• Journal of KIISE:Information Networking
• /
• v.30 no.4
• /
• pp.474-483
• /
• 2003

The secret sharing is the basic concept of the threshold cryptosystem and has an important position in the modern cryptography. At 1995, Jarecki proposed the proactive secret sharing to be a solution of existing the mobile adversary and also proposed the share renewal scheme for (k, n) threshold scheme. For n participants in the protocol, his method needs O($n^2$) modular exponentiation per one participant. It is very high computational cost and is not fit for the scalable cryptosystem. In this paper, we propose the efficient share renewal scheme that need only O(n) modular exponentiation per participant. And we prove our scheme is secure if less that ${\frac}\frac{1}{2}n-1$ adversaries exist and they static adversary.

• Journal of KIISE:Computer Systems and Theory
• /
• v.31 no.1_2
• /
• pp.27-40
• /
• 2004

The OSGi service platform has several characteristics as in the followings. First, the service is deployed in the form of self-installable component called service bundle. Second, the service is dynamic according to its life-cycle and has interactions with other services. Third, the system resources of a home gateway are restricted. Due to these characteristics of a home gateway, there are a lot of rooms for malicious services can be Installed, and further, the nature of service can be changed. It is possible for those service bundles to influence badly on service gateways and users. However, there is no service bundle authentication mechanism considering those characteristics for the home gateway In this paper, we propose a service bundle authentication mechanism considering those characteristics for the home gateway environment. We design the mechanism for sharing a key which transports a service bundle safely in bootstrapping step that recognize and initialize equipments. And we propose the service bundle authentication mechanism based on MAC that use a shared secret created in bootstrapping step. Also we verify the safety of key sharing mechanism and service bundle authentication mechanism using a BAN Logic. This service bundle authentication mechanism Is more efficient than PKI-based service bundle authentication mechanism or RSH protocol in the service platform which has restricted resources such as storage spaces and operations.

• KIPS Transactions on Computer and Communication Systems
• /
• v.11 no.9
• /
• pp.305-316
• /
• 2022

With the flood of digital data owing to the Internet of Things and big data, cloud service providers that process and store vast amount of data from multiple users can apply duplicate data elimination technique for efficient data management. The user experience can be improved as the notion of edge computing paradigm is introduced as an extension of the cloud computing to improve problems such as network congestion to a central cloud server and reduced computational efficiency. However, the addition of a new edge device that is not entirely reliable in the edge computing may cause increase in the computational complexity for additional cryptographic operations to preserve data privacy in duplicate identification and elimination process. In this paper, we propose an efficiency-improved duplicate data elimination protocol while preserving data privacy with an optimized user-edge-cloud communication framework by utilizing a trusted execution environment. Direct sharing of secret information between the user and the central cloud server can minimize the computational complexity in edge devices and enables the use of efficient encryption algorithms at the side of cloud service providers. Users also improve the user experience by offloading data to edge devices, enabling duplicate elimination and independent activity. Through experiments, efficiency of the proposed scheme has been analyzed such as up to 78x improvements in computation during data outsourcing process compared to the previous study which does not exploit trusted execution environment in edge computing architecture.