• Journal of information and communication convergence engineering
• /
• v.7 no.1
• /
• pp.24-29
• /
• 2009

Sahai and Waters first introduced the concept of Fuzzy Identity Based Encryption (FIBE) to provide an error-tolerance property for Identity Based Encryption (IBE) in 2005. Yang et al. extended this idea and introduced the concept of Fuzzy Identity Based Signature (FIBS) in 2008, and constructed a FIBS scheme based on Sahai and Waters's FIBE scheme. In this paper, we further formalize the notion and security model of FIBS scheme and propose a new construction of FIBS scheme based on bilinear pairing. The proposed FIBS scheme not only provide shorter public parameters, private key and signature, but also have useful structures which result in more efficient key extraction, signing and verification than that of Yang et al.'s FIBS scheme.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.6 no.2
• /
• pp.751-765
• /
• 2012

Key establishment protocols are fundamental for establishing secure communication channels over public insecure networks. Security must be given the topmost priority in the design of a key establishment protocol. In this work, we provide a security analysis on two recent key establishment protocols: Harn and Lin's group key transfer protocol and Dutta and Barua's group key agreement protocol. Our analysis shows that both the Harn-Lin protocol and the Dutta-Barua protocol have a flaw in their design and can be easily attacked. The attack we mount on the Harn-Lin protocol is a replay attack whereby a malicious user can obtain the long-term secrets of any other users. The Dutta-Barua protocol is vulnerable to an unknown key-share attack. For each of the two protocols, we present how to eliminate their security vulnerabilities. We also improve Dutta and Barua's proof of security to make it valid against unknown key share attacks.

• Journal of Information Technology Services
• /
• v.19 no.1
• /
• pp.145-158
• /
• 2020

With the development and widespread application of online shopping, the number of online consumers has increased. With one click of a mouse, people can buy anything they want without going out and have it sent right to the doors. As consumers benefit from online shopping, people are becoming more concerned about protecting their privacy. In the group buying scenario described in our paper, online shopping was regarded as intra-group communication. To protect the sensitive information of consumers, the polynomial-based encryption key sharing method (Piao et al., 2013; Piao and Kim, 2018) can be applied to online shopping communication. In this paper, we analyze security problems by using a polynomial-based scheme in the following ways : First, in Kamal's attack, they said it does not provide perfect forward and backward secrecy when the members leave or join the group because the secret key can be broken in polynomial time. Second, for simultaneous equations, the leaving node will compute the new secret key if it can be confirmed that the updated new polynomial is recomputed. Third, using Newton's method, attackers can successively find better approximations to the roots of a function. Fourth, the Berlekamp Algorithm can factor polynomials over finite fields and solve the root of the polynomial. Fifth, for a brute-force attack, if the key size is small, brute force can be used to find the root of the polynomial, we need to make a key with appropriately large size to prevent brute force attacks. According to these analyses, we finally recommend the use of a relatively reasonable hash-based mechanism that solves all of the possible security problems and is the most suitable mechanism for our application. The study of adequate and suitable protective methods of consumer security will have academic significance and provide the practical implications.

• Journal of the Korea Computer Industry Society
• /
• v.3 no.8
• /
• pp.1105-1116
• /
• 2002

This paper has presented three types of key recovery methods, which are known as key escrow, key encapsulation, and trusted third party scheme. we have analyzed the existing key recovery products, which have been developed by the advanced nations for electronic commerce and electronic government. we have also analyzed the key recovery policies proposed by the advanced nations, such as The United States of America, Great Britain, and Japan. In this paper, several key recovery policies are proposed for the e-commerce and e-government system. And we have proposed key recovery scheme for the e-commerce system utilizing the on-line secret sharing scheme based on the Internet and public bulletin board.

• ETRI Journal
• /
• v.37 no.4
• /
• pp.696-706
• /
• 2015

This paper presents an achievable secure videoconferencing system based on quantum key encryption in which key management can be directly applied and embedded in a server/client videoconferencing model using, for example, OpenMeeting. A secure key management methodology is proposed to ensure both a trusted quantum network and a secure videoconferencing system. The proposed methodology presents architecture on how to share secret keys between key management servers and distant parties in a secure domain without transmitting any secrets over insecure channels. The advantages of the proposed secure key management methodology overcome the limitations of quantum point-to-point key sharing by simultaneously distributing keys to multiple users; thus, it makes quantum cryptography a more practical and secure solution. The time required for the encryption and decryption may cause a few seconds delay in video transmission, but this proposed method protects against adversary attacks.

