• Honam Mathematical Journal
• /
• v.28 no.2
• /
• pp.185-196
• /
• 2006

A scheme based on the cryptography for enforcing multilevel security in a system where hierarchy is represented by a partially ordered set was first introduced by Akl et al. But the key generation algorithm of Akl et al. is infeasible when there is a large number of users. In 1985, MacKinnon et al. proposed a paper containing a condition which prevents cooperative attacks and optimizes the assignment in order to overcome this shortage. In 2005, Kim et al. proposed key management systems for multilevel security using one-way hash function, RSA algorithm, Poset dimension and Clifford semigroup in the context of modern cryptography. In particular, the key management system using Clifford semigroup of imaginary quadratic non-maximal orders is based on the fact that the computation of a key ideal $K_0$ from an ideal $EK_0$ seems to be difficult unless E is equivalent to O. We, in this paper, show that computing preimages under the bonding homomorphism is not difficult, and that the multilevel cryptosystem based on the Clifford semigroup is insecure and improper to the key management system.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2003.07a
• /
• pp.21-25
• /
• 2003

Key exposure is the most devastating attacks in any crytographic scheme. In this paper, we investigate key exposure problem in blind signature. We then present a variant of Okamoto-Guillou-Quisquater (OGQ for short) blind signature scheme guaranteeing forward secrecy. Namely, even if current secret key is revealed, forging any signature valid in the past is impossible. Our proposed scheme exhibits an efficient key updating protocol and introduces no significant communication overhead.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2003.05c
• /
• pp.2225-2228
• /
• 2003

인터넷의 급격한 발달로 전자상거래가 우리 생활의 중요한 한 부분을 차지하게 되었다. 이런 전자상거래에서 중요한 한 요소인 기존 디지털 서명 방식에는 몇 가지 문제점을 가지고 있다. 그중 하나가 악의적인 수신자나 제삼자의 디지털 서명의 재사용 문제점이며, 다른 하나가 서명자의 비밀키 분실 문제이다. 다른 문제점으로 수신자가 서명자의 키가 변경된 후 변경전의 디지털 서명의 검증을 시도하는 경우 검증이 불가능한 문제가 발생한다. 이러한 문제들을 해결할 수 있는 새로운 디지털 서명 방식 및 절차를 제안한다. 이 새로운 디지털 방식은 RSA와 EIGamal 암호방식을 통합한 것으로 하나의 비밀키의 이에 대응되는 두 개의 공개키를 갖는 구조이다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.1 no.1
• /
• pp.3-15
• /
• 1991

in 1984 Shamir proposed the concept of ID(identity)-based cryptosystem and digital signature scheme wich does not require any public file for storing the user' s public keys. In this paper, the concept of the ID-based cryptosystem based on discrete logarithm problem using the conven-tional public-key cryptosystems is described, and the implementation method of the ID-based cryptosystem is also presented. The new digital signaturw schme based on the ID-based crypto-system is proposed and possible atacks are considered and analyzed for the security of digital signature scheme. The proposed ID-based schemes are particularrly useful for smart card and personal identification card application.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.12 no.1
• /
• pp.43-54
• /
• 2002

McEliece introduced a public-key cryptosystem based on Algebraic codes, specially binary classical Goppa which have a good decoding algorithm and vast number of inequivalent codes with given parameters. And the advantage of this system low cost of their encryption and decryption procedures compared with other public-key systems specially RSA, ECC based on DLP(discrete logarithm problem). But in [1], they resent new attack based on probabilistic algorithm to find minimum weight codeword, so for a sufficient security level, much larger parameter size [2048, 1608,81]is required. Then the big size of public key make McEliece PKC more inefficient. So in this paper, we will propose New Type PKC using q-ary Hyperelliptic code so that with smaller parameter(1 over 3) but still work factor as hi인 as McEliece PKC and faster encryption, decryption can be maintained.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.8 no.10
• /
• pp.3572-3590
• /
• 2014

