• Convergence Security Journal
• /
• v.2 no.2
• /
• pp.155-164
• /
• 2002

A design implemented the $\delta$SAcc234bit Mask Data Insertion algorithm that can let the Mask which commercialized Wave Steganography had improved the problem that a filter ring was able to easily become and raised Capacity and extend the width that Cover-data was alternative. Also, it applied 3-Tier file encryption algorithm with a proposal in order to improve a security level of Mask. 3-Tier file encryption algorithm is the algorithm that a specific pattern improved the problem that appeared in Ciphertext according to a file. A design implemented the StegoWaveK model carried out Wave Steganography, using $\delta$SAcc234bit Mask Data Insertion algorithm and the 3-Tier file encryption algorithm that proposed in this paper.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.11 no.12
• /
• pp.6116-6132
• /
• 2017

The proxy re-encryption allows an intermediate proxy to convert a ciphertext for Alice into a ciphertext for Bob without seeing the original message and leaking out relevant information. Unlike many prior identity based proxy re-encryption schemes which are based on the number theoretic assumptions such as large integer factorization and discrete logarithm problem. In this paper, we first propose a novel identity based proxy re-encryption scheme which is based on the hardness of standard Learning With Error(LWE) problem and is CPA secure in the standard model. This scheme can be reduced to the worst-case lattice hard problem that is able to resist attacks from quantum algorithm. The key step in our construction is that the challenger how to answer the private query under a known trapdoor matrix. Our scheme enjoys properties of the non-interactivity, unidirectionality, anonymous and so on. In this paper, we utilize primitives include G-trapdoor for lattice and sample algorithms to realize simple and efficient re-encryption.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.12 no.10
• /
• pp.5100-5119
• /
• 2018

Most of existing privacy-preserving multi-authorities attribute-based encryption schemes (PP-MA-ABE) only considers the privacy of the user identity (ID). However, in many occasions information leakage is caused by the disclosing of his/her some sensitive attributes. In this paper, we propose a collusion-resisting ciphertext-policy PP-MA-ABE (CRPP-MACP-ABE) scheme with hiding both user's ID and attributes in the cloud storage system. We present a method to depict anonymous users and introduce a managerial role denoted by IDM for the management of user's anonymous identity certificate ($AID_{Cred}$). The scheme uses $AID_{Cred}$ to realize privacy-preserving of the user, namely, by verifying which attribute authorities (AAs) obtain the blinded public attribute keys, pseudonyms involved in the $AID_{Cred}$ and then distributes corresponding private keys for the user. We use different pseudonyms of the user to resist the collusion attack launched by viciousAAs. In addition, we utilize IDM to cooperate with multiple authorities in producing consistent private key for the user to avoid the collusion attack launched by vicious users. The proposed CRPP-MACP-ABE scheme is proved secure. Some computation and communication costs in our scheme are finished in preparation phase (i.e. user registration). Compared with the existing schemes, our scheme is more efficient.

• Journal of the Optical Society of Korea
• /
• v.20 no.4
• /
• pp.476-480
• /
• 2016

For the application of multiusers, the arrangement and distribution of the keys is a much concerning problem in a cryptosystem. In this paper, we propose an optical encryption scheme with multiple users based on computational ghost imaging (CGI) and orthogonal modulation. The CGI encrypts the secret image into an intensity vector rather than a complex-valued matrix. This will bring convenience for post-processing and transmission of the ciphertext. The orthogonal vectors are taken as the address codes to distinguish users and avoid cross-talk. Only the decryption key and the address code owned by an authorized user are matched, the secret image belonging to him/her could be extracted from the ciphertext. Therefore, there are two security levels in the encryption scheme. The feasibility and property are verified by numerical simulations.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.10 no.5
• /
• pp.2394-2406
• /
• 2016

