• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.49 no.1
• /
• pp.92-101
• /
• 2012

Security support is a significant factor in ad hoc networks. Especially in dynamic topologies, key agreement with private key updating is essential in providing a secure system. And it is also necessary to protect the identities of individual nodes in wireless environments to avoid personal privacy problems. However, many of the existing key agreement schemes for ad hoc networks do not consider these issues concurrently. This paper proposes an anonymous ID-based private key update scheme and a key agreement scheme for mobile ad hoc networks. We also suggest a method of rekeying between different domains using service-coordinators. These schemes are secure against various attacks and are suitable for service-oriented mobile ad hoc networks.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.5
• /
• pp.781-793
• /
• 2014

A Public Key Infrastructure (PKI) is security standards to manage and use public key cryptosystem. A PKI is used to provide digital signature, authentication, public key encryption functionality on insecure channel, such as E-banking and E-commerce on Internet. A soft-token private key in PKI is leaked easily because it is stored in a file at standardized location. Also it is vulnerable to a brute-force password attack as is protected by password-based encryption. In this paper, we proposed a new method that detects private key compromise and is probabilistically secure against a brute-force password attack though soft-token private key is leaked. The main idea of the proposed method is to use a genuine signature key pair and (n-1) fake signature key pairs to make an attacker difficult to generate a valid signature with probability 1/n even if the attacker found the correct password. The proposed method provides detection and notification functionality when an attacker make an attempt at authentication, and enhances the security of soft-token private key without the additional cost of construction of infrastructure thereby extending the function of the existing PKI and SSL/TLS.

• Current Optics and Photonics
• /
• v.4 no.2
• /
• pp.103-114
• /
• 2020

A new optical asymmetric cryptosystem is proposed by modifying the asymmetric RSA public-key protocol required in a cryptosystem. The proposed asymmetric public-key algorithm can be optically implemented by combining a two-step quadrature phase-shifting digital holographic encryption method with the modified RSA public-key algorithm; then two pairs of public-private keys are used to encrypt and decrypt the plaintext. Public keys and ciphertexts are digital holograms that are Fourier-transform holograms, and are recorded on CCDs with 256-gray-level quantized intensities in the optical architecture. The plaintext can only be decrypted by the private keys, which are acquired by the corresponding asymmetric public-key-generation algorithm. Schematically, the proposed optical architecture has the advantage of producing a complicated, asymmetric public-key cryptosystem that can enhance security strength compared to the conventional electronic RSA public-key cryptosystem. Numerical simulations are carried out to demonstrate the validity and effectiveness of the proposed method, by evaluating decryption performance and analysis. The proposed method shows feasibility for application to an asymmetric public-key cryptosystem.

• Journal of the Optical Society of Korea
• /
• v.17 no.5
• /
• pp.362-370
• /
• 2013

In this paper, we propose a novel optical implementation of a 3DES algorithm based on dual XOR logic operations for a cryptographic system. In the schematic architecture, the optical 3DES system consists of dual XOR logic operations, where XOR logic operation is implemented by using a free-space interconnected optical logic gate method. The main point in the proposed 3DES method is to make a higher secure cryptosystem, which is acquired by encrypting an individual private key separately, and this encrypted private key is used to decrypt the plain text from the cipher text. Schematically, the proposed optical configuration of this cryptosystem can be used for the decryption process as well. The major advantage of this optical method is that vast 2-D data can be processed in parallel very quickly regardless of data size. The proposed scheme can be applied to watermark authentication and can also be applied to the OTP encryption if every different private key is created and used for encryption only once. When a security key has data of $512{\times}256$ pixels in size, our proposed method performs 2,048 DES blocks or 1,024 3DES blocks cipher in this paper. Besides, because the key length is equal to $512{\times}256$ bits, $2^{512{\times}256}$ attempts are required to find the correct key. Numerical simulations show the results to be carried out encryption and decryption successfully with the proposed 3DES algorithm.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.5
• /
• pp.863-874
• /
• 2021

