• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.14 no.6
• /
• pp.15-24
• /
• 2004

Electronic commerce is widely used with the development of information communication technologies in internet using public key certificates. And the study for access control in Web application and DB system is also progressed actively. There are many verification method for PKC(Public Key Certificates), which are CRL, OCSP, SCVP and others. But their certificates verification methods for PKC cannot to be applied to PMI(Privilege Management Infrastructure) which is using AC(Attribute certificates) because of synchronization of PKC and AC. It is because AC has no public key, AC Verifier must get the PKC and verify the validity on PKC and AC. So in this paper we proposed the new AC-based certificate verification model. which provide the synchronization in two certificates(AC and PKC).

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.17 no.10
• /
• pp.2862-2882
• /
• 2023

With the development of networking technology, it has become common to use various types of network services to replace physical ones. Among all such services, electronic voting is one example that tends to be popularized in many countries. However, due to certain concerns regarding information security, traditional paper voting mechanisms are still widely adopted in large-scale elections. This study utilizes blockchain technology to design a novel electronic voting mechanism. Relying on the transparency, decentralization, and verifiability of the blockchain, it becomes possible to remove the reliance on trusted third parties and also to enhance the level of trust of voters in the mechanism. Besides, the mechanism of blind signature with its complexity as difficult as solving an elliptic curve discrete logarithmic problem is adopted to strengthen the features related to the security of electronic voting. Last but not least, the mechanism of self-certification is incorporated to substitute the centralized certificate authority. Therefore, the voters can generate the public/private keys by themselves to mitigate the possible risks of impersonation by the certificate authority (i.e., a trusted third party). The BAN logic analysis and the investigation for several key security features are conducted to verify that such a design is sufficiently secure. Since it is expected to raise the level of trust of voters in electronic voting, extra costs for re-verifying the results due to distrust will therefore be reduced.

• Journal of Communications and Networks
• /
• v.6 no.2
• /
• pp.156-162
• /
• 2004

In recent years, mobile ad-hoc networks have received a great deal of attention in both academia and industry to provide anytime-anywhere networking services. As wireless networks are rapidly deployed, the security of wireless environment will be mandatory. In this paper, we describe a group key management architecture and key agreement protocols for secure communication in mobile ad-hoc wireless networks (MANETs) overseen by unmanned aerial vehicles (UAVs). We use implicitly certified public keys method, which alleviates the certificate overhead and improves computational efficiency. The architecture uses a two-layered key management approach where the group of nodes is divided into: 1) Cell groups consisting of ground nodes and 2) control groups consisting of cell group managers. The chief benefit of this approach is that the effects of a membership change are restricted to the single cell group.

• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.45 no.10
• /
• pp.90-98
• /
• 2008

PKI (Public Key Infrastructure) which is used for the security of E-commerce (Electronic-commerce) in wired internet is not suitable for the mobile phone because of the fundamental limitation of performance such as less memory and less powerful CPU. Therefore, we need to develop a wireless PKI (WPKI) that provides the similar security level as the wired PKI supporting mobile phone. In this paper, we propose a lightweight and secure Wireless Certificate Management Protocol (WCMP) that is executable to the mobile phone that has a constrained communication environment and limitation of performance, and show the implementation results of the scheme based on the mobile phone. We minimize data sizes processed in mobile phone, and optimize protocols for the certificate management. This results in the reduced module sizes to be able to install in mobile phone and shows as the same level as the wired CMP.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.20 no.8
• /
• pp.1466-1477
• /
• 2016

Public key infrastructure(PKI), principle technology of the certificate, is a security technology providing functions such as identification, non-repudiation, and anti-forgery of electronic documents on the Internet. Our government and financial organizations use PKI authentication using ActiveX to prevent security accident on the Internet service. However, like ActiveX, plug-in technology is vulnerable to security and inconvenience since it is only serviceable to certain browser. Therefore, the research on HTML5 authentication system has been conducted actively. Recently, domestic bank introduced PKI authentication complying with web standard for the first time. However, it still has inconvenience to register a certification on each website because of same origin policy of web storage. This paper proposes the certificate based SSO protocol that complying with web standard to provide user authentication using certificate on several sites by going around same origin policy and its security proof.

