• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.17 no.8
• /
• pp.2083-2100
• /
• 2023

The rise of Industry 5.0 has led to a smarter and more digital way of doing business, but with it comes the issue of user privacy and security. Only when privacy and security issues are addressed, will users be able to transact online with greater peace of mind. Thus, to address the security and privacy problems associated with industry blockchain technology, we propose a privacy protection scheme for online financial transactions based on verifiable ring signatures and blockchain by comparing and combining the unconditional anonymity provided by ring signatures with the high integrity provided by blockchain technology. Firstly, we present an algorithm for verifying ring signature based on distributed key generation, which can ensure the integrity of transaction data. Secondly, by using the block chain technique, we choose the proxy node to send the plaintext message into the block chain, and guarantee the security of the asset transaction. On this basis, the designed scheme is subjected to a security analysis to verify that it is completely anonymous, verifiable and unerasable. The protection of user privacy can be achieved while enabling online transactions. Finally, it is shown that the proposed method is more effective and practical than other similar solutions in performance assessment and simulation. It is proved that the scheme is a safe and efficient online financial transaction ring signature scheme.

• Journal of KIISE:Information Networking
• /
• v.28 no.4
• /
• pp.641-650
• /
• 2001

In recent years, e-Commerce is very active on the Internet, especially the World Wide Web along with the popularization of Internet using high-speed networks. Especially, Electronic Software Distribution(ESD) is widely being focused as one of the popular researches. However, the existing models of ESD lack substantial illegal copy protection or copyright protection as they have the shortcomings of guaranteeing anonymity of users. This study suggests an ESD protocol that guarantees substantial copyright protection and anonymity based on the Public Key Infrastrncture(PKl). The suggested method does not give the information of a buyer who doesn't want to reveal to a seller, and protects illegal copy and distribution as well. When it happens that illegal copies are in circulation, this method provides a device to trace back its original distributor so that it helps protect the copyright. In addition, it provides more convenient environment to the user by not using the methods of serial number input and extra installation to use.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.6
• /
• pp.1551-1560
• /
• 2016

With the advancement of wearable devices and wireless body are networks, smart healthcare systems based on such technologies have been emerging to effectively monitor patient health and disease progression. In order to implement viable smart healthcare systems, the security and privacy of patient's personal health information must be considered. Yang et al. proposed a privacy-preserving authentication scheme using key-insulation technique for remote health monitoring system, however, key-insulation technique is not properly adapted to their scheme which in turn causes a security pitfall contrary to their assertions. Besides, Yang et al.'s scheme does not guarantee user anonymity against healthcare service provider. Therefore, in this paper, we discuss the security concerns for Yang et al.'s scheme and present an improved anonymous authentication scheme.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2017.10a
• /
• pp.571-572
• /
• 2017

The blockchain technology that implements electronic money uses decentralized computing and all transactions in a blockchain are open to everyone. This technique seems to guarantee anonymity by performing the transaction on the address instead of the user, but by using direction acyclic graph based on the transaction graph, the privacy problem is caused by tracking the addresses. In this paper, we analyze various techniques for centralized processing which makes it difficult to find the relevance on the graph in order to protect the privacy in the block chain technology. We also analyze the techniques of anonymizing in a distributed way to enhance privacy. Using the zero knowledge proof scheme guarantees full distributed anonymity but requires more computation and storage space, and various techniques to make this efficient are proposed. In this paper, we propose a privacy protection scheme of blockchain technology to integrate existing privacy protection techniques into a blockchain technology and perform it more efficiently with a centralized or decentralized technique.

• Journal of Digital Convergence
• /
• v.11 no.12
• /
• pp.393-399
• /
• 2013

Recently, the quantity and type of data that is being processed in cloud environment are varied. A method for easy access in different network in a heterogeneous environment of big data stored in the device is required. This paper propose security management method for smoothly access to big data in other network environment conjunction with attribute information between big data and user. The proposed method has a high level of safety even if user-generated random bit signal is modulated. The proposed method is sufficient to deliver any number of bits the user to share information used to secure recognition. Also, the security awareness information bit sequence generated by a third party to avoid unnecessary exposure value by passing a hash chain of the user anonymity is to be guaranteed to receive.

