• Proceedings of the Korea Multimedia Society Conference
• /
• 1998.04a
• /
• pp.205-209
• /
• 1998

시각암호는 n개로 분산된 비밀화상을 슬라이드와 같이 물리적으로 중첩 가능한 곳에 인쇄하여 그룹내 n명에게 슬라이드를 배포한 후, 임의의 k명 이상의 슬라이드를 겹치면 비밀 화상을 복원할 수 있지만, k-1명 이하의 슬라이드를 겹치는 경우에는 비밀화상을 복원할 수 없는 방식이다. 이 논문에서는 (k, n) 시각암호의 휘도(contrast)를 개선하기 위한 구성법에서 모든 경우에 동일 휘도를 유지하면서 부화소의 수를 줄이기 위한 새로운 구성법을 제안한다.

• The KIPS Transactions:PartC
• /
• v.18C no.6
• /
• pp.369-378
• /
• 2011

To ensure data confidentiality and fine-grained access control in business environment, system model using KP-ABE(Key Policy-Attribute Based Encryption) and PRE(Proxy Re-Encryption) has been proposed recently. However, in previous study, data confidentiality has been effected by decryption right concentrated on cloud server. Also, Yu's work does not consider a access privilege management, so existing work become dangerous to collusion attack between malicious user and cloud server. To resolve this problem, we propose secure system model against collusion attack through dividing data file into header which is sent to privilege manager group and body which is sent to cloud server. And we construct the model of access privilege management using AONT based XOR threshold Secret Sharing, In addition, our scheme enable to grant weight for access privilege using XOR Share. In chapter 4, we differentiate existing scheme and proposed scheme.

• The Journal of the Korea Contents Association
• /
• v.4 no.3
• /
• pp.53-60
• /
• 2004

In this paper we present user authentication and key distribution using threshold PKC(Public Key Cryptosystem), which is secure against the dictionary attack. The n servers hold a t-out-of-n sharing of the dealer's secret key. When the server authenticate a user, at least f of them cooperate they can reconstruct password verifier.

• Journal of Internet Computing and Services
• /
• v.6 no.3
• /
• pp.17-30
• /
• 2005

A PAK(Password-Authenticated Key Exchange) protocol is used as a protocol to provide both the mutual authentication and allow the communication entities to share the session key for the subsequent secure communication, using the human-memorable portable short-length password, In this paper, we propose distributed key exchange protocols applicable to a smartcard using the MTI(Matsumoto, Takashima, Imai) key distribution protocol and PAK protocol. If only one server keeps the password verification data which is used for password authentication protocol. then It could easily be compromised by an attacker, called the server-compromised attack, which results in impersonating either a user or a server, Therefore, these password verification data should be distributed among the many server using the secret sharing scheme, The Object of this paper Is to present a password-based key exchange protocol which is to allow user authentication and session key distribution, using the private key in a smartcard and a password typed by a user. Moreover, to avoid the server-compromised attack, we propose the distributee key exchange protocols using the MTI key distribution protocol, And we present the security analysis of the proposed key exchange protocol and compare the proposed protocols with the existing protocols.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.11 no.6
• /
• pp.15-26
• /
• 2001

Visual cryptography is a simple method in which secret information can be directly decoded in human visual system without any cryptographic computations. When the secret image is scattered to n random shares(slides), this scheme has some week point such as pixel expansion and contrast degradation. Therefore, it is necessary to reduce the pixel expansion and improve the contrast in recovered image. In this paper, we propose a new construction method for (k, n) visual cryptography using the cumulative matrix. In case k is odd, we can construct the cumulative matrix perfectly. For even k, the contrast of special pair in decoded image can be achieved best by permitting multiple contract. The proposed method is more simple than that of S. Droste\`s in construction and the average contrast of decoded image is improved for the most part. Also, we show that the basis matrices depending on the cumulative matrix are able to be applied for the general access structure.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• v.9 no.1
• /
• pp.323-327
• /
• 2005

