• Journal of Digital Convergence
• /
• v.10 no.5
• /
• pp.215-222
• /
• 2012

A smart phone has functions of both telephone and computer. The wide spread use of smart phones has sharply increased the demand for mobile commerce. The smart phone based mobile services are available anytime, anywhere. In commercial transactions, a digital signature scheme is used to make legally binding signature to prove both integrity of commercial document and verification of the signer. Smart phones are more risky compared with personal computers on the problems of how to protect privacy information. It's also easy to let proxy user to authenticate instead of the smart phone owner. In existing password or token based schemes, the ID is not physically bound to the owner. Thus, those schemes can not solve the problem of proxy authentication. To utilize the smart phone as the platform of mobile commerce, a study on the new type of authentication scheme is needed where the scheme should provide protocol to get legally binding signature and not to authenticate proxy user. In this paper, we create the mobile ID by using both the USIM and voice template of the smart phone owner. We also design and implement the user authentication scheme based on the mobile ID.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.11 no.5
• /
• pp.97-104
• /
• 2001

In this paper, we propose Recoverable Password Based Key Exchange Protocol(RPKEP). RPKEP has user who has password, server which share the secret key information with user, and password recovery agency(PRA) which help to recover the user\`s password. Proposed protocol has some advantages that it is secure against off-line dictionary attack which is considered most important in password based key exchange protocol and suer\`s security is preserved even though user\`s secret information stored in the server is disclosed. By applying Chaum\`s blind signature scheme in the process of password recovery, even the PRA can\`t obtain any information about user\`s password.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.5
• /
• pp.959-974
• /
• 2012

Group signature schemes were made for serving anonymities of signers, but the group signature schemes have been seldomly adapted to the real-world applications because of their low computation and space (i.e. signature length) efficiency, complicated construction, limited user management, and so on. Kang, Hwang, etc. performed the study about the local linkability that is for helping group signature schemes to be adapted more easily to the real world. In this paper, we investigate the nature of local linkability, which did not deal with well in the previous studies, in detail and perform the formal proof for the security of special entities who hold the local linkability.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2003.05a
• /
• pp.824-827
• /
• 2003

With a rapid development of Information Telecommunication technique, network communication environment has been greatly improved. People come to feel more convinient to purchase products through Internet. Accordingly, various kinds of electronic payment systems have been developed and used. In this paper, we propose an algorithm which not only can associate the broker system with an electronic cash user, but also regenerate all amount of money previously paid using technique such as Meta-Message recovery and a RSA Blind Signature based on discrete logarithm problem.

• Proceedings of the Korea Inteligent Information System Society Conference
• /
• 2001.06a
• /
• pp.137-147
• /
• 2001

• Journal of the Korea Convergence Society
• /
• v.7 no.1
• /
• pp.49-55
• /
• 2016

In a delegate authentication, a user can lend his/her own authentication data to the third parties to let them be authenticated instead of himself/herself. The user authentication schemes based on the memory of unique data such as password, are vulnerable to this type of attack. Biometric authentication could minimize the risk of delegate authentication since it uses the biometric data unique by each person. Group authentication scheme is used to prove that each group member belongs to the corresponding group. For applications such as an electronic voting or a mobile meeting where the number of group members is changing dynamically, a new group authentication method is needed to reflect the status of group in real time. In this paper, we propose biometric authentication based dynamic group signature scheme. The proposed scheme is composed of biometric key generation, group public key creation, group signature generation, group signature verification and member update protocols. The proposed member update protocol is secure against colluding attacks of existing members and could reflect group status in real time.

• Journal of Convergence for Information Technology
• /
• v.8 no.3
• /
• pp.79-84
• /
• 2018

Cloud services are readily available through a variety of media, attracting a lot of attention from users. However, there are various security damages that abuse the privacy of users who use cloud services, so there is not enough technology to prevent them. In this paper, we propose a protection model to safeguard user's privacy in a cloud environment so as not to illegally exploit user's privacy. The proposed model randomly manages the user's signature to strengthen the role of the middle manager and the cloud server. In the proposed model, the user's privacy information is provided illegally by the cloud server to the user through the security function and the user signature. Also, the signature of the user can be safely used by bundling the random number of the multiplication group and the one-way hash function into the hash chain to protect the user's privacy. As a result of the performance evaluation, the proposed model achieved an average improvement of data processing time of 24.5% compared to the existing model and the efficiency of the proposed model was improved by 13.7% than the existing model because the user's privacy information was group managed.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• v.9 no.1
• /
• pp.462-466
• /
• 2005

Dynamic (On-line) signature verification system consists of preprocessing, feature extraction, comparison and decision process for internal processing, and registration and verification windows for the user interface. We describe an implementation and design for an advanced dynamic signature verification system. Also, we suggest the method of feature extraction, matching algorithm, efficient user interface and an objective criteria for evaluating the performance.

• Journal of Digital Convergence
• /
• v.10 no.2
• /
• pp.161-169
• /
• 2012

It requires a lot of costs and manpower to manage the election system. The electronic voting scheme is needed to make the election system to be economic and fair. Especially, wide spread use of smart phones and wireless networks makes the mobile voting is of major concern. In mobile voting scheme, a smart phone user can vote regardless of the places. In this paper, the mobile voting scheme is proposed where candidates can guarantee fairness of the election system. We analyze mobile voting requirements and create the mobile ID which has legal binding forces and PKI based digital signature keys. In the proposed scheme, a voter's ballot is signed by all candidates using undeniable multi-signature scheme. During the counting stage, the multi-signature on the ballot is not verified without help of all candidates.

• The KIPS Transactions:PartC
• /
• v.12C no.1 s.97
• /
• pp.37-44
• /
• 2005

As wireless network was developed and Capability of Wireless Phone was increased, M-Commerce was activates In Wireless network environment. User Authentication and Security in E-Commerce Environment is very important, so Authentication Technology, such as WPKI and Hermes System, XML Digital Signature in Wire Network is studying. But if authentication systems was implemented heterogeneous, WPKI is difficult to implement the system, it's not interoperate with authentication system on wire internet, not support XML digital Signature. Hermes system also not interoperate with XML digital signature system. So our paper designed System that can interoperate among digital signature systems and XML document to apply XML digital signature technology on wire network to wireless network, and then implemented system that can XML digital signature to use Java Card.