• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제13권7호
• /
• pp.3733-3755
• /
• 2019

E-cash has its merits comparing with other payment modes. However, there are two problems, which are how to achieve practical/complete tracing and how to achieve it in compact E-cash. First, the bank and the TTP (i.e., trusted third party) have different duties and powers in the reality. Therefore, double-spending tracing is bank's task, while unconditional tracing is TTP's task. In addition, it is desirable to provide lost-coin tracing before they are spent by anyone else. Second, compact E-cash is an efficient scheme, but tracing the coins from double-spender without TTP results in poor efficiency. To solve the problems, we present a compact E-cash scheme. For this purpose, we design an embedded structure of knowledge proof based on a new pseudorandom function and improve the computation complexity from O(k) to O(1). Double-spending tracing needs leaking dishonest users' secret knowledge, but preserving the anonymity of honest users needs zero-knowledge property, and our special knowledge proof achieves it with complete proofs. Moreover, the design is also useful for other applications, where both keeping zero-knowledge and leaking information are necessary.

• 한국통신학회논문지
• /
• 제40권5호
• /
• pp.833-840
• /
• 2015

본 논문에서는 미리 알려진 임의의 다항식과 암호화된 다항식의 곱셈을 수행한 후, 해당 곱셈이 정당하게 수행되었음을 보이기 위해 증명자 (Prover)와 검증자 (Verifier)간의 다항식 상등성 영지식증명 (Zero-knowledge Proof) 프로토콜을 일반화할 수 있는 방법을 다룬다. 이를 위하여 다항식의 상등성을 증명하는 일반화된 프로토콜을 제시하고 랜덤오라클 (Random Oracle) 모델에서 안전성을 증명한다. 이러한 기법은 안전한 집합연산 기법을 포함하여 다항식에 기반한 다자간 연산기법 (Secure Multi-party Computation)에 적용될 수 있다.

• 한국정보보호학회:학술대회논문집
• /
• 한국정보보호학회 1994년도 종합학술발표회논문집
• /
• pp.29-31
• /
• 1994

In digital signature schemes derived from the zero-knowledge proof techniques, some authors often claims that the length of hash-values for their schemes could be as short as 64 or 72 bits for the security level of 2$^{-64}$ or 2$^{-72}$ . This letter shows that signature schemes with such short hash values cannot achieve the security levels as stated, due to the birthday attack by the signer.

• International Journal of Internet, Broadcasting and Communication
• /
• 제13권2호
• /
• pp.67-75
• /
• 2021

As pass the three revised bills, the Personal Information Protection Act was revised to have a larger application for personal information. For an industrial development through an efficient and secure usage of personal information, there is a need to revise the existing anonymity processing method. This paper modifies the Zero Knowledge Proofs algorithm among the anonymity processing methods to modify the anonymity process calculations by taking into account the reliability of the used service company. More detail, the formula of ZKP (Zero Knowledge Proof) used by ZK-SNAKE is used to modify the personal information for pseudonymization processing. The core function of the proposed algorithm is the addition of user variables and adjustment of the difficulty level according to the reliability of the data user organization and the scope of use. Through Setup_p, the additional variable γ can be selectively applied according to the reliability of the user institution, and the degree of agreement of Witness is adjusted according to the reliability of the institution entered through Prove_p. The difficulty of the verification process is adjusted by considering the reliability of the institution entered through Verify_p. SimProve, a simulator, also refers to the scope of use and the reliability of the input authority. With this suggestion, it is possible to increase reliability and security of anonymity processing and distribution of personal information.

• 정보보호학회논문지
• /
• 제31권4호
• /
• pp.675-686
• /
• 2021

최근 개인정보 보호법이 개정되고 개인정보에 대한 이목이 더해짐에 따라 각 기업들은 고객의 신원정보를 확인해야하는 의무(Know Your Costomer, 이하 KYC)와 동시에 이 정보를 개인정보보호법에 위반되지 않도록 처리 및 관리(개인정보보호법)를 해야 하는 의무를 가진다. 이러한 문제점을 해결할 수 있는 기술 중 하나는 영지식 증명(Zero-Knowledge Proof, 이하 ZKP)이다. ZKP를 사용하면 직접적으로 신원정보를 노출시키지 않으면서 해당 신원에 대한 검증이 가능하여 기업의 입장에서 신원정보 확인의 의무를 다함과 동시에 개인정보 관리에 대한 부담을 덜 수 있다. ZKP는 이 이외에도 많은 응용에 적용될 수 있는 기술로 본 논문에서는 현재 활발하게 연구되고 있는 ZKP기법 및 그 응용 사례를 분석하고 현실적인 모델에서의 ZKP의 적용을 위한 연구 방향을 제시한다.

