• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.11 no.9
• /
• pp.4624-4640
• /
• 2017

This paper mainly presents a secure and efficient e-Medical Record System via searchable encryption scheme from asymmetric pairings, which could provide privacy data search and encrypt function for patients and doctors in public platform. The core technique of this system is an extension public key encryption system with keyword search, which the server could test whether or not the files stored in platform contain the keyword without leaking the information about the encrypted file. Compared with former e-medical record systems, the system proposed here has several superior features: (1)Users could search the data stored in cloud server contains some keywords without leaking anything about the origin data. (2) We apply asymmetric pairings to achieve shorter key size scheme in the standard model, and adopt the dual system encryption technique to reduce the scheme's secure problem to the hard Symmetric External Diffie-Hellman assumption, which could against the variety of attacks in the future complex network environment. (3) In the last of paper, we analyze the scheme's efficiency and point out that our scheme is more efficient and secure than some other classical searchable encryption models.

• Journal of KIISE:Information Networking
• /
• v.29 no.6
• /
• pp.635-644
• /
• 2002

We propose the PBSM(Protocol-Based Security Module) system which guarantees the secure data transmission under web environments. There are two modules in the PBSM architecture. One is Web Server Security Module(WSSM) which is working on a web server, the other is the Winsock Client Security Module(WSCSM) which is working on a client. The WSCSM security module decrypts the encrypted HTML document that is received from the security web server. The decrypted HTML document is displayed on the screen of a client. The WSSM module contains the encryption function for HTML file and the decryption function for CGI(Common Gateway Interface). The formal analysis methodology is imported from format theory for analyzing the data flow of the PBSM system. The formal analysis methodology is based on the order theory.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.39B no.5
• /
• pp.317-322
• /
• 2014

Data security and integrity is a critical issue in data transmission over wired/wireless links. A large amount of data is encrypted before transmission, by block cipher using mode of operation. RBF mode is a block cipher mode of operation which uses random characteristics. In this paper, we analyze the safety against known plaintext attack and chosen plaintext attack of RBF mode compared to the traditional modes. According to the analysis, RBF mode is known to be secure while the traditional modes are not secure against them.

• Journal of the Optical Society of Korea
• /
• v.17 no.5
• /
• pp.362-370
• /
• 2013

In this paper, we propose a novel optical implementation of a 3DES algorithm based on dual XOR logic operations for a cryptographic system. In the schematic architecture, the optical 3DES system consists of dual XOR logic operations, where XOR logic operation is implemented by using a free-space interconnected optical logic gate method. The main point in the proposed 3DES method is to make a higher secure cryptosystem, which is acquired by encrypting an individual private key separately, and this encrypted private key is used to decrypt the plain text from the cipher text. Schematically, the proposed optical configuration of this cryptosystem can be used for the decryption process as well. The major advantage of this optical method is that vast 2-D data can be processed in parallel very quickly regardless of data size. The proposed scheme can be applied to watermark authentication and can also be applied to the OTP encryption if every different private key is created and used for encryption only once. When a security key has data of $512{\times}256$ pixels in size, our proposed method performs 2,048 DES blocks or 1,024 3DES blocks cipher in this paper. Besides, because the key length is equal to $512{\times}256$ bits, $2^{512{\times}256}$ attempts are required to find the correct key. Numerical simulations show the results to be carried out encryption and decryption successfully with the proposed 3DES algorithm.

• Journal of Broadcast Engineering
• /
• v.13 no.1
• /
• pp.43-52
• /
• 2008

We study the problem of search in which a server contains various multimedia contents and a user wishes to retrieve some multimedia items containing a specific without revealing to the server which items they are. Recently, Ogata and Kurosawa introduced a search scheme by using the notion of oblivious transfer. In their scheme, a user must inefficiently search and compare all the data stored in the seuer for each search query. In this paper, we propose an efficient oblivious search by using the oblivious transfer, in which a user needs not to search and compare all the data. We formally prove that the proposed scheme is secure under the hardness of RSA known target inversion problem.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.13 no.5
• /
• pp.2754-2767
• /
• 2019

