• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2003.12a
• /
• pp.643-648
• /
• 2003

대리 서명 방식은 전자서명 방식의 한 응용분야로써 1996년 Mambo［1］에 의하여 처음으로 제안되었으며, 이후 다양한 특성을 갖는 Schnorr 서명 기반 대리 서명들이［2,3］에서 제안되었다. 특히 B.Lee［3］은 대리 서명키의 오용을 막을 수 있는 강한 대리 서명기법(Strong Proxy Signature Scheme, SPSS)을 제시하였다. 그러나 이 기법에 대하여［6］은 서명위조 공격에 안전하지 않음을 기술하였다. 본 논문에서는 이와 같은 공격을 피할 수 있도록 방법을 제시하면서 더불어 이를 응용한 대리은닉 서명(proxy blind signature)을 제안한다.

• The Journal of the Korea Contents Association
• /
• v.6 no.12
• /
• pp.12-20
• /
• 2006

In this paper, we propose electronic payment protocol using GDHP blind signature scheme to activate e-business in the wire/wireless integrated environment. The protocol applied elliptic curve algorithm on the GDHP base and improved the efficiency of the existing blind signature technique on the basis of communication frequency and calculation number. And the protocol accelerated speed and strengthened safety against man-in-the-middle attacks and forward secrecy because the certification between individuals is performed by the session key created by Weil paring using elliptic curve cryptosystem in the limited entity $F_q$ instead of the certification used in the existing PayWord protocol.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.9 no.10
• /
• pp.4250-4267
• /
• 2015

Although many revocable group signature schemes has been proposed in vehicular ad hoc networks (VANETs), the existing schemes suffer from long computation delay on revocation that they cannot adapt to the dynamic VANETs. Based on Chinese remainder theorem and Schnorr signature algorithm, this paper proposes an efficient revocable group signature scheme in VANETs. In the proposed scheme, it only need to update the corresponding group public key when a member quits the group, and in the meanwhile the key pairs of unchanged group members are not influenced. Furthermore, this scheme can achieve privacy protection by making use of blind certificates. Before joining to the VANETs, users register at local trusted agencies (LTAs) with their ID cards to obtain blind certificates. The blind certificate will be submitted to road-side units (RSUs) to verify the legality of users. Thus, the real identities of users can be protected. In addition, if there is a dispute, users can combine to submit open applications to RSUs against a disputed member. And LTAs can determine the real identity of the disputed member. Moreover, since the key pairs employed by a user are different in different groups, attackers are not able to track the movement of users with the obtained public keys in a group. Furthermore, performance analysis shows that proposed scheme has less computation cost than existing schemes.

• Proceedings of the Korea Database Society Conference
• /
• 2000.11a
• /
• pp.239-248
• /
• 2000

전자화폐 시스템은 인출(withdrawal), 지불(payment) 그리고 예치(deposit)의 기본적인 과정을 수행하는데, 이러한 단계에서 사용자의 사생활(privacy)을 보호하기 위해 사용자와 사용자의 구입 내용 및 지불 내용을 연계시키지 않고 인출 단계와 지불 단계가 연결되지 않도록 기본적으로 익명성을 제공하고 있다. 하지만 이러한 완전한 익명성을 제공하므로 인해 돈 세탁, 약탈, 불법 거래와 같은 불법적인 범죄 행위들에 이용 될 수 있으며 이 때 이와 같은 범죄행위를 한 사용자와 그 돈에 대한 행방을 찾을 수가 없다. 따라서 이를 방지하기 위해 일정한 조건 아래에서 익명성을 제어하기 위한 연구들이 많이 진행되어 왔다. 본 논문에서는 DSS에 기반한 새로운 공정한 은닉 서명 방식을 제안하고 이를 전자화폐 시스템에 적용시킨다.

