• Journal of Communications and Networks
• /
• v.15 no.3
• /
• pp.252-257
• /
• 2013

To alleviate the damage caused by key exposures, Dodis et al. introduced the notion of key-insulated security where secret keys are periodically updated by using a physically insulated helper key. To decrease the risk of helper key exposures, Hanaoka et al. advocated parallel key-insulated mechanism where distinct helpers are independently used in key updates. In this paper, we propose the first parallel key-insulated signature scheme which is provably secure without resorting to the random oracle methodology. Our scheme not only allows frequent key updating, but also does not increase the risk of helper key exposures.

• Journal of Ginseng Research
• /
• v.47 no.2
• /
• pp.349-351
• /
• 2023

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.6 no.9
• /
• pp.2442-2454
• /
• 2012

To ensure the security of wireless sensor networks, it is important to have a robust key management scheme. In this paper, we propose a Quorum-based key management scheme. A specific sensor, called as key distribution server (KDS), generates a key matrix and establishes a quorum system from the key matrix. The quorum system is a set system of subsets that the intersection of any two subsets is non-empty. In our scheme, each sensor is assigned a subset of the quorum system as its pre-distributed keys. Whenever any two sensors need a shared key, they exchange their IDs, and then each sensor by itself finds a common key from its assigned subset. A shared key is then generated by the two sensors individually based on the common key. By our scheme, no key is needed to be refreshed as a sensor leaves the network. Upon a sensor joining the network, the KDS broadcasts a message containing the joining sensor ID. After receiving the broadcast message, each sensor updates the key which is in common with the new joining one. Only XOR and hash operations are required to be executed during key update process, and each sensor needs to update one key only. Furthermore, if multiple sensors would like to have a secure group communication, the KDS broadcasts a message containing the partial information of a group key, and then each sensor in the group by itself is able to restore the group key by using the secret sharing technique without cooperating with other sensors in the group.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.11 no.7
• /
• pp.1332-1340
• /
• 2007

This paper describes an efficient hardware design of key wrap/unwrap algorithm for security layer of WiBro system. The key wrap/unwrap core (WB_KeyWuW) is based on AES (Advanced Encryption Standard) algorithm, and performs encryption/decryption of 128bit TEK (Traffic Encryption Key) with 128bit KEK (Key Encryption Key). In order to achieve m area-efficient implementation, two design techniques are considered; First, round transformation block within AES core is designed using a shared structure for encryption/decryption. Secondly, SubByte/InvSubByte blocks that require the largest hardware in AES core are implemented by using field transformation technique. As a result, the gate count of the WB_KeyWuW core is reduced by about 25% compared with conventional LUT (Lookup Table)-based design. The WB_KeyWuW con designed in Verilog-HDL has about 14,300 gates, and the estimated throughput is about $16{\sim}22-Mbps$ at 100-MHz@3.3V, thus the designed core can be used as an IP for the hardware design of WiBro security system.

• The Plant Pathology Journal
• /
• v.27 no.4
• /
• pp.360-366
• /
• 2011

Bacterial leaf spot of Euphorbia pulcherrima has been reported in many countries. Characterization by polyphasic approaches indicated that the isolates from India, USA and New Zealand could be distinguished based on rep-PCR profiles and gyrB phylogenies, while the Chinese isolates should be ascribed to Xanthomonas axonopodis pv. poinsettiicola.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.10 no.5
• /
• pp.2394-2406
• /
• 2016

ABE has become an effective tool for data protection in cloud computing. However, since users possessing the same attributes share the same private keys, there exist some malicious users exposing their private keys deliberately for illegal data sharing without being detected, which will threaten the security of the cloud system. Such issues remain in many current ABE schemes since the private keys are rarely associated with any user specific identifiers. In order to achieve user accountability as well as provide key exposure protection, in this paper, we propose a key-insulated ciphertext policy attribute based encryption with key exposure accountability (KI-CPABE-KEA). In our scheme, data receiver can decrypt the ciphertext if the attributes he owns match with the self-centric policy which is set by the data owner. Besides, a unique identifier is embedded into each user's private key. If a malicious user exposes his private key for illegal data sharing, his identity can be exactly pinpointed by system manager. The key-insulation mechanism guarantees forward and backward security when key exposure happens as well as provides efficient key updating for users in the cloud system. The higher efficiency with proved security make our KI-CPABE-KEA more appropriate for secure data sharing in cloud computing.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.7 no.8
• /
• pp.2042-2060
• /
• 2013

