• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.11 no.7
• /
• pp.3629-3647
• /
• 2017

Certificate-based cryptography is a useful public key cryptographic primitive that combines the merits of traditional public key cryptography and identity-based cryptography. It not only solves the key escrow problem inherent in identity-based cryptography, but also simplifies the cumbersome certificate management problem in traditional public key cryptography. So far, four short certificate-based signature schemes have been proposed. However, three of them fail in achieving the existential unforgeability under adaptive chosen-message attacks and the remaining one was not constructed in the normal framework of certificate-based signature. In this paper, we put forward a new short certificate-based signature scheme. The proposed scheme is devised in the normal framework of certificate-based signature and overcomes the security weaknesses in the previous short certificate-based signature schemes. In the random oracle model, we formally prove that it achieves the existential unforgeability against adaptive chosen-message attacks. Performance comparison shows that it is efficient and practical.

• Journal of Institute of Control, Robotics and Systems
• /
• v.14 no.1
• /
• pp.54-61
• /
• 2008

This paper proposes a new algorithm for detecting and recognizing overlapped objects among a stack of arbitrarily located objects using a signature representation scheme. The proposed algorithm consists of two processes of detecting overlap of objects and of determining the boundary between overlapping objects. To determine overlap of objects, in the first step, the edge image of object region is extracted and those areas in the object region are considered as the object areas if an area is surrounded by a closed edge. For each object, its signature image is constructed by measuring the distances of those edge points from the center of the object, along the angle axis, which are located at every angle with reference to the center of the object. When an object is not overlapped, its features which consist of the positions and angles of outstanding points in the signature are searched in the database to find its corresponding model. When an object is overlapped, its features are partially matched with those object models among which the best matching model is selected as the corresponding model. The boundary among the overlapping objects is determined by projecting the signature to the original image. The performance of the proposed algorithm has been tested with the task of picking the top or non-overlapped object from a stack of arbitrarily located objects. In the experiment, a recognition rate of 98% has been achieved.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.11 no.6
• /
• pp.41-51
• /
• 2001

Group signature schemes allow a group member to sign messages anonymously on behalf of the group. In case of dispute, only a designated group manager can reveal the identity of the member. During last decade, group signature schemes have been intensively investigated in the literature and applied to various applications. However, there has been no scheme properly handling the situation that a group member wants to leave a group or is excluded by a group manager. As noted in[3], the complexity of member deletion stands in the way of real world applications of group signatures and the member deletion problem has been a pressing open problem. In this paper we propose an efficient group signature scheme that allows member deletion. The length of the group public key and the size of signatures all independent of the size of the group and the security of the scheme relies on the RSA assumption. In addition, the method of tracing all signatures of a specific member is introduced.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.2
• /
• pp.211-222
• /
• 2023

Multivariate quadratic equations (MQ)-based public-key cryptographic algorithms are one of promising post-quantumreplacements for currently used public-key cryptography. After selecting to NIST Post-Quantum Cryptography StandardizationRound 3 as one of digital signature finalists, Rainbow was cryptanalyzed by advanced algebraic attacks due to its multiple layered structure. The researches on MQ-based schemes are focusing on UOV with a single layer. In this paper, we propose a new MQ-signature scheme based on UOV using the combinations of the special structure of linear equations, spare polynomials and random polynomials to reduce the secret key size. Our scheme uses the block inversion method using half-sized blockmatrices to improve signing performance. We then provide security analysis, suggest secure parameters at three security levels and investigate their key sizes and signature sizes. Our scheme has the shortest signature length among post-quantumsignature schemes based on other hard problems and its secret key size is reduced by up to 97% compared to UOV.

• The Journal of the Korea Contents Association
• /
• v.11 no.1
• /
• pp.42-49
• /
• 2011

Proxy signature schemes are configured as proxy signers on behalf of their original signers can be allowed to sign messages. Basic security requirements of proxy signature schemes include the strong unforgeability and the verifiability of delegation. So far, a variety of proxy signature schemes that proved on individual basic security terms but not proved on compounded security terms are proposed. Especially the proposed proxy signature schemes based on RSA problem are proved vulnerable to an attacker with his own private key in terms of the impersonating attack. A unauthorized attacker can generate the proxy signature without the appointee's consent or authorization. In this paper, we propose a proxy signature scheme based on RSA problems and warrants that can be proved the security against the impersonating attack. The proposed proxy signature scheme is analyzed on the safety and compared in terms of efficiency with other proxy signature schemes.

