• 제목/요약/키워드: Secure Computation

검색결과 204건 처리시간 0.042초

부분동형암호와 외부서버를 이용한 효율적인 다자간 연산 기법 (Efficient Outsourced Multiparty Computations Based on Partially Homomorphic Encryption)

  • 은하수;우바이둘라;오희국
    • 정보보호학회논문지
    • /
    • 제27권3호
    • /
    • pp.477-487
    • /
    • 2017
  • MPC(multiparty computation) 프로토콜이란 다수의 사용자가 각각 데이터를 제공하고, 이를 이용하여 협력적으로 연산을 수행하는 기법이다. 기존의 MPC 프로토콜은 사용자 사이의 상호작용에 의존했기 때문에, 연산이 끝날 때까지 모든 사용자가 온라인 상태를 유지해야 했다. 이를 개선하기 위한 연구 중 하나로서, 공모하지 않은 두 서버에 연산을 위임하는 기법이 연구되고 있다. 사용자의 참여를 완전히 배제한 최초의 기법이 Peter 등에 의해 제안되었으나, 서버 간 통신량이 매우 높다는 단점이 있다. 본 논문에서는 Peter 등의 기법에서 문제가 되었던 서버 간 통신량을 PRE(proxy re-encryption)를 이용하여 개선하였다. 제안하는 기법과 유사한 기법이 두 차례 제안되었으나, 복호화 과정에서 이산대수 문제를 해결해야 하거나, 서버와 사용자 사이의 공모공격에 취약한 등 다양한 문제점이 존재한다. 본 논문에서는 기존 기법의 문제점을 분석하고 이를 바탕으로 안전하고 효율적인 MPC 프로토콜을 제안한다. 제안하는 기법은 PRE를 이용하여 서버 간 통신량을 낮추었으며, 연산과정에서 사용자의 참여를 완전히 배제하였고, 복호화 과정에서 이산대수문제를 풀지 않고도 연산결과를 얻을 수 있다.

하이브리드기법을 이용한 저마하수 난류소음의 효율적 전산해석 (Efficient Computation of Turbulent Flow Noise at Low Mach Numbers Via Hybrid Method)

  • 서정희;문영준
    • 대한기계학회논문집B
    • /
    • 제31권9호
    • /
    • pp.814-821
    • /
    • 2007
  • A hybrid method is presented for efficient computation of turbulent flow noise at low Mach numbers. In this method, the turbulent flow field is computed by incompressible large eddy simulation (LES), while the acoustic field is computed with the linearized perturbed compressible equations (LPCE) derived in this study. Since LPCE is computed on the rather coarse acoustic grid with the flow variables and source term obtained by the incompressible LES, the computational efficiency of calculation is greatly enhanced. Furthermore, LPCE suppress the instability of perturbed vortical mode and therefore secure consistent and stable acoustic solutions. The proposed LES/LPCE hybrid method is applied to three low Mach number turbulent flow noise problems: i) circular cylinder, ii) isolated flat plate, and iii) interaction between cylinder wake and airfoil. The computed results are closely compared with the experimental measurements.

Enhanced Certificate-Based Encryption Scheme without Bilinear Pairings

  • Lu, Yang;Zhang, Quanling
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • 제10권2호
    • /
    • pp.881-896
    • /
    • 2016
  • Certificate-based cryptography is a useful public key cryptographic primitive that combines the merits of traditional public key cryptography and identity-based cryptography. It not only solves the key escrow problem inherent in identity-based cryptography, but also simplifies the cumbersome certificate management problem in traditional public key cryptography. In this paper, by giving a concrete attack, we first show that the certificate-based encryption scheme without bilinear pairings proposed by Yao et al. does not achieve either the chosen-ciphertext security or the weaker chosen-plaintext security. To overcome the security weakness in Yao et al.'s scheme, we propose an enhanced certificate-based encryption scheme that does not use the bilinear pairings. In the random oracle model, we formally prove it to be chosen-ciphertext secure under the computational Diffie-Hellman assumption. The experimental results show that the proposed scheme enjoys obvious advantage in the computation efficiency compared with the previous certificate-based encryption schemes. Without costly pairing operations, it is suitable to be employed on the computation-limited or power-constrained devices.

