• The KIPS Transactions:PartA
• /
• v.10A no.5
• /
• pp.433-438
• /
• 2003

To provede public services through Internet, there are several prerequisites such as security issue resolutions for public area installation and hardware support for authorized signatures etc. in addition to web-based system development. A kiosk-based system is a right solution for public services provision through Internet because a kiosk has hardware features supporting authorized signatures and also it can be installed at public area through Internet without security exposure, meeting security guidelines of National Intelligence Service. The process to provide public services through a koisk is that a client requests a kind of public services selecting menu through the kiosk, then the system issues a civil service documents after taking authentification and payment process. To support those kinds o processes it is required to support electronic payment using SMART card in addition to cash payment and to apply government standard security guidelines to protect administrative and personal information. This kiosk-based Internet public service system support and meet those all requirements.

• The Journal of Information Technology
• /
• v.6 no.1
• /
• pp.1-10
• /
• 2003

In this paper, a public key exponential encryption algorithm for data security of computer network is proposed. This is based on the security to a difficulty of polynomial factorization. For the proposed public key exponential encryption, the public key generation algorithm selects two polynomials f(x,y,z) and g(x,y,z). The enciphering first selects plaintext polynomial W(x,y,z) and multiplies the public key polynomials, then the ciphertext is computed. In the proposed exponential encryption system of public key polynomial, an encryption is built by exponential encryption multiplied thrice by the optional integer number and again plus two public polynomials f(x,y,z) and g(x,y,z). This is an encryption system to enforce the security of encryption with help of prime factor added on RSA public key. The propriety of the proposed public key exponential cryptosystem algorithm is verified with the computer simulation.

• Journal of Digital Convergence
• /
• v.12 no.2
• /
• pp.563-570
• /
• 2014

As information security is becoming more important today, efforts in managing information security more efficiently is becoming greater. Each department such as Ministry of Security and Public Administration, Ministry of Science, Ministry of Education, National Intelligence Service, etc. is established screening criteria for information security and conducted the evaluation. Various information security certification and evaluation for public institutions effectively help to improve the level of information security. However, there are limitations of efficient security management because the examination to be performed frequently by each department. In this paper, we analyze screening criteria of the information security management that is being conducted in the public institutions. We also present limitations of information security management and the direction of improving the limitations.

• Korean Security Journal
• /
• no.11
• /
• pp.105-128
• /
• 2006

The suggestions that follow are about the plan for the cooperation between private security and local government and the enhancement of its service for facing the change of public peace environment. Fist, by a local government collecting funds, the business for revitalization of local economics should be done to enhance local economic independence. Second, the autonomous right of a local government should be reinforced and the center for taking complete charge of local security should be established in the self-governing body. Third, the private security should be connected with the local characteristics, the role of which enlarged as well. For this developing the model of security service for the local area and working together between private security and police should be achieved. Fourth, it is necessary for a local government to entrust the private security with its public security service. For this it should be achieved to set up the range of local security service and inform local residents of the advantage of security service entrusted to private security. Finally, in connection with the new system of local police, it is necessary to have clear grasp of the work related to the private security among local police services and private security business and local police should take partial charge of the public peace service. Through the cooperation between private security and local government, the role of private security will be enlarged and its business revitalized as well.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.9 no.7
• /
• pp.2703-2718
• /
• 2015

Nowadays, public cloud storage is gaining popularity and a growing number of users are beginning to use the public cloud storage for online data storing and sharing. However, how the encrypted data stored in public clouds can be effectively shared becomes a new challenge. Proxy re-encryption is a public-key primitive that can delegate the decryption right from one user to another. In a proxy re-encryption system, a semi-trusted proxy authorized by a data owner is allowed to transform an encrypted data under the data owner's public key into a re-encrypted data under an authorized recipient's public key without seeing the underlying plaintext. Hence, the paradigm of proxy re-encryption provides a promising solution to effectively share encrypted data. In this paper, we propose a new certificate-based proxy re-encryption scheme for encrypted data sharing in public clouds. In the random oracle model, we formally prove that the proposed scheme achieves chosen-ciphertext security. The simulation results show that it is more efficient than the previous certificate-based proxy re-encryption schemes.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.19 no.1
• /
• pp.3-11
• /
• 2009

Forward secrecy in an e-mail system means that the compromising of the long-term secret keys of the mail users and mail servers does not affect the confidentiality of the previous e-mail messages. Previous forward-secure e-mail protocols used the certified public keys of the users and thus needed PKI(Public Key Infrastructure). In this paper, we propose a password-based authenticated e-mail protocol providing forward secrecy. The proposed protocol does not require certified public keys and is sufficiently efficient to be executed on resource-restricted mobile devices.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.11 no.4
• /
• pp.2219-2236
• /
• 2017

With cloud storage services, users can handle an enormous amount of data in an efficient manner. However, due to the widespread popularization of cloud storage, users have raised concerns about the integrity of outsourced data, since they no longer possess the data locally. To address these concerns, many auditing schemes have been proposed that allow users to check the integrity of their outsourced data without retrieving it in full. Yuan and Yu proposed a public auditing scheme with a deduplication property where the cloud server does not store the duplicated data between users. In this paper, we analyze the weakness of the Yuan and Yu's scheme as well as present modifications which could improve the security of the scheme. We also define two types of adversaries and prove that our proposed scheme is secure against these adversaries under formal security models.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.10 no.2
• /
• pp.881-896
• /
• 2016

Certificate-based cryptography is a useful public key cryptographic primitive that combines the merits of traditional public key cryptography and identity-based cryptography. It not only solves the key escrow problem inherent in identity-based cryptography, but also simplifies the cumbersome certificate management problem in traditional public key cryptography. In this paper, by giving a concrete attack, we first show that the certificate-based encryption scheme without bilinear pairings proposed by Yao et al. does not achieve either the chosen-ciphertext security or the weaker chosen-plaintext security. To overcome the security weakness in Yao et al.'s scheme, we propose an enhanced certificate-based encryption scheme that does not use the bilinear pairings. In the random oracle model, we formally prove it to be chosen-ciphertext secure under the computational Diffie-Hellman assumption. The experimental results show that the proposed scheme enjoys obvious advantage in the computation efficiency compared with the previous certificate-based encryption schemes. Without costly pairing operations, it is suitable to be employed on the computation-limited or power-constrained devices.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.1 no.1
• /
• pp.3-15
• /
• 1991

in 1984 Shamir proposed the concept of ID(identity)-based cryptosystem and digital signature scheme wich does not require any public file for storing the user' s public keys. In this paper, the concept of the ID-based cryptosystem based on discrete logarithm problem using the conven-tional public-key cryptosystems is described, and the implementation method of the ID-based cryptosystem is also presented. The new digital signaturw schme based on the ID-based crypto-system is proposed and possible atacks are considered and analyzed for the security of digital signature scheme. The proposed ID-based schemes are particularrly useful for smart card and personal identification card application.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.8 no.6
• /
• pp.15-20
• /
• 2008

Provable security has widely been used to prove a cryptosystem's security formally in crpytography. In this paper, we analyze the Cramer-Shoup public key cryptosystem that has been known to be provable secure against adaptive chosen ciphertext attack and argue that its security proof is not complete in the generic sense of adaptive chosen ciphertext attack. Future research should be directed toward two directions: one is to make the security proof complete even against generic sense of adaptive chosen ciphertext attack, and another is to try finding counterexamples of successful adaptive chosen ciphertext attack on the Cramer-Shoup cryptosystem.