• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.16 no.2
• /
• pp.3-12
• /
• 2006

The spread of mobile devices, PDAs and sensors has enabled the construction of ubiquitous computing environments, transforming regular physical spaces into 'smart space' augmented with intelligence and enhanced with services. However, unless privacy concerns are taken into account early in the design process of various ubiquitous devices(e.g. mobile devices, PDAs, sensors, etc.). we will end up crating ubiquitous surveillance infrastructure. Also, it may inappropriate to use public key techniques for computational constrained devices in ubiquitous computing environment. In this paper, we propose efficient user authentication and ky agreement protocol not only to preserve anonymity for protecting personal privacy but also to be suitable for computational constrained devices in ubiquitous computing environments.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.2
• /
• pp.317-326
• /
• 2012

Internet service provider is able to collect personal information to prevent the violations of the rights of service providers and customers using internet. But there are still many debates going on between a personal privacy and a regulation. Proxy servers are used in various technical purposes include bypass access. Although the proxy server users are increasing but there are not any proper institutional mechanisms and regulations to protect users. In this study, we discuss the two sides of a proxy service includes its privacy protection function and the cyber-crime threat and propose supplementary measures to mediate between the interests of public and private.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.6
• /
• pp.1231-1242
• /
• 2012

Traitor tracing schemes deter traitors from sharing their private keys by tracing at least one of the subscribers who were implicated in the construction of a pirate decoder. In general, it is assumed that the system manager in the scheme generates and distributes the subscribers' private key. But if the system manager knows the subscribers' private keys, he cannot convince a third party of a certain subscriber's piracy. To solve this problem, the system manager should not know the whole parts of subscribers' private keys and this leads to researches of asymmetric schemes. Moreover for the purpose of enhancing subscribers' privacy, there were two proposals of introducing anonymity onto asymmetric traitor tracing schemes, but one of them turned out to be a failure. In this paper, we point out that the other proposal also has flaws. We consider how to introduce anonymity to traitor tracing schemes, as a result, we suggest a new framework which is practical. We also construct a scheme by using an anonymous credential system and an asymmetric traitor tracing scheme. We prove the security of our scheme and consider the typical applications.

• Journal of the Korea Society for Simulation
• /
• v.15 no.1
• /
• pp.77-85
• /
• 2006

The cost of downloading content from the Internet may be costly for mobile device users using its 3G connection, because the 3G connection cost to download data from the Internet is a function of the amount of data downloaded. This paper introduces an approach in which mobile devices, called peers, form an ad hoc network and share their downloaded content with others. As an example, spectators may want to collect/share information about players and game records in a stadium. In an art gallery, visitors may want to retrieve some background information about the displayed work from the nearby ad hoc network. In an outdoor class, a teacher may download today's topic files from the Internet, and all students may share the content with minimal or no cost paid. This is possible if mobile device has both a 3G interface and a wireless LAN interface. If the peers want to improve privacy md discourage traffic analysis when sharing content, this paper describes a low-delay anonymous connection between the sending peer and the receiving peer using two additional peers. Simulation results show that the transmission time overhead of the anonymous connection may increase 50% or less as the number of peers increase or the peers are scattered over the larger area.

• The KIPS Transactions:PartD
• /
• v.12D no.3 s.99
• /
• pp.499-506
• /
• 2005

A hash chain is a structure organized by hash function with high speed in computation. Systems using the hash chain are using extensively in various cryptography applications such as one-time passwords, server-supported signatures and micropayments. However, the most hash chain based on the system using pre-paid method provides anonymity but has the problem to increase payment cost. In this paper, we propose a new hash chain based on the micropayment system to keep user anonymity safe through blind signature in the withdrawal process of the root value without disclosing privacy information, and to improve efficiency by using secret key instead of public key in the system without the role of certificate.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2017.10a
• /
• pp.571-572
• /
• 2017

The blockchain technology that implements electronic money uses decentralized computing and all transactions in a blockchain are open to everyone. This technique seems to guarantee anonymity by performing the transaction on the address instead of the user, but by using direction acyclic graph based on the transaction graph, the privacy problem is caused by tracking the addresses. In this paper, we analyze various techniques for centralized processing which makes it difficult to find the relevance on the graph in order to protect the privacy in the block chain technology. We also analyze the techniques of anonymizing in a distributed way to enhance privacy. Using the zero knowledge proof scheme guarantees full distributed anonymity but requires more computation and storage space, and various techniques to make this efficient are proposed. In this paper, we propose a privacy protection scheme of blockchain technology to integrate existing privacy protection techniques into a blockchain technology and perform it more efficiently with a centralized or decentralized technique.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.19 no.5
• /
• pp.3-15
• /
• 2009

The short group signature introduced by Boneh et al. is one of famous anonymous signature schemes. However, for applying it to the real applications, several restrictions should be considered. The perfect anonymity of users, which is given by group signatures, prevents service providers to provide certain services or resources. For this reason, the local linkability which reduces the anonymity of users has to be provided to the service providers. In addition, the group signature keys, which are one-sidedly assigned from a group manager, cannot support the strong exculpability of users. Hence, the short group signature has to be modified for supporting the strong exculpability. In this paper, we perform a study on the use of the short group signature by proposing a few methods for supporting those two properties.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.14 no.1
• /
• pp.3-13
• /
• 2004

E-Commerce is suddenly spreading in a daily life. A rights trading system is a system that circulates digital-tickets such as plane tickets, software license, coupon. There are two main approaches so far account-based and smart-card based systems. The NTT Proposed FlexToken, a new smart card based copy prevention scheme for digital rights. They Proposed using pseudonymous self certified keys of Petersen and Horster in order to ensure anonymity of users. However. Petersen and Holster's scheme should register a pseudonymous key pair at TTP (One-time) every time so that users create the signature which is satisfied with unlinkability property In this paper, we propose a new anonymous rights trading system using group signature. This paper has a meaning having applied to digital rights trading system an efficient smart card based group signature.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.5
• /
• pp.181-195
• /
• 2011

There's a controversy about an invasion of privacy which includes a leakage of private information and linking of user's behavior on internet. Although many solutions for this problem are proposed, we think anonymous authentication, authorization, and payment mechanism is the best solution for this problem. In this paper, we propose an effective anonymity-based method that achieves not only authentication but also authorization. Our proposed method uses anonymous qualification certificate and group signature method as an underlying primitive, and combines anonymous authentication and qualification information. An eligible user is legitimately issued a group member key pair through key issuing process and issued some qualification certificates anonymously, and then, he can take the safe and convenience web service which supplies anonymous authentication and authorization. The qualification certificate can be expanded according to application environment and it can be used as payment token.

• Journal of the Institute of Electronics Engineers of Korea CI
• /
• v.42 no.4 s.304
• /
• pp.25-32
• /
• 2005

The spread of mobile devices, PDAs and sensors has enabled the construction of ubiquitous computing environments, transforming regular physical spaces into 'Smart space' augmented with intelligence and enhanced with services. However, the deployment of this computing paradigm in real-life is disturbed by poor security, particularly, the lack of proper authentication and authorization techniques. Also, it is very important not only to find security measures but also to preserve user privacy in ubiquitous computing environments. In this Paper, we propose efficient user authentication and authorization model with anonymity for the privacy-preserving for ubiquitous computing environments. Our model is suitable for distributed environments with the computational constrained devices by using MAC-based anonymous certificate and security association token instead of using Public key encryption technique. And our Proposed Protocol is better than Kerberos system in sense of cryptographic computation processing.