• Title, Summary, Keyword: 비밀분산방식

Search Result 41, Processing Time 0.031 seconds

New Construction Scheme for Improving Contrast in Visual Cryptography (시각암호의 휘도 개선을 위한 새로운 구성법)

  • 양신석;김문수;박지환
    • Journal of Korea Multimedia Society
    • /
    • v.4 no.2
    • /
    • pp.136-144
    • /
    • 2001
  • visual cryptography is a simple method in which secret information can be directly decoded in human visual system without any cryptographic computations. This scheme is a kind of secret sharing scheme in which secret of image type is distributed to n random image(we call it share). When the secret image is distributed to n shares, the original pixel is expanded as much as the size of column in basis matrix. It causes the deterioration of contrast in docoded secret image. Therefore, many researches have performed to reduce the size of pixel expansion and to improve the contrast by overlapping the row in basis matrix for (k, n) visual cryptography. In addition, we show that the proposed method can construct the (k, n) visual cryptography with multiple contrasts depending on selecting k out of n slides in a group.

  • PDF

An Efficient Secure Dissemination of XML data in Peer-to-Peer Networks (Peer-to-Peer 네트워크 상에서 XML 데이터의 효율적이고 안전한 배포 방식에 관한 연구)

  • Ko, Hyuk-Jin;Kang, Woo-Jun
    • Journal of the Korea Academia-Industrial cooperation Society
    • /
    • v.8 no.3
    • /
    • pp.528-534
    • /
    • 2007
  • As XML is becoming a standard for representation and exchange of abundant information on the Web, solutions for a secure and selective dissemination of XML data, known as SDI, are strongly demanded. Such trends are more outstanding especially in distributed heterogeneous environment such as Peer-to-Peer. Although many approaches have been proposed to provide secure and efficient SDI mechanisms, almost previous approaches have focused only on filtering with user profile and they adopt center-oriented administration approaches. It is therefore difficult to adapt them directly to the distributed Peer-to-Peer environments characterized by dynamic participation. In this paper, we develop a novel dissemination method, which makesuse of authorization policy and secret sharing scheme. It provides more secure, scalable means for XML dissemination on Peer-to-Peer networks.

  • PDF

A Novel Distributed Secret Key Extraction Technique for Wireless Network (무선 네트워크를 위한 분산형 비밀 키 추출 방식)

  • Im, Sanghun;Jeon, Hyungsuk;Ha, Jeongseok
    • The Journal of Korean Institute of Communications and Information Sciences
    • /
    • v.39A no.12
    • /
    • pp.708-717
    • /
    • 2014
  • In this paper, we present a secret key distribution protocol without resorting to a key management infrastructure targeting at providing a low-complexity distributed solution to wireless network. The proposed scheme extracts a secret key from the random fluctuation of wireless channels. By exploiting time division duplexing transmission, two legitimate users, Alice and Bob can have highly correlated channel gains due to channel reciprocity, and a pair of random bit sequences can be generated by quantizing the channel gains. We propose a novel adaptive quantization scheme that adjusts quantization thresholds according to channel variations and reduces the mismatch probability between generated bit sequences by Alice and Bob. BCH codes, as a low-complexity and pratical approach, are also employed to correct the mismatches between the pair of bit sequences and produce a secret key shared by Alice and Bob. To maximize the secret key extraction rate, the parameters, quantization levels and code rates of BCH codes are jointly optimized.

