• 한국정보보호학회:학술대회논문집
• /
• 한국정보보호학회 2003년도 동계학술대회
• /
• pp.611-614
• /
• 2003

S.S.Al-Riyami와 K.G.Paterson에 의해 제안된 Certificate-less 공개키 암호 시스템은 기존 공개키 암호 시스템이 가지는 인증서 관리의 불편함과 ID-based 암호 시스템이 가지는 Key Escrow문제를 동시에 해결해 주었다. 하지만 대부분의 공개키 암호 시스템 과 마찬가지로 Certificate-less 공개키 암호 시스템 역시 비공개키의 노출에 대한 문제를 가지고 있다. 따라서 본 논문에서는 기존 Certificate-less 공개키 암호 시스템에 Strong Key Insulation을 제공함으로써 보다 안전한 암호 시스템을 제안한다. 또한 이 시스템은 기존 Key Insulated 공개키 암호 시스템에 비해 계산량을 줄임으로써 보다 효율적인 암호 시스템을 구축할 수 있다.

• Journal of Information Processing Systems
• /
• 제13권4호
• /
• pp.970-986
• /
• 2017

Certificateless public key cryptography (CL-PKC) is a new benchmark in modern cryptography. It not only simplifies the certificate management problem of PKC, but also avoids the key escrow problem of the identity based cryptosystem (ID-PKC). In this article, we propose a certificateless blind signature protocol which is based on elliptic curve cryptography (CLB-ECC). The scheme is suitable for the wireless communication environment because of smaller parameter size. The proposed scheme is proven to be secure against attacks by two different kinds of adversaries. CLB-ECC is efficient in terms of computation compared to the other existing conventional schemes. CLB-ECC can withstand forgery attack, key only attack, and known message attack. An e-cash framework, which is based on CLB-ECC, has also been proposed. As a result, the proposed CLB-ECC scheme seems to be more effective for applying to real life applications like e-shopping, e-voting, etc., in handheld devices.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제10권10호
• /
• pp.5190-5208
• /
• 2016

Because of the advantages of certificateless and no escrow feature over the regular signature and identity-based signature, certificateless signature has been widely applied in e-business, e-government and software security since it was proposed in 2003. Although a number of certificateless signature schemes have been proposed, there is only one lattice-based certificateless signature scheme which is still secure in the quantum era. But its efficiency is not very satisfactory. In this paper, the first certificateless signature scheme on NTRU lattice is proposed, which is proven to be secure in random oracle model. Moreover, the efficiency of the new scheme is higher than that of the only one lattice-based certificateless signature.

• 한국IT서비스학회:학술대회논문집
• /
• 한국IT서비스학회 2003년도 추계학술대회
• /
• pp.124-132
• /
• 2003

최근 급증하고 있는 전자상거래에서의 소비자피해를 줄이고 거래의 신뢰성을 높이기 위한 수단으로 온라인 에스크로 서비스가 이용되고 있으며, 관련 법제의 개정을 통한 제도 도입이 추진되고 있다. 매매당사자간 물품과 대금의 지급을 보장하는 에스크로 서비스는 전자상거래 소비자피해를 예방하고 사후적 피해를 실질적으로 구제할 수 있는 효과적인 거래안전장치임에 틀림없다. 하지만 소비자보호 측면뿐만 아니라 전자상거래의 지속적인 발전을 위해서는 관련된 제도적 보완이 필요하다. 우선, 현재 추진 중에 있는 전자상거래소보법의 개정 또는 기타 법률의 형태로 에스크로 서비스의 제도적 가이드라인을 제시하기 위한 입법화가 요구되며, 둘째, 온라인 거래의 당사자들이 누구라도 언제든지 에스크로 서비스를 이용할 수 있도록 에스크로 제도의 도입을 강제하되 그 이용 여부는 거래당사자간 교섭에 의해 결정토록 하는 방안을 고려해 볼 수 있다. 셋째, 안전한 대금지급을 위한 정보제공의 차원에서 에스크로 서비스의 이용에 관한 사항을 소비자가 알기 쉽도록 의무적으로 표시토록 하고, 넷째, 에스크로 서비스의 공신력 제고를 위해 에스크로 사업자의 자격에 관한 별도의 기준을 마련하여 규제하는 것이 바람직하다.

• 한국멀티미디어학회논문지
• /
• 제14권6호
• /
• pp.775-784
• /
• 2011

본 논문에서는 신원기반 다중수신자 암호 기법의 장점인 묵시적 인증을 제공하는 동시에 키 위탁문제를 해결하기 위한 무인증서 공개키 암호 기술 기반의 새로운 다중수신자 암호 기법을 소개한다. 제안 기법은 다중수신자에 대한 메시지 암호화 단계에서 겹선형 페어링 연산을 제거하였을 뿐만 아니라 복호화 단계에서 단 한 번의 겹선형 페어링 연산만을 요구하는 매우 효율적인 다중수신자 암호 기법이다. 또한, 본 논문에서는 제안 기법을 이용하여 스테이트리스 수신자 환경을 위한 서브셋-커버 프레임워크 기반의 새로운 공개키 브로드캐스트 암호 기법을 제시한다.