• Journal of Internet of Things and Convergence
• /
• v.7 no.1
• /
• pp.1-7
• /
• 2021

The IoT market continues to expand and grow, but the security threat to IoT devices is also increasing. However, it is difficult to apply the security technology applied to the existing system to IoT devices that have a problem of resource limitation. Therefore, in this paper, we present a service that can improve the security of IoT devices by presenting authentication and lightweight cryptographic algorithms that can reduce the overhead of applying security features, taking into account the nature of resource limitations of IoT devices. We want to apply these service to home network IoT equipment to provide security. The authentication and lightweight cryptographic algorithm application protocols presented in this paper have secured the safety of the service through the use of LEA encryption algorithms and secret key generation by users, IoT devices and server in the IoT environment. Although there is no difference in speed from randomly generating secret keys in experiments, we verify that the problem of resource limitation of IoT devices can be solved by additionally not applying logic for secret key sharing to IoT devices.

• Journal of KIISE
• /
• v.43 no.8
• /
• pp.933-945
• /
• 2016

Sharing data by multiple users on the public storage, e.g., the cloud, is considered to be efficient because the cloud provides on-demand computing service at anytime and anywhere. Secure data sharing is achieved by fine-grained access control. Existing symmetric and public key encryption schemes are not suitable for secure data sharing because they support 1-to-1 relationship between a ciphertext and a secret key. Attribute based encryption supports fine-grained access control, however it incurs linearly increasing ciphertexts as the number of attributes increases. Additionally, the decryption process has high computational cost so that it is not applicable in case of resource-constrained environments. In this study, we propose an efficient attribute-based secure data sharing scheme with outsourceable decryption. The proposed scheme guarantees constant-size ciphertexts irrespective of the number of attributes. In case of static attributes, the computation cost to the user is reduced by delegating approximately 95.3% of decryption operations to the more powerful storage systems, whereas 72.3% of decryption operations are outsourced in terms of dynamic attributes.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.6 no.9
• /
• pp.2442-2454
• /
• 2012

To ensure the security of wireless sensor networks, it is important to have a robust key management scheme. In this paper, we propose a Quorum-based key management scheme. A specific sensor, called as key distribution server (KDS), generates a key matrix and establishes a quorum system from the key matrix. The quorum system is a set system of subsets that the intersection of any two subsets is non-empty. In our scheme, each sensor is assigned a subset of the quorum system as its pre-distributed keys. Whenever any two sensors need a shared key, they exchange their IDs, and then each sensor by itself finds a common key from its assigned subset. A shared key is then generated by the two sensors individually based on the common key. By our scheme, no key is needed to be refreshed as a sensor leaves the network. Upon a sensor joining the network, the KDS broadcasts a message containing the joining sensor ID. After receiving the broadcast message, each sensor updates the key which is in common with the new joining one. Only XOR and hash operations are required to be executed during key update process, and each sensor needs to update one key only. Furthermore, if multiple sensors would like to have a secure group communication, the KDS broadcasts a message containing the partial information of a group key, and then each sensor in the group by itself is able to restore the group key by using the secret sharing technique without cooperating with other sensors in the group.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.2
• /
• pp.353-360
• /
• 2017

The Internet of Things(IoT) security has more need than a technical problem as it needs series of regulations and faultless security system for common purposes. So, this study proposes an efficient key management in order that can be trusted IoT data in cloud computing. In contrast with a key distribution center of existing sensor networks, the proposed a federation key management of cloud proxy key server is not central point of administration and enables an active key recovery and update. The proposed key management is not a method of predetermined secret keys but sharing key information of a cloud proxy key server in autonomous cloud, which can reduce key generation and space complexity. In addition, In contrast with previous IoT key researches, a federation key of cloud proxy key server provides an extraction ability from meaningful information while moving data.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.19 no.4
• /
• pp.888-894
• /
• 2015

This paper describes an efficient hardware design of Lightweight Encryption Algorithm (LEA) developed by National Security Research Institute(NSRI). The LEA crypto-processor supports for master key of 128-bit. To achieve small-area and low-power implementation, an efficient hardware sharing is employed, which shares hardware resources for encryption and decryption in round transformation block and key scheduler. The designed LEA crypto-processor was verified by FPGA implementation. The LEA core synthesized with Xilinx ISE has 1,498 slice elements, and the estimated throughput is 216.24 Mbps with 135.15 MHz.