• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제7권8호
• /
• pp.1972-1988
• /
• 2013

In order to deal with key exposure problem, we introduce forward secure technique into certificateless proxy signature scheme, and propose the formal definition and security model of the forward secure certificateless proxy signature. Our security model takes into account the super adversary in certificateless signature. Furthermore, we present a construction of forward secure certificateless proxy signature scheme with bilinear maps. Based on the difficulty of computational Diffie-Hellman problem, we prove the scheme is secure against chosen message attack in the random oracle model. Finally, we analyze efficiency of the proposed scheme.

• 한국정보통신설비학회:학술대회논문집
• /
• 한국정보통신설비학회 2008년도 정보통신설비 학술대회
• /
• pp.556-558
• /
• 2008

Secure broadcasting is requirement for payment of TV systems, government or company. Hierarchical key management for access control provides efficient key management in those environment. Also, time-bound hierarchical key management technique generates different keys in each time period. In 2004, Tzeng proposed a time-bound cryptgraphic key assignment scheme for access control in a hierarchy and in 2008, Bertino et al proposed an efficient time-bound hierarchical key management scheme for secure broadcasting. Tzeng's scheme and Bertino et al's scheme are organized in different environment and primitive. In this paper, we analysis above two time-bound hierarchical key management scheme.

• Journal of information and communication convergence engineering
• /
• 제5권1호
• /
• pp.68-72
• /
• 2007

In this paper, we present robust and secure metering scheme to measure the number of interactions between clients and servers in the web, especially the web advertising. In most cases the web advertising is consists of advertisers, clients, servers, and an audit agency. The metering scheme should always be secure against fraud attempts by servers which maliciously try to inate the number of their visits and against clients that attempt to disrupt the metering process. We propose robust and secure metering scheme based on cryptographic techniques. By analyzing the proposed scheme we show that our scheme is more robust and secure than the previous schemes [1,2,4,5].

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제13권5호
• /
• pp.2718-2731
• /
• 2019

Conjunctive keyword search encryption is an important technique for protecting sensitive data that is outsourced to cloud servers. However, the process of searching outsourced data may facilitate the leakage of sensitive data. Thus, an efficient data search approach with high security is critical. To solve this problem, an efficient conjunctive keyword search scheme based on ciphertext-policy attribute-based encryption is proposed for cloud storage environment. This paper proposes an efficient mechanism for removing the secure channel and resisting off-line keyword-guessing attacks. The storage overhead and the computational complexity are regardless of the number of keywords. This scheme is proved adaptively secure based on the decisional bilinear Diffie-Hellman assumption in the standard model. Finally, the results of theoretical analysis and experimental simulation show that the proposed scheme has advantages in security, storage overhead and efficiency, and it is more suitable for practical applications.

• 정보보호학회논문지
• /
• 제30권3호
• /
• pp.313-323
• /
• 2020

최근 스마트 그리드 관련 기술의 발전으로 사용자는 다양한 환경에서 보다 안전하고 신뢰성 있는 전력 서비스를 제공 받을 수 있다. 그러나 이러한 서비스들은 인터넷을 통하여 제공되므로 공격자의 데이터 주입, 변경, 삭제 및 추출 등 다양한 잠재적인 공격에 취약하다. 따라서 올바른 사용자에게만 서비스를 제공하기 위한 사용자 인증하고 키를 합의 하는 것은 반드시 이루어져야 하는 보안 필수요소 이다. 본 논문에서는 Zhang 등이 제안한 인증 및 키 합의 방식이 안전성을 tamper-resistant 디바이스에 의존하는 문제가 있으며 스마트 미터 도난 및 위장 공격, 세션 키 노출 공격 등 다양한 공격에 취약함을 밝히고 이를 개선한 스마트 그리드 환경에서 변조 방지 디바이스를 사용하지 않으며 안전한 사용자 인증 및 키 합의 방식을 제안한다. 또한 제안된 인증 방식의 안전성 및 성능을 분석하고 BAN(Abadi-Burrow-Needham) logic 분석을 통하여 제안한 방식이 안전한 상호 인증을 제공함을 입증하였다. 따라서 제안된 방식은 효율적이고 안전하며 실제 스마트 그리드 환경에서 효율적으로 적용 가능한 인증 방식이다.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제13권3호
• /
• pp.1502-1522
• /
• 2019

