• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.49 no.1
• /
• pp.92-101
• /
• 2012

Security support is a significant factor in ad hoc networks. Especially in dynamic topologies, key agreement with private key updating is essential in providing a secure system. And it is also necessary to protect the identities of individual nodes in wireless environments to avoid personal privacy problems. However, many of the existing key agreement schemes for ad hoc networks do not consider these issues concurrently. This paper proposes an anonymous ID-based private key update scheme and a key agreement scheme for mobile ad hoc networks. We also suggest a method of rekeying between different domains using service-coordinators. These schemes are secure against various attacks and are suitable for service-oriented mobile ad hoc networks.

• ETRI Journal
• /
• v.36 no.1
• /
• pp.51-61
• /
• 2014

In the Mobile IPv6 (MIPv6) protocol, a mobile node (MN) is a mobile device with a permanent home address (HoA) on its home link. The MN will acquire a care-of address (CoA) when it roams into a foreign link. It then sends a binding update (BU) message to the home agent (HA) and the correspondent node (CN) to inform them of its current CoA so that future data packets destined for its HoA will be forwarded to the CoA. The BU message, however, is vulnerable to different types of security attacks, such as the man-in-the-middle attack, the session hijacking attack, and the denial-of-service attack. The current security protocols in MIPv6 are not able to effectively protect the BU message against these attacks. The private-key-based BU (PKBU) protocol is proposed in this research to overcome the shortcomings of some existing MIPv6 protocols. PKBU incorporates a method to assert the address ownership of the MN, thus allowing the CN to validate that the MN is not a malicious node. The results obtained show that it addresses the security requirements while being able to check the address ownership of the MN. PKBU also incorporates a method to verify the reachability of the MN.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.7 no.11
• /
• pp.2928-2940
• /
• 2013

Key exposure is a major threat to secure cryptosystems. To mitigate the impact caused by key-compromise attacks, a key-insulated cryptographic mechanism is a better alternative. For securing the large message communication in peer-to-peer networks, in this paper, we propose the first novel identity-based key-insulated encryption (IB-KIE) scheme with message linkages. Our scheme has the properties of unbounded time periods and random-access key-updates. In the proposed scheme, each client can periodically update his private key while the corresponding public one remains unchanged. The essential security assumption of our proposed scheme is based on the well-known bilinear Diffie-Hellman problem (BDHP). To ensure the practical feasibility, we also formally prove that the proposed scheme achieves the security requirement of confidentiality against indistinguishability under adaptive chosen-ciphertext attacks (IND-CCA2) in the random oracle model.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.8 no.6
• /
• pp.1194-1203
• /
• 2004

The RR protocole, proposed in IETF mip6 WG and standardized by RFC 3775 at lune 2004, send a message 'Binding Update' that express MN's location information to CN safety and update location information. Standard RR protocole has some problems with initiating the protocol by the MN; it causes to increases in communication load in the home network, to increases communication delay between MN and CN. Also, is connoting vulnerability to against attacker who are on the path between CN and HA in security aspect. This paper proposes doing to delegate MN's location information update rights by HA new location information update method. That is, When update MN's location information to HA, Using MN's private key signed location information certificate use and this certificate using method that HA uses MN's location information at update to CN be. It decreases the route optimization overhead by reducing the number of messages as well as the using location information update time. Also, remove security weakness about against attacker who are on the path between CN and HA.

• Journal of Broadcast Engineering
• /
• v.13 no.1
• /
• pp.53-61
• /
• 2008

Public Key Broadcast Encryption (PKBE) allows a sender to distribute a message to a changing set of users over an insecure channel. PKBE schemes should be able to dynamically exclude (i.e., revoke) a certain subset of users from decrypting a ciphertext, so that only remaining users can decrypt the ciphertext. Another important requirement is for the scheme to be forward-secrecy. A forward-secure PKBE (fs-PKBE) enables each user to update his private key periodically. This updated private key prevents an adversary from obtain the private key for certain past period, which property is particularly needed for pay-TV systems. In this paper, we present a fs-PKBE scheme where both ciphertexts and private keys are of $O(\sqrt{n})$ size. Our PKBE construction is based on Boneh-Boyen-Goh's hierarchical identity-based encryption scheme. To provide the forward-secrecy with our PKBE scheme, we again use the delegation mechanism for lower level identities, introduced in the BBG scheme. We prove chosen ciphertext security of the proposed scheme under the Bilinear Diffie-Hellman Exponent assumption without random oracles.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.10 no.5
• /
• pp.2407-2426
• /
• 2016

