• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.11 no.5
• /
• pp.43-52
• /
• 2001

Y. Zheng introduced a new type of cryptograghic primitive as \"signcryption\", which combines a function of digital signature scheme with a symmetric key encryption algorithm. Signcryption doesn\`t only provide authenticity and confidentiality in a single step, but also give more efficient computation than the traditional \"signature-then-encryption\". And C. Gamage proposed a proxy-signcryption that efficiently combines a proxy signature with the signcryption. But, in the proposed signcryption schemes, one who obtains the sender\`s private key can recover the original message of a signcrypted text. That is, forward secrecy is not offered by the signcryption scheme with respect to the sender\`s private key. In this paper, we will propose a modified signcryption of Zheng\`s signcryption and a variant of proxy-signcryption with forward secrecy.ith forward secrecy.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2014.04a
• /
• pp.357-359
• /
• 2014

그룹키란 그룹 내의 사용자들이 암호화와 복호화를 위하여 공유하는 비밀키를 의미하며, 그룹키는 Backward secrecy와 Forward secrecy를 모두 제공하여야 한다. Backward secrecy는 새로운 그룹 사용자가 과거의 데이터를 읽지 못하도록 하는 것이고, Forward secrecy는 탈퇴한 사용자가 이후의 데이터를 읽지 못하도록 하는 것이다. 본 연구에서는 해쉬체인을 사용하여 네트워크 환경에서 Backward secrecy와 Forward secrecy를 효율적으로 제공하는 기법을 제안한다.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.27 no.7C
• /
• pp.653-663
• /
• 2002

The signature-then-encryption based on RSA scheme provides forward secrecy, but requires 4 modulo exponentiation operations in total, and the signcryption scheme proposed by Zheng simultaneously fulfills both the functions of digital signature and symmetric key encryption in a logically single step, and with a computational cost significantly smaller than that required by the current standard signature-then-encryption, but it can not provide forward secrecy. In this paper, we propose an enhanced signcryption scheme which can provide forward secrecy with lower computational cost and lower communication overhead comparing with those of the signature-then-encryption based on RSA, and with a similar communication overhead of Zheng's scheme. The proposed scheme can be also easily modified to the direct signature verification scheme by the recipient without using the recipient's private key. Additionally, we suggest a new design protocol with server-supported signatures which solves the CRLs(Certificate Revocation Lists) burden and provides non-repudiation of origin. This protocol with server-supported signatures also can be applied to the original signcryption scheme proposed by Zheng in order to improve security.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.9 no.11
• /
• pp.4623-4643
• /
• 2015

This paper considers physical-layer security protocols in multicast cognitive radio (CR) networks. In particular, we propose dual-hop cooperative decode-and-forward (DF) and randomize-and-forward (RF) schemes using partial relay selection method to enhance secrecy performance for secondary networks. In the DF protocol, the secondary relay would use same codebook with the secondary source to forward the source's signals to the secondary destination. Hence, the secondary eavesdropper can employ either maximal-ratio combining (MRC) or selection combining (SC) to combine signals received from the source and the selected relay. In RF protocol, different codebooks are used by the source and the relay to forward the source message secretly. For each scheme, we derive exact and asymptotic closed-form expressions of secrecy outage probability (SOP), non-zero secrecy capacity probability (NzSCP) in both independent and identically distributed (i.i.d.) and independent but non-identically distributed (i.n.i.d.) networks. Moreover, we also give a unified formula in an integral form for average secrecy capacity (ASC). Finally, our derivations are then validated by Monte-Carlo simulations.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.10 no.11
• /
• pp.5639-5653
• /
• 2016

Security models for key exchange protocols have been researched for years, however, lots of them only focus on what secret can be compromised but they do not differentiate the timing of secrets compromise, such as the extended Canetti-Krawczyk (eCK) model. In this paper, we propose a new security model for key exchange protocols which can not only consider what keys can be compromised as well as when they are compromised. The proposed security model is important to the security proof of the key exchange protocols with forward secrecy (either weak forward secrecy (wFS) or strong forward secrecy (sFS)). In addition, a new kind of key compromise impersonation (KCI) attacks which is called strong key compromise impersonation (sKCI) attack is proposed. Finally, we provide a new one-round key exchange protocol called mOT+ based on mOT protocol. The security of the mOT+ is given in the new model. It can provide the properties of sKCI-resilience and sFS and it is secure even if the ephemeral key reveal query is considered.

