• ETRI Journal
• /
• 제22권4호
• /
• pp.25-31
• /
• 2000

Design of secure and efficient public-key encryption schemes under weaker computational assumptions has been regarded as an important and challenging task. As far as ElGamal-type encryption schemes are concerned, some variants of the original ElGamal encryption scheme based on weaker computational assumption have been proposed: Although security of the ElGamal variant of Fujisaki-Okamoto public -key encryption scheme and Cramer and Shoup's encryption scheme is based on the Decisional Diffie-Hellman Assumption (DDH-A), security of the recent Pointcheval's ElGamal encryption variant is based on the Computational Diffie-Hellman Assumption (CDH-A), which is known to be weaker than DDH-A. In this paper, we propose new ElGamal encryption variants whose security is based on CDH-A and the Elliptic Curve Computational Diffie-Hellman Assumption (EC-CDH-A). Also, we show that the proposed variants are secure against the adaptive chosen-ciphertext attack in the random oracle model. An important feature of the proposed variants is length-efficiency which provides shorter ciphertexts than those of other schemes.

• 정보보호학회논문지
• /
• 제19권6호
• /
• pp.195-199
• /
• 2009

이 논문에서는 CDH가정에 안전성을 기초로 하는 공격자가 참여하는 새로운 문제를 정의하고 이의 안전성을 증명한다. 이 새로운 문제는 암호 프로토콜의 설계에서 프리미티브로 이용될 수 있다. 이 논문에서는 이 문제의 응용 예로 새로운 identification 기법을 보인다. 또한, 이 문제의 판별 버전(decisional version)에 대해서도 살펴본다.

• 정보보호학회논문지
• /
• 제15권1호
• /
• pp.41-55
• /
• 2005

그룹키 통의 프로토콜은 일련의 그룹을 형성하는 다수의 통신 참여자들이 공개된 통신망을 통해 안전하고 효율적인 방법으로 그룹의 세션키를 설정하기 위한 목적으로 설계된다. 본 논문에서는 유료 방송 시스템과 같은 그룹중심의 응용이나 서비스에 적합한 ID 기반의 2 라운드의 그룹키 동의 프로토콜을 제안하고, 이의 안전성을 CDH 가정과 BDDH 가정에 기반하여 랜덤 오라클 모델에서 증명한다. 제안하는 프로토콜은 Nam이 제안한 3 라운드 그룹키 동의 프로토콜을 기초로 설계된 것으로, 개인식별정보에 기반한 암호 시스템을 사용하여 키 관리 절차를 보다 간단히 하였으며, 새로운 인증 메카니즘을 사용하여 키 전송 메시지들의 길이를 줄이고 결합적 단순성을 제공하였다. 또한 제안하는 프로토콜은 전송되는 메시지들에 대한 인증을 묶음(batch) 기법을 사용하여 검증하도록 설계하여 효율성을 더욱 개선 시 켰다.

• 한국컴퓨터정보학회논문지
• /
• 제23권2호
• /
• pp.53-61
• /
• 2018

In this paper, the author proposes an efficient group key agreement scheme in a mobile environment where group members frequently join and leave. This protocol consists of basic protocols and general ones and is expected to be suitable for communications between a mobile device with limited computing capability and a key distributing center (or base station) with sufficient computing capability. Compared with other schemes, the performance of the proposed protocol is a bit more efficient in the aspects of the overall cost for both communication and computation where the computational efficiency of the scheme is achieved by using exclusive or operations and a one-way hash function. Also, in the aspect of security, it guarantees both forward and backward secrecy based on the computational Diffie-Hellman (CDH) assumption so that secure group communication can be made possible. Furthermore, the author proves its security against a passive adversary in the random oracle model.

• Journal of Communications and Networks
• /
• 제12권6호
• /
• pp.592-599
• /
• 2010

In recent years, significant improvements have been made to the techniques used for analyzing satellite communication and attacking satellite systems. In 2003, a research team at Los Alamos National Laboratory, USA, demonstrated the ease with which civilian global positioning system (GPS) spoofing attacks can be implemented. They fed fake signals to the GPS receiver so that it operates as though it were located at a position different from its actual location. Moreover, Galileo in-orbit validation element A and Compass-M1 civilian codes in all available frequency bands were decoded in 2007 and 2009. These events indicate that cryptography should be used in addition to the coding technique for secure and authenticated satellite communication. In this study, we address this issue by using an authenticated key-exchange protocol to build a secure and authenticated communication channel for satellite communication. Our protocol uses identity-based cryptography. We also prove the security of our protocol in the extended Canetti-Krawczyk model, which is the strongest security model for authenticated key-exchange protocols, under the random oracle assumption and computational Diffie-Hellman assumption. In addition, our protocol helps achieve high efficiency in both communication and computation and thus improve security in satellite communication.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제7권8호
• /
• pp.2010-2026
• /
• 2013

The combination of biometrics and cryptography gains a lot of attention from both academic and industry community. The noisy biometric measurement makes traditional identity based cryptosystems unusable. Also the extraction of key from biometric information is difficult. In this paper, we propose an efficient biometric identity based signature scheme (Bio-IBS) that makes use of fuzzy extractor to generate the key from a biometric data of user. The component fuzzy extraction is based on error correction code. We also prove that the security of suggested scheme is reduced to computational Diffie-Hellman (CDH) assumption instead of other strong assumptions. Meanwhile, the comparison with existing schemes shows that efficiency of the system is enhanced.

