• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.37 no.5C
• /
• pp.410-419
• /
• 2012

This paper proposes a secure and efficient anonymous authentication scheme for health information push service based on indoor location in hospital. The proposed scheme has the following benefits: (1)It is just based on a secure one-way hash function for avoiding complex computations for both health care operations users and health care centers. (2)It does not require sensitive verification table which may cause health care centers to become an attractive target for numerous attacks(e.g., insertion attacks and stolen-verifier attacks), (3)It provides higher security level (e.g., secure mutual authentication and key establishment, confidential communication, user's privacy, simple key management, and session key independence). As result, the proposed scheme is very suitable for various location-based medical information service environments using lightweight-device(e.g., smartphone) because of very low computation overload on the part of both health care operations users and health care centers.

• Journal of Information Processing Systems
• /
• v.9 no.2
• /
• pp.247-258
• /
• 2013

A new secure network communication technique that has been designed for mobile wireless services, is presented in this paper. Its network services are mobile, distributed, seamless, and secure. We focus on the security of the scheme and achieve anonymity and reliability by using cryptographic techniques like blind signature and the electronic coin. The question we address in this paper is, "What is the best way to protect the privacy and anonymity of users of mobile wireless networks, especially in practical applications like e-commerce?" The new scheme is a flexible solution that answers this question. It efficiently protects user's privacy and anonymity in mobile wireless networks and supports various applications. It is employed to implement a secure e-auction as an example, in order to show its advantages in practical network applications.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2005.05a
• /
• pp.1083-1086
• /
• 2005

Now these days, many technical concepts and tools have been developed in the cryptographic field. Most digital signature schemes used in practice, such as RSA or DSA, have an important role in information privacy and secure authentication for perfect user. A clearly advantage of such schemes over with security proven relative to such common cryptographic assumptions, is their efficiency: as a result of their relative weak requirements regarding computation, bandwidth and storage, these scheme have so far beaten proven secure schemes in practice. Our aim is to contribute to bridge the gap that exists between the theory and practice of digital signature schemes. In this paper we present a digital signature that ensures information privacy. More precisely, under an appropriate assumption about RSA, the scheme is proven to be existentially forgeable under adaptively chosen message attacks. This mechanism can be applied to smart cards or E-Wallet for maintaining secure authentication for user’s information privacy.

• Journal of KIISE:Computer Systems and Theory
• /
• v.29 no.3
• /
• pp.153-160
• /
• 2002

In this paper, we consider a secure and efficient metering scheme to measure the interaction between clients and servers in interned advertising. In most cases internet advertising is composed of clients, servers, and an audit agency who collects a metering information about the number of clients that were served by each server. The metering scheme should always be secure against fraud attempts by servers which maliciously try to inflate the number of their clients and against clients that attempt to disrupt the metering process. So we suggest secure and efficient metering schemes, based on some cryptographic techniques, which are also very accurate and robust.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.7 no.4
• /
• pp.910-922
• /
• 2013

In 2008, Chin et al. proposed an efficient and provable secure identity-based identification scheme in the standard model. However, we discovered a subtle flaw in the security proof which renders the proof of security useless. While no weakness has been found in the scheme itself, a scheme that is desired would be one with an accompanying proof of security. In this paper, we provide a fix to the scheme to overcome the problem without affecting the efficiency as well as a new proof of security. In particular, we show that only one extra pre-computable pairing operation should be added into the commitment phase of the identification protocol to fix the proof of security under the same hard problems.

• IEMEK Journal of Embedded Systems and Applications
• /
• v.5 no.3
• /
• pp.168-174
• /
• 2010

User authentication is an important requirement to provide secure network service. Therefore, many authentication schemes have been proposed to provide secure authentication, such as key agreement and anonymity. However, authority of scheme is limited to one's self. It is inefficient when authenticated users grant a certification to other users who are in an organization which has a hierarchical structure, such as a company or school. In this paper, we propose the first authentication scheme to use Attributes-Based Re-encryption that creates a certification to other users with specified attributes. The scheme, which has expanded from Rhee et al. scheme, has optimized computation performance on a smart card, ensuring the user's anonymity and key agreement between users and server.

• Journal of information and communication convergence engineering
• /
• v.7 no.4
• /
• pp.521-524
• /
• 2009

Park proposed a forward & backward Secure key management scheme in wireless sensor networks for Process Control Systems (PCSs) or Supervisory Control and Data Acquisition (SCADA) systems [7]. The scheme, however, is still vulnerable to an attack called "sandwich attack": two nodes captured at times $t_1$ and $t_2$, respectively, surrenders all the group keys used between times $t_1$ and $t_2$. In this paper, we propose a fix to the scheme, which can limit the vulnerable time duration to an arbitrarily chosen time span while keeping the forward and backward secrecy of the scheme untouched.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.7 no.3
• /
• pp.600-612
• /
• 2013

In 2006, Zhang and Wang proposed a data hiding scheme based on Exploiting Modification Direction (EMD) to increase data hiding capacity. The major benefit of EMD is providing embedding capacity greater than 1 bit per pixel. Since then, many EMD-type data hiding schemes have been proposed. However, a serious disadvantage common to these approaches is that the embedded data is compromised when the embedding function is disclosed. Our proposed secure data hiding scheme remedies this disclosure shortcoming by employing an additional modulus function. The provided security analysis of our scheme demonstrates that attackers cannot get the secret information from the stegoimage even if the embedding function is made public. Furthermore, our proposed scheme also gives a simple solution to the overflow/underflow problem and maintains high embedding capacity and good stegoimage quality.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.10 no.2
• /
• pp.935-949
• /
• 2016

In this paper, we present a novel authenticated group key distribution scheme for large and dynamic multicast groups without employing traditional symmetric and asymmetric cryptographic operations. The security of our scheme is mainly based on the basic theories for solving linear equations. In our scheme, a large group is divided into many subgroups, where each subgroup is managed by a subgroup key manager (SGKM) and a group key generation center (GKGC) further manages all SGKMs. The group key is generated by the GKGC and then propagated to all group members through the SGKMs, such that only authorized group members can recover the group key but unauthorized users cannot. In addition, all authorized group members can verify the authenticity of group keys by a public one-way function. The analysis results show that our scheme is secure and efficient, and especially it is very appropriate for secure multicast communications in large and dynamic client-server networks.

• IEIE Transactions on Smart Processing and Computing
• /
• v.2 no.3
• /
• pp.176-187
• /
• 2013

Message replay, malicious Access Point (AP) associations and Denial of Service (DoS) attacks are the major threats in Wireless LANs. These threats are possible due to a lack of proper authentication and insecure message communications between wireless devices. Current wireless authentication & key exchange (AKE) schemes and security protocols (WEP, WPA and IEEE 802.11i) are not sufficient against these threats. This paper presents a novel Secure WLAN Authentication Scheme (SWAS). The scheme introduces the delegation concept of mobile authentication in WLANs, and provides mutual authentication to all parties (Wireless Station, Access Point and Authentication Server). The messages involved in the process serve both authentication and key refreshing purposes. The scheme enhances the security by protecting the messages through cryptographic techniques and reduces the DoS impact. The results showed that cryptographic techniques do not result in extra latencies in authentication. The scheme also reduces the communication cost and network overhead.