Cellular automata (CA) based cryptosystem has been studied for almost three decades, yet most of previously reported researches focus on the symmetric key encryption schemes. Up to now, few CA based public key encryption scheme has been proposed. To fill the gap, in this paper, we propose a new public key encryption scheme based on layered cellular automata (LCA). Specifically, in the proposed scheme, based on the T-shaped neighborhood structure, we combine four one-dimensional reversible CAs (set as the private key) to form the transition rules of a two-dimension CA, where the two-dimension CA is set as the corresponding public key. Based on the hardness assumption of the Decisional Dependent CA problem in LCA, we formally prove the proposed scheme is indistinguishably secure against the chosen-plaintext attack (IND-CPA). In addition, we also use a numeric example to demonstrate its feasibility. Finally, analysis of key space and time efficiency are also carried out along with RSA-1024, and the simulation results demonstrate that our proposed scheme is more efficient.

• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.45 no.5
• /
• pp.30-39
• /
• 2008

This paper proposes a secure and efficient handover authentication protocol in VANET supporting fast mobility. Although the existing schemes commonly use the hash function or XOR operation to be suitable for a light-weight mobile, it does not support the security feature such as PBS. To solve this security problem, another protocol utilizing the CGA technology is proposed but it is vulnerable to the DoS attack due to a number of exponent operations. The proposed protocol using a light-weight Diffie-Hellman provides security features and performs a reduced number of exponential operation at the MN than the existing scheme.

• Journal of Digital Convergence
• /
• v.12 no.4
• /
• pp.259-264
• /
• 2014

Body insertion due to the recent development of sensor technology, the device is attached patients to receive medical services from anywhere, anytime environment is changing. Body insertion devices for the hospital, the patient's vital information attached personnel (doctors, nurses, pharmacists, etc.) to pass, however, when a problem occurs, a patient's information to a third party that can be exploited easily exposed. In this paper, we proposed signature authentication protocols mandate based on the patient's power of attorney from the center of the u-Healthcare services, hospital officials FormHelper third party disguised as a patient, the hospital patient information easily obtained from the officials to prevent. The proposed protocol, the patient's sensitive information to a third party, do not expose the patient's sensitive information to the random number generated by the u-Healthcare service centers and patients hash signature key to encrypt sensitive information of patients. From third parties to maintain synchronization between the patients and the hospital personnel in order to prevent patient information from being exploited illegally by the patient's vital information leakage can be prevented.

• Journal of Internet Computing and Services
• /
• v.8 no.1
• /
• pp.79-85
• /
• 2007

As the use of the computer and networks generalized, the various tasks which are requested secrets can be processed such os the banking transaction. And because of increasing of data exchange, Internet, and mobile networks, the method which is not connected only but also used with many users has been changed. Especially because of the structural problem of the Internet, a lot of information is leaked out when we use the Internet banking. If we check the Internet banking by using an existing cypher method which is either simple of slow, a credit card number, an account number or password will be leaked out. Because the security of information doesn't meet our expectation, we need more powerful cryptography. But, the wasted space-time which is required shouldn,t be ignored when the whole transferred data are encrypted. So, by using both the Elliptic Curve algorithm which is based on mobile networks and the partial encryption of the DTD of XML in this essay, we will implement more faster cypher method of the partial XML.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.19 no.3
• /
• pp.119-131
• /
• 2009

The world's widely used key exchange protocols are open cryptographic communication protocols, such as TLS/SSL, whereas in the financial field in Korea, key exchange protocols developed by industrial classification group have been used that are based on PKI(Public Key Infrastructure) which is suitable for the financial environments of Korea. However, the key exchange protocols are not only vulnerable to client impersonation attacks and known-key attacks, but also do not provide forward secrecy. Especially, an attacker with the private keys of the financial security server can easily get an old session-key that can decrypt the encrypted messages between the clients and the server. The exposure of the server's private keys by internal management problems, etc, results in a huge problem, such as exposure of a lot of private information and financial information of clients. In this paper, we analyze the weaknesses of the cryptographic communication protocols in use in Korea. We then propose two key exchange protocols which reduce the replacement cost of protocols and are also secure against client impersonation attacks and session-key and private key reveal attacks. The forward secrecy of the second protocol is reduced to the HDH(Hash Diffie-Hellman) problem.