• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제7권11호
• /
• pp.2928-2940
• /
• 2013

Key exposure is a major threat to secure cryptosystems. To mitigate the impact caused by key-compromise attacks, a key-insulated cryptographic mechanism is a better alternative. For securing the large message communication in peer-to-peer networks, in this paper, we propose the first novel identity-based key-insulated encryption (IB-KIE) scheme with message linkages. Our scheme has the properties of unbounded time periods and random-access key-updates. In the proposed scheme, each client can periodically update his private key while the corresponding public one remains unchanged. The essential security assumption of our proposed scheme is based on the well-known bilinear Diffie-Hellman problem (BDHP). To ensure the practical feasibility, we also formally prove that the proposed scheme achieves the security requirement of confidentiality against indistinguishability under adaptive chosen-ciphertext attacks (IND-CCA2) in the random oracle model.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제8권9호
• /
• pp.3231-3249
• /
• 2014

Deniable encryption, introduced in 1997 by Canetti, Dwork, Naor, and Ostrovsky, guarantees that the sender or the receiver of a secret message is able to "fake" the message encrypted in a specific ciphertext in the presence of a coercing adversary, without the adversary detecting that he was not given the real message. Sender - side deniable encryption scheme is considered to be one of the classification of deniable encryption technique which defined as resilient against coercing the sender. M. H. Ibrahim presented a sender - side deniable encryption scheme which based on public key and uncertainty of Jacobi Symbol [6]. This scheme has several problems; (1) it can't be able to derive the fake message $M_f$ that belongs to a valid message set, (2) it is not secure against Quadratic Residue Problem (QRP), and (3) the decryption process is very slow because it is based dramatically on square root computation until reach the message as a Quadratic Non Residue (QNR). The first problem is solved by J. Howlader and S. Basu's scheme [7]; they presented a sender side encryption scheme that allows the sender to present a fake message $M_f$ from a valid message set, but it still suffers from the last two mentioned problems. In this paper we present a new sender-side deniable public-key encryption scheme with fast decryption by which the sender is able to lie about the encrypted message to a coercer and hence escape coercion. While the receiver is able to decrypt for the true message, the sender has the ability to open a fake message of his choice to the coercer which, when verified, gives the same ciphertext as the true message. Compared with both Ibrahim's scheme and J. Howlader and S. Basu's scheme, our scheme enjoys nice two features which solved the mentioned problems: (1) It is semantically secure against Quadratic Residue Problem; (2) It is as fast, in the decryption process, as other schemes. Finally, applying the proposed deniable encryption, we originally give a coercion resistant internet voting model without physical assumptions.

• 한국정보처리학회논문지
• /
• 제7권6호
• /
• pp.1874-1885
• /
• 2000

When a receiver of ciphertext message can not decrypt a message because he has lost his private-key, the private-key of receiver and session-key of the message should be recovered. In this paper, we developed an Encapsulation based Key Recovery System (EKRS). EKRS is a new key encapsulation based key recovery system which is characterized by secretly choice of KRA, randomized target keys. n-way recovery type, and useful for commercial key recovery. EKRS is formally specified by a pictorial model, an Extended Cryptographic Timed Petri Net (ECTPN). Secure information flow and reachability of a session-key are verified by using reachability graph of ECTPN. EKRS, executing over a Public Key Infrastructure, can be used as a security solution in Web based applications such as CALS, EC an EDI.

• 대한수학회보
• /
• 제53권4호
• /
• pp.1051-1069
• /
• 2016

Combining the concept of self-certified public key and message recovery, Li-Zhang-Zhu (LZZ) gives the proxy signature scheme with message recovery using self-certified public key. The security of the proposed scheme is based on the discrete logarithm problem (DLP) and one-way hash function (OWHF). Their scheme accomplishes the tasks of public key verification, proxy signature verification, and message recovery in a logically single step. In addition, their scheme satisfies all properties of strong proxy signature and does not use secure channel in the communication between the original signer and the proxy signer. In this paper, it is shown that in their signature scheme a malicious signer can cheat the system authority (SA), by obtaining a proxy signature key without the permission of the original signer. At the same time malicious original signer can also cheat the SA, he can also obtain a proxy signature key without the permission of the proxy signer. An improved signature scheme is being proposed, which involves the remedial measures to get rid of security flaws of the LZZ et al.'s. The security and performance analysis shows that the proposed signature scheme is maintaining higher level of security, with little bit of computational complexity.

• 정보보호학회논문지
• /
• 제7권3호
• /
• pp.41-52
• /
• 1997

본 논문에서는 Zhou-Gollmann 부인봉쇄 프로토콜의 두가지 문제점에 대하여 다루었다. Zhou-Gollmann 프로토콜에서 메시지는 암호문과 키로 나뉘어 지며 암호문은 수신자에게 직접 전달되지만 키는 수신자로부터 영수증을 받은 후에 TTP의 공개 디렉토리에 게시된다. 따라서, 키를 TTP에 등록하느냐 하지 않는냐는 전적으로 발신자의 의지에 좌우된다. 본 논문에서는 발신자가 이러한 자신의 역할을 이용하여 프로토콜을 불공정하게 만들 수 있음을 보이고 개선 방법을 제시하였다. Zhou-Gollmann 프로토콜의 두 번째 문제점은 수신자에게 전달된 암호문은 TTP에 게시된 키에 의하여 누구라도 쉽게 복호화하여 평문 메시지를 얻을 수 있다는 것이다. 따라서, 발신자가 비밀 메시지를 수신자에게 보내기 위해서는 부가적인 암호 방법을 사용하여야 한다. 본 논문에서는 Zhou-Gollmann 프로토콜에 Diffie-Hellman 키분배 방식을 사용하여 메시지 보호가 가능한 부인봉쇄 프로토콜을 제안하고자한다.