본 논문에서는 홈네트워크에서 댁내의 디바이스가 제공하는 서비스에 대해 불법적인 사용을 제한하고 각 사용자 별로 허가된 권한 내에서만 서비스를 이용할 수 있게 하는 접근제어 방식을 제안한다. 기존의 중앙집중 접근제어 방식과, 분산 접근제어 방식은 홈네트워크에 적용했을 때 중앙기기의 부하집중, 비밀정보의 침해 가능성. 사용자의 불편함 등의 문제를 가지고 있다. 본 논문에서는 기존의 접근제어 방식의 문제점을 분석하고 이를 해결하기 위하여 홈네트워크에 적합한 접근제어 방식을 제안한다.

• Convergence Security Journal
• /
• v.23 no.4
• /
• pp.17-22
• /
• 2023

Traditional authentication systems typically involve users entering their username and password into a centralized identity management system. To address the inconvenience of such authentication methods, a decentralized identity authentication system based on Distributed Identifiers(DID) is proposed, utilizing decentralized identity technology. The proposed system employs QR code scanning for login, enhancing security through the use of blockchain technology to ensure the uniqueness and safety of user identities during the login process. This system utilizes DIDs and integrates the InterPlanetary File System(IPFS) to securely manage organizational members' identity information while keeping it private. Using the distributed identity authentication system proposed in this study, it is possible to effectively manage the security and personal identity of organization members. To improve the usability of the system proposed in this study, research is needed to expand it into a solution.

• Journal of Broadcast Engineering
• /
• v.20 no.1
• /
• pp.92-109
• /
• 2015

Broadcast encryption is a cryptographic primitive that allows a sender to securely broadcast a message to a set of receivers. The most influential broadcast encryption system was proposed in 2001 by Naor, Naor, Lotspiech, based on a pseudo-random generator and the Subset Difference (SD) method. In this paper, we suggest a new broadcast encryption system that is based on secret sharing and SD methods. On an efficiency aspect, our system achieves O(r) transmission cost, O($log^2n$) storage cost, and O(1) computational cost for the number n of users and the number r of revoked users. Compared to O(log n) computational cost in the previous SD method, our system has the advantage that it needs only constant-sized computational cost for decryption, regardless of the number n or r. On a security aspect, our system can achieve tighter security reduction than the previous SD method and the gap of security loss is about O(n log n). Moreover, our result shows that it is possible to give the effect of the SD method while using an information-theoretically secure key distribution technique as in the Complete Subtree method.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.37 no.4B
• /
• pp.288-299
• /
• 2012

To ensure data confidentiality and fine-grained access control in business environment, system model using KP-ABE(Key Policy-Attribute Based Encryption) and PRE(Proxy Re-Encryption) has been proposed recently. However, in previous study, data confidentiality has been effected by decryption right concentrated on cloud server. Also, Yu's work does not consider a access privilege management, so existing work become dangerous to collusion attack between malicious user and cloud server. To resolve this problem, we propose secure system model against collusion attack through dividing data file into header which is sent to privilege manager group and body which is sent to cloud server and prevent modification attack for proxy re-encryption key using d Secret Sharing, We construct protocol model in medical environment.

• Proceedings of the Korea Multimedia Society Conference
• /
• 2001.06a
• /
• pp.514-517
• /
• 2001

정보보호를 위한 공개키 기반 구조의 구축은 사용자들에게 많은 미정을 줄 수 있다. 그러나 암호 키의 분실이나 불법적인 사용 등의 문제점을 내포하고 있다. 이러한 문제점을 해결할 수 있는 기술로서 공개키 기반 구조와 연동 가능한 키 복구 기술이 있으며, 현재 많은 연구가 진행중에 있다. 기존에 제안되어 있는 방식은 인증기관에게 저장공간을 요구하거나, 인증기관과 위탁기관간의 통신량이 증가하는 문제점을 가지고 있다. 본 논문에서는 이러한 문제점을 지적하고 이를 해결하는 변형된 SE-PKI 키 복구 시스템을 제안한다.