An Effective Authentication in Mobile Ad Hoc Networks (Mobile Ad Hoc Networks에서 효과적인 인증서비스)

  • Kim Yoon-Ho
    • The Journal of Society for e-Business Studies
    • /
    • v.10 no.1
    • /
    • pp.121-134
    • /
    • 2005
  • The MANET has many problems in security despite of its many advantages such as supporting the mobility of nodes, independence of the fixed infrastructure, and quick network establishment. In particular, in establishing security, the traditional certification service has many difficult problems in applying to the MANET because of its safety, expandability, and availability. In this paper, a secure and effective distributed certification service method was proposed using the Secret Sharing scheme and the Threshold Digital Signature scheme in providing certification services in the MANET. In the proposed distributed certification service, certain nodes of relatively high safety among the mobile nodes consisting of the MANET, were set as privileged nodes, from which the process of issuing a certification started. The proposed scheme solved problem that the whole network security would be damaged by the intrusion to one node in the Centralized Architecture and the Hierarchical Architecture. And it decreased the risk of the exposure of the personal keys also in the Fully Distributed Architecture as the number of the nodes containing the partial confidential information of personal keys decreased. By the network simulation, the features and availability of the proposed scheme was evaluated and the relation between the system parameters was analyzed.

  • PDF

A Transmission-Efficient Broadcast Encryption System Based on Secret Sharing Method (비밀분산 기반의 효율적인 전송량을 갖는 브로드캐스트 암호시스템)

  • Lee, Jae Hwan;Park, Jong Hwan
    • Journal of Broadcast Engineering
    • /
    • v.21 no.3
    • /
    • pp.412-424
    • /
    • 2016
  • Broadcast encryption (BE) is a cryptographic primitive that enables a sender to broadcast a message to a set of receivers in a secure channel. The efficiency of BE is measured by three factors: ciphertext transmission cost, user storage cost, and computational cost for decryption. In general, BE is applied to the environments where a large number of receivers should be accommodated, so that the transmission cost is considered as being the most important factor. In this paper, we suggest a new BE system, using Shamir's secret sharing method, which considerable reduces the transmission cost. In comparison to the previous Subset Difference (SD) system, the transmission size of our BE is longer until $r{\leq}\sqrt{n}$, but get shorter when $r{\geq}\sqrt{n}$ for number of revoked users and n number of total users. We show that the advantage can be achieved at the slight expense of both the storage and computational costs.

An Extended SAML Delegation Model Based on Multi-Agent for Secure Web Services (안전한 웹서비스를 위한 멀티 에이전트 기반의 확장된 SAML 위임 모델)

  • Kim, Kyu-Il;Won, Dong-Ho;Kim, Ung-Mo
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.18 no.4
    • /
    • pp.111-122
    • /
    • 2008
  • Web service is defined to support interoperable machine to machine interaction over a network and defined as distributed technologies. Recently in web service environment, security has become one of the most critical issues. An attacker may expose user privacy and service information without authentication. Furthermore, the users of web services must temporarily delegate some or all of their behalf. This results in the exposure of user privacy information by agents. We propose a delegation model for providing safety of web service and user privacy in ubiquitous computing environments. In order to provide safety of web service and user privacy, XML-based encryption and a digital signature mechanism need to be efficiently integrated. In this paper, we propose web service management server based on XACML, in order to manage services and policies of web service providers. For this purpose, we extend SAML to declare delegation assertions transferred to web service providers by delegation among agents.

Decentralized Group Key Management for Untrusted Dynamic Networks (신뢰할 수 없는 동적 네트워크 환경을 위한 비중앙화 그룹키 관리 기법)

  • Hur, Jun-Beom;Yoon, Hyun-Soo
    • Journal of KIISE:Information Networking
    • /
    • v.36 no.4
    • /
    • pp.263-274
    • /
    • 2009
  • Decentralized group key management mechanisms offer beneficial solutions to enhance the scalability and reliability of a secure multicast framework by confining the impact of a membership change in a local area. However, many of the previous decentralized solutions reveal the plaintext to the intermediate relaying proxies, or require the key distribution center to coordinate secure group communications between subgroups. In this study, we propose a decentralized group key management scheme that features a mechanism allowing a service provider to deliver the group key to valid members in a distributed manner using the proxy cryptography. In the proposed scheme, the key distribution center is eliminated while data confidentiality of the transmitted message is provided during the message delivery process. The proposed scheme can support a secure group communication in dynamic network environments where there is no trusted central controller for the whole network and the network topology changes frequently.