• Journal of KIISE:Information Networking
• /
• v.31 no.4
• /
• pp.405-413
• /
• 2004

Design an efficient and secure electronic payment system is important for M-Commerce. In this paper, we propose an efficient Micro-Payment Protocol that allows multiple transactions using ID-based public key cryptosystem. Current PayWord system requires to generate certificate of the vendor for each transaction. In this paper, we use a session key instead of certificate key generated by Weil Pairing which use an Elliptic Curve Cryptosystem over finite field $F_q$ for transactions Therefore, it is more secure in Known key attacks as well as Man-in-the-middle attacks.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.20 no.6
• /
• pp.1-8
• /
• 2019

Medical information is an important personal information for patients, and it must be protected. In particular, when medical personnel approach electronic medical records, authentication for enhanced security is essential. However, the existing public certificate-based certification model did not reflect the security characteristics of the electronic medical record(EMR) due to problems such as personal key management and authority delegation. In this study, we propose a fingerprint recognition-based authentication model with enhanced security to solve problems in the approach of the existing electronic medical record system. The proposed authentication model is an EMR system based on fingerprint recognition using PEMS (Private-key Escrow Management Server), which is applied with the private key commission protocol and the private key withdrawal protocol, enabling the problem of personal key management and authority delegation to be resolved at source. The performance experiment of the proposed certification model confirmed that the performance time was improved compared to the existing public certificate-based authentication, and the user's convenience was increased by recognizing fingerprints by replacing the electronic signature password.

• Proceedings of the CALSEC Conference
• /
• 1997.11a
• /
• pp.167-184
• /
• 1997

암호화 기술의 확장성과 비도 측면에서 우수한 공개키 기반 하부구조(Public Key Infrastructure)는 공개키를 보증하는 기반 기술과 인증서의 안전한 사용 기술로 구성되어있으며, 전자상거래의 기본 기술중 하나이다. 이러한 기본 기술 중에는 키 복구(Key Recovery) 및 비밀 분산(Secret Sharing) 기술등이 포함되며, 인증기관(Certificate Authority： CA)을 통한 키 관리 효율성 및 인중 기관과 사용자 간 안전한 정보 교환 기술이 요구된다. 본 논문에서는 인터넷 기반의 전자 상거래 시 사용되는 공개키 기반 하부구조에 대하여 검토 분석한다.

• Review of KIISC
• /
• v.7 no.3
• /
• pp.77-98
• /
• 1997

암호화 기술의 확장성 측면에서 우수한 공개키 기반 하부구조(Public Key Infrastructure)는 전자 상거래 서비스에서 필요한 제반 인증 기술을 제공하고 있다. 공개키를 보증하는 기반 기술과 인증서의 안전한 사용 기술은 공개키 기반 전자 상거래의 기본 기술이다. 이러한 기본 기술 중에는 키 복구(Key Recovery) 및 비밀 분산(Secret Sharing) 기술이 포함되며 인증기관(Certificate Authority : CA)을 통한 키 관리 효율성 및 인증기관과 서비스 사용자간의 안전한 정보 교환 기술이 또한 요구된다. 본 논문에서는 인터넷 기반의 전자 상거래 시 사용되는 공개키 기반의 인증구조에 대하여 검토 분석한다.

• The KIPS Transactions:PartC
• /
• v.10C no.3
• /
• pp.281-286
• /
• 2003

Nowadays, a patient's private medical data which is exposed to the outside world has a severe effect on not only the patient's private life but also his/her social activities and environment. So, it is important to securely protect the patient's private medical data from the illegal manipulation. This paper studies the method to store the electronic prescription information in an IC card. For that, an access control for users, such as a doctor, a nurse, a medical institute member, a pharmacy, a pharmacist, or a patient, is proposed to access the data stored in an IC card. The certificate is issued using the Crypto API of a certificate management model supported by Windows 2000. The public/private key is created by the Cryptographic Service Provider program, and the electronic prescription is signed using the digital signature. The proposed system, therefore, can improve the quality of medical services by securing the safety and integrity of the electronic prescription, stored in an IC card.