• Journal of Digital Convergence
• /
• v.12 no.1
• /
• pp.389-395
• /
• 2014

In a biometric signature scheme, a user's biometric key is used to sign the document. It also requires the user be authenticated with biometric recognition method, prior to signing the document. Because the biometric recognition is launched every time the signature session started, it is not suitable for electronic commerce applications such as shopping malls where large number of documents to sign are required. Therefore, to commercialize biometric based signature schemes, the new proxy signature scheme is needed to ease the burden of the signer. In the proxy signature scheme, the signer can delegate signing activities to trustful third parties. In this study, the biometric based signature delegation method is proposed. The proposed scheme is suitable for applications where a lot of signing are required. It is consisted of biometric key generation, PKI based mutual authentication, signature generation and verification protocols.

• Journal of Digital Convergence
• /
• v.11 no.9
• /
• pp.173-179
• /
• 2013

In a biometric authentication scheme, a user's biometric data that is unique to the user is used to prove the user's identity to the third party. Since the user should have to participate in every authentication sessions, it's not possible to delegate other users to authenticate instead of himself/herself. In a biometric signature scheme, contrary to authentication scheme, a user's biometric data is used to prove that "this message is signed by the signer who claims to be" to the third party. However, once the biometric key is created, it can be accessed by the signer. Thus, it's possible to lend the biometric key to other users. In this study, the server based biometric realtime signature scheme is proposed. The proposed scheme can be applied to sign the vote in electronic voting or to authenticate the copyright owner in DRM enabled mobile commerce where the proxy signatures are not allowed.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.7 no.8
• /
• pp.2010-2026
• /
• 2013

The combination of biometrics and cryptography gains a lot of attention from both academic and industry community. The noisy biometric measurement makes traditional identity based cryptosystems unusable. Also the extraction of key from biometric information is difficult. In this paper, we propose an efficient biometric identity based signature scheme (Bio-IBS) that makes use of fuzzy extractor to generate the key from a biometric data of user. The component fuzzy extraction is based on error correction code. We also prove that the security of suggested scheme is reduced to computational Diffie-Hellman (CDH) assumption instead of other strong assumptions. Meanwhile, the comparison with existing schemes shows that efficiency of the system is enhanced.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.11 no.5
• /
• pp.1670-1676
• /
• 2010

It is easy to reproduce and manipulate the digital contents. It's difficult to distinguish the original contents with a pirate one. A digital signature scheme is used to protect the contents author's ownership and to provide secure contents distribution. Generally, the digital contents is completed with many authors' help. It's necessary to apply a cryptographic method for protecting co-authors' rights and interests. In this paper, the biometric based convertible undeniable multi-signature scheme is proposed. In the proposed scheme, keys are generated by using a signer's biometric data. Consigning the private key to another signer is infeasible. Signers must participate in signature generation and verification stages. Our scheme also provides signature conversion protocol in which the undeniable signature is converted to the ordinary one. For applications, we show how the proposed scheme is used to protect co-authors' rights and to distribute the contents securely.

• The Journal of Society for e-Business Studies
• /
• v.21 no.4
• /
• pp.41-53
• /
• 2016

Today, leading smartphone manufacturers offer biometric technologies such as fingerprints, voice recognition, and iris patterns in their flagship models. These biometric technologies are used for authentication. Biometric authentications are widely used in device security and even in financial transaction. This paper examines cases where a user uses biometric authentication during financial transaction (both online and smartphone banking), and explains biometric for non-repudiation by digital signature. Finally, the paper also explains technical and legal requirements for biometric authentication in the area of financial services.

• Journal of the Korea Convergence Society
• /
• v.7 no.1
• /
• pp.49-55
• /
• 2016

In a delegate authentication, a user can lend his/her own authentication data to the third parties to let them be authenticated instead of himself/herself. The user authentication schemes based on the memory of unique data such as password, are vulnerable to this type of attack. Biometric authentication could minimize the risk of delegate authentication since it uses the biometric data unique by each person. Group authentication scheme is used to prove that each group member belongs to the corresponding group. For applications such as an electronic voting or a mobile meeting where the number of group members is changing dynamically, a new group authentication method is needed to reflect the status of group in real time. In this paper, we propose biometric authentication based dynamic group signature scheme. The proposed scheme is composed of biometric key generation, group public key creation, group signature generation, group signature verification and member update protocols. The proposed member update protocol is secure against colluding attacks of existing members and could reflect group status in real time.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.11 no.5
• /
• pp.2762-2777
• /
• 2017