• Journal of Internet Computing and Services
• /
• v.4 no.4
• /
• pp.53-64
• /
• 2003

To perform the certificate validation on the user-side application induces the very considerable overhead on the user-side system because of the complex and time-consuming characteristic of the validation processing. Most of the time spend for performing the validation processing is required for the digital signature verification, since the verification accompanies with the cryptographic calculation over each certificate on the certificate path. In this paper, we propose a new certificate validation scheme using DSVP(Delegated Signature Validation Protocol) which can reduce the overhead for the user-side certificate validation processing. It is achieved by delegating the digital signature verification to CAs of the PKI domain. As the proposed DSVP is the protocol performed between a user and CAs, it is applied to the hierarchical PKI efficiently and used for delegating the digital signature verification reliably and safely, our proposed scheme can not only reduces the overhead for the validation processing by decreasing the cryptographic calculation but also improves the utilization of CAs by employing them to the validation processing.

• Journal of KIISE:Computer Systems and Theory
• /
• v.31 no.8
• /
• pp.465-472
• /
• 2004

Proxy signatures is a signature scheme that an original signer delegates one's signature capability to a proxy signer, and then the proxy signer creates a signature on behalf of the original signer. Delegation of authority is a common practice in the real world, in particular, it happens naturally in hierarchical groups such as company, bank and army, etc. In this paper, we propose a new dynamic multi-proxy signature scheme allowing repetitive delegations in a hierarchical group. We adopt multi-proxy signatures to enhance the security of proxy signature. In multi-proxy signatures, plural proxy signers can generate a valid proxy signature collectively on behalf of one original signer. In our scheme, the proxy group is not fixed but constructed dynamically according to some situations. Delegations are processed from higher level to lower level in the hierarchy using delegation tickets. When the original signer wants to delegate one's signature authority, the original signer generates a delegation ticket based on secret sharing and Diffie-Hellman problems. The delegation ticket is shared among proxy signers and then all the proxy signers can generate a valid proxy signature collectively by reconstructing the original signer's delegation ticket. If a certain proxy signer can not attend the proxy signature generating protocol, the proxy signer can also delegate repetitively his partial signature authority to the lower level participants, and then the proxies are constructed dynamically.

• The Transactions of the Korea Information Processing Society
• /
• v.5 no.4
• /
• pp.984-994
• /
• 1998

In the information society, all the information is transferred through the network, so it becomes an issue to protect the data on network. One of the fundamental cryptographic tools to protect the data on network, is digital signatures, and in many countries, cryptographers have been trying to make their own digital signature standard. Also, at Crypto'89 meeting, D.Chaum suggested an undeniable signature scheme. Undeniable signatures are verified via a protocol between the signer and the verifier, so the cooperation of the signer is necessary, So far, there have been several variants of undeniable signatures to obtain a signature scheme, which can control the abuse of ordinary digital signatures.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.20 no.5
• /
• pp.49-57
• /
• 2010

The fault cryptanalysis is a physical attack in which the key stored inside of the device can be extracted by occurring some faults when the device performs cryptographic algorithm. Since the international signature standard DSA(Digital Signature Algorithm) was known to be vulnerable to some fault analysis attacks, many researchers have been investigating the countermeasure to prevent these attacks. In this paper we propose a new countermeasure to compute DSA signature that has its immunity in the presence of faults. Since additional computational overhead of our proposal is only an inverse operation in signature process, the proposed DSA scheme can be implemented more efficiently compared to previous countermeasures.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2005.05a
• /
• pp.1083-1086
• /
• 2005

Now these days, many technical concepts and tools have been developed in the cryptographic field. Most digital signature schemes used in practice, such as RSA or DSA, have an important role in information privacy and secure authentication for perfect user. A clearly advantage of such schemes over with security proven relative to such common cryptographic assumptions, is their efficiency: as a result of their relative weak requirements regarding computation, bandwidth and storage, these scheme have so far beaten proven secure schemes in practice. Our aim is to contribute to bridge the gap that exists between the theory and practice of digital signature schemes. In this paper we present a digital signature that ensures information privacy. More precisely, under an appropriate assumption about RSA, the scheme is proven to be existentially forgeable under adaptively chosen message attacks. This mechanism can be applied to smart cards or E-Wallet for maintaining secure authentication for user’s information privacy.