• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.37 no.4B
• /
• pp.288-299
• /
• 2012

To ensure data confidentiality and fine-grained access control in business environment, system model using KP-ABE(Key Policy-Attribute Based Encryption) and PRE(Proxy Re-Encryption) has been proposed recently. However, in previous study, data confidentiality has been effected by decryption right concentrated on cloud server. Also, Yu's work does not consider a access privilege management, so existing work become dangerous to collusion attack between malicious user and cloud server. To resolve this problem, we propose secure system model against collusion attack through dividing data file into header which is sent to privilege manager group and body which is sent to cloud server and prevent modification attack for proxy re-encryption key using d Secret Sharing, We construct protocol model in medical environment.

• Journal of the Institute of Electronics Engineers of Korea CI
• /
• v.41 no.4
• /
• pp.113-123
• /
• 2004

This paper presents a new collusion-secure fingerprinting scheme to embed fingerprints into three-dimensional(3-D) mesh models efficiently. In the proposed scheme, we make the same number of fingerprints as the number of customers based on the finite projective geometry, partition a 3-D mesh model related to the number of bits assigned to each fingerprint and then embed a watermark representing copyright information into each submesh to be marked. Considering imperceptibility and robustness of the watermarking algorithm we embed the watermark signal into mid-frequency DCT coefficients obtained by transforming vertex coordinates in the triangle strips which are generated from the submeshes to be marked. Experimental results show that our scheme is robust to additive random noises, MPEG-4 SNHC 3-D mesh coding, geometrical transformations, and fingerprint attacks by two traitors' collusion. In addition, we can reduce the number of bits assigned to each fingerprint significantly.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.12 no.10
• /
• pp.5100-5119
• /
• 2018

Most of existing privacy-preserving multi-authorities attribute-based encryption schemes (PP-MA-ABE) only considers the privacy of the user identity (ID). However, in many occasions information leakage is caused by the disclosing of his/her some sensitive attributes. In this paper, we propose a collusion-resisting ciphertext-policy PP-MA-ABE (CRPP-MACP-ABE) scheme with hiding both user's ID and attributes in the cloud storage system. We present a method to depict anonymous users and introduce a managerial role denoted by IDM for the management of user's anonymous identity certificate ($AID_{Cred}$). The scheme uses $AID_{Cred}$ to realize privacy-preserving of the user, namely, by verifying which attribute authorities (AAs) obtain the blinded public attribute keys, pseudonyms involved in the $AID_{Cred}$ and then distributes corresponding private keys for the user. We use different pseudonyms of the user to resist the collusion attack launched by viciousAAs. In addition, we utilize IDM to cooperate with multiple authorities in producing consistent private key for the user to avoid the collusion attack launched by vicious users. The proposed CRPP-MACP-ABE scheme is proved secure. Some computation and communication costs in our scheme are finished in preparation phase (i.e. user registration). Compared with the existing schemes, our scheme is more efficient.

• Proceedings of the KIEE Conference
• /
• 2006.10c
• /
• pp.576-578
• /
• 2006

The wide use of digital media during the past few years, has led to an increase of digital piracy and tampering. To deal with these problems, the concept of digital fingerprinting has been introduced. Digital fingerprinting is an effective method to identify users who might try to redistribute multimedia content. In this paper, we propose new digital image fingerprinting techniques using watermark shifting scheme and concept of domain.

• Journal of Broadcast Engineering
• /
• v.19 no.4
• /
• pp.502-509
• /
• 2014

Broadcast encryption is a cryptographic primitive that allows a sender to securely transmit a message to a set of receivers. The most influential broadcast encryption system was proposed in 2001 by Naor, Naor, Lotspiech, based on binary trees and the Subset Difference (SD) method. In 2006, Jang, Nyang, and Song suggested a new broadcast encryption system that can reduce transmission rate by 50% compared to the SD method, by introducing the so-called '2-SD' method. Their result was later given the registration of a patent in Korea (registration number: 100879083). Unfortunately, however, this paper shows that Jang et. al.'s broadcast encryption system is not secure against collusion attacks that are considered as being the basic security requirement in designing broadcast encryption.

• The Journal of Society for e-Business Studies
• /
• v.12 no.4
• /
• pp.29-36
• /
• 2007

Recently, Jaiswal et al. proposed a protocol to improve the multi-agent negotiation test-bed which was proposed by Collins et al. Using publish/subscribe system, time-release cryptography and anonymous communication, their protocol gives an improvement on the old one. However, it is shown that the protocol also has some security weaknesses: such as replay data attack and DOS (denial-of-service) attack, anonymity disclosure, collusion between customers and a certain supplier. So proposed protocol reduces DOS attack and avoids replay data attack by providing ticket token and deal sequence number to the supplier. And it is proved that the way that market generates random number to the supplier is better than the supplier do by himself in guaranteeing anonymity. Market publishes interpolating polynomial for sharing the determination process data. It avoids collusion between customer and a certain supplie

• The KIPS Transactions:PartC
• /
• v.19C no.1
• /
• pp.63-70
• /
• 2012

To ensure privacy of individual information in remote healthcare service, health data should be protected through a secure technology such as encryption scheme. Only user who delegated decryption right can access to sensitive health data and delegator needs capability for revocating access privilege. Recently, in ubiquitous environment, CP-ABTD(Ciphertext-Policy Attribute-Based Threshold Decryption with Flexible Delegation and Revocation of User Attributes) which extends CP-ABE(Ciphertext-Policy Attribute-Based Encryption) has been proposed for these requirements. In this paper, we construct remote healthcare monitoring system with delegation and revocation capability for attribute in CP-ABTD. Finally, we analyze collusion attack between users in our system.

• Convergence Security Journal
• /
• v.19 no.3
• /
• pp.71-79
• /
• 2019

The demand of smart cars is increasing rapidly. International stand organize such as 3GPP and 5GAA are proposing standard communication protocvols for connected-car, and automotive network infrastructure. But Smart car network have many security threats and more dangerous against the existed wire communication network. Typically, peripheral devices of a smart car may disguise their identity and steal location information and personal information about the vehicle. In addition, the infrastructure elements around smart cars can conspire and put driving cars in danger, threatening lives. This is a very serious security threat. Therefore, in order to solve these problems, we proposed a system that is secure from collusion and tampering attacks using attribute-based authorize delegation method and threshold encryption algorithms. We have demonstrated using a semantic safety model that the proposed system can be safe from collusion attack.

• The KIPS Transactions:PartC
• /
• v.18C no.6
• /
• pp.369-378
• /
• 2011

To ensure data confidentiality and fine-grained access control in business environment, system model using KP-ABE(Key Policy-Attribute Based Encryption) and PRE(Proxy Re-Encryption) has been proposed recently. However, in previous study, data confidentiality has been effected by decryption right concentrated on cloud server. Also, Yu's work does not consider a access privilege management, so existing work become dangerous to collusion attack between malicious user and cloud server. To resolve this problem, we propose secure system model against collusion attack through dividing data file into header which is sent to privilege manager group and body which is sent to cloud server. And we construct the model of access privilege management using AONT based XOR threshold Secret Sharing, In addition, our scheme enable to grant weight for access privilege using XOR Share. In chapter 4, we differentiate existing scheme and proposed scheme.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.15 no.1
• /
• pp.67-76
• /
• 2005

Bresson et al. have recently proposed an efficient group key agreement scheme well suited for a wireless network environment. Although it is claimed that the proposed scheme is provably secure under certain intractability assumptions, we show in this paper that this claim is unfounded, breaking the allegedly secure scheme in various ways.