• 한국경영과학회지
• /
• 제32권2호
• /
• pp.53-69
• /
• 2007

Internet shopping websites have offered comfort to consumers in shopping and built trust relationships with them by providing electronic agents for recommendation, escrow services, and customer centers etc. But as there is little big difference among the shopping websites in terms of technical competence, website design, operational policy, they recognize online feedback (reviews or recommendation of consumers or experts) and online feedback mechanism as important marketing tools. Based on online feedback related studies, this study explores antecedents (consensus, vividness of reviews, interactions in review boards) of the perceived effectiveness of review boards which are text-based feedback mechanisms and its consequences such as trust, satisfaction, and intention to use. The results show that the perceived effectiveness of review boards is significantly affected by vividness of reviews and interactions in review boards, and the impact of interaction in review boards on the perceived effectiveness of review boards is stronger than that of vividness of reviews. The results also show that the perceived effectiveness of review boards has a significant influence on trust and satisfaction with the shopping websites, and intention to use is influenced by both trust and satisfaction.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제8권7호
• /
• pp.2532-2553
• /
• 2014

In Asiacrypt 2003, Al-Riyami and Paterson proposed the notion of certificateless cryptography, a technique to remove key escrow from traditional identity-based cryptography as well as circumvent the certificate management problem of traditional public key cryptography. Subsequently much research has been done in the realm of certificateless encryption and signature schemes, but little to no work has been done for the identification primitive until 2013 when Chin et al. rigorously defined certificateless identification and proposed a concrete scheme. However Chin et al.'s scheme was proven in the random oracle model and Canetti et al. has shown that certain schemes provable secure in the random oracle model can be insecure when random oracles are replaced with actual hash functions. Therefore while having a proof in the random oracle model is better than having no proof at all, a scheme to be proven in the standard model would provide stronger security guarantees. In this paper, we propose the first certificateless identification scheme that is both efficient and show our proof of security in the standard model, that is without having to assume random oracles exist.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제11권7호
• /
• pp.3629-3647
• /
• 2017

Certificate-based cryptography is a useful public key cryptographic primitive that combines the merits of traditional public key cryptography and identity-based cryptography. It not only solves the key escrow problem inherent in identity-based cryptography, but also simplifies the cumbersome certificate management problem in traditional public key cryptography. So far, four short certificate-based signature schemes have been proposed. However, three of them fail in achieving the existential unforgeability under adaptive chosen-message attacks and the remaining one was not constructed in the normal framework of certificate-based signature. In this paper, we put forward a new short certificate-based signature scheme. The proposed scheme is devised in the normal framework of certificate-based signature and overcomes the security weaknesses in the previous short certificate-based signature schemes. In the random oracle model, we formally prove that it achieves the existential unforgeability against adaptive chosen-message attacks. Performance comparison shows that it is efficient and practical.

• 한국컴퓨터산업학회논문지
• /
• 제3권8호
• /
• pp.1105-1116
• /
• 2002

이전에 군사상의 목적 등 국가적 차원에서 주로 이용되었던 암호의 사용이 전자 거래가 일반화되면서 민간 부분으로 급속히 확대되고 있다. 이는 인터넷을 통한 정보의 유통 시에 발생 가능한 도청, 변조, 위조 등의 여러 가지 취약점을 방지하기 위한 암호의 사용이 일반화하게 하였다. 그러나 키의 분실로 인한 암호문의 복구 불가능, 암호의 불법 단체 및 개인에 의한 불법적인 사용 등의 역기능이 존재한다. 본 논문에서는 암호문에 대응되는 개인키 소유자가 아니더라도 약속된 조건을 만족시킬 경우 암호문을 해독할 수 있는 키 복구 기술에서 요구되는 기본 요소 기술을 분석하고, 선진국의 기술 개발 동향과 정책을 분석하고 각 정책과 기술을 비교 분석한다.

• 지식경영연구
• /
• 제20권4호
• /
• pp.131-148
• /
• 2019

E-commerce in Korea has grown steadily in recent years. E-commerce has provided firms with an effective method to approach potential customers by overcoming geographical and physical barriers. However, despite the rapid growth, many e-commerce businesses closed their businesses and were not able to survive. This study aims to empirically examine the factors that determine the survival of e-commerce businesses in Korea. In particular, this study focuses on the factors related to the notion of institution-based trust that includes delivery, privacy, and security management. This research used the data set about 31,295 e-commerce businesses that have been registered in Seoul. We found that the e-commerce business that does not require extra personal information beyond the standard terms and conditions or provides a feedback mechanism by having an online board to submit a complaint has a higher chance of survival. In addition, the e-commerce business that has a secured web server, shows the specific information about the date of delivery, or provides escrow services is likely to survive longer than others. The research has extended the extant literature on the importance of trust in e-commerce by empirically examining the effects of the institution-based trust factors on the actual survival of e-commerce businesses.