Secure Access Control Scheme for CCTV Video Management (CCTV영상 관리를 위한 안전한 접근 제어 방안 연구)

  • Lee, Jae-Seung;Kim, Hyung-Joo;Jun, Moon-Seog
    • Proceedings of the Korea Information Processing Society Conference
    • /
    • /
    • pp.534-536
    • /
    • 2014
  • CCTV의 다양한 필요성이 대두됨에 따라 CCTV를 통합관리하는 CCTV 통합관제 센터가 늘어나고 있다. 행정안전부는 2015년까지 전국 시군구에 CCTV 통합관제센터 구축을 추진하고 있을 정도로 앞으로도 계속적으로 증가할 예정이다. 하지만 이를 관리할 전문 모니터링 요원이 턱없이 부족한 상황이며, 전문 교육의 부재로 CCTV 영상을 개인적 호기심이나 개인의 이익을 위해 열람하는 경우가 발생하고 있다. 본 논문을 비밀 분산 기법을 이용하여 암호화된 키를 분배하고 요청에 따라 일정 수 이상의 분배키가 모이면 영상 열람권한을 주는 방식으로 설계 하여 관리자가 임의로 영상정보에 접근하는 상황을 방지하였다. 또한 그룹 키를 분배하고 수시로 키 갱신을 함으로서 다양한 보안 위협에 대응 하였다.

A Design of Permission Management System Based on Group Key in Hadoop Distributed File System (하둡 분산 파일 시스템에서 그룹키 기반 Permission Management 시스템 설계)

  • Kim, Hyungjoo;Kang, Jungho;You, Hanna;Jun, Moonseog
    • KIPS Transactions on Computer and Communication Systems
    • /
    • v.4 no.4
    • /
    • pp.141-146
    • /
    • 2015
  • Data have been increased enormously due to the development of IT technology such as recent smart equipments, social network services and streaming services. To meet these environments the technologies that can treat mass data have received attention, and the typical one is Hadoop. Hadoop is on the basis of open source, and it has been designed to be used at general purpose computers on the basis of Linux. To initial Hadoop nearly no security was introduced, but as the number of users increased data that need security increased and there appeared new version that introduced Kerberos and Token system in 2009. But in this method there was a problem that only one secret key can be used and access permission to blocks cannot be authenticated to each user, and there were weak points that replay attack and spoofing attack were possible. Hence, to supplement these weak points and to maintain efficiency a protocol on the basis of group key, in which users are authenticated in logical group and then this is reflected to token, is proposed in this paper. The result shows that it has solved the weak points and there is no big overhead in terms of efficiency.

2-Subset Difference Broadcast Encryption System Based on Secret Sharing Method (비밀분산 기반의 2-Subset Difference 브로드캐스트 암호시스템)

  • Lee, Jae Hwan;Park, Jong Hwan
    • Journal of Broadcast Engineering
    • /
    • v.20 no.4
    • /
    • pp.580-597
    • /
    • 2015
  • Broadcast encryption system is a cryptographic primitive that enables a sender to broadcast a message to a set of receivers in a secure channel. Out of previous proposed broadcast encryption systems, the most effective is the one that uses the Subset Difference(SD) method in a binary tree structure. The SD method has been realized by two underlying approaches: Pseudo-Random Generator(PRG) and Secret Sharing(SS). 2-SD method is the generalized version of the SD method by which two subsets of revoked receivers can be dealt with by one subset (in an SD-based broadcast encryption system). The primary advantage of the 2-SD method is to further reduce the size of transmission overhead, compared to the SD method. Until now, however, there is no known broadcast encryption system that is based on such a 2-SD technique using either PRG or SS basis. In this paper, we suggest a new 2-SD broadcast encryption system using the SS-based technique that was suggested by Jae Hwan Lee et al. in 2014[9]. The new system can reduce the size of ciphertext by 25% of the one in the previous SS-based broadcast encryption system. Also, on a theoretical note, ours is the first 2-SD broadcast encryption system that is provably secure.