• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2001.11a
• /
• pp.79-82
• /
• 2001

사용자와 서비스 제공자가 인증을 수행할 경우 사용자의 신원이 노출되는 문제가 사회의 큰 이슈로 떠오르고 있으며, 이러한 문제점을 해결하기 위해서 신원 위탁 방식이 제시되었다. 신원 위탁 방식에서는 사용자의 정확한 신원을 가지고 있는 발행자가 사용자에게 인증 정보를 전달하고, 사용자는 이것을 이용해 익명성을 유지한 채로 서비스 제공자와 인증 단계를 수행하게 된다. 본 논문에서는 신원 위탁 방식의 안전성과 신뢰성을 위한 새로운 요구사항을 제시하고 이를 만족할 수 있는 새로운 신원 위탁 방식을 제안한다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.5
• /
• pp.31-39
• /
• 2008

Recently, remote user authentication schemes using smart cards has been researched to provide user privacy because of increasing interest and demands. Previously, provided authentication schemes were only concerned about providing user privacy against outside attackers, but the scheme. which guarantees user privacy against both a remote server and outside attackers, has been recently demanded because the user's information has leaked out through the service providers. When the remote server perceives a user doing a malicious act, the server should be able to trace the malicious user by receiving help from a trust agency. In this paper, we suggest a scheme which not only guarantees user privacy against both a remote server and outside attackers, but also provides traceable anonymity authentication.

• Proceedings of the Korean Information Science Society Conference
• /
• 2002.10e
• /
• pp.643-645
• /
• 2002

무선인터넷에서 다양한 서비스를 지원하기 위해서는 서비스의 특성에 알맞은 지불프로토콜이 필요하다. 본 논문에서는 신용카드를 사용한 지불 프로토콜의 익명성 제공을 위한 임시사용자 인증서를 사용하여 신용카드 지불 프로토콜을 제안하였다.

• Journal of the Institute of Electronics and Information Engineers
• /
• v.50 no.6
• /
• pp.159-166
• /
• 2013

Recently, because the interest and needs in privacy protection are growing, smartcard-based remote user authentication schemes have been actively studied to provide the user anonymity. In 2008, Kim et al. first proposed an authentication scheme in order to ensure the user anonymity against both external attackers and the remote server and track malicious users with the help of a trusted trace sever. However, in 2010, Lee et al. showed that Kim et al.'s scheme cannot provide the user anonymity against remote server, which is because the server can trace users without any help of the trace server, and then proposed a improved scheme. On the other hand, in 2010, Horng et al. proposed an authentication scheme with non-tamper resistant smart cards, in which the non-tamper resistant smart card means that an attacker may find out secret information stored in the smart card through special data analysis techniques such as monitoring power consumption, to be secure against a variety of attacks and to provide the user anonymity against external attackers. In this paper, we will propose a remote user authentication scheme with non-tamper resistant smart cards not only to ensure the user anonymity against both external attackers and the remote server but also to track malicious users with only the help of a trusted trace sever.

• The Journal of the Korea Contents Association
• /
• v.9 no.2
• /
• pp.36-42
• /
• 2009

In 2005, Chien and Chen proposed a remote user authentication scheme for preserving user anonymity to conquer some problems Das et. al. schemes have. In 2007, Hu et. al. pointed out that their scheme have some problems. Therefore, they proposed a new one and claimed that their scheme overcome all of these problems. However, We will show that Hu et. al. scheme still hold some problems; it cannot resist to denial of service attack and protect the user anonymity. Hence, we propose ours and demonstrate our scheme conquer these problems.