Distributed key generation (DKG) with trustless setup is a cryptographic protocol that distributes Shamir secret shares of a private key to participants while keeping the actual private key hidden to the participants. Also, by extending it to a threshold signature protocol, digital signatures can be generated without construction of private keys. This paper proposes a recovery protocol maintaining trustless setup assumptions, in particular to the useful (1,3) share structure. The proposed protocol meets same levels of security requirements with DKG in terms of correctness and secrecy. The protocol can also enable delegation and revocation of digital sign rights for blockchain-based asset management.

• Proceedings of the IEEK Conference
• /
• 2003.11c
• /
• pp.125-128
• /
• 2003

In this paper, we propose a dynamic key lifetime change protocol for performance enhancement of virtual private networks using IPSec. The proposed protocol changes the key lifetime according to the number of secure tunnels. The proposed protocol is implemented with Linux 2.4.18 and FreeS/WAN 1.99. The system employing our proposed protocol performs better than the original version in terms of network performance and security.

• Journal of IKEEE
• /
• v.25 no.1
• /
• pp.42-46
• /
• 2021

A novel key exchange cryptographic method utilizing biometric finger print as a user's private key is proposed. Each unknown users' finger print is encrypted by optical phase-shifting interferometry principle and is changed into two ciphers, which are exchanged with the other party over a public communication network for secret key sharing. The transmitted ciphers generate a complex hologram, which is used to calculate a shared secret key for each user. The proposed method provides high security when applied to a secret key sharing encryption system.

• International Journal of Computer Science & Network Security
• /
• v.21 no.12spc
• /
• pp.451-458
• /
• 2021

Providing a secure and effective way to protect confidential and private data is an urgent process, and accordingly, we will present in this research paper a new method, which is called multiple rounds variable block method (MRVB) which depends on the use of a colored image that is kept secret to generate needed work and round keys. This method can be used to encrypt-decrypt data using various lengths private key and data blocks with various sizes. The number of rounds also will be variable starting from one round. MRVB will be implemented and compared with the encryption-decryption standards DES and AES to show the improvements provided by the proposed method in increasing the security level and in increasing the throughput of the process of data cryptography. The generated private key contents will depend on the used image_key and on the selected number of rounds and the selected number of bytes in each block of data.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.15 no.3
• /
• pp.77-89
• /
• 2005

As the ID-based public key cryptosystems become a very active research area, a number of ID-based key agreement protocols have been proposed, but unfortunately many of them were analyzed that there were some security flaws in the protocols. In addition to key agreement protocols, in recent, Liu et al. and Kim et al. proposed the key agreement protocols that multiple session keys are established at once among participated entities. In this paper, we propose an ID-based tripartite key agreement protocol that establishes 8 keys by improving the efficiency of the Liu et al's. Moreover, the proposed protocol can be used in the situation where multiple different private key generators(PKG) are involved. Therefore, because the private key issued by different PKGs belonging to each entity's domain can be used, our proposed scheme is more efficiently applicable to the practical applications.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2018.05a
• /
• pp.155-156
• /
• 2018

블록체인은 DLT 기술로서, P2P 네트워크의 영역별로 유지 관리되는 트랜잭션의 추가 전용 공유 레코드 기술이다. 그 중 Private Blockchain은 허가된 사용자 멤버만으로 구성된 블록체인 환경으로, 소수의 신뢰노드만이 블록 생성 합의에 참여하여 빠른 블록체인을 형성하고 이를 하나의 원장으로 공유한다. 따라서 본 논문에서는 Private Blockchain의 허가된 사용자의 신원확인을 위한 인증구조인 PKI(Public Key Infrastructure)와 AKI(Accountable Key Infrastructure)를 비교 분석하고 KSI(Keyless Signature Infrastructure)기반의 인증관리를 제안한다.