• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제13권3호
• /
• pp.1523-1545
• /
• 2019

Cloud computing is now a widespread and economical option when data owners need to outsource or share their data. Designing secure and efficient data access control mechanism is one of the most challenging issues in cloud storage service. Anonymous broadcast encryption is a promising solution for its advantages in the respects of computation cost and communication overload. We bring forward an efficient anonymous identity-based broadcast encryption construction combined its application to the data access control mechanism in cloud storage service. The lengths for public parameters, user private key and ciphertext in the proposed scheme are all constant. Compared with the existing schemes, in terms of encrypting and decrypting computation cost, the construction of our scheme is more efficient. Furthermore, the proposed scheme is proved to achieve adaptive security against chosen-ciphertext attack adversaries in the standard model. Therefore, the proposed scheme is feasible for the system of data access control in cloud storage service.

• 한국정보처리학회:학술대회논문집
• /
• 한국정보처리학회 2011년도 추계학술발표대회
• /
• pp.945-947
• /
• 2011

클라우드 컴퓨팅 인프라를 사용할 때 사용자의 민감한 정보가 포함된 데이터를 사용하게 될 수 있다. 데이터를 아웃소싱하여 처리하는 경우 클라우드 제공자가 데이터 처리자로서 사용자의 데이터에 접근해야 한다. 사용자는 데이터를 처리하는 과정에서 행하는 클라우드 제공자의 동작을 알 수 없으므로 클라우드 컴퓨팅을 사용하는 것을 불안해하게 되고 공개를 해도 되는 일부의 데이터만을 사용하게 된다. 본 연구에서는 클라우드 컴퓨팅을 통해 연산을 수행하는 환경에서 사용자의 데이터를 보호하기 위한 연구의 일환으로써, 시스템 및 환경을 정의하고 주로 발생할 수 있는 정보보호 위협을 정리하였다. 또한 현재 연구가 진행되고 있는 SMPC(Secure Multi-Party Computation)을 소개하고 이를 클라우드 컴퓨팅을 통해 연산을 수행하는 환경에 적용하기 위해 고려해야 할 사항들을 제시하며, 향후 연구 방향을 모색한다.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제11권2호
• /
• pp.826-845
• /
• 2017

Outsourcing computation is one of the most important applications in cloud computing, and it has a huge ability to satisfy the demand of data centers. Modular exponentiation computation, broadly used in the cryptographic protocols, has been recognized as one of the most time-consuming calculation operations in cryptosystems. Previously, modular exponentiations can be securely outsourced by using two untrusted cloud servers. In this paper, we present two practical and secure outsourcing modular exponentiations schemes that support only one untrusted cloud server. Explicitly, we make the base and the index blind by putting them into a matrix before send to the cloud server. Our schemes provide better performance in higher efficiency and flexible checkability which support single cloud server. Additionally, there exists another advantage of our schemes that the schemes are proved to be secure and effective without any cryptographic assumptions.

• ETRI Journal
• /
• 제33권5호
• /
• pp.780-790
• /
• 2011

This paper presents an efficient differential power analysis (DPA) countermeasure for the $Eta_T$ pairing algorithm over GF($2^n$). The proposed algorithm is based on a random value addition (RVA) mechanism. An RVA-based DPA countermeasure for the $Eta_T$ pairing computation over GF($3^n$) was proposed in 2008. This paper examines the security of this RVA-based DPA countermeasure and defines the design principles for making the countermeasure more secure. Finally, the paper proposes an efficient RVA-based DPA countermeasure for the secure computation of the $Eta_T$ pairing over GF($2^n$). The proposed countermeasure not only overcomes the security flaws in the previous RVAbased method but also exhibits the enhanced performance. Actually, on the 8-bit ATmega128L and 16-bit MSP430 processors, the proposed method can achieve almost 39% and 43% of performance improvements, respectively, compared with the best-known countermeasure.

• 정보보호학회논문지
• /
• 제14권3호
• /
• pp.145-153
• /
• 2004

디지털 핑거프린팅(digital fingerprinting)은 멀티미디어 컨텐츠에 구매자의 정보를 삽입함으로 컨텐츠를 불법적으로 재분배하는 부정자를 추적하는 방법이다. Domingo가 최초로 제안한 COT(committed oblivious transfer) 기반의 핑거프린팅 방식은 핑거프린팅 단계의 계산적 복잡도를 완전히 분석하여 기존의 MDPK(minimum disclosure proof of knowledge)나 SWPC(secure multi-party computation)등에 기반한 방식들에 비해 구현 가능성을 높였다는 의의를 지닌다. 그러나 이 방식은 판매자의 부정에 안전하지 못하다는 문제점이 있다. 본 논문에서는 첫째, 두 가지 COT기반의 디지털 핑거프린팅 방식의 문제점을 지적하고, 둘째, 이것의 해결을 위해 이중 잠금 암호(two-lock cryptosystem) 시스템을 사용한 불확정 전송 프로토콜 기반의 디지털 핑거프린팅 기법을 제안한다. 제안방식은 기존의 COT 기반 방식에서 안전성과 식별 단계의 효율성을 개선하였다.