A fuzzy identity based signature (FIBS) scheme allows a signer with identity ${\omega}$ to generate a signature which could be verified under identity ${\omega}^{\prime}$ if and only if ${\omega}$ and ${\omega}^{\prime}$ are within a certain distance of each other as judged by some metric. In this paper, we propose an efficient FIBS scheme from lattice assumption, which can resist quantum-computer attacks. Without using the Bonsai Tree technique, we utilize the lattice basis delegation technique to generate the private key, which has the advantage of keeping the lattice dimension invariant. We also prove that our proposed scheme is existentially unforgeable under an adaptive chosen message and identity attack in the random oracle model. Compared with existing scheme, our proposed scheme is much more efficient, especially in terms of communication overhead. Since our FIBS scheme possesses similar error-tolerance property, it can be well applied in post-quantum communication biometric authentication environments, where biometric identifiers such as fingerprints, voice, iris and gait are used in human identification.

• Proceedings of the IEEK Conference
• /
• 2002.06c
• /
• pp.131-134
• /
• 2002

As the increased use of computer, wired/wireless/mobile Internet, security in using Internet becomes a more important problem. Thus, biometric technology using physical and behavior characteristics of a person is hot issue. Many different types of biometric technologies of a person such as fingerprint, face, iris, vein, DNA, brain wave, palm, voice, dynamic signature, etc. had already been studied but remained unsuccessful because they do not meet social demands. However, recently many of these technologies have been actively revived and researchers have developed new products on various commercial fields. Dynamic signature verification technology is to verify the signer by calculating his writing manner, speed, angle, and the number of strokes, order, the down/up/movement of pen when the signer input his signature with an electronic pen for his authentication. Then signature verification system collects mentioned above various feature information and compares it with the original one and simultaneously analyzes to decide whether signature is forgery or true. The prospect of signature verification technology is very promising and its use will be wide spread in terms of economy, security, practicality, stability and convenience.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.8 no.3
• /
• pp.549-555
• /
• 2007

A digital signature scheme provides integrity of the document, authentication and non-repudiation of a signer. Usually the key for digital signature is stored in hard disk or removal disk storage. The drawback of this approach is that the signer can let the agent to sign instead of the signer by providing the key information. It can be abused in applications such as electronic election. In this paper, we propose the undeniable biometric digital multi-signature scheme suitable for applications where the signer should not make an agent sign instead of himself/herself. The undeniable multi-signature scheme requires many signers and only the designated user can confirm the authenticity of multi-signature. The proposed scheme satisfies undeniable property and it is secure against active attacks such as modification and denial of the multi-signature by signers. As the key is generated through the signer's fingerprint image, it's also secure against signing by an agent.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.7 no.1
• /
• pp.166-183
• /
• 2013

It requires a lot of costs and manpower to manage an election. The electronic voting scheme can make the election system economic and trustful. The widespread use of smart phones causes mobile voting to be a major issue. The smart phone can be used as a mobile voting platform since it can carry out many services in addition to basic telephone service. To make mobile voting practical and trustful, we analyzed two subjects of study. Firstly, the way to make a biometric based mobile ID, which has legal binding forces. In mobile voting, user identification is accomplished on line since the voter should be able to vote wherever they go. The digital ID conducts a similar role to the need for a resident card. The user's identity is bound to the resident card legally. To bind the user's identity to the smart phone, we use USIM. Biometric recognition is also needed to authenticate the user, since the user cannot prove him or her on line face-to-face. The proposed mobile ID can be reissued by means of introducing a random secret value. Secondly, the mobile voting scheme is proposed where candidates can accept election results without doubt. The goal of an election is to select a leader among two or more candidates. Existing electronic voting schemes mainly focus on the study of ballot verification accomplished by voters. These approaches are not safe against collusion attacks where candidates and the election administration center are able to collude to fabricate election results. Therefore, a new type of voting and counting method is needed where candidates can directly take part in voting and counting stages. The biometric based multi-signature scheme is used to make the undeniable multi-signed ballot. The ballot cannot be verified without the help of all candidates. If candidates accept election results without a doubt, the fairness of the election is satisfied.