• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제7권1호
• /
• pp.119-131
• /
• 2013

With the explosive growth of computer networks, many remote service providing servers and multi-server network architecture are provided and it is extremely inconvenient for users to remember numerous different identities and passwords. Therefore, it is important to provide a mechanism for a remote user to use single identity and password to access multi-server network architecture without repetitive registration and various multi-server authentication schemes have been proposed in recent years. Recently, Tsaur et al. proposed an efficient and secure smart card based user authentication and key agreement scheme for multi-server environments. They claimed that their scheme satisfies all of the requirements needed for achieving secure password authentication in multi-server environments and gives the formal proof on the execution of the proposed authenticated key agreement scheme. However, we find that Tsaur et al.'s scheme is still vulnerable to impersonation attack and many logged-in users' attack. We propose an extended scheme that not only removes the aforementioned weaknesses on their scheme but also achieves user anonymity for hiding login user's real identity. Compared with other previous related schemes, our proposed scheme keeps the efficiency and security and is more suitable for the practical applications.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제10권5호
• /
• pp.2407-2426
• /
• 2016

A group signature scheme allows any member to sign on behalf of a group. It is applied to practical distributed security communication environments, such as privacy-preserving, data mining. In particular, the excellent features of group signatures, including membership joining and revocation, anonymity, traceability, non-frameability and controllable linkability, make group signature scheme more attractive. Among these features, non-frameability can guarantee that a member's signature cannot be forged by any other (including issuer), and controllable linkability supports to confirm whether or not two group signatures are created by the same signer while preserving anonymity. Until now, only Hwang et al.'s group schemes (proposed in 2013 and 2015) can support all of these features. In this paper, we present a new dynamic group signature scheme which can achieve all of the above excellent features. Compared with their schemes, our scheme has the following advantages. Firstly, our scheme achieves more efficient membership revocation, signing and verifying. The cost of update key in our scheme is two-thirds of them. Secondly, the tracing algorithm is simpler, since the signer can be determined without the judging step. Furthermore, in our scheme, the size of group public key and member's private key are shorter. Lastly, we also prove security features of our scheme, such as anonymity, traceability, non-frameability, under a random oracle model.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제8권11호
• /
• pp.4226-4241
• /
• 2014

Cloud storage provides an easy, cost-effective and reliable way of data management for users without the burden of local data storage and maintenance. Whereas, this new paradigm poses many challenges on integrity and privacy of users' data, since users losing grip on their data after outsourcing the data to the cloud server. In order to address these problems, recently, Worku et al. have proposed an efficient privacy-preserving public auditing scheme for cloud storage. However, in this paper, we point out the security flaw existing in the scheme. An adversary, who is on-line and active, is capable of modifying the outsourced data arbitrarily and avoiding the detection by exploiting the security flaw. To fix this security flaw, we further propose a secure and efficient privacy-preserving public auditing scheme, which makes up the security flaw of Worku et al.'s scheme while retaining all the features. Finally, we give a formal security proof and the performance analysis, they show the proposed scheme has much more advantages over the Worku et al.'s scheme.

• 디지털산업정보학회논문지
• /
• 제4권2호
• /
• pp.57-66
• /
• 2008

There have been proposed various copyright protection protocols in network-based digital multimedia distribution framework. However, most of conventional copyright protection protocols are focused on the stability of copyright information embedding/extracting and the access control to data suitable for user's authority but overlooked the privacy of copyright owner and user in authentication process of copyright and access information. In this paper, we propose a solution that builds a privacy-preserving proof of copyright ownership of digital contents in conjunction with keyword search scheme. The appeal of our proposal is three-fold: (1) content providers maintain stable copyright ownership in the distribution of digital contents; (2) the proof process of digital contents ownership is very secure in the view of preserving privacy; (3) the proposed protocol is the copyright protection protocol added by indexing process but is balanced privacy and efficiency concerns for its practical use.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제5권12호
• /
• pp.2392-2402
• /
• 2011

In order to protect some important information communicated through an insecure network, a common hidden key must be used. One can produce the common hidden key using key agreement protocols; and this helps to have high security in modern data networks. Today, the designers of public key cryptography protocols try to set the public identity of a system's users (like their email addresses) as their public key. This not only makes a cryptographic protocol more efficient but also decreases its cost. These protocols are called "identity-based". In this article, an identity-based multiple key agreement scheme will be presented; this scheme uses the challenge-response method to do the verification. While the number of random values produced in our scheme is the same as other schemes, the number of keys generated in this scheme is much more than what many other key agreement schemes produce,. Therefore, we will have less computational complexities campered with other schems. In this paper, we consider the security of our scheme and consequently, we will show that it satisfies many security conditions such as strong security.