Cloud computing is widely used in information spreading and processing, which has provided a easy and quick way for users to access data and retrieve service. Generally, in order to prevent the leakage of the information, the data in cloud is transferred in the encrypted form. As one of the traditional security technologies, access control is an important part for cloud security. However, the current access control schemes are not suitable for cloud, thus, it is a vital problem to design an access control scheme which should take account of complex factors to satisfy the various requirements for cipher text protection. We present a novel access control scheme based on proxy re-encryption(PRE) technology (PreBAC) for cipher text. It will suitable for the protection of data confidently and information privacy. At first, We will give the motivations and related works, and then specify system model for our scheme. Secondly, the algorithms are given and security of our scheme is proved. Finally, the comparisons between other schemes are made to show the advantages of PreBAC.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.14 no.5
• /
• pp.23-36
• /
• 2004

This paper presents a password based authentication and key exchange protocol which can be used for both authenticating users and exchanging session keys for a subsequent secure communication over an untrusted network. Our idea is to increase a randomness of the password verification data, i.e., we split the password, and then amplify the split passwords in the high entropy-structured password verification data. And in order to prevent the verifier-compromised attack, we construct our system such that the password verification data is encrypted with the verifier's key and the private key of verifier used to encrypt it is stored in a secure place like a smart cards. Also we propose the distributed password authentication scheme utilizing many authentication servers in order to prevent the server-compromised attack occurred when only one server is used. Furthermore, the security analysis on the proposed protocol has been presented as a conclusion.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.16 no.4
• /
• pp.1286-1306
• /
• 2022

Searchable symmetric encryption (SSE) provides a safe and effective solution for retrieving encrypted data on cloud servers. However, the existing SSE schemes mainly focus on single keyword search in single client, which is inefficient for multiple keywords and cannot meet the needs for multiple clients. Considering the above drawbacks, we propose a scheme enabling dynamic multi-client and Boolean query in searchable symmetric encryption for cloud storage system (DMC-SSE). DMC-SSE realizes the fine-grained access control of multi-client in SSE by attribute-based encryption (ABE) and novel access control list (ACL), and supports Boolean query of multiple keywords. In addition, DMC-SSE realizes the full dynamic update of client and file. Compared with the existing multi-client schemes, our scheme has the following advantages: 1) Dynamic. DMC-SSE not only supports the dynamic addition or deletion of multiple clients, but also realizes the dynamic update of files. 2) Non-interactivity. After being authorized, the client can query keywords without the help of the data owner and the data owner can dynamically update client's permissions without requiring the client to stay online. At last, the security analysis and experiments results demonstrate that our scheme is safe and efficient.

• The Journal of Asian Finance, Economics and Business
• /
• v.9 no.9
• /
• pp.49-59
• /
• 2022

Based on assessing the impact of factors on the business efficiency of construction enterprises, the research team proposes policy implications to improve the business performance of listed construction enterprises in Vietnam in the coming time. The study used secondary data collected from the audited financial statements of 25 enterprises listed on Vietnam's stock market in the period 2015-2021 to estimate the factors affecting the business performance of construction enterprises. After collecting, the data will be encrypted and checked. The article uses a quantitative research method by using a linear regression model on Eviews 10 to analyze the data and analyze the impact of factors on the business performance of construction enterprises listed on Vietnam's stock market. The research result shows that firm size and growth rate positively affect business performance while capital structure, receivable management, fixed asset investment, and economic growth have a positive impact on the business performance of construction companies listed on the Vietnamese stock market. Based on this result, the paper also makes recommendations to the Vietnamese construction companies to enhance their business performance.

• International Journal of Computer Science & Network Security
• /
• v.24 no.1
• /
• pp.140-150
• /
• 2024

Database-as-a-Service is one of the prime services provided by Cloud Computing. It provides data storage and management services to individuals, enterprises and organizations on pay and uses basis. In which any enterprise or organization can outsource its databases to the Cloud Service Provider (CSP) and query the data whenever and wherever required through any devices connected to the internet. The advantage of this service is that enterprises or organizations can reduce the cost of establishing and maintaining infrastructure locally. However, there exist some database security, privacychallenges and query performance issues to access data, to overcome these issues, in our recent research, developed a database security model using a deterministic encryption scheme, which improved query execution performance and database security level.As this model is implemented using a deterministic encryption scheme, it may suffer from chosen plain text attack, to overcome this issue. In this paper, we proposed a new model for cloud database security using nondeterministic encryption, order preserving encryption, homomorphic encryptionand database distribution schemes, andour proposed model supports execution of queries with equality check, range condition and aggregate operations on encrypted cloud database without decryption. This model is more secure with optimal query execution performance.