Leakage of secret keys may be the most devastating problem in public key cryptosystems because it means that all security guarantees are missing. The forward security mechanism allows users to update secret keys frequently without updating public keys. Meanwhile, it ensures that an attacker is unable to derive a user's secret keys for any past time, even if it compromises the user's current secret key. Therefore, it offers an effective cryptographic approach to address the private key leakage problem. As an extension of the forward security mechanism in certificate-based public key cryptography, forward-secure certificate-based signature (FS-CBS) has many appealing merits, such as no key escrow, no secure channel and implicit authentication. Until now, there is only one FS-CBS scheme that does not employ the random oracles. Unfortunately, our cryptanalysis indicates that the scheme is subject to the security vulnerability due to the existential forgery attack from the malicious CA. Our attack demonstrates that a CA can destroy its existential unforgeability by implanting trapdoors in system parameters without knowing the target user's secret key. Therefore, it is fair to say that to design a FS-CBS scheme secure against malicious CAs without lying random oracles is still an unsolved issue. To address this problem, we put forward an enhanced FS-CBS scheme without random oracles. Our FS-CBS scheme not only fixes the security weakness in the original scheme, but also significantly optimizes the scheme efficiency. In the standard model, we formally prove its security under the complexity assumption of the square computational Diffie-Hellman problem. In addition, the comparison with the original FS-CBS scheme shows that our scheme offers stronger security guarantee and enjoys better performance.

• 정보학연구
• /
• 제2권2호
• /
• pp.89-105
• /
• 1999

본 논문은 컴퓨터를 이용한 문서 화상의 보안 통신에서 요구되는 문서 화상의 보안, 위조, 인증 등의 제반 분쟁에 대처하기 위한 연구이다. 문서 화상의 보안을 위해서 기존에 연구되어온 각종 암호화 방식 및 스크램블 방식과 같이 정보의 보안 여부를 노출시키고 비도에 의지하는 방식과 달리 정보의 보안여부를 제3자가 판독하기 어렵도록 하여 일상의 문서 교환으로 인식하게 함으로써 1차적으로 이의 해독에 따른 위험을 감소시키고 2차적으로는 해독이 가해진다 하여도 알고리즘 자체의 비도에 의해 해독을 용이하지 않도록 하는 방식의 보안 체계를 제안한다.

• International Journal of Internet, Broadcasting and Communication
• /
• 제9권3호
• /
• pp.35-43
• /
• 2017

In 2013, Lee-Lie proposed secure smart card based authentication scheme of Zhu's authentication for TMIS which is secure against the various attacks and efficient password change. In this paper, we discuss the security of Lee-Lie's smart card-based authentication scheme, and we have shown that Lee-Lie's authentication scheme is still insecure against the various attacks. Also, we proposed the improved scheme to overcome these security problems of Lee-Lie's authentication scheme, even if the secret information stored in the smart card is revealed. As a result, we can see that the improved smart card based user authentication scheme for TMIS is secure against the insider attack, the password guessing attack, the user impersonation attack, the server masquerading attack, the session key generation attack and provides mutual authentication between the user and the telecare system.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제13권6호
• /
• pp.3280-3298
• /
• 2019

Vehicular ad-hoc networks (VANETs) have become increasingly significant in intelligent transportation systems, they play a great role in improving traffic safety and efficiency. In the deployment of intelligent VANETs, intelligent vehicles can efficiently exchange important or urgent traffic information and make driving decisions. Meanwhile, secure data communication and vehicle's identity privacy have been highlighted. To cope with these security issues, in this paper, we construct an efficient anonymous authentication scheme with secure communication in intelligent VANETs. Combing the ElGamal encryption technique with a modified Schnorr signature technique, the proposed scheme provides secure anonymous authentication process for encrypted message in the vehicle-to-infrastructure communication model, and achieves identity privacy, forward security, and reply attack resistance simultaneously. Moreover, except the trusted authority (TA), any outside entity cannot trace the real identity of an intelligent vehicle. The proposed scheme is designed on an identity-based system, which can remove the costs of establishing public key infrastructure (PKI) and certificates management. Compared with existing authentication schemes, the proposed scheme is much more practical in intelligent VANETs.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제13권9호
• /
• pp.4484-4501
• /
• 2019

In this paper, we put forward a delay-aware secure maximum distance separable (MDS) coded caching scheme to resist the eavesdropping attacks for device-to-device (D2D) content sharing by combining MDS coding with distributed caching. In particular, we define the average system delay to show the potential coupling of delay-content awareness, and learn the secure constraints to ensure that randomly distributed eavesdroppers cannot obtain enough encoded packets to recover their desired contents. Accordingly, we model such a caching problem as an optimization problem to minimize the average system delay with secure constraints and simplify it to its convex relaxation. Then we develop a delay-aware secure MDS coded caching algorithm to obtain the optimal caching policy. Extensive numerical results are provided to demonstrate the excellent performance of our proposed algorithm. Compared with the random coded caching scheme, uniform coded caching scheme and popularity based coded caching scheme, our proposed scheme has 3.7%, 3.3% and 0.7% performance gains, respectively.