• 정보처리학회논문지:컴퓨터 및 통신 시스템
• /
• 제2권3호
• /
• pp.133-142
• /
• 2013

최근 스마트 기기는 결제, 할인쿠폰 등 각종 기능을 제공하는 수단으로 진화되면서 통신과 금융이 융합된 모바일 NFC 서비스의 시장이 급성장할 것으로 전망되고 있다. 특히 모바일 NFC 결제 서비스 시장의 활성화가 예상됨에 따라 모바일 NFC 결제 서비스는 국내 외적으로 널리 주목받고 있다. 하지만 이에 따른 NFC 기술 활용 증가로 개인정보 이용이 늘면서 침해요소 또한 증가하고 있다. 최근 한국인터넷진흥원에서 발표한 "NFC 개인정보보호 대책 최종보고서"에 따르면 개인정보 암호화를 부분적으로 미지원하거나 불필요한 개인정보의 과도한 수집 및 저장 등이 문제점으로 제기되었으며 Google사의 Google Wallet 서비스의 개인정보 유출 사고 또한 이러한 문제점을 뒷받침하는 근거가 되고 있다. 본 논문에서는 기존에 서비스되고 있는 NFC 모바일 결제 서비스 상에서 결제정보의 이동 경로 별 결제 기술의 위협을 분석하고 OTA(Over the Air) 상에서 안전한 정보교환을 위한 NTRU 기반 상호인증 기법과 사용자와 은행 간의 결제 단계에서 결제정보를 직접적으로 사용하지 않고 결제자를 증명할 수 있는 NTRU기반 영지식 증명 기법에 대해 제안한다.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제11권12호
• /
• pp.6188-6204
• /
• 2017

Over the years, more password-based authentication key agreement schemes using chaotic maps were susceptible to attack by off-line password guess attack. This work approaches this problem by a new method--new theorem of chaotic maps: $T_{a+b}(X)+T_{a-b}(X)=2T_a(X)T_b(X)$,(a>b). In fact, this method can be used to design two-party, three-party, even in N-party intelligently. For the sake of brevity and readability, only a two-party instance: a novel Two-party Password-Authenticated Key Agreement Protocol is proposed for resisting password guess attack in this work. Compared with the related literatures recently, our proposed scheme can be not only own high efficiency and unique functionality, but is also robust to various attacks and achieves perfect forward secrecy. For capturing improved ratio of security and efficiency intuitively, the paper firstly proposes a new parameter called security/efficiency ratio(S/E Ratio). The higher the value of the S/E Ratio, the better it is. Finally, we give the security proof and the efficiency analysis of our proposed scheme.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제6권2호
• /
• pp.734-750
• /
• 2012

CAPTCHAs are automated tests that are there to avoid misuse of computing and information resources by bots. Typical text-based CAPTCHAs are proven to be vulnerable against malicious automated programs. In this paper, we present an image-based CAPTCHA scheme using easily identifiable human appearance characteristics that overcomes the weaknesses of current text-based schemes. We propose and evaluate two applications for our scheme involving 25 participants. Both applications use same characteristics but different classes against those characteristics. Application 1 is optimized for security while application 2 is optimized for usability. Experimental evaluation shows promising results having 83% human success rate with Application 2 as compared to 62% with Application 1.

• Journal of the Korean Society for Industrial and Applied Mathematics
• /
• 제24권2호
• /
• pp.143-159
• /
• 2020

We propose a consistent numerical method for elliptic interface problems with nonhomogeneous jumps. We modify the discontinuous bubble immersed finite element method (DB-IFEM) introduced in (Chang et al. 2011), by adding a consistency term to the bilinear form. We prove optimal error estimates in L² and energy like norm for this new scheme. One of the important technique in this proof is the Bramble-Hilbert type of interpolation error estimate for discontinuous functions. We believe this is a first time to deal with interpolation error estimate for discontinuous functions. Numerical examples with various interfaces are provided. We observe optimal convergence rates for all the examples, while the performance of early DB-IFEM deteriorates for some examples. Thus, the modification of the bilinear form is meaningful to enhance the performance.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제9권5호
• /
• pp.1904-1919
• /
• 2015

Deniable authentication protocol allows a sender to deny his/her involvement after the protocol run and a receiver can identify the true source of a given message. Meanwhile, the receiver has no ability to convince any third party of the fact that the message was sent by the specific sender. However, most of the proposed protocols didn't achieve confidentiality of the transmitted message. But, in some special application scenarios such as e-mail system, electronic voting and Internet negotiations, not only the property of deniable authentication but also message confidentiality are needed. To settle this problem, in this paper, we present a non-interactive identity-based deniable authenticated encryption (IBDAE) scheme using pairings. We give the security model and formal proof of the presented IBDAE scheme in the random oracle model under bilinear Diffie-Hellman (BDH) assumption.