• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2012.05a
• /
• pp.467-470
• /
• 2012

This paper proposes a technique of sybil attack detection using an ID-based certificate on sensor network. First, it can solve the broadcast storm problem happening when keys are distributed to sensor nodes. Second, it prevents the replay attack by periodically generating and changing the keys of sensor nodes with Key-chain technique. Third, it authenticates sensor node's ID using hash function. So, it maximizes sensor node's memory usage, reduces communication overhead. Finally it detects Sybil attack through ID-based certificate. Therefore, the proposed technique of Sybil attack detection using ID-based certificate consider simultaneously energy efficiency and stability on sensor network environment, and can trust the provided information through sensor network.

• The KIPS Transactions:PartC
• /
• v.10C no.3
• /
• pp.273-280
• /
• 2003

When an existing user authorization systems in Grid access many user to local system and subject DN (Distinguished Name) in a user-proxy authenticate and ID in local system is one-to-one mapping, they have difficulties in ID management, memory resource management and resource management. At this, a variety of subject DN is shared of one local ID in an existing Grid. But this faces many difficulties in applying all requirements for many Grid users. Thus, we suppose user authorization system based on a certificate not them based on ID in this paper. That is, we add user's access level to extension field in a certificate, and make a supposed authorization system decide access limitation level on resources instead of an existing ID mapping methods.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.14 no.5
• /
• pp.165-176
• /
• 2004

Al-Riyami and Paterson$^{[1]}$ suggested the new public key paradigm which is called the certificateless public key system. This system takes the advantages of both traditional PKC and ID-based PKC. It does not require the use of certificates of the public key and does not have the key escrow problem caused from the ID-based cryptosystem. In this paper, we propose an efficient certificateless public key encryption scheme which satisfies mutual authentication. The security of our protocol is based on the hardness of two problems; the computational Diffie-Hellman problem(CDHP) and the bilinear Diffie-Hellman problem(BDHP). We also give a formal security model for both confidentiality and unforgeability, and then show that our scheme is probably secure in the random oracle model.

• Journal of the Korea Society of Computer and Information
• /
• v.15 no.5
• /
• pp.113-124
• /
• 2010

In this study, the hybrid authorization quotation technique is based on the device ID for the integrity of the source region guarantee of user certificate, in order to improve the convenience and security for user in the hybrid PKI certificate Mechanism for authentication. The feature of the model in which it is presented from this paper is 5. First, because the user can select the policy himself in which it matches with each authentication situation and security level, the convenience can be improved. Second, the integrity of the source region of the user certificate can be guaranteed through the comparison of the DLDI Key, that is the hash-value of the device ID. Third, the security can be improved by continuously changing an encoding, and the value of the key in which it decodes through the EOTP Key. Fourth, the index value is added to a certificate, and the storage of a certificate is possible at the Multi-Device. Fifth, since the addi the inan aratus for the integrity of the source region guarantee of a certificate is not needed, the authentication process time can be reduced and the computational load of the certificate server can be reduced also.

• Journal of KIISE:Computer Systems and Theory
• /
• v.35 no.9_10
• /
• pp.441-451
• /
• 2008

Currently, the X.509 proxy certificate is widely used to delegate an entity's right to another entity in the computational grid environment. However it has two drawbacks: the potential security threat caused by intraceability of a delegation chain and the inefficiency caused by an interactive communication between the right grantor and the right grantee on the delegation protocol. To address these problems for computational grids, we propose a new delegation protocol without additional cost. We use an ID-based key generation technique to generate a proxy private key which is a means to exercise the delegated signing right. By applying the ID-based key generation technique, the proposed protocol has the delegation traceability and the non-interactive delegation property. Since the right delegation occurs massively in the computational grid environment, our protocol can contribute the security enhancement by providing the delegation traceability and the efficiency enhancement by reducing the inter-domain communication cost.