• Journal of applied mathematics & informatics
• /
• 제31권3_4호
• /
• pp.425-441
• /
• 2013

In literature, several strong designated verifier signature (SDVS) schemes have been devised using elliptic curve bilinear pairing and map-topoint (MTP) hash function. The bilinear pairing requires a super-singular elliptic curve group having large number of elements and the relative computation cost of it is approximately two to three times higher than that of elliptic curve point multiplication, which indicates that bilinear pairing is an expensive operation. Moreover, the MTP function, which maps a user identity into an elliptic curve point, is more expensive than an elliptic curve scalar point multiplication. Hence, the SDVS schemes from bilinear pairing and MTP hash function are not efficient in real environments. Thus, a cost-efficient SDVS scheme using elliptic curve cryptography with pairingfree operation is proposed in this paper that instead of MTP hash function uses a general cryptographic hash function. The security analysis shows that our scheme is secure in the random oracle model with the hardness assumption of CDH problem. In addition, the formal security validation of the proposed scheme is done using AVISPA tool (Automated Validation of Internet Security Protocols and Applications) that demonstrated that our scheme is unforgeable against passive and active attacks. Our scheme also satisfies the different properties of an SDVS scheme including strongness, source hiding, non-transferability and unforgeability. The comparison of our scheme with others are given, which shows that it outperforms in terms of security, computation cost and bandwidth requirement.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제12권9호
• /
• pp.4576-4598
• /
• 2018

In big data age, flexible and affordable cloud storage service greatly enhances productivity for enterprises and individuals, but spontaneously has their outsourced data susceptible to integrity breaches. Provable Data Possession (PDP) as a critical technology, could enable data owners to efficiently verify cloud data integrity, without downloading entire copy. To address challenging integrity problem on multiple clouds for multiple owners, an identity-based batch PDP scheme was presented in ProvSec 2016, which attempted to eliminate public key certificate management issue and reduce computation overheads in a secure and batch method. In this paper, we firstly demonstrate this scheme is insecure so that any clouds who have outsourced data deleted or modified, could efficiently pass integrity verification, simply by utilizing two arbitrary block-tag pairs of one data owner. Specifically, malicious clouds are able to fabricate integrity proofs by 1) universally forging valid tags and 2) recovering data owners' private keys. Secondly, to enhance the security, we propose an improved scheme to withstand these attacks, and prove its security with CDH assumption under random oracle model. Finally, based on simulations and overheads analysis, our batch scheme demonstrates better efficiency compared to an identity based multi-cloud PDP with single owner effort.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제15권9호
• /
• pp.3322-3347
• /
• 2021

Cloud Storage is the primary component of many businesses on cloud. Majority of the enterprises today are adopting a multicloud strategy to keep away from vendor lock-in and to optimize cost. Auditing schemes are used to ascertain the integrity of cloud data. Of these schemes, only the Provable Data Possession schemes (PDP) are resilient to key-exposure. These PDP schemes are devised using Public Key Infrastructure (PKI-) based cryptography, Identity-based cryptography, etc. PKI-based systems suffer from certificate-related communication/computational complexities. The Identity-based schemes deal with the exposure of only the auditing secret key (audit key). But with the exposure of both the audit key and the secret key used to update the audit key, the auditing process itself becomes a complete failure. So, an Identity-based PDP scheme with Parallel Key-Insulation is proposed for multiple cloud storage. It reduces the risk of exposure of both the audit key and the secret key used to update the audit key. It preserves the data privacy from the Third Party Auditor, secure against malicious Cloud Service Providers and facilitates batch auditing. The resilience to key-exposure is proved using the CDH assumption. Compared to the existing Identity-based multicloud schemes, it is efficient in integrity verification.

• 대한전자공학회논문지TC
• /
• 제43권7호
• /
• pp.60-71
• /
• 2006

공개된 네트워크상에서 안전하게 그룹 통신을 하기 위해서는 그룹 구성원간에 공통의 비밀키를 안전하고 효율적으로 설정할 수 있는 방법이 필요하며, 이러한 목적으로 설계되는 프로토콜을 그룹 키 동의 프로토콜이라고 한다. 그룹 키 동의 프로토콜에 관한 연구는 그동안 많은 연구자들에 의해 다양한 관점에서 진행되어 왔으며, 최근 들어 유 무선 통합 네트워크 환경에서의 안전한 그룹 통신을 위한 그룹 키 동의 프로토콜에 대한 연구가 진행되고 있다. 유 무선 통합 네트워크 환경에 적합한 그룹 키 동의 프로토콜을 설계하기 위해서는 고성능 연산 능력을 가진 유선 단말기의 특성과 상대적으로 계산능력이 떨어지는 무선 단말기의 특성이 함께 고려되어야 한다. 특히, 시스템 자원의 제한성을 갖는 무선 단말기에서의 계산량을 최소화하는 문제는 그룹 키 동의 프로토콜 설계에 있어서 무엇보다 중요하다. 본 논문에서는 무선 단말기의 계산량을 최소화하면서 유 무선 통합 네트워크 환경에 적합한 효율적인 그룹 키 동의 프로토콜을 제안하고 그 안전성을 증명한다.