Ciphertext-Policy Attribute-Based Encryption with Hidden Access Policy and Testing

  • Li, Jiguo;Wang, Haiping;Zhang, Yichen;Shen, Jian
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • 제10권7호
    • /
    • pp.3339-3352
    • /
    • 2016
  • In ciphertext-policy attribute-based encryption (CP-ABE) scheme, a user's secret key is associated with a set of attributes, and the ciphertext is associated with an access policy. The user can decrypt the ciphertext if and only if the attribute set of his secret key satisfies the access policy specified in the ciphertext. In the present schemes, access policy is sent to the decryptor along with the ciphertext, which means that the privacy of the encryptor is revealed. In order to solve such problem, we propose a CP-ABE scheme with hidden access policy, which is able to preserve the privacy of the encryptor and decryptor. And what's more in the present schemes, the users need to do excessive calculation for decryption to check whether their attributes match the access policy specified in the ciphertext or not, which makes the users do useless computation if the attributes don't match the hidden access policy. In order to solve efficiency issue, our scheme adds a testing phase to avoid the unnecessary operation above before decryption. The computation cost for the testing phase is much less than the decryption computation so that the efficiency in our scheme is improved. Meanwhile, our new scheme is proved to be selectively secure against chosen-plaintext attack under DDH assumption.

서귀포 크루즈터미널 CIQ시설 규모산정에 관한 연구 (A Study on the Size Computation of Seogwipo Cruise Terminal CIQ Facilities)

  • 박정근
    • 한국농촌건축학회논문집
    • /
    • 제17권3호
    • /
    • pp.27-36
    • /
    • 2015
  • This research studies the adequate size standard of Seogwipo cruise terminal CIQ facility that is scheduled to be built around Gangjeong harbor area in Seogwipo-city. In order to respond to the highly increasing number of passenger cruise ships compared to Seogwipo cruise terminal design in 2010, the adequate size standard of Seogwipo cruise terminal CIQ facility was examined for passenger service level grade. Based on size computation elements such as the number of passengers of cruise ships with the largest size of port entry, ship landing rate, passenger processing ratio, and surge factor, the CIQ facility size for each service level grade was reviewed. As a result, the area of 2,971m2 (A grade), 2,409 m2 (B grade), and 2,088 m2 (C grade) were computed. This showed that the area of B grade was about 82% and C grade 70% compared to the area of A grade. The CIQ facility size computed for each service level grade in this research was analyzed that its area needed to be increased by 322% at least and 458% at most, compared to the CIQ facility area of 649m2 of the existing design (2010). In order to respond to the increasing number of cruise passengers, provide high-level passenger service, and improve the international image of Jeju, Seogwipo cruise terminal should secure the size that is equal to or higher than the B grade of service level.

행렬기반 RFID 인증 프로토콜에 대한 연구 (A Study on Secure Matrix-based RFID Authentication Protocol)

  • 이수연;안효범
    • 융합보안논문지
    • /
    • 제6권1호
    • /
    • pp.83-90
    • /
    • 2006
  • 최근 RFID/USN 환경에서 정보보호는 네트워크 보안 및 RFID 정보보호 기술로 구분될 수 있다. 특히, 저가의 RFID 시스템에 개인 프라이버시 보호를 위한 인증 프로토콜 설계가 활발히 연구되고 있다. 그러나, 저가의 RFID 태그의 생산과 사용자 프라이버시 보호를 위한 안전한 인증 프로토콜의 개발은 미흡한 실정이다. 따라서, 본 논문에서는 기존의 인증 프로토콜보다 RFID 태그에서 계산량을 감소시키고 통신 오버헤드를 감소시키므로 개인 프라이버시 보호를 위한 효율적인 행렬기반 RFID 인증 프로토콜을 제안하였다.

