• The Transactions of the Korea Information Processing Society
• /
• v.5 no.4
• /
• pp.984-994
• /
• 1998

In the information society, all the information is transferred through the network, so it becomes an issue to protect the data on network. One of the fundamental cryptographic tools to protect the data on network, is digital signatures, and in many countries, cryptographers have been trying to make their own digital signature standard. Also, at Crypto'89 meeting, D.Chaum suggested an undeniable signature scheme. Undeniable signatures are verified via a protocol between the signer and the verifier, so the cooperation of the signer is necessary, So far, there have been several variants of undeniable signatures to obtain a signature scheme, which can control the abuse of ordinary digital signatures.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.7 no.6
• /
• pp.1512-1532
• /
• 2013

A convertible undeniable signature requires a verifier to interact with the signer to verify a signature and furthermore allows the signer to convert a valid one to publicly verifiable signature. In 2007, Yuen et al. proposed a convertible undeniable signature without random oracles in pairings. However, it is recently shown that Yuen et al.'s scheme is not invisible for the standard definition of invisibility. In this paper, we propose a new improvement by using extended Euclidean algorithm that can overcome the visibility attack. The proposed scheme has been evaluated based on computation and communication complexities and the performance comparisons of Yuen et al.'s scheme and various convertible undeniable signature schemes are provided. Moreover, it has been observed that the proposed algorithm reduces the computation and communication times significantly.

• Review of KIISC
• /
• v.20 no.6
• /
• pp.7-16
• /
• 2010

인터넷 및 통신 기술의 발전은 사용자로 하여금 금융, 방송, 게임 등의 온라인 서비스 제공에 대한 시간 및 공간적 제한을 없애 주였지만, 다른 한편으로는 해커 등의 악의적 사용자로 인한 피해 가능성도 높이고 있다. 이를 해결하기 위한 다양한 보안 기법 가운데 하나가 OTP를 이용한 사용자 인증 방법이다. OTP는 재사용하지 않는 패스워드로서 기존 패스워드 인증 방식이 갖는 취약점을 해결할 수 있는 방식이다. 하지만 OTP 생성 단말의 도난이나 서버 해킹으로 인한 패스워드 추측공격 또는 Stolen verifier 공격 등에 취약할 수 있다. 본 논문에서는 위와 같은 문제점을 해결하기 위해서 두 가지 인증 정보 즉, 시간 기반 OTP 생성방식인 TOTP 및 패스워드를 이용하는 새로운 Two-Factor 인증 프로토콜인 POTP(Password embedded OTP)를 제안한다. 제안한 방식은 재전송 공격에 안전하며, 공격자가 OTP 생성용 디바이스를 획득하더라도 패스워드를 유추할 수 없고 서버의 인증 정보 데이터베이스를 획득하더라도 정상적인 사용자로 위장할 수 함께, 서버에서 인증 정보 보관시 연산 속도가 빠른 해쉬 함수를 이용할 수 있어 보다 효율적이다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.2
• /
• pp.267-271
• /
• 2013

Comparable encryption allows a verifier to test whether given two ciphertexts from a probabilistic public key cryptosystem are encryption of the same message without decrypting them. Recently, Yang et al. proposed such scheme and Lee et al. and Tang independently modified Yang et al.'s system to restrict the entity who can perform the verification. However, the original Yang et al.'s scheme has a flaw that enables two ciphertexts which are not encryption of the same message to pass the test. In this paper, we concretely show the faults in all three schemes considered and analyze the effect of this flaw in the use of such schemes in applications.

• The Journal of the Korea Contents Association
• /
• v.5 no.1
• /
• pp.55-63
• /
• 2005

In undeniable digital signature scheme, the signature can not be verified without the signer's cooperation. The undeniable signature scheme can be used to computerize many applications which can not be done by a conventional digital signature scheme. In this study, we propose the undeniable digital multi-signature scheme which requires many signers and designated verifier The multi-signature can be verified only in cooperation with all signers. The proposed scheme satisfies undeniable property and it is secure against active attacks such as modification and denial of the multi-signature by signers. We also propose copyright protection method of co-authored digital contents as an application of the proposed scheme.

