• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.11 no.4
• /
• pp.2254-2275
• /
• 2017

In this paper, we present an IND-CCA2 secure certificateless proxy re-encryption scheme in the random oracle model. A certificateless public key cryptography simplifies the certificate management in a traditional public key infrastructure and the built-in key escrow feature in an identity-based public key cryptography. Our scheme shares the merits of certificateless public key encryption cryptosystems and proxy re-encryption cryptosystems. Our certificateless proxy re-encryption scheme has several practical and useful properties - namely, multi-use, unidirectionality, non-interactivity, non-transitivity and so on. The security of our scheme bases on the standard bilinear Diffie-Hellman and the decisional Bilinear Diffie-Hellman assumptions.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.11 no.4
• /
• pp.2219-2236
• /
• 2017

With cloud storage services, users can handle an enormous amount of data in an efficient manner. However, due to the widespread popularization of cloud storage, users have raised concerns about the integrity of outsourced data, since they no longer possess the data locally. To address these concerns, many auditing schemes have been proposed that allow users to check the integrity of their outsourced data without retrieving it in full. Yuan and Yu proposed a public auditing scheme with a deduplication property where the cloud server does not store the duplicated data between users. In this paper, we analyze the weakness of the Yuan and Yu's scheme as well as present modifications which could improve the security of the scheme. We also define two types of adversaries and prove that our proposed scheme is secure against these adversaries under formal security models.

• Journal of information and communication convergence engineering
• /
• v.7 no.2
• /
• pp.98-106
• /
• 2009

Process Control Systems (PCSs) or Supervisory Control and Data Acquisition (SCADA) systems have recently been added to the already wide collection of wireless sensor networks applications. The PCS/SCADA environment is somewhat more amenable to the use of heavy cryptographic mechanisms such as public key cryptography than other sensor application environments. The sensor nodes in the environment, however, are still open to devastating attacks such as node capture, which makes designing a secure key management challenging. In this paper, a key management scheme is proposed to defeat node capture attack by offering both forward and backward secrecies. Our scheme overcomes the pitfalls which Nilsson et al.'s scheme suffers from, and is not more expensive than their scheme.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.14 no.6
• /
• pp.2534-2553
• /
• 2020

Recently, numerous certificateless encryption (CLE) schemes have been introduced. The security proofs of most schemes are given under the random oracle model (ROM). In the standard model, the adversary is able to calculate the hash function instead of asking the challenger. Currently, there is only one scheme that was proved to be secure in SM. In this paper, we constructed a new CLE scheme and gave the security proofs in SM. In the new scheme, the size of the storage space required by the system is constant. The computation cost is lower than other CLE schemes due to it needs only two pairing operations.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.8 no.7
• /
• pp.2554-2571
• /
• 2014

Certificate-based cryptography is a new cryptographic paradigm that provides an interesting balance between identity-based cryptography and traditional public key cryptography. It not only simplifies the complicated certificate management problem in traditional public key cryptography, but also eliminates the key escrow problem in identity-based cryptography. As an extension of the signcryption in certificate-based cryptography, certificate-based signcryption provides the functionalities of certificate-based encryption and certificate-based signature simultaneously. However, to the best of our knowledge, all constructions of certificate-based signcryption in the literature so far have to be based on the costly bilinear pairings. In this paper, we propose a certificate-based signcryption scheme that does not depend on the bilinear pairings. The proposed scheme is provably secure in the random oracle model. Due to avoiding the computationally-heavy paring operations, the proposed scheme significantly reduces the cost of computation and outperforms the previous certificate-based signcryption schemes.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2003.07a
• /
• pp.21-25
• /
• 2003

Key exposure is the most devastating attacks in any crytographic scheme. In this paper, we investigate key exposure problem in blind signature. We then present a variant of Okamoto-Guillou-Quisquater (OGQ for short) blind signature scheme guaranteeing forward secrecy. Namely, even if current secret key is revealed, forging any signature valid in the past is impossible. Our proposed scheme exhibits an efficient key updating protocol and introduces no significant communication overhead.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2012.10a
• /
• pp.154-156
• /
• 2012

This paper presents a user authentication scheme for healthcare application using wireless medical sensor networks, where wireless medical sensors are used for patients monitoring. These medical sensors' sense the patient body data and transmit it to the professionals (e.g., doctors, nurses, and surgeons). Since, the data of an individual are highly vulnerable; it must ensures that patients medical vital signs are secure, and are not exposed to an unauthorized person. In this regards, we have proposed a user1 authentication scheme for healthcare application using medical sensor networks. The proposed scheme includes: a novel two-factor professionals authentication (user authentication), where the healthcare professionals are authenticated before access the patient's body data; a secure session key is establish between the patient sensor node and the professional at the end of user authentication. Furthermore, the analysis shows that the proposed scheme is safeguard to various practical attacks and achieves efficiency at low computation cost.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.7 no.3
• /
• pp.75-83
• /
• 2011

Cognitive radio (CR) technology is to maximize the spectrum utilization by allocating the unused spectrums to the unlicensed users. This technology enables the sharing of channels among secondary (unlicensed) and primary (licensed) users on a non-interference basis after sensing the vacant channel and as a result, it is possible to harness wireless frequency more efficiently. To enhance the accuracy of sensing, RDSS was suggested. It is a fusion mechanism based on the reputation of sensing nodes and WSPRT (weighted sequential probability ratio test). However, in RDSS, the execution number of WSPRT could increase according to the order of inputted sensing values, and the fast defense against the forged values is difficult. In this paper, we propose a transaction signing-based authentication scheme for secure distributed spectrum sensing to response the forged values. The validity of proposed scheme is provided by BAN logic.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.13 no.3
• /
• pp.1523-1545
• /
• 2019

Cloud computing is now a widespread and economical option when data owners need to outsource or share their data. Designing secure and efficient data access control mechanism is one of the most challenging issues in cloud storage service. Anonymous broadcast encryption is a promising solution for its advantages in the respects of computation cost and communication overload. We bring forward an efficient anonymous identity-based broadcast encryption construction combined its application to the data access control mechanism in cloud storage service. The lengths for public parameters, user private key and ciphertext in the proposed scheme are all constant. Compared with the existing schemes, in terms of encrypting and decrypting computation cost, the construction of our scheme is more efficient. Furthermore, the proposed scheme is proved to achieve adaptive security against chosen-ciphertext attack adversaries in the standard model. Therefore, the proposed scheme is feasible for the system of data access control in cloud storage service.

• Journal of Information Processing Systems
• /
• v.15 no.5
• /
• pp.1211-1217
• /
• 2019

Developing methods to search over an encrypted database (EDB) have received a lot of attention in the last few years. Among them, order-revealing encryption (OREnc) and order-preserving encryption (OPEnc) are the core parts in the case of range queries. Recently, some ideally-secure OPEnc schemes whose ciphertexts reveal no additional information beyond the order of the underlying plaintexts have been proposed. However, these schemes either require a large round complexity or a large persistent client-side storage of size O(n) where n denotes the number of encrypted items stored in EDB. In this work, we propose a new construction of an efficient OPEnc scheme based on an OREnc scheme. Security of our construction inherits the security of the underlying OREnc scheme. Moreover, we also show that the construction of a non-interactive ideally-secure OPEnc scheme with a constant client-side storage is theoretically possible from our construction.