  • PDF

속성기반 재 암호화를 이용한 스마트카드 인증권한 분배스킴 (Smart Card Certification-Authority Distribution Scheme using Attributes-Based Re-Encryption)

  • 서화정;김호원
    • 대한임베디드공학회논문지
    • /
    • 제5권3호
    • /
    • pp.168-174
    • /
    • 2010
  • User authentication is an important requirement to provide secure network service. Therefore, many authentication schemes have been proposed to provide secure authentication, such as key agreement and anonymity. However, authority of scheme is limited to one's self. It is inefficient when authenticated users grant a certification to other users who are in an organization which has a hierarchical structure, such as a company or school. In this paper, we propose the first authentication scheme to use Attributes-Based Re-encryption that creates a certification to other users with specified attributes. The scheme, which has expanded from Rhee et al. scheme, has optimized computation performance on a smart card, ensuring the user's anonymity and key agreement between users and server.

Provably secure certificateless encryption scheme in the standard model

  • Deng, Lunzhi;Xia, Tian;He, Xiuru
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • 제14권6호
    • /
    • pp.2534-2553
    • /
    • 2020
  • Recently, numerous certificateless encryption (CLE) schemes have been introduced. The security proofs of most schemes are given under the random oracle model (ROM). In the standard model, the adversary is able to calculate the hash function instead of asking the challenger. Currently, there is only one scheme that was proved to be secure in SM. In this paper, we constructed a new CLE scheme and gave the security proofs in SM. In the new scheme, the size of the storage space required by the system is constant. The computation cost is lower than other CLE schemes due to it needs only two pairing operations.

신뢰 센터 기반의 안전한 이동 에이전트 전송 프로토콜 (A Trust Center Based Secure Mobile Agent Transfer Protocol)

  • 한승완;임형석
    • 대한전자공학회:학술대회논문집
    • /
    • 대한전자공학회 1999년도 하계종합학술대회 논문집
    • /
    • pp.993-996
    • /
    • 1999
  • A mobile agent is a program which is capable of migrating autonomously from host to host in the heterogeneous network, to perform some computation on behalf of the user. Mobile agents have many advantages in the distributed computing environment. But they are likely to suffer many attacks on the security due to the mobility. In order to make use of a mobile agent in the real applications, the security issues must be addressed. We deal with the problem which is concerned with protecting a mobile agent in transit and detecting a mobile agent clone. In this paper we propose a trust center based secure mobile agent transfer protocol. This protocol transfers a mobile agent securely from host to host and detects a mobile agent clone. We further show the security of the protocol against many attacks.

  • PDF

Multi-party Password-Authenticated Key Exchange Scheme with Privacy Preservation for Mobile Environment

  • Lu, Chung-Fu
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • 제9권12호
    • /
    • pp.5135-5149
    • /
    • 2015
  • Communications among multi-party must be fast, cost effective and secure. Today's computing environments such as internet conference, multi-user games and many more applications involve multi-party. All participants together establish a common session key to enable multi-party and secure exchange of messages. Multi-party password-based authenticated key exchange scheme allows users to communicate securely over an insecure network by using easy-to-remember password. Kwon et al. proposed a practical three-party password-based authenticated key exchange (3-PAKE) scheme to allow two users to establish a session key through a server without pre-sharing a password between users. However, Kwon et al.'s scheme cannot meet the security requirements of key authentication, key confirmation and anonymity. In this paper, we present a novel, simple and efficient multi-party password-based authenticated key exchange (M-PAKE) scheme based on the elliptic curve cryptography for mobile environment. Our proposed scheme only requires two round-messages. Furthermore, the proposed scheme not only satisfies security requirements for PAKE scheme but also achieves efficient computation and communication.