• 한국정보처리학회논문지
• /
• 제6권11호
• /
• pp.3011-3019
• /
• 1999

Denial of service is about knocking off services, without permission for example through crashing the whole system. This kind of attacks are easy to launch and it is hard to protect a system against them. The basic problem is that Unix assumes that users on the system or on other systems will be well behaved. This paper analyses system-based inside denial of services attack(DoS) and system metric for performance of each machine provided. And formalize the conclusions results in ways that clearly expose the performance impact of those observations. So, we present new approach. It is detecting DoS attack using performance signature for system and program behavior. We present new approach. It is detecting DoS attack using performance signature for system and program behavior. We believe that metric will be to guide to automated development of a program to detect the attack. As a results, we propose the AIDPS(Architecture for Intrusion Detection using Performance Signature) model to detect DoS attack using performance signature.

• 한국정보보호학회:학술대회논문집
• /
• 한국정보보호학회 2003년도 하계학술대회논문집
• /
• pp.37-42
• /
• 2003

Threshold signature and blind signature are playing important roles in cryptography as well as practical applications such as e-cash and e-voting systems. In this paper, we present a new threshold blind digital signature based on pairings without a trusted third party. Our scheme operates on Gap Diffie-Hellman group, where Computational Diffie-Hellman problems are hard but Decision Diffie-Hellman problems are easy. For example, we use pairings that could be built from Weil pairing or Tate pairing. To the best of our knowledge, we claim that our scheme is the first threshold blind signature using pairings with provable security in the random oracle model.

• 한국IT서비스학회지
• /
• 제3권2호
• /
• pp.85-98
• /
• 2004

As the e-Commerce based on the XML technology is getting bigger, user authentication, integrity, non-repudiation and confidentiality has become important for security. Since the XML technology is widely used for exchanging information among the Internet e-business systems, the security of XML documents is essentially required and XML digital signature should be supported. To support the digital signature of XML documents, W3C proposed the XML-Signature specification as an international standard that describes five transform algorithms. In this paper, we design and implement a XML/PKI based digital tax invoice system. Our system supports the five transforming algorithms defined in the XML-Signature specification and exchanges digital tax invoices among enterprises securely. We design and implement the flexible and efficient system consists of reusable components using CBD(Component Based Development).

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제6권10호
• /
• pp.2692-2707
• /
• 2012

A separable identity-based ring signature scheme has been constructed as a fundamental cryptographic primitive for protecting user privacy. Using the separability property, ring members can be selected from arbitrary domains, thereby, giving a signer a wide range of ways to control privacy. In this paper we propose a generic method to construct efficient identity-based ring signature schemes with various levels of separability. We first describe a method to efficiently construct an identity-based ring signature scheme for a single domain, in which a signer can select ring identities by choosing from identities defined only for the domain. Next, we present a generic method for linking ring signatures constructed for a single domain. Using this method, an identity-based ring signature scheme with a compact structure, supporting multiple arbitrary domains can be designed. We show that our method outperforms the best known schemes in terms of signature size and computational costs, and that the security model based on the separability of identity-based ring signatures, presented in this paper, is highly refined and effective by demonstrating the security of all of the proposed schemes, using a model with random oracles.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제7권6호
• /
• pp.1512-1532
• /
• 2013

A convertible undeniable signature requires a verifier to interact with the signer to verify a signature and furthermore allows the signer to convert a valid one to publicly verifiable signature. In 2007, Yuen et al. proposed a convertible undeniable signature without random oracles in pairings. However, it is recently shown that Yuen et al.'s scheme is not invisible for the standard definition of invisibility. In this paper, we propose a new improvement by using extended Euclidean algorithm that can overcome the visibility attack. The proposed scheme has been evaluated based on computation and communication complexities and the performance comparisons of Yuen et al.'s scheme and various convertible undeniable signature schemes are provided. Moreover, it has been observed that the proposed algorithm reduces the computation and communication times significantly.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제11권7호
• /
• pp.3629-3647
• /
• 2017

Certificate-based cryptography is a useful public key cryptographic primitive that combines the merits of traditional public key cryptography and identity-based cryptography. It not only solves the key escrow problem inherent in identity-based cryptography, but also simplifies the cumbersome certificate management problem in traditional public key cryptography. So far, four short certificate-based signature schemes have been proposed. However, three of them fail in achieving the existential unforgeability under adaptive chosen-message attacks and the remaining one was not constructed in the normal framework of certificate-based signature. In this paper, we put forward a new short certificate-based signature scheme. The proposed scheme is devised in the normal framework of certificate-based signature and overcomes the security weaknesses in the previous short certificate-based signature schemes. In the random oracle model, we formally prove that it achieves the existential unforgeability against adaptive chosen-message attacks. Performance comparison shows that it is efficient and practical.

• 한국정보보호학회:학술대회논문집
• /
• 한국정보보호학회 2002년도 종합학술발표회논문집
• /
• pp.595-597
• /
• 2002

New signature schemes giving message recovery based on EC-KCDSA are introduced. These signature schemes can be efficiently used with established EC-KCDSA systems.

• 정보보호학회논문지
• /
• 제9권1호
• /
• pp.103-114
• /
• 1999

전자 상거래에 대한 다양한 프로토타입(prototype)이 구현되고 있고, 확대적용의 현실성이 증대되고 있는 작금의 상황을 반영하여 관련 연구가 활발해지고 있으며, 그 중에서 보다 안전하고 효율적인 전자지불방식에 대한 현실적 요구가 증대하고 있다. 전자지불방식의 하나인 전자화폐는 실물 화폐와 유사한 성질들을 만족해야 하며, 이러한 성질들 중에서 필수적인 익명성을 얻기 위한 방법으로는 D. Chaum이 제안한 Blind Signature가 대표적이다. 본 논문에서는 기존의 암호시스템들이 가지고 있는 계산량 등의 문제점을 극복할 수 있는 방식으로써 주목받고 있는 타원곡선 암호시스템 상에서 서명자와 피서명자 간에 은닉 요소(blinding factor)를 교환함으로써 익명성을 제공하는 Elliptic Curve Blind Signature 기법을 제안한다. 또한, 제안 방식을 이용한 전자화폐 프로토콜에서 화폐 잔액에 대한 서명자의 재서명 과정을 통해 화폐의 분할성을 얻는 방법을 제시한다.

• 제어로봇시스템학회:학술대회논문집
• /
• 제어로봇시스템학회 2000년도 제15차 학술회의논문집
• /
• pp.246-246
• /
• 2000

다른 생체기반 검증시스템에 비해 서명 검증 시스템에서 가장 문제점은 불안정한 특징 정보를 가진다는 것이다. 그러나, 서명은 인류역사를 통해 인간에게 가장 익숙한 방법이므로 사용자에게 거부감이 없어 수많은 연구가 진행되고 있다. 본 논문에서는 이 문제를 해결하기 위해 좀더 안정화 되어 있고 유용한 특징정보를 사용하여 서명 검증 시스뎀을 구현한다

• 한국정보보호학회:학술대회논문집
• /
• 한국정보보호학회 1994년도 종합학술발표회논문집
• /
• pp.35-44
• /
• 1994

We propose an undeniable digital signature scheme which is practical since it has less computation and communication overhead than Chaum's one. We expect that this protocol be useful to develop secure systems such as electronic contract system, electronic mail system and electronic cash system.