• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.11 no.1
• /
• pp.396-413
• /
• 2017

Dynamically checking the integrity of software at run-time is always a hot and difficult spot for trusted computing. Control-flow integrity is a basic and important safety property of software integrity. Many classic and emerging security attacks who introduce illegal control-flow to applications can cause unpredictable behaviors of computer-based systems. In this paper, we present a software-based approach to checking violation of control flow integrity at run-time. This paper proposes a high-performance and low-overhead software control flow checking solution, control flow checking at virtual edges (CFCVE). CFCVE assigns a unique signature to each basic block and then inserts a virtual vertex into each edge at compile time. This together with insertion of signature updating instructions and checking instructions into corresponding vertexes and virtual vertexes. Control flow faults can be detected by comparing the run-time signature with the saved one at compile time. Our experimental results show that CFCVE incurs only 10.61% performance overhead on average for several C benchmark programs and the average undetected error rate is only 9.29%. Compared with previous techniques, CFCVE has the characteristics of both high fault coverage and low memory and performance overhead.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.13 no.12
• /
• pp.6243-6259
• /
• 2019

As a foundation of next-generation air transportation systems, automatic dependent surveillance-broadcast (ADS-B) helps pilots and air traffic controllers create a safer and more efficient national airspace system. Owing to the open communication environment, it is easy to insert fake aircraft into the system via spoofing or the insertion of false messages. Efforts have thus been made in academic research and practice in the aviation industry to ensure the security of transmission of messages of the ADS-B system. An identity-based batch verification (IBV) scheme was recently proposed to enhance the security and efficiency of the ADS-B system, but current IBV schemes are often too resource intensive because of the application of complex hash-to-point operations or bilinear pairing operations. In this paper, we propose a lightweight IBV signature scheme for the ADS-B system that is robust against adaptive chosen message attacks in the random oracle model, and ensures the security of batch message verification and against the replaying attack. The proposed IBV scheme needs only a small and constant number of point multiplication and point addition computations instead of hash-to-point or pairing operations. Detailed performance analyses were conducted to show that the proposed IBV scheme has clear advantages over prevalent schemes in terms of computational cost and transmission overhead.

• Journal of Korea Society of Industrial Information Systems
• /
• v.15 no.4
• /
• pp.39-45
• /
• 2010

Because of portable storage device's technical improvement, it's speeding up the conversion of mass storage. It means it's easier to move and save data. Generally, USB is using for portable storage device and forensic perspective, it's possible us to study data drain through portable storage device under securement of using vestige of USB. If we can secure using vestige of USB from boot domain it's possible to investigate data drain & prove criminal act. This thesis is suggesting Key/Thumb drive & USB Drive Enclosure's confirmation of using or not and division way though Disk Signature analysis.

• Asia pacific journal of information systems
• /
• v.30 no.1
• /
• pp.21-30
• /
• 2020

Bitcoin (BTC) is a type of cryptocurrency that supports transaction/payment of virtual money between BTC users without the presence of a central authority or any third party like bank. It uses some cryptographic techniques namely public- and private-keys, digital signature and cryptographic-hash functions, and they are used for making secure transactions and maintaining distributed public ledger called blockchain. In BTC system, each transaction signed by sender is broadcasted over the P2P (Peer-to-Peer) Bitcoin network and a set of such transactions collected over a period is hashed together with the previous block/other values to form a block known as candidate block, where the first block known as genesis-block was created independently. Before a candidate block to be the part of existing blockchain (chaining of blocks), a computation-intensive hard problem needs to be solved. A number of miners try to solve it and a winner earns some BTCs as inspiration. The miners have high computing and hardware resources, and they play key roles in BTC for blockchain formation. This paper mainly analyses the underlying cryptographic techniques, identifies some weaknesses and proposes their enhancements. For these, two modifications of BTC are suggested ― (i) All BTC users must use digital certificates for their authentication and (ii) Winning miner must give signature on the compressed data of a block for authentication of public blocks/blockchain.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.9 no.10
• /
• pp.4250-4267
• /
• 2015