In wireless sensor networks (WSNs), energy efficiency is one of the most essential design considerations, since sensor nodes are resource constrained. Group communication can reduce WSNs communication overhead by sending a message to multiple nodes in one packet. In this paper, in order to simultaneously resolve the transmission security and scalability in WSNs group communications, we propose a hierarchical cluster-based secure and scalable group key management scheme, called HRKT, based on logic key tree and route key tree structure. The HRKT scheme divides the group key into cluster head key and cluster key. The cluster head generates a route key tree according to the route topology of the cluster. This hierarchical key structure facilitates local secure communications taking advantage of the fact that the nodes at a contiguous place usually communicate with each other more frequently. In HRKT scheme, the key updates are confined in a cluster, so the cost of the key updates is reduced efficiently, especially in the case of massive membership changes. The security analysis shows that the HRKT scheme meets the requirements of group communication. In addition, performance simulation results also demonstrate its efficiency in terms of low storage and flexibility when membership changes massively.

• Journal of the Korea Society of Computer and Information
• /
• v.13 no.7
• /
• pp.173-180
• /
• 2008

In this paper, we proposed an algorithm for an effective public key and private key generation to implement a secure asymmetric watermarking system against the public key attack. The public key and private key generation is based on the linear transformation using a special matrix and the keys are designed to be able to have high correlation value. We also proposed a counter plan of public key attack. This method uses a multiple public key generation and distribution. As the results, the correlation value between the public key and the private key is high in the watermarked image. After the public key attack. this can detect the correlation by using other public key.

• Journal of Communications and Networks
• /
• v.14 no.1
• /
• pp.104-110
• /
• 2012

Group key agreement protocols allow a group of users, communicating over a public network, to establish a shared secret key to achieve a cryptographic goal. Protocols based on certificateless public key cryptography (CL-PKC) are preferred since CL-PKC does not need certificates to guarantee the authenticity of public keys and does not suffer from key escrow of identity-based cryptography. Most previous certificateless group key agreement protocols deploy signature schemes to achieve authentication and do not have constant rounds. No security model has been presented for group key agreement protocols based on CL-PKC. This paper presents a security model for a certificateless group key agreement protocol and proposes a constant-round group key agreement protocol based on CL-PKC. The proposed protocol does not involve any signature scheme, which increases the efficiency of the protocol. It is formally proven that the proposed protocol provides strong AKE-security and tolerates up to $n$-2 malicious insiders for weak MA-security. The protocol also resists key control attack under a weak corruption model.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.15 no.9
• /
• pp.3322-3347
• /
• 2021

Cloud Storage is the primary component of many businesses on cloud. Majority of the enterprises today are adopting a multicloud strategy to keep away from vendor lock-in and to optimize cost. Auditing schemes are used to ascertain the integrity of cloud data. Of these schemes, only the Provable Data Possession schemes (PDP) are resilient to key-exposure. These PDP schemes are devised using Public Key Infrastructure (PKI-) based cryptography, Identity-based cryptography, etc. PKI-based systems suffer from certificate-related communication/computational complexities. The Identity-based schemes deal with the exposure of only the auditing secret key (audit key). But with the exposure of both the audit key and the secret key used to update the audit key, the auditing process itself becomes a complete failure. So, an Identity-based PDP scheme with Parallel Key-Insulation is proposed for multiple cloud storage. It reduces the risk of exposure of both the audit key and the secret key used to update the audit key. It preserves the data privacy from the Third Party Auditor, secure against malicious Cloud Service Providers and facilitates batch auditing. The resilience to key-exposure is proved using the CDH assumption. Compared to the existing Identity-based multicloud schemes, it is efficient in integrity verification.