• Journal of Korea Multimedia Society
• /
• v.13 no.2
• /
• pp.287-297
• /
• 2010

Authentication is needed to use safe devices in the home network environment. In this authentication, there are an ID base form and Certification base form. In case of an ID base form, it is difficult to apply to the multi domain environment and in case of an Certification base form, because the way that contains and stores the certificate demand on devices, additional setting of the user is needed for transfer of ownership and purchase of new devices, and more. Because both ways attend an individual authentication for devices, the ways exist overhead as the frequent authentication for a lot of devices in service aspects of user needs. To arrange these problems, in this paper, the authentication information of devices can be securely stored and managed in the java card and a processing time of the authentication could be improved better then the existing technique by authenticating a group of service.

• Journal of KIISE:Information Networking
• /
• v.31 no.4
• /
• pp.405-413
• /
• 2004

Design an efficient and secure electronic payment system is important for M-Commerce. In this paper, we propose an efficient Micro-Payment Protocol that allows multiple transactions using ID-based public key cryptosystem. Current PayWord system requires to generate certificate of the vendor for each transaction. In this paper, we use a session key instead of certificate key generated by Weil Pairing which use an Elliptic Curve Cryptosystem over finite field $F_q$ for transactions Therefore, it is more secure in Known key attacks as well as Man-in-the-middle attacks.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.13 no.2
• /
• pp.3-11
• /
• 2003

Proxy signatures are signature schemes in which an original signer delegates her signing capability to a proxy entity, who signs a message on behalf of the original signer. In this paper we propose the ID-based proxy signature schemes using a bilinear map. In the previous R-based proxy signature scheme, the proxy signer can misuse the right of the signing capacity and the public key directory is required. However, by inserting the warrant information such as the identity of the proxy signer and the limit of the signing capacity to the proxy signature, our scheme can prevent the misuse of the proxy key pair by the proxy signer and does not require a public key certificate. Furthermore, our scheme dose not need a secure channel to deliver the warrant. Consequently, the proposed scheme is more efficient and useful than the previous proxy signature schemes.

• The Journal of the Korea Contents Association
• /
• v.15 no.10
• /
• pp.607-615
• /
• 2015

Mosts user of internet and smart phone has certificate, and uses it when money transfer, stock trading, on-line shopping, etc. Mosts user stores certificate in a hard disk drive of PC, or the external storage medium. In particular, the certification agencies are encouraged for user to store certificate in external storage media such as USB memory rather than a hard disk drive. User think that the external storage medium is safe, but when it is connect to a PC, certificate may be copied easily, and can be exposed to hackers through malware or pharming site. Moreover, if a hacker knows the user's password, he can use user's certificate without restrictions. In this paper, we suggest secure management scheme of the private key file using a password of the encrypted private key file, and a USB Memory's hardware information. The private key file is protected safely even if the encrypted private key file is copied or exposed by a hacker. Also, if the password of the private key file is exposed, USB Memory's container ID, additional authentication factor keeps the private key file safe. Therefore, suggested scheme can improve the security of the external storage media for certificate.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2002.11a
• /
• pp.233-236
• /
• 2002

디지털 서명의 정당성을 검증하기 위해서는 서명자 공개키의 유효성을 인증해야 한다. 이 때, PKI 기반의 인증서를 통해 인증을 수행한다면, 무선 인터넷이라는 특성에 따른 보안상의 문제가 있을 뿐만 아니라 비효율적이다. 그런데 별도의 인증서 검증이 필요 없는 개인식별정보 자체를 공개키고 사용한다면 인증서 검증을 위한 무선 인터넷에서 유선 인터넷으로의 접속 없이 서명의 검증이 가능하게 되고, 무선망만을 이용한 통신이 가능하게 된다. 본 논문에서는 이와 같이 이동 통신 환경에 적합하도록 개인식별정보를 공개키고 사용하는 디지털 서명 알고리즘을 제안한다.