• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.11 no.11
• /
• pp.5537-5555
• /
• 2017

Having the characteristics of unlinkability, anonymity, and unforgeability, blind signatures are widely used for privacy-related applications such as electronic cash, electronic voting and electronic auction systems where to maintain the anonymity of the participants. Among these applications, the blinded message is needed for a certain purpose by which users delegate signing operation and communicate with each other in a trusted manner. This application leads to the need of proxy blind signature schemes. Proxy blind signature is an important type of cryptographic primitive to realize the properties of both blind signature and proxy signature. Over the past years, many proxy blind signature algorithms have been adopted to fulfill such task based on the discrete logarithm problem (DLP) and the elliptic curve discrete log problem (ECDLP), and most of the existing studies mainly aim to provide effective models to satisfy the security requirements concerning a single blinded message. Unlike many previous works, the proposed scheme applies the signcryption paradigm to the proxy blind signature technology for handling multiple blinded messages at a time based on elliptic curve cryptography (ECC). This innovative method thus has a higher level of security to achieve the security goals of both blind signature and proxy signature. Moreover, the evaluation results show that this proposed protocol is more efficient, consuming low communication overhead while increasing the volume of digital messages compared to the performance from other solutions. Due to these features, this design is able to be implemented in small low-power intelligent devices and very suitable and easily adoptable for e-system applications in pervasive mobile computing environment.

• Journal of information and communication convergence engineering
• /
• v.15 no.2
• /
• pp.97-103
• /
• 2017

Implementation of faster pairing calculation is the basis of efficient pairing-based cryptographic protocol implementation. Generally, pairing is a costly operation carried out over the extension field of degree $k{\geq}12$. But the twist property of the pairing friendly curve allows us to calculate pairing over the sub-field twisted curve, where the extension degree becomes k/d and twist degree d = 2, 3, 4, 6. The calculation cost is reduced substantially by twisting but it makes the discrete logarithm problem easier if the curve parameters are not carefully chosen. Therefore, this paper considers the most recent parameters setting presented by Barbulescu and Duquesne [1] for pairing-based cryptography; that are secure enough for 128-bit security level; to explicitly show the quartic twist (d = 4) and sextic twist (d = 6) mapping between the isomorphic rational point groups for KSS (Kachisa-Schaefer-Scott) curve of embedding degree k = 16 and k = 18, receptively. This paper also evaluates the performance enhancement of the obtained twisted mapping by comparing the elliptic curve scalar multiplications.

• The KIPS Transactions:PartC
• /
• v.9C no.3
• /
• pp.331-336
• /
• 2002

In this paper, we propose a new distribution and renewal scheme for a group key suitable for secure mobile communications based on identification protocol, in which all members of the group can reshare the new group common key except revoked members by using a key distribution center (a trusted center). The security of this scheme is based on the difficulty of the discrete logarithm problem. The proposed scheme can be appropriately managed in case that terminal's capability of storage and computing power is relatively small and more than one caller are revoked. It also renews a group key easily when the center changes this key intervally for security.

• Convergence Security Journal
• /
• v.16 no.7
• /
• pp.85-91
• /
• 2016

Block cipher is one of the prominent and important elements in cryptographic systems and study on the minimal construction is a major theme in the cryptographic research. Even and Mansour motivated by the study suggested a kind of block cipher called the Even-Mansour scheme in the early 1990s. It is a very simple cipher with one permutation and two secret keys. There have been many studies on the Even-Mansour scheme and security analysis of the scheme. We explain the Even-Mansour scheme and simplify those attacks on the Even-Mansour scheme with mathematical language. Additionally, we show that Pollard's rho attack to the discrete logarithm problem can be used to attack the Even-Mansour scheme with the same complexity of the Pollard's rho attack.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.17 no.1
• /
• pp.49-56
• /
• 2013

Among U-healthcare services adapting the latest IT technique and medical technique, a body-injecting device technique providing medical service to a patient who has incurable disease. But the body-injecting device technique can be easily exposed during wireless section to the third person and it can be used illegally. This paper proposes certification protocol which certifies a patient and hospital staff using random number created by certification server and a patient with hospital staff by synchronization. Specially, the proposed protocol uses security information created by information registered in certification server previously by a patient and hospital staff so that in keeps from accessing of third person who didn't get approval. And it gives more stability.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.14 no.3
• /
• pp.145-153
• /
• 2004

Digital fingerprinting schemes are cryptographic methods that a seller can identify a traitor who illegally redistributed digital contents by embedding it into buyer's information. Recently, Josep Domingo-Ferrer suggested an anonymous digital fingerprinting scheme based on committed oblivious transfer protocol. It is significant in the sense that it is completely specified from a computation point of view and is thus readily implementable. But this scheme has the serious problem that it cannot provide the security of buyers. In this paper, we first show how to break the existing committed oblivious transfer-based fingerprinting schemes and then suggest secure fingerprinting scheme by introducing oblivious transfer protocol with two-lock cryptosystem based on discrete logarithm. All computations are performed efficiently and the security degree is strengthened in our proposal.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.15 no.3
• /
• pp.109-114
• /
• 2005

On the research for constructing secure group-oriented proxy signature schemes, there are several proposals of threshold proxy signature schemes which combine the notions of proxy signature with threshold signature. Recently, Hsu and Wu proposed a threshold proxy signature scheme which uses a self-certified public key based on discrete logarithm problem. In this paper, we show that this scheme is vulnerable to original signer's forgery attack. So our attack provides the evidence that this scheme does not satisfy nonrepudiation property.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.10 no.3
• /
• pp.69-76
• /
• 2000

In this paper we propose a new group key renewal scheme suitable for secure mobile communications in which all members of the group can re-share the new group common key excepted a revoked member using a key distribution center(a trusted center). A renewal group key in the proposed scheme can be shared many times using pre-distributed data by a smart card without a preparation stage. This scheme is also avaliable for a large group network because the transmitted data amount after identifying the revoked member does not depend on a size of group. The secuirty of this scheme is based on the difficulty of the discrete logarithm problem.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.13 no.1
• /
• pp.11-18
• /
• 2003

As the Internet moves to mobile environment, one of the most serious problems for the security is to required a new security Protocol with safety and efficiency. To solve the problem. we Propose a new Protocol that reduces the communication franc and solves the problem associated with the private security keys supplied by the trusted third party. The protocol is a non-Interactive oblivious transfer protocol, based on the EIGamal public-key algorithm. Due to its Non-Interactive oblivious transfer protocol, it can effectively reduce communication traffic in server-client environment. And it is also possible to increase the efficiency of protocol through the mechanism that authentication probability becomes lower utilizing a challenge selection bit. The protocol complexity becomes higher because it utilizes double exponentiation. This means that the protocol is difficult rather than the existing discrete logarithm or factorization in prime factors. Therefore this can raise the stability of protocol.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.11 no.8
• /
• pp.3045-3052
• /
• 2010

The international standard signature algorithm DSA has been guaranteed its security based on discrete logarithm problem. Recently, the DSA was known to be vulnerable to some fault analysis attacks in which the secret key stored inside of the device can be extracted by occurring some faults when the device performs signature algorithm. After analyzing an existing fault attack presented by Bao et al., this paper proposed a new fault analysis attack by disturbing the random number. Furthermore, we presented a countermeasure to compute DSA signature that has its immunity in the two types of fault attacks. The security and efficiency of the proposed countermeasure were verified by computer simulations.