• The Journal of Society for e-Business Studies
• /
• v.10 no.4
• /
• pp.53-81
• /
• 2005

Current DRM system has limitation in protection of user's privacy Therefore, many troubles are expected in service providing if it comes into the ubiquitous times of context-aware environment. HKUST Proposed a watermark-based web service DRM system. However, the relevant study does not consider ubiquitous environment and cannot provide service that considered a context. And privacy protection of a user is impossible. On the other hand, Netherlands Phillips laboratory indicated a privacy problem of a DRM system and they proposed an alternative method about this. However, in relevant study, a Sniffing/Replay attack is possible if communicated authentication information are exposed between a user and device. We designed web services adaptable privacy-aware DRM architecture which supplements these disadvantages. Our architecture can secure user authentication mechanism for sniffing/Replay attack and keep anonymity and protect privacy Therefore , we can implement the privacy-aware considered web service DRM system in Context-Aware environment.

• Journal of KIISE:Computer Systems and Theory
• /
• v.32 no.3
• /
• pp.125-132
• /
• 2005

Wireless access always has to include the authentication of communication partners and the encryption of communication data in order to use secure M-Commerce services. However, wireless systems have limitations compared with the wired systems, so we need an efficient authentication and key exchange protocol considering these limitations. In this paper, we propose an efficient authentication and key exchange protocol for M-Commerce users using elliptic curve crypto systems. The proposed protocol reduces the computational load of mobile users because the wireless service provider accomplishes some parts of computations instead of the mobile user, and it uses the password-based authentication in wireless links. Also, it guarantees the anonymity of the mobile user not to reveal directly the real identity of the user to the M-Commerce host, and preserves the confidentiality of communication data between the M-Commerce host and the user not to know the contents of communication between them to others including the wireless service provider.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2002.11a
• /
• pp.369-372
• /
• 2002

An anonymous authentication scheme allows a user to identify himself as a member of a group of users in a secure and anonymous way. It seems to be crucial and indispensable components in English auction, electronic voting and open procurement, which are getting very popular business areas in E-commerce. First, we briefly describe the previous anonymous authentication protocols how to work and what cryptographic techniques adopted to increase performance and achieve anonymity. Second, we compare those protocols from the viewpoint of the communication and computation complexity and the specific cryptographic techniques used in their protocols.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2001.10b
• /
• pp.1245-1248
• /
• 2001

소액전자지불시스템 중에서 휴대폰을 이용한 지불이 늘어나고 있는 추세인데, 이는 휴대폰의 보편성과 이동통신업체를 통한 통합적인 요금체계 즉 후불제 방식이라는 장점을 가지고 있기 때문이다. 하지만, 휴대폰을 이용한 지불은 지불 결제시 구매자의 이동통신번호와 주민등록번호를 입력하여 구매자의 신원을 확인하므로 구매자의 정보가 누출될 위험이 있다. 따라서, 본 논문에서는 휴대폰을 이용한 소액지불 결제시 판매자에게 구매자의 신분을 은닉성을 제공하는 안전한 핸드폰 지불시스템을 제안한다.

• Proceedings of the Korean Society of Broadcast Engineers Conference
• /
• 2008.02a
• /
• pp.47-50
• /
• 2008

인터넷과 같이 안전하지 않은 네트워크 환경에서 도청은 손쉽게 일어난다. 또한 수신자가 누구인지 알아내기가 쉽다. 이러한 환경에서 정당한 수신자에게 방송 콘텐츠를 안전하게 제공하면서 익명성을 제공하기 위해서는 서버와 수신자 사이에 익명성을 제공하는 키 교환이 필요하다. 스마트 카드를 이용한 익명성을 제공하는 키 교환 프로토콜은 이러한 요건을 충족시킨다. 스마트 카드를 이용한 방법은 여러 가지가 존재하나 이 논문에서는 Kumar Mangipudi 가 제안한 sika프로토콜을 향상시킨 Ren-Chiun Wang의 프로토콜을 알아보고, 취약점을 분석한다. 마지막으로 취약한 점을 보완한 프로토콜을 제안하고 제안한 프로토콜의 안전성을 분석한다. 제안하는 프로토콜은 Ren-Chiun Wang의 프로토콜보다 안전성 측면에서 향상되었다.