ABE has become an effective tool for data protection in cloud computing. However, since users possessing the same attributes share the same private keys, there exist some malicious users exposing their private keys deliberately for illegal data sharing without being detected, which will threaten the security of the cloud system. Such issues remain in many current ABE schemes since the private keys are rarely associated with any user specific identifiers. In order to achieve user accountability as well as provide key exposure protection, in this paper, we propose a key-insulated ciphertext policy attribute based encryption with key exposure accountability (KI-CPABE-KEA). In our scheme, data receiver can decrypt the ciphertext if the attributes he owns match with the self-centric policy which is set by the data owner. Besides, a unique identifier is embedded into each user's private key. If a malicious user exposes his private key for illegal data sharing, his identity can be exactly pinpointed by system manager. The key-insulation mechanism guarantees forward and backward security when key exposure happens as well as provides efficient key updating for users in the cloud system. The higher efficiency with proved security make our KI-CPABE-KEA more appropriate for secure data sharing in cloud computing.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.8 no.11
• /
• pp.4203-4225
• /
• 2014

Fuzzy identity-based cryptography introduces the threshold structure into identity-based cryptography, changes the receiver of a ciphertext from exact one to dynamic many, makes a cryptographic scheme more efficient and flexible. In this paper, we propose the first fuzzy identity-based signcryption scheme in lattice-based cryptography. Firstly, we give a fuzzy identity-based signcryption scheme that is indistinguishable against chosen plaintext attack under selective identity model. Then we apply Fujisaki-Okamoto method to obtain a fuzzy identity-based signcryption scheme that is indistinguishable against adaptive chosen ciphertext attack under selective identity model. Thirdly, we prove our scheme is existentially unforgeable against chosen message attack under selective identity model. As far as we know, our scheme is the first fuzzy identity-based signcryption scheme that is secure even in the quantum environment.

• Journal of the Optical Society of Korea
• /
• v.20 no.3
• /
• pp.341-357
• /
• 2016

A novel asymmetric multiple-image encryption method using an octonion Fresnel transform (OFST) and a two-dimensional Sine Logistic modulation map (2D-SLMM) is presented. First, a new multiple-image information processing tool termed the octonion Fresneltransform is proposed, and then an efficient method to calculate the OFST of an octonion matrix is developed. Subsequently this tool is applied to process multiple plaintext images, which are represented by octonion algebra, holistically in a vector manner. The complex amplitude, formed from the components of the OFST-transformed original images and modulated by a random phase mask (RPM), is used to derive the ciphertext image by employing an amplitude- and phase-truncation approach in the Fresnel domain. To avoid sending whole RPMs to the receiver side for decryption, a random phase mask generation method based on SLMM, in which only the initial parameters of the chaotic function are needed to generate the RPMs, is designed. To enhance security, the ciphertext and two decryption keys produced in the encryption procedure are permuted by the proposed SLMM-based scrambling method. Numerical simulations have been carried out to demonstrate the proposed scheme's validity, high security, and high resistance to various attacks.

• The KIPS Transactions:PartC
• /
• v.19C no.1
• /
• pp.63-70
• /
• 2012

To ensure privacy of individual information in remote healthcare service, health data should be protected through a secure technology such as encryption scheme. Only user who delegated decryption right can access to sensitive health data and delegator needs capability for revocating access privilege. Recently, in ubiquitous environment, CP-ABTD(Ciphertext-Policy Attribute-Based Threshold Decryption with Flexible Delegation and Revocation of User Attributes) which extends CP-ABE(Ciphertext-Policy Attribute-Based Encryption) has been proposed for these requirements. In this paper, we construct remote healthcare monitoring system with delegation and revocation capability for attribute in CP-ABTD. Finally, we analyze collusion attack between users in our system.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.17 no.1
• /
• pp.103-107
• /
• 2007

This paper represents a forgery attack on new authenticated encryption mode $NAE^{[1]}$ which was proposed at JCCI 2003. NAE is a new authenticated encryption mode which is combined with CFB mode and CTR mode. And it provides confidentiality. In this paper, we show that it is possible to make a valid ciphertext-tag pair only by modifying a ciphertext.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.19 no.5
• /
• pp.167-174
• /
• 2009

Recently, Li et al. proposed a new differential fault analysis(DFA) attack on the block cipher ARIA using about 45 ciphertexts. In this paper, we apply their DFA skill on AES and improve attack method and its analysis. The basic idea of our DFA method is that we recover intermediate ciphertexts in last round using final faulty ciphertexts and find out last round secret key. In addition, we present detail DFA procedure on AES and analysis of complexity. Furthermore computer simulation result shows that we can recover its 128-bit secret key by introducing a correct ciphertext and 2 faulty ciphertexts.