A group signature scheme allows any member to sign on behalf of a group. It is applied to practical distributed security communication environments, such as privacy-preserving, data mining. In particular, the excellent features of group signatures, including membership joining and revocation, anonymity, traceability, non-frameability and controllable linkability, make group signature scheme more attractive. Among these features, non-frameability can guarantee that a member's signature cannot be forged by any other (including issuer), and controllable linkability supports to confirm whether or not two group signatures are created by the same signer while preserving anonymity. Until now, only Hwang et al.'s group schemes (proposed in 2013 and 2015) can support all of these features. In this paper, we present a new dynamic group signature scheme which can achieve all of the above excellent features. Compared with their schemes, our scheme has the following advantages. Firstly, our scheme achieves more efficient membership revocation, signing and verifying. The cost of update key in our scheme is two-thirds of them. Secondly, the tracing algorithm is simpler, since the signer can be determined without the judging step. Furthermore, in our scheme, the size of group public key and member's private key are shorter. Lastly, we also prove security features of our scheme, such as anonymity, traceability, non-frameability, under a random oracle model.

• Journal of KIISE:Information Networking
• /
• v.36 no.6
• /
• pp.545-551
• /
• 2009

In this paper, we propose the secure key management framework to connect USN with different network. Although connected USN with different network has no CA (Certificate Authority), it is important to use public key based cryptography system because this network consists of numerous devices. The proposed mechanisms focus on device authentication and public/private key management without existing PKI system of IP network. To solve no CA and certificate problems, the IDC (Identity Based Cryptography) concept is adopted in our proposed mechanism. To verify the possibility of realization, we make an effort to implement the proposed mechanisms to real system. In the test bed, both USN and PLC network are connected to IP network; and proposed mechanisms are implemented to PLC and sensor devices. Through this test using the proposed mechanism, we met the similar performance with symmetric algorithms on key generation and update process. Also, we confirmed possibility of connection between different network and device authentication.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.13 no.3
• /
• pp.1502-1522
• /
• 2019

Leakage of secret keys may be the most devastating problem in public key cryptosystems because it means that all security guarantees are missing. The forward security mechanism allows users to update secret keys frequently without updating public keys. Meanwhile, it ensures that an attacker is unable to derive a user's secret keys for any past time, even if it compromises the user's current secret key. Therefore, it offers an effective cryptographic approach to address the private key leakage problem. As an extension of the forward security mechanism in certificate-based public key cryptography, forward-secure certificate-based signature (FS-CBS) has many appealing merits, such as no key escrow, no secure channel and implicit authentication. Until now, there is only one FS-CBS scheme that does not employ the random oracles. Unfortunately, our cryptanalysis indicates that the scheme is subject to the security vulnerability due to the existential forgery attack from the malicious CA. Our attack demonstrates that a CA can destroy its existential unforgeability by implanting trapdoors in system parameters without knowing the target user's secret key. Therefore, it is fair to say that to design a FS-CBS scheme secure against malicious CAs without lying random oracles is still an unsolved issue. To address this problem, we put forward an enhanced FS-CBS scheme without random oracles. Our FS-CBS scheme not only fixes the security weakness in the original scheme, but also significantly optimizes the scheme efficiency. In the standard model, we formally prove its security under the complexity assumption of the square computational Diffie-Hellman problem. In addition, the comparison with the original FS-CBS scheme shows that our scheme offers stronger security guarantee and enjoys better performance.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.16 no.5
• /
• pp.1634-1652
• /
• 2022

Due to the increasing need for data sharing in the age of big data, how to achieve data access control and implement user permission revocation in the blockchain environment becomes an urgent problem. To solve the above problems, we propose a novel blockchain-based data sharing scheme (BDSS) with fine-grained access control and permission revocation in this paper, which regards the medical environment as the application scenario. In this scheme, we separate the public part and private part of the electronic medical record (EMR). Then, we use symmetric searchable encryption (SSE) technology to encrypt these two parts separately, and use attribute-based encryption (ABE) technology to encrypt symmetric keys which used in SSE technology separately. This guarantees better fine-grained access control and makes patients to share data at ease. In addition, we design a mechanism for EMR permission grant and revocation so that hospital can verify attribute set to determine whether to grant and revoke access permission through blockchain, so it is no longer necessary for ciphertext re-encryption and key update. Finally, security analysis, security proof and performance evaluation demonstrate that the proposed scheme is safe and effective in practical applications.

• Journal of the Korean Association of Geographic Information Studies
• /
• v.22 no.3
• /
• pp.133-145
• /
• 2019

Building and researching high definition maps that support autonomous vehicles, one of Korea's key challenges for the future, are being actively propelled in both private and government sectors with the goal of fast commercialization. Under this perspective, update methods that secure up-to-date information are emerging as key tasks. To provide a plan for establishing efficient renewal systems for high definition maps, we analyzed the present condition of road types, causes of road changes and its annual change rates, and examined where and how such road change information is managed. Furthermore, the method of collection and detection of road change information and the renewal system of high definition maps are defined based on the current study. At the end of the paper, a step-by-step renewal system is proposed through the examination of renewal cycles, contents, and region of high definition maps.