Although many revocable group signature schemes has been proposed in vehicular ad hoc networks (VANETs), the existing schemes suffer from long computation delay on revocation that they cannot adapt to the dynamic VANETs. Based on Chinese remainder theorem and Schnorr signature algorithm, this paper proposes an efficient revocable group signature scheme in VANETs. In the proposed scheme, it only need to update the corresponding group public key when a member quits the group, and in the meanwhile the key pairs of unchanged group members are not influenced. Furthermore, this scheme can achieve privacy protection by making use of blind certificates. Before joining to the VANETs, users register at local trusted agencies (LTAs) with their ID cards to obtain blind certificates. The blind certificate will be submitted to road-side units (RSUs) to verify the legality of users. Thus, the real identities of users can be protected. In addition, if there is a dispute, users can combine to submit open applications to RSUs against a disputed member. And LTAs can determine the real identity of the disputed member. Moreover, since the key pairs employed by a user are different in different groups, attackers are not able to track the movement of users with the obtained public keys in a group. Furthermore, performance analysis shows that proposed scheme has less computation cost than existing schemes.

• Journal of Internet of Things and Convergence
• /
• v.7 no.2
• /
• pp.7-12
• /
• 2021

Wisdom Contents are created with experiences and ideas of multiple authors, and consumed in Internet based Social Network Services that are not subjected to regional restrictions. Existing copyright management systems are designed for the protection of professional authors' rights, and effective in domestic area. On the contrary, the blockchain protocol is subjected to the service and the block is added by the consensus of participating nodes. If the data is stored to the blockchain, it cannot be modified or deleted. In this paper, we propose the blockchain based undeniable multi-signature scheme for the protection of multiple authorship on Wizdom Contents. The proposed scheme is consisted of co-authors' common public key generation, multi-signature generation and verification protocols. In the undeniable signature scheme, the signature cannot be verified without help of the signer. The proposed scheme is best suited to the contents purchase protocol. All co-authors cannot deny the fairness of the automated profit distribution through the verification of multiple authorship on Wizdom Contents.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.12 no.2
• /
• pp.892-905
• /
• 2018

In smart home environment, certificate based signature technology is being studied by communication with Internet of Things(IoT) device. However, block - chain technology has attracted much attention because of the problems such as single - point error and management overhead of the trust server. Among them, Keyless Signature Infrastructure(KSI) provides integrity by configuring user authentication and global timestamp of distributed server into block chain by using hash-based one-time key. In this paper, we provide confidentiality by applying group key and key management based on multi - solution chain. In addition, we propose a smart home environment that can reduce the storage space by using Extended Merkle Tree and secure and efficient KSI-based authentication and communication with enhanced security strength.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.14 no.1
• /
• pp.299-322
• /
• 2020

Vehicular ad hoc networks (VANETs) enable wireless communication between vehicles and roadside infrastructure to provide a safer and more efficient driving environment. However, due to VANETs wireless nature, vehicles are exposed to several security attacks when they join the network. In order to protect VANETs against misbehaviours, one of the vital security requirements is to revoke the misbehaved vehicles from the network. Some existing revocation protocols have been proposed to enhance security in VANETs. However, most of the protocols do not efficiently address revocation issues associated with group signature-based schemes. In this paper, we address the problem by constructing a revocation protocol particularly for group signatures in VANETs. We show that this protocol can be securely and efficiently solve the issue of revocation in group signature schemes. The theoretical analysis and simulation results demonstrate our work is secure against adversaries and achieves performance efficiency and scalability.

• Journal of Information Processing Systems
• /
• v.13 no.2
• /
• pp.268-284
• /
• 2017

The dorsal hand vein biometric system developed has a main objective and specific targets; to get an electronic signature using a secure signature device. In this paper, we present our signature device with its different aims; respectively: The extraction of the dorsal veins from the images that were acquired through an infrared device. For each identification, we need the representation of the veins in the form of shape descriptors, which are invariant to translation, rotation and scaling; this extracted descriptor vector is the input of the matching step. The optimization decision system settings match the choice of threshold that allows accepting/rejecting a person, and selection of the most relevant descriptors, to minimize both FAR and FRR errors. The final decision for identification based descriptors selected by the PSO hybrid binary give a FAR =0% and FRR=0% as results.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.9 no.4
• /
• pp.1516-1528
• /
• 2015

We introduce attribute set based signature (ASBS), a new cryptographic primitive which organizes user attributes into a recursive set based structure such that dynamic constraints can be imposed on how those attributes may be combined to satisfy a signing policy. Compared with attribute based signature (ABS), ASBS is more flexible and efficient in managing user attributes and specifying signing policies. We present a practical construction of ASBS and prove its security in the standard model under three subgroup decision related assumptions. Its efficiency is comparable to that of the most efficient ABS scheme.