• Journal of Information Processing Systems
• /
• v.13 no.4
• /
• pp.970-986
• /
• 2017

Certificateless public key cryptography (CL-PKC) is a new benchmark in modern cryptography. It not only simplifies the certificate management problem of PKC, but also avoids the key escrow problem of the identity based cryptosystem (ID-PKC). In this article, we propose a certificateless blind signature protocol which is based on elliptic curve cryptography (CLB-ECC). The scheme is suitable for the wireless communication environment because of smaller parameter size. The proposed scheme is proven to be secure against attacks by two different kinds of adversaries. CLB-ECC is efficient in terms of computation compared to the other existing conventional schemes. CLB-ECC can withstand forgery attack, key only attack, and known message attack. An e-cash framework, which is based on CLB-ECC, has also been proposed. As a result, the proposed CLB-ECC scheme seems to be more effective for applying to real life applications like e-shopping, e-voting, etc., in handheld devices.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.9 no.1
• /
• pp.103-114
• /
• 1999

Recently, various prototypes for electronic commerce are realized and its related researches are active under the present condition which it is increasing for the reality of its extended applications. First of all, actual demands are increasing for more secure and efficient electronic payment systems. Electronic cash, one of the Electronic payment systems, must have several properties like real money. Blind signature scheme by D. Chaum stands for the methods of obtaining privacy. In this paper, we propose a method for obtaining the blind signature based on the Elliptic Curve Cryptosystems, where the crytosystems are known as solving some problems of conventional crytosystems in views of computation time and key space. Also, we present a method for the divisibility of the electronic cash using our proposal by re-signing spare cash. Thus applying the proposed method, we can develop an efficient electronic payment systems.

• Proceedings of the Korean Information Science Society Conference
• /
• 2001.04a
• /
• pp.847-849
• /
• 2001

전자현금(Electronic Cash)이나 전자투표(Electornic Vote)에의 응용을 목적으로 Chaum에 의해 처음으로 RSA 기반의 은닉서명(Blind Signature) 개념을 제안하였다[1]. 휴대폰, 스마트카드와 같은 작은 용량의 메모리와 연산 능력을 가진 장치에서는 연산량이 작은 은닉서명 프로토콜을 필요로 한다. 본 논문에서는 사전계산과 효율적인 이차잉여 선택 방법을 이용하여 Rabin 기반 전자서명 방법에 은닉서명 개념을 도입하여 효율적인 Rabin 기반의 은닉 서명 프로토콜을 제안한다.

• Journal of Digital Convergence
• /
• v.11 no.5
• /
• pp.291-298
• /
• 2013

Metering scheme is composed of servers, clients, and an audit agency who collects the information for the clients which have been processed by servers. Although many efficient and secure metering schemes have been proposed in the literature, they do not consider the client privacy issue. To mitigate this limitation of the related work, we propose a metering scheme to protect the privacy of clients in internet. More specifically, we apply RSA based blind signature to the interaction between client and audit agency. If a client spends metering information to the server more than twice, the identity of the client is revealed by the server or audit agency.

• Journal of the Chungcheong Mathematical Society
• /
• v.20 no.4
• /
• pp.355-366
• /
• 2007

In this paper, we propose a new blind group identification protocol and a hidden group signature protocol as its application. These protocols involve many provers and one verifier such that (1) the statement of all the provers are proved simultaneously, (2) and also all the provers using computationally limited devices (e.g. smart cards) have no need of computing the bilinear pairings, (3) but only the verifier uses the bilinear pairings. A. Saxena et al. proposed a two-round blind (group) identification protocol in 2005 using the bilinear pairings. But it reveals weakness in the active-intruder attack, and all the provers as well as the verifier must have devices computing bilinear pairings. Comparing their results, our protocol is secure from the active-intruder attack and has more fit for smart cards. In particular, it is secure under only the assumption of the hardness of the Discrete-Logarithm Problem in bilinear groups.

• Journal of applied mathematics & informatics
• /
• v.29 no.3_4
• /
• pp.869-877
• /
• 2011

In this paper, we propose an efficient two-flow zero-knowledge blind identification protocol on the elliptic curve cryptographic (ECC) system. A. Saxena et al. first proposed a two-flow blind identification protocol in 2005. But it has a weakness of the active-intruder attack and uses the pairing operation that causes slow implementation in smart cards. But our protocol is secure under such attacks because of using the hash function. In particular, it is fast because we don't use the pairing operation and consists of only two message flows. It does not rely on any underlying signature or encryption scheme. Our protocol is secure assuming the hardness of the Discrete-Logarithm Problem in bilinear groups.