• Proceedings of the Korean Society of Broadcast Engineers Conference
• /
• 2008.02a
• /
• pp.3-5
• /
• 2008

Peer-to-Peer 네트워크는 사용자들이 컨텐츠를 공유하고 배포하기 위한 매우 유용하고 널리 알려진 클라이언트-클라이언트 네트워크이다. 근래에 다양한 방송 컨텐츠들이 생겨나고 광고 수익을 얻기 위한 기업들의 전략과 컨텐츠를 필요로 하는 사용자들의 요구사항이 맞아 떨어지면서 새로운 수익 구조가 발생하였다. 이러한 컨텐츠를 사용자들이 공유하고 배포하기 위한 수단으로 P2P 네트워크가 가장 효과적인 방법이다. P2P 네트워크에서는 사용자들의 정보가 드러나지 않도록 익명성을 제공하는 것이 관건이다. 본 논문에서는 서로 다른 접근을 통해 익명성을 제공하는 P2P 시스템을 비교 분석하고 P2P 네트워크에서 가능한 공격들을 다루고 이를 막기 위한 대응 방법을 알아본다.

• Proceedings of the Korea Database Society Conference
• /
• 2000.11a
• /
• pp.239-248
• /
• 2000

전자화폐 시스템은 인출(withdrawal), 지불(payment) 그리고 예치(deposit)의 기본적인 과정을 수행하는데, 이러한 단계에서 사용자의 사생활(privacy)을 보호하기 위해 사용자와 사용자의 구입 내용 및 지불 내용을 연계시키지 않고 인출 단계와 지불 단계가 연결되지 않도록 기본적으로 익명성을 제공하고 있다. 하지만 이러한 완전한 익명성을 제공하므로 인해 돈 세탁, 약탈, 불법 거래와 같은 불법적인 범죄 행위들에 이용 될 수 있으며 이 때 이와 같은 범죄행위를 한 사용자와 그 돈에 대한 행방을 찾을 수가 없다. 따라서 이를 방지하기 위해 일정한 조건 아래에서 익명성을 제어하기 위한 연구들이 많이 진행되어 왔다. 본 논문에서는 DSS에 기반한 새로운 공정한 은닉 서명 방식을 제안하고 이를 전자화폐 시스템에 적용시킨다.

• The KIPS Transactions:PartC
• /
• v.12C no.3 s.99
• /
• pp.331-338
• /
• 2005

Flooding based P2P system basically provides anonymity and under the anonymity circumstances user and provider exchange information. Most of packets transferred from node to node do not contain identity information on node that sent packet. And these packets are transmitted to the destination through the routing systems dynamically composed of intermediate nodes. Therefore it is impossible to know who transmitted it for the first and who the designated recipient is. But since downloading and uploading host's IP address is exposed it does not provide anonymity. This study introduces techniques to provide anonymity for protecting identification of users and resource Providers by replacing QueryHit Packets in systems where anonymity can cause trouble.

• Journal of KIISE:Computer Systems and Theory
• /
• v.31 no.5_6
• /
• pp.353-359
• /
• 2004

The illegal copying and redistribution of digitally-stored information is a crucial problem to distributors who electronically sell digital data. Fingerprinting scheme is a techniques which supports copyright protection to track redistributors of electronic information using cryptographic techniques. Anonymous fingerprinting schemes, differ from symmetric fingerprinting, prevent the merchant from framing a buyer by making the fingerprinted version known to the buyer only. And the scheme, differ from asymmetric fingerprinting, allows the buyer to purchase goods without revealing her identity to the merchant. In this paper, a new anonymous fingerprinting scheme based on secret sharing is introduced. The merchant finds a sold version that has been distributed, and then he is able to retrieve a buyer's identity and take her to court. And Schnorr's digital signature prevents the buyer from denying the fact he redistributed. The buyer's anonymity relies on the security of discrete logarithm and secure two-party computations.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.14 no.3
• /
• pp.49-61
• /
• 2004

In broadcast encryption schemes, traceability is a useful property to trace authorized subscribers, called traitors, who collude for manufacturing a pirate decoder. Unfortunately, this is usually achieved with a sacrifice of a privacy. Most traitor tracing schemes in the literature have been developed without considering a subscriber's anonymity, which is one of important requirements for electronic marketplaces to offer similar privacy as current marketplace. It would be unsatisfactory for the subscriber to reveal his/her identity to purchase multimedia contents. In this paper we propose an anonymous broadcast encryption scheme, where a user can subscribe anonymously and one purchases multimedia contents without giving a lot of information about his lifestyle, habits, and etc, but anonymity control is provided, i.e., a data supplier can date traitors.