• The Journal of the Korea Contents Association
• /
• v.4 no.1
• /
• pp.67-75
• /
• 2004

In this paper, we design an authentication model based mobile PKI (Public Key Infrastructure). The authentication mood consists of Root-CA Home-network agent and Foreign-network agent. CA will going to gave the delegation ticket to Home-Agent or Foreign-Agent when they request. The authentication mode information security is various characteristic more then high speed, mobile network and low cost more then previous structure of assure information security.

• Journal of KIISE:Computer Systems and Theory
• /
• v.31 no.8
• /
• pp.465-472
• /
• 2004

Proxy signatures is a signature scheme that an original signer delegates one's signature capability to a proxy signer, and then the proxy signer creates a signature on behalf of the original signer. Delegation of authority is a common practice in the real world, in particular, it happens naturally in hierarchical groups such as company, bank and army, etc. In this paper, we propose a new dynamic multi-proxy signature scheme allowing repetitive delegations in a hierarchical group. We adopt multi-proxy signatures to enhance the security of proxy signature. In multi-proxy signatures, plural proxy signers can generate a valid proxy signature collectively on behalf of one original signer. In our scheme, the proxy group is not fixed but constructed dynamically according to some situations. Delegations are processed from higher level to lower level in the hierarchy using delegation tickets. When the original signer wants to delegate one's signature authority, the original signer generates a delegation ticket based on secret sharing and Diffie-Hellman problems. The delegation ticket is shared among proxy signers and then all the proxy signers can generate a valid proxy signature collectively by reconstructing the original signer's delegation ticket. If a certain proxy signer can not attend the proxy signature generating protocol, the proxy signer can also delegate repetitively his partial signature authority to the lower level participants, and then the proxies are constructed dynamically.

• Journal of KIISE:Computer Systems and Theory
• /
• v.30 no.9
• /
• pp.487-493
• /
• 2003

A secret sharing scheme is a cryptographic Protocol that a dealer distributes shares about a secret to many participants and authorized subsets of the participants can reconstruct the secret. Secret sharing schemes that reflect various access structure were proposed. We propose a new reusable secret sharing scheme in a hierarchical group. Participants have priority about restoration of secret from high position level of tree. And when participants who belong in high position level are absent, they can delegate restoration competence of the secret transmitting delegation ticket to child nodes that it belongs in low rank level. By participants reuse own share and take part in different secret restoration, they who belong on hierarchical group can be possible different secret restoration by each participant's single share.

• Journal of KIISE:Computer Systems and Theory
• /
• v.29 no.3
• /
• pp.161-168
• /
• 2002

A secret sharing scheme is a cryptographic protocol to share a secret among a set of participants P in the way that only qualified subsets of P can reconstruct the secret whereas any other subset of P, non-qualified to know the secret, cannot determine anything about the secret. In this paper, we propose a new secret sharing scheme in hierarchical groups, whose hierarchy can be represented as a tree structure. In the tree structure, participants of higher levels have priorities to reconstruct the secret over participants of lower levels. In the absence of the participant of a higher level, it is possible for this participant to delegate the ability to reconstruct the secret to the child nodes of the next lower level through the transfer of his delegation ticket. This scheme has a dynamic access structure through the recursive delegation process from the root to lower levels where participants aren't absent.

• Proceedings of the Korean Information Science Society Conference
• /
• 2002.04a
• /
• pp.913-915
• /
• 2002

비밀분산법은 하나의 비밀정보(secret)를 분산시켜 다수의 참가자(participant)들에게 공유시키고 필요시 허가된 참가자 부분집합만이 비밀을 복원할 수 있도록 하는 암호 프로토콜이다. 본 논문에서는 트리(tree) 형태의 계층 구조를 갖는 참가자들에게 적용할 수 있는 새로운 비밀분산법을 제안한다. 참가자들은 트리 상의 상위 레벨에 따라 비밀정보의 복원에 대한 우선권을 갖는다. 그러나 상위 레벨에 속하는 참가자들이 부재 시에는 하위 레벨에 속하는 자식 노드들에게 위임 티켓(delegation ticket)을 전송하여 비밀정보의 복원 권한을 위임할 수 있다. 이러한 위임 과정은 최상위 레벨인 루트부터 비밀정보를 복원하는데 참여 가능한 하위 레벨까지 순차적으로 수행될 수 있으므로, 제안하는 비밀분산법은 참가자들의 상황에 따라 동적인 접근구조(dynamic access structure)를 갖는다.

• Proceedings of the Korean Information Science Society Conference
• /
• 2002.10c
• /
• pp.544-546
• /
• 2002

비밀분산법이란 하나의 비밀정보(secret)를 분산시켜 다수의 참가자에게 공유시키고, 필요시 허가된 참가자 부분집합만이 비밀정보를 복원할 수 있는 암호 프로토콜이다. 다양한 접근구조를 반영하는 비밀분산법이 제안되었는데 본 논문에서는 계층구조에 적용이 가능하면서 재사용이 가능한 새로운 비밀분산법을 제안한다. 즉, 참가자들은 트리 상의 상위 레벨부터 비밀정보의 복원에 대한 우선권을 갖고, 상위 레벨에 속하는 참가자들이 부재 시에는 하위 레벨에 속하는 자식 노드들에게 위임티켓(delegation ticket)을 전송하여 비밀정보의 복원 권한을 위임할 수 있고, 각 참가자가 하나의 비밀조각으로 서로 다른 비밀정보를 복원하는데 참여할 수 있도록 함으로써, 계층그룹에서 비밀조각의 재사용이 가능하도록 한다.