• 한국산업정보학회논문지
• /
• 제8권1호
• /
• pp.43-54
• /
• 2003

전자상거래는 개인과 개인, 기업과 기업, 개인과 기업 상호간에 메시지의 교환을 통해서 이루어진다. 전자상거래를 활성화 할 수 있는 가장 중요한 요소는 메시지 인증으로서, 이는 거래당사자들이 수신된 메시지의 진정성을 확인하는 과정이다. 메시지의 진정성은 위조불가, 부인불가, 변경불가, 출처인증으로 구성되어 있고, 공개키 암호화를 통해 수행 할 수 있다. X.400 메시지처리 시스템과 공개키 암호화에 기반을 두고 있는 PGP가 메시지 교환에 널리 사용되고 있다. 본 논문에서는 공개키 암호화와 X.400 프로토콜 그리고 PGP상에 존재하는 메시지 인증문제를 해결하기 위하여 NMAP로 명명된 공개정보 기반 암호화 시스템을 제안하고 이를 설계 구현하였다. 구현된 메시지 인증 프로토콜의 검증을 위해 퍼지적분을 사용하였다. 제안된 시스템은 전자상거래의 활성화와 비대화형 인증 서비스 제공에 사용될 수 있을 것이다.

• 융합보안논문지
• /
• 제17권5호
• /
• pp.77-85
• /
• 2017

본 논문에서는 멀티캐스트 CoAP 보안 키 설정 기법을 제안한다. 멀티캐스트 CoAP에서 CoAP 클라이언트가 송신한 CoAP Request 메시지는 멀티캐스트로 CoAP 서버 그룹에게 전송되지만, 각각의 CoAP 서버가 송신한 CoAP Response 메시지는 유니캐스트로 클라이언트에게 전송된다. 따라서 CoAP Request 메시지는 그룹키로, 각각의 CoAP Response 메시지는 CoAP 서버와 CoAP 클라이언트 간의 개별키(유니캐스트 키)로 보호된다. 제안하는 프로토콜은 클라이언트와 서버가 최초 CoAP 메시지 교환 과정에서 ECDH를 이용하여 그룹키와 개별키를 설정하는 것이다. 제안 프로토콜은 DTLS Handshake를 대체할 수 있어 통신효율이 높고 확장성이 있으며, 개별키를 설정하기 때문에 종단간 보안을 지원할 수 있다.

• ETRI Journal
• /
• 제38권4호
• /
• pp.724-734
• /
• 2016

To achieve confidentiality, integrity, authentication, and non-repudiation simultaneously, the concept of signcryption was introduced by combining encryption and a signature in a single scheme. Certificate-based encryption schemes are designed to resolve the key escrow problem of identity-based encryption, as well as to simplify the certificate management problem in traditional public key cryptosystems. In this paper, we propose a new certificate-based signcryption scheme that has been proved to be secure against adaptive chosen ciphertext attacks and existentially unforgeable against chosen-message attacks in the random oracle model. Our scheme is not based on pairing and thus is efficient and practical. Furthermore, it allows a signcrypted message to be immediately verified by the public key of the sender. This means that verification and decryption of the signcrypted message are decoupled. To the best of our knowledge, this is the first signcryption scheme without pairing to have this feature.

• Journal of applied mathematics & informatics
• /
• 제8권3호
• /
• pp.943-957
• /
• 2001

In this paper, we propose an efficient encryption algorithm, without exchanging session keys of a symmetric cryptosystem. The proposed scheme, called as the FAKE(Fast Asymmetric Key Encryption), first scrambles an entire input message and then encrypts small parts of the scrambled message using an asymmetric key encryption scheme. We use the all-or-nothing transform based on the hash function as a scrambling function, which was proposed by Shin, et al. Furthermore, the proposed scheme can additionally provide a digital signature service with only small overhead.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제6권9호
• /
• pp.2442-2454
• /
• 2012

To ensure the security of wireless sensor networks, it is important to have a robust key management scheme. In this paper, we propose a Quorum-based key management scheme. A specific sensor, called as key distribution server (KDS), generates a key matrix and establishes a quorum system from the key matrix. The quorum system is a set system of subsets that the intersection of any two subsets is non-empty. In our scheme, each sensor is assigned a subset of the quorum system as its pre-distributed keys. Whenever any two sensors need a shared key, they exchange their IDs, and then each sensor by itself finds a common key from its assigned subset. A shared key is then generated by the two sensors individually based on the common key. By our scheme, no key is needed to be refreshed as a sensor leaves the network. Upon a sensor joining the network, the KDS broadcasts a message containing the joining sensor ID. After receiving the broadcast message, each sensor updates the key which is in common with the new joining one. Only XOR and hash operations are required to be executed during key update process, and each sensor needs to update one key only. Furthermore, if multiple sensors would like to have a secure group communication, the KDS broadcasts a message containing the partial information of a group key, and then each sensor in the group by itself is able to restore the group key by using the secret sharing technique without cooperating with other sensors in the group.