• 대한수학회보
• /
• 제46권4호
• /
• pp.771-787
• /
• 2009

We use an idea of linear representations of the symmetric group to reduce the number of communication rounds in the verification protocol, proposed in Crypto 2005 by Peng et al., of a shuffling. We assume Paillier encryption scheme with which we can apply some known zero-knowledge proofs following the same line of approaches of Peng et al. Incidence matrices of 1-subsets and 2-subsets of a finite set is intensively used for the implementation, and the idea of $\lambda$-designs is employed for the improvement of the computational complexity.

• 한국멀티미디어학회논문지
• /
• 제7권12호
• /
• pp.1708-1718
• /
• 2004

In this paper, we are concerned with a digital fingerprinting scheme for multi-purchase where a buyer wants to buy more than a digital content. If we apply previous schemes to multi-purchase protocol, the number of execution of registration step and decryption key should be increased in proportion to that of digital contents to be purchased in order to keep unlinkability. More worse, most of fingerprinting schemes in the literature are based on either secure multi-party computation or general zero-knowledge proofs with very high computational complexity. These high complexities complicate materialization of fingerprinting protocol more and more. In this paper, we propose a multi-purchase fingerprinting scheme with lower computational complexity. In the proposed scheme, a buyer executes just one-time registration step regardless of the number of contents to be purchased. The number of decryption key is constant and independent of the number of contents to be purchased. We can also reduce the computational costs of buyers by introducing a concept of proxy-based fingerprinting protocol.

• 디지털산업정보학회논문지
• /
• 제18권3호
• /
• pp.25-32
• /
• 2022

DID(Decentralized Identity Identification) is a system in which users voluntarily manage their identity, etc., and control the scope and subject of submission of identity information based on a block chain. In the era of the 4th industrial revolution, where the importance of protecting personal information is increasing day by day, DID will surely be positioned as the industrial center of the Internet and e-business. However, when managing personal information, DID is highly likely to cause a large amount of personal information leakage due to electronic infringement, such as hacking and invasion of privacy caused by the concentration of user's identity information on global service users. Therefore, there are a number of challenges to be solved before DID settles into a stable standardization. Therefore, in this paper, we try to examine what problems exist in order to positively apply the development of DID technology, and analyze the improvement plan to become a stable service in the future.

• 대한수학회지
• /
• 제59권3호
• /
• pp.621-634
• /
• 2022

The scaled inverse of a nonzero element a(x) ∈ ℤ[x]/f(x), where f(x) is an irreducible polynomial over ℤ, is the element b(x) ∈ ℤ[x]/f(x) such that a(x)b(x) = c (mod f(x)) for the smallest possible positive integer scale c. In this paper, we investigate the scaled inverse of (xⁱ - x^j) modulo cyclotomic polynomial of the form Φ_p^s (x) or Φ_p^sq^t (x), where p, q are primes with p < q and s, t are positive integers. Our main results are that the coefficient size of the scaled inverse of (xⁱ - x^j) is bounded by p - 1 with the scale p modulo Φ_p^s (x), and is bounded by q - 1 with the scale not greater than q modulo Φ_p^sq^t (x). Previously, the analogous result on cyclotomic polynomials of the form Φ_2ⁿ (x) gave rise to many lattice-based cryptosystems, especially, zero-knowledge proofs. Our result provides more flexible choice of cyclotomic polynomials in such cryptosystems. Along the way of proving the theorems, we also prove several properties of {x^k}_k∈ℤ in ℤ[x]/Φ_pq(x) which might be of independent interest.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제8권10호
• /
• pp.3607-3623
• /
• 2014

The increasing demand in promoting cloud computing in either business or other areas requires more security of a cloud storage system. Traditional cloud storage systems fail to protect data integrity information (DII), when the interactive messages between the client and the data storage server are sniffed. To protect DII and support public verifiability, we propose a data integrity verification scheme by deploying a designated confirmer signature DCS as a building block. The DCS scheme strikes the balance between public verifiable signatures and zero-knowledge proofs which can address disputes between the cloud storage server and any user, whoever acting as a malicious player during the two-round verification. In addition, our verification scheme remains blockless and stateless, which is important in conducting a secure and efficient cryptosystem. We perform security analysis and performance evaluation on our scheme, and compared with the existing schemes, the results show that our scheme is more secure and efficient.