• Journal of KIISE:Information Networking
• /
• v.37 no.5
• /
• pp.327-338
• /
• 2010

Complete Subtree scheme(CS) is a well known broadcast encryption scheme to perform group rekeying in a stateless manner. However, statelessness comes at a cost in terms of storage and message overhead in transmitting key material. We propose a Merged Complete Subtree scheme(MCS) to reduce the communication overhead. It is more practical to make broadcast encryption schemes in network environments with limited bandwidth resources. We define all possible subset unions for ever two subsets of CS as new subsets having own key. The modification causes more storage overhead. Nevertheless, it is possible to make the size of a header, including key materials, half using subset unions of MCS, because the size of a header depends on the number of used subsets. Our evaluation therefore shows that the proposed scheme significantly improves the communication overhead of CS, reducing by half the rekey communication cost. The proposed scheme has the advantage of rekey communication cost when the number of revoked users is significant percentage of the number of potential users. The proposed scheme is fully collusion resistant.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2007.06a
• /
• pp.799-802
• /
• 2007

Broadcast encryption has been applied to transmit digital information such as multimedia, software and paid TV programs on the open networks. This paper presents a method called Traitor Tracing to solve all these problems. Traitor tracing can check attackers and trace them. It also utilizes a proactive way for each user to have effective renewal cycle to generate keys.

• Journal of Broadcast Engineering
• /
• v.19 no.4
• /
• pp.502-509
• /
• 2014

Broadcast encryption is a cryptographic primitive that allows a sender to securely transmit a message to a set of receivers. The most influential broadcast encryption system was proposed in 2001 by Naor, Naor, Lotspiech, based on binary trees and the Subset Difference (SD) method. In 2006, Jang, Nyang, and Song suggested a new broadcast encryption system that can reduce transmission rate by 50% compared to the SD method, by introducing the so-called '2-SD' method. Their result was later given the registration of a patent in Korea (registration number: 100879083). Unfortunately, however, this paper shows that Jang et. al.'s broadcast encryption system is not secure against collusion attacks that are considered as being the basic security requirement in designing broadcast encryption.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.11 no.2
• /
• pp.301-308
• /
• 2007

In this paper, we propose a new efficient multi-receiver identity-based encryption scheme from Bilinear Pairing. The proposed scheme eliminates pairing computation to encrypt a message for multiple receivers and only need one pairing computation to decrypt the ciphertext. Moreover, we show how to properly transform our scheme into a highly efficient stateless public key broadcast encryption scheme based on the subset-cover framework.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.12 no.5
• /
• pp.863-869
• /
• 2008

In this paper, a system with sensor network security mechanism which can be applied to home network structure is designed and it is implemented on a virtual network of a home network middleware. The basic structure of home networking middleware supports one-to-one (unicast) or broadcast communication mode between the lookup server and service nodes on the network. Confidentiality and authentication are key security factors of the one-to-one communication and user authentication is crucial for broadcasting mode. One of the sensor network's security techniques SPINS consists of SNEP and ${\mu}TESLA$. The SNEP ensures confidentiality and authentication, and ${\mu}TESLA$ provides broadcast authentication. We propose a SPIN based home network middleware and it is implemented by using the CBC-MAC for MAC generation, the counter mode (CTR) for message freshness, the pseudo random function (PRF) and RC5 as encryption algorithm. The implementation result shows that an attacker cannot decrypt the message though he gets the secure key because of CTR mode. In addition, we confirmed that a received message of the server is authenticated using MAC.

• Journal of Advanced Navigation Technology
• /
• v.12 no.1
• /
• pp.34-45
• /
• 2008

Broadcast encryption schemes are applied to transmit digital informations of multimedia, software, Pay-TV etc. in public network. User acquires message or session key to use key that broadcaster transmits, broadcaster need process that generation and distribution key in these process. Also, user secession new when join efficient key renewal need. In this paper, introduce about efficient key generation and distribution, key renewal method. The temporary conference environment base structure against an each mobile device wild gap. Without the transmission possible, it follows infrequent location change and with the quality where the key information change flow. Thus, in this paper, in order to apply to the embedded computing environment and the key generation and the efficient key renewal are done when the mobile device is used of the specify space it proposes.

• Journal of Korea Multimedia Society
• /
• v.14 no.6
• /
• pp.775-784
• /
• 2011

In this paper we introduce the notion of multi-receiver certificateless encryption that avoids the inherent key escrow problem of multi-receiver identity-based encryption, and also present a highly efficient multi-receiver certificateless encryption scheme which eliminates pairing computation to encrypt a message for multiple receivers, Moreover, the proposed scheme only needs one pairing computation to decrypt the ciphertext. Finally, we discuss how to properly transform our scheme into a new public key broadcast encryption scheme for stateless receivers based on the subset-cover framework, which enjoys the advantages of certificateless cryptography.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.17 no.2
• /
• pp.19-27
• /
• 2007

Broadcasting contents protection system for HDTV has many difficult to apply file encryption technology that using the existing DRM systems. Therefore, this system has to be processed as accommodative about broadcasting contents format such as TS and PS and so on. Also, this system must support efficient encryption technology and random access mode. In addition, this system must have suitable key distribution mechanism in broadcasting environment. In this paper, we propose and implement encryption/key distribution scheme applicable to encoder/decoder without changing the existing MPEG system.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.11 no.5
• /
• pp.31-42
• /
• 2001

Two important requirements in broadcast encryption schemes are traitor traceability and revocability. In this paper, we propose a new type of a traitor tracing scheme that can revoke an unlimited number of traitors\` personal keys. Additionally, we propose an efficient and simple method to provide self-enforcement property. We also describe a variant of our scheme of which encryption algorithm is secure against adaptive chosen ciphertext attacks.

• Journal of Broadcast Engineering
• /
• v.20 no.1
• /
• pp.92-109
• /
• 2015

Broadcast encryption is a cryptographic primitive that allows a sender to securely broadcast a message to a set of receivers. The most influential broadcast encryption system was proposed in 2001 by Naor, Naor, Lotspiech, based on a pseudo-random generator and the Subset Difference (SD) method. In this paper, we suggest a new broadcast encryption system that is based on secret sharing and SD methods. On an efficiency aspect, our system achieves O(r) transmission cost, O($log^2n$) storage cost, and O(1) computational cost for the number n of users and the number r of revoked users. Compared to O(log n) computational cost in the previous SD method, our system has the advantage that it needs only constant-sized computational cost for decryption, regardless of the number n or r. On a security aspect, our system can achieve tighter security reduction than the previous SD method and the gap of security loss is about O(n log n). Moreover, our result shows that it is possible to give the effect of the SD method while using an information-theoretically secure key distribution technique as in the Complete Subtree method.