• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.7 no.1
• /
• pp.119-131
• /
• 2013

With the explosive growth of computer networks, many remote service providing servers and multi-server network architecture are provided and it is extremely inconvenient for users to remember numerous different identities and passwords. Therefore, it is important to provide a mechanism for a remote user to use single identity and password to access multi-server network architecture without repetitive registration and various multi-server authentication schemes have been proposed in recent years. Recently, Tsaur et al. proposed an efficient and secure smart card based user authentication and key agreement scheme for multi-server environments. They claimed that their scheme satisfies all of the requirements needed for achieving secure password authentication in multi-server environments and gives the formal proof on the execution of the proposed authenticated key agreement scheme. However, we find that Tsaur et al.'s scheme is still vulnerable to impersonation attack and many logged-in users' attack. We propose an extended scheme that not only removes the aforementioned weaknesses on their scheme but also achieves user anonymity for hiding login user's real identity. Compared with other previous related schemes, our proposed scheme keeps the efficiency and security and is more suitable for the practical applications.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.10 no.5
• /
• pp.2407-2426
• /
• 2016

A group signature scheme allows any member to sign on behalf of a group. It is applied to practical distributed security communication environments, such as privacy-preserving, data mining. In particular, the excellent features of group signatures, including membership joining and revocation, anonymity, traceability, non-frameability and controllable linkability, make group signature scheme more attractive. Among these features, non-frameability can guarantee that a member's signature cannot be forged by any other (including issuer), and controllable linkability supports to confirm whether or not two group signatures are created by the same signer while preserving anonymity. Until now, only Hwang et al.'s group schemes (proposed in 2013 and 2015) can support all of these features. In this paper, we present a new dynamic group signature scheme which can achieve all of the above excellent features. Compared with their schemes, our scheme has the following advantages. Firstly, our scheme achieves more efficient membership revocation, signing and verifying. The cost of update key in our scheme is two-thirds of them. Secondly, the tracing algorithm is simpler, since the signer can be determined without the judging step. Furthermore, in our scheme, the size of group public key and member's private key are shorter. Lastly, we also prove security features of our scheme, such as anonymity, traceability, non-frameability, under a random oracle model.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.8 no.11
• /
• pp.4226-4241
• /
• 2014

Cloud storage provides an easy, cost-effective and reliable way of data management for users without the burden of local data storage and maintenance. Whereas, this new paradigm poses many challenges on integrity and privacy of users' data, since users losing grip on their data after outsourcing the data to the cloud server. In order to address these problems, recently, Worku et al. have proposed an efficient privacy-preserving public auditing scheme for cloud storage. However, in this paper, we point out the security flaw existing in the scheme. An adversary, who is on-line and active, is capable of modifying the outsourced data arbitrarily and avoiding the detection by exploiting the security flaw. To fix this security flaw, we further propose a secure and efficient privacy-preserving public auditing scheme, which makes up the security flaw of Worku et al.'s scheme while retaining all the features. Finally, we give a formal security proof and the performance analysis, they show the proposed scheme has much more advantages over the Worku et al.'s scheme.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.4 no.2
• /
• pp.57-66
• /
• 2008

There have been proposed various copyright protection protocols in network-based digital multimedia distribution framework. However, most of conventional copyright protection protocols are focused on the stability of copyright information embedding/extracting and the access control to data suitable for user's authority but overlooked the privacy of copyright owner and user in authentication process of copyright and access information. In this paper, we propose a solution that builds a privacy-preserving proof of copyright ownership of digital contents in conjunction with keyword search scheme. The appeal of our proposal is three-fold: (1) content providers maintain stable copyright ownership in the distribution of digital contents; (2) the proof process of digital contents ownership is very secure in the view of preserving privacy; (3) the proposed protocol is the copyright protection protocol added by indexing process but is balanced privacy and efficiency concerns for its practical use.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.5 no.12
• /
• pp.2392-2402
• /
• 2011

In order to protect some important information communicated through an insecure network, a common hidden key must be used. One can produce the common hidden key using key agreement protocols; and this helps to have high security in modern data networks. Today, the designers of public key cryptography protocols try to set the public identity of a system's users (like their email addresses) as their public key. This not only makes a cryptographic protocol more efficient but also decreases its cost. These protocols are called "identity-based". In this article, an identity-based multiple key agreement scheme will be presented; this scheme uses the challenge-response method to do the verification. While the number of random values produced in our scheme is the same as other schemes, the number of keys generated in this scheme is much more than what many other key agreement schemes produce,. Therefore, we will have less computational complexities campered with other schems. In this paper, we consider the security of our scheme and consequently, we will show that it satisfies many security conditions such as strong security.