• Proceedings of the KIEE Conference
• /
• 2005.07a
• /
• pp.510-512
• /
• 2005

This paper introduces the development of automatic system for estimation of digital relay performance. We have developed an automatic estimation system "HRV2004(Himap Relay function Verifier 2004)" for digital relay in 2004 and it has been verified in the field for one years. This paper describes the development details and field experience of HRV2004. HRV2004 can perform a series of jobs required for the relay testing in one environment and could handle most of all models of protective relay currently produced by Hyundai Heavy Industries. The functionality of this program consists of GUI of relay setting for beginner, fault record analysis and relay performance estimation. The core of this system is an automatic reporting of estimation test. If user is only click a button for relay estimation and one will received testing report to deliver customer. Additional benefit is fast response than the manual estimation. For example, the manual estimation takes spending 6 hours but this system is about 15 minutes.

• Proceedings of the Korea Society for Simulation Conference
• /
• 2002.05a
• /
• pp.61-65
• /
• 2002

These days, in order to satisfy the complex and various demands of the customers, the telecommunication networks must provide rapid and flexible services, with the support of efficient service and network management systems. To satisfy these requirements, many objects for management have been released to manage network services and elements. But there are no efficient ways to manage these newly managed objects in object-oriented software. Therefore, we study several problems, when a subsystem using object-oriented technique is implemented. The first problem is that interface works between realized application programs using its technique. The second problem is that reusability of internal managed objects is difficult. In this paper, we will point out some problems and to solve these problems, we have proposed the Object Management System (OMS) architecture, which supports a transparent interface between object-oriented applications and the distributed data repositories. Also in order to manage efficient business objects stored in the different repositories, we suggest a method for integrating dynamic information resources in heterogeneous and distributed network environments. Finally, we applied OMS to TINA(Telecommunication Information Network Architecture) domain, implemented OMS, and verified it with SMV(Symbolic Model Verifier) which is model checking technology.

• The Transactions of the Korea Information Processing Society
• /
• v.5 no.5
• /
• pp.1204-1215
• /
• 1998

In this paper, we propose a scenario representing method, a specification language, and a verification technique for OARTS(Object based Approach for Real-Time Systems). As well as the general modeling method(event trace diagram), this study includes a specification language and a verification technique because there was no study about methodological level technique for scenario development as yet. Centering around the synchronization problem of transition of external modules which are the communication interfaces based on the objects, we lay stress on the representation of sequence of external events and internal action transitions. From the results of practical experiences, it has been ascertained that the proposed method reflect well the requirements in the analysis step, and its validity of the representation has been identified by a conceptual verifier. We support that it can serve as an analyzing tool for representing a general real-time scenarios also.

• Journal of Communications and Networks
• /
• v.16 no.6
• /
• pp.592-599
• /
• 2014

Cloud computing enables users to easily store their data and simply share data with others. Due to the security threats in an untrusted cloud, users are recommended to compute verification metadata, such as signatures, on their data to protect the integrity. Many mechanisms have been proposed to allow a public verifier to efficiently audit cloud data integrity without receiving the entire data from the cloud. However, to the best of our knowledge, none of them has considered about the efficiency of public verification on multi-owner data, where each block in data is signed by multiple owners. In this paper, we propose a novel public verification mechanism to audit the integrity of multi-owner data in an untrusted cloud by taking the advantage of multisignatures. With our mechanism, the verification time and storage overhead of signatures on multi-owner data in the cloud are independent with the number of owners. In addition, we demonstrate the security of our scheme with rigorous proofs. Compared to the straightforward extension of previous mechanisms, our mechanism shows a better performance in experiments.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.11 no.9
• /
• pp.4418-4437
• /
• 2017

In this paper a three-phase secure compressive sensing (CS) and received signal strength (RSS) based target localization approach is proposed to mitigate the effect of malicious node attack. RSS measurements are first arranged into a group of subsets where the same measurement can be included in multiple subsets. Intermediate target position estimates are then produced using individual subsets of RSS measurements and the CS technique. From the intermediate position estimates, the residual error vector and residual error square vector are formed. The least median of residual error square is utilized to define a verifier parameter. The selected residual error vector is utilized along with a threshold to determine whether a node or measurement is under attack. The final target positions are estimated by using only the attack-free measurements and the CS technique. Further, theoretical analysis is performed for parameter selection and computational complexity evaluation. Extensive simulation studies are carried out to demonstrate the advantage of the proposed CS-based secure localization approach over the existing algorithms.