm processing is more efficient