• KIPS Transactions on Computer and Communication Systems
• /
• v.2 no.3
• /
• pp.133-142
• /
• 2013

Recently, smart devices for various services have been developed using converged telecommunications, and the markets for near field communication (NFC) mobile services is expected to grow rapidly. In particular, the realization of mobile NFC payment services is expected to go commercial, and it is widely attracting attention both on a domestic and global level. However, this realization would increase privacy infringement, as personal information is extensively used in the NFC technology. One example of such privacy infringement would be the case of the Google wallet service. In this paper, we propose an mutual authentication scheme based on NTRU for secure channel in OTA and an zero-knowledge proof scheme NTRU based on for protecting user information in NFC mobile payment systems without directly using private financial information of the user.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.11 no.12
• /
• pp.6188-6204
• /
• 2017

Over the years, more password-based authentication key agreement schemes using chaotic maps were susceptible to attack by off-line password guess attack. This work approaches this problem by a new method--new theorem of chaotic maps: $T_{a+b}(X)+T_{a-b}(X)=2T_a(X)T_b(X)$,(a>b). In fact, this method can be used to design two-party, three-party, even in N-party intelligently. For the sake of brevity and readability, only a two-party instance: a novel Two-party Password-Authenticated Key Agreement Protocol is proposed for resisting password guess attack in this work. Compared with the related literatures recently, our proposed scheme can be not only own high efficiency and unique functionality, but is also robust to various attacks and achieves perfect forward secrecy. For capturing improved ratio of security and efficiency intuitively, the paper firstly proposes a new parameter called security/efficiency ratio(S/E Ratio). The higher the value of the S/E Ratio, the better it is. Finally, we give the security proof and the efficiency analysis of our proposed scheme.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.6 no.2
• /
• pp.734-750
• /
• 2012

CAPTCHAs are automated tests that are there to avoid misuse of computing and information resources by bots. Typical text-based CAPTCHAs are proven to be vulnerable against malicious automated programs. In this paper, we present an image-based CAPTCHA scheme using easily identifiable human appearance characteristics that overcomes the weaknesses of current text-based schemes. We propose and evaluate two applications for our scheme involving 25 participants. Both applications use same characteristics but different classes against those characteristics. Application 1 is optimized for security while application 2 is optimized for usability. Experimental evaluation shows promising results having 83% human success rate with Application 2 as compared to 62% with Application 1.

• Journal of the Korean Society for Industrial and Applied Mathematics
• /
• v.24 no.2
• /
• pp.143-159
• /
• 2020

We propose a consistent numerical method for elliptic interface problems with nonhomogeneous jumps. We modify the discontinuous bubble immersed finite element method (DB-IFEM) introduced in (Chang et al. 2011), by adding a consistency term to the bilinear form. We prove optimal error estimates in L² and energy like norm for this new scheme. One of the important technique in this proof is the Bramble-Hilbert type of interpolation error estimate for discontinuous functions. We believe this is a first time to deal with interpolation error estimate for discontinuous functions. Numerical examples with various interfaces are provided. We observe optimal convergence rates for all the examples, while the performance of early DB-IFEM deteriorates for some examples. Thus, the modification of the bilinear form is meaningful to enhance the performance.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.9 no.5
• /
• pp.1904-1919
• /
• 2015

Deniable authentication protocol allows a sender to deny his/her involvement after the protocol run and a receiver can identify the true source of a given message. Meanwhile, the receiver has no ability to convince any third party of the fact that the message was sent by the specific sender. However, most of the proposed protocols didn't achieve confidentiality of the transmitted message. But, in some special application scenarios such as e-mail system, electronic voting and Internet negotiations, not only the property of deniable authentication but also message confidentiality are needed. To settle this problem, in this paper, we present a non-interactive identity-based deniable authenticated encryption (IBDAE) scheme using pairings. We give the security model and formal proof of the presented IBDAE scheme in the random oracle model under bilinear Diffie-Hellman (BDH) assumption.