• 정보보호학회논문지
• /
• 제13권5호
• /
• pp.3-15
• /
• 2003

안전한 그룹 통신은 그룹에 속한 멤버들만이 안전하면서도 비밀스럽게 서비스를 받을 수 있도록 보장하는 것이며, 안전한 그룹 통신을 하기 위해서는 안전하게 그룹키를 분배하고, 그룹 멤버들에 대한 효율적인 관리가 중요하다. 또한, 그룹키를 생성, 분배 그리고 갱신하는데 있어 적은 통신량과 연산량이 필요하다. 본 논문에서는 그룹키를 생성하기 위해서, 잘 알려진 두 멤버간의 Diffie-Hellman 키 교환과 완전 이진 트리를 이용한 새로운 방법를 제안한다. 본 논문에서는 많은 양의 모듈러 멱승 연산의 일부를 곱셈 연산으로 대체하여 한 멤버에게 필요한 멱승 연산량을 최소화시킨다. 그리하여, 제안한 프로토콜은 그룹의 크기에 관계없이 프로토콜을 수행하기 위하여 각 그룹의 멤버는 항상 일정한 모듈러 멱승 연산과 곱셈 연산을 수행하며, 기존 프로토콜보다 전체 모듈러 멱승 연산량도 적다.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제11권7호
• /
• pp.3648-3663
• /
• 2017

With the development of cloud computing and widespread availability of mobile devices, outsourcing computation has gotten more and more attention in cloud computing services. The computation of bilinear pairing is the most expensive operation in pair-based cryptographic schemes. Currently, most of the algorithms for outsourcing bilinear pairing have small checkability or the outsourcers need to operate expensive computations. In this paper, we propose an efficient algorithm for outsourcing bilinear pairing with two servers, where the outsourcers can detect the errors with a probability of 1 if the cloud servers are dishonest, and the outsourcers are not involved in any complex computations. Finally, the performance evaluation demonstrates that the proposed algorithm is most efficient in all of fully verifiable outsourcing algorithms for bilinear pairing.

• 정보와 통신
• /
• 제33권2호
• /
• pp.10-27
• /
• 2016

Internet of Things defines a large number of diverse entities and services which interconnect with each other and individually or cooperatively operate depending on context, conditions and environments, produce a huge personal and sensitive data. In this scenario, the satisfaction of privacy, security and trust objectives plays a critical role in the success of the Internet of Things. Trust here can be considered as a key property to establish trustworthy and seamless connectivity among entities and to guarantee secure services and applications. The aim of this study is to provide a survey on various trust computation strategies and identify future trends in the field. We discuss trust computation methods under several aspects and provide comparison of the approaches based on trust features, performance, advantages, weaknesses and limitations of each strategy. Finally the research discuss on the gap of the trust literature and raise some research directions in trust computation in the Internet of Things.

• 한국정보처리학회:학술대회논문집
• /
• 한국정보처리학회 2005년도 춘계학술발표대회
• /
• pp.1083-1086
• /
• 2005

Now these days, many technical concepts and tools have been developed in the cryptographic field. Most digital signature schemes used in practice, such as RSA or DSA, have an important role in information privacy and secure authentication for perfect user. A clearly advantage of such schemes over with security proven relative to such common cryptographic assumptions, is their efficiency: as a result of their relative weak requirements regarding computation, bandwidth and storage, these scheme have so far beaten proven secure schemes in practice. Our aim is to contribute to bridge the gap that exists between the theory and practice of digital signature schemes. In this paper we present a digital signature that ensures information privacy. More precisely, under an appropriate assumption about RSA, the scheme is proven to be existentially forgeable under adaptively chosen message attacks. This mechanism can be applied to smart cards or E-Wallet for maintaining secure authentication for user’s information privacy.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제14권1호
• /
• pp.281-298
• /
• 2020

Fog computing has become a popular concept in the application of internet of things (IoT). With the superiority in better service providing, the edge cloud has become an attractive solution to IoT networks. The data outsourcing scheme of IoT devices demands privacy protection as well as computation verification since the lightweight devices not only outsource their data but also their computation. Existing solutions mainly deal with the operations over encrypted data, but cannot support the computation verification in the same time. In this paper, we propose a data outsourcing scheme based on an encrypted database system with linear computation as well as efficient query ability, and enhance the interlayer program in the original system with homomorphic message authenticators so that the system could perform computational verifying. The tools we use to construct our scheme have been proven secure and valid. With our scheme, the system could check if the cloud provides the correct service as the system asks. The experiment also shows that our scheme could be as effective as the original version, and the extra load in time is neglectable.