• Journal of Korea Multimedia Society
• /
• v.19 no.3
• /
• pp.585-594
• /
• 2016

Recently because of development of remote network technology, users are able to access the network freely without constraints of time and space. As users are getting more frequent to access the remote server in a computing environment, they are increasingly being exposed to various risk factors such as forward secrecy and server impersonation attack. Therefore, researches for remote user authentication scheme have been studying actively. This paper overcomes the weaknesses of many authentication schemes proposed recently. This paper suggests an improved authentication scheme that protects user's anonymity with preserving variable more safe and also provides forward secrecy.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.3
• /
• pp.531-546
• /
• 2015

A non-interactive key exchange protocol provides an efficiency of overall system by eliminating additional communication. However, traditional non-interactive key exchange protocols without updating a private key fail to provide forward secrecy, since there is no usage of ephemeral key for randomness of session key. In 2012, Sang et al. proposed a certificateless non-interactive key exchange(CL-NIKE) protocol, but they do not prove the security of the protocol and it does not provide forward secrecy. In this paper, we propose a new CL-NIKE protocol and it's security model. Then we prove the proposed protocol is secure under the security model based on DBDH(Decision Bilinear Diffie-Hellman) assumption. Moreover, we propose a CL-NIKE protocol with forward secrecy which updates user's private key by using multilinear map and prove it's security.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.17 no.5
• /
• pp.27-38
• /
• 2007

One of the most important security issues of e-mail service is user privacy. Currently, various security protocols, like PGP(pretty Good Privacy), S/MIME(Secure/Multipurpose Internet Mail Extension), have been proposed. These protocols, however, do not provide forward secrecy. Recently, some security protocols that provide forward secrecy were proposed. But all of them require changes to the current e-mail infrastructure. Moreover, contrary to authors' intention, some of them do not actually provide perfect forward secrecy. In this paper, we propose a new practical e-mail security protocol. The proposed protocol provides perfect forward secrecy and uses a practical e-mail model that dose not require any changes to existing e-mail servers. It encrypts and authenticates messages efficiently using elliptic curve based signcryption scheme. In addition, we provide a way to send secure group e-mails.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.10 no.10
• /
• pp.5049-5062
• /
• 2016

This paper analyzes the secrecy performance of an amplify-and-forward (AF) relay network, where a multi-antenna eavesdropper attempts to overhear the transmitted message from a multi-antenna source to a multi-antenna destination with a single antenna relay. Firstly, we derive the approximate analytical expressions for the secrecy outage probability (SOP) and average secrecy rate (ASR) of the relay network. Then, asymptotic expressions of SOP and ASR at high main-to-eavesdropper ratio (MER) are also provided to reveal the diversity gain of the secure communication. Finally, numerical results are given to verify the theoretical analysis and show the effect of the number of antennas in the considered relay network.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.19 no.1
• /
• pp.3-11
• /
• 2009

Forward secrecy in an e-mail system means that the compromising of the long-term secret keys of the mail users and mail servers does not affect the confidentiality of the previous e-mail messages. Previous forward-secure e-mail protocols used the certified public keys of the users and thus needed PKI(Public Key Infrastructure). In this paper, we propose a password-based authenticated e-mail protocol providing forward secrecy. The proposed protocol does not require certified public keys and is sufficiently efficient to be executed on resource-restricted mobile devices.