• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.2
• /
• pp.267-271
• /
• 2013

Comparable encryption allows a verifier to test whether given two ciphertexts from a probabilistic public key cryptosystem are encryption of the same message without decrypting them. Recently, Yang et al. proposed such scheme and Lee et al. and Tang independently modified Yang et al.'s system to restrict the entity who can perform the verification. However, the original Yang et al.'s scheme has a flaw that enables two ciphertexts which are not encryption of the same message to pass the test. In this paper, we concretely show the faults in all three schemes considered and analyze the effect of this flaw in the use of such schemes in applications.

• Journal of KIISE:Information Networking
• /
• v.36 no.6
• /
• pp.471-480
• /
• 2009

One of the principal impediments to the achievement of a scalable access control for a large number of subscribers in a public broadcast is to distribute key update messages reliably to all stateless receivers. However, in a public broadcast, the rekeying messages can be dropped or compromised during the transmission over an insecure broadcast channel, or transmitted to the receivers while it was off-line. In this study, we propose a novel group key management scheme that features a mechanism that allows the legitimate receivers to recover the current group key even if they lose key update messages for long-term sessions using short hint messages and member computation. The performance analysis result shows that the proposed scheme has advantages of the scalable and efficient rekeying compared with the previous reliable group key distribution schemes. The proposed key management scheme targets a conditional access system in a media broadcast where there is no feedback channel from receivers to the broadcasting station.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.16 no.2
• /
• pp.445-466
• /
• 2022

As everything linking to the internet, people can subscribe to various services from a service provider to facilitate their lives through the Internet of Things (IoT). An obligatory thing for the service provider is that they should push the service data safely and timely to multiple IoT terminal devices regularly after the IoT devices accomplishing the service subscription. In order to control the service message received by the legal devices as while as keep the confidentiality of the data, the public key encryption algorithm is utilized. While the existing public encryption algorithms for push service are too complicated for IoT devices, and almost of the current subscription schemes based on push mode are relying on centralized organization which may suffer from centralized entity corruption or single point of failure. To address these issues, we design a secure subscription-push service scheme based on blockchain and edge computing in this article, which is decentralized with secure architecture for the subscription and push of service. Furthermore, inspired by broadcast encryption and multicast encryption, a new encryption algorithm is designed to manage the permissions of IoT devices together with smart contract, and to protect the confidentiality of push messages, which is suitable for IoT devices. The edge computing nodes, in the new system architecture, maintain the blockchain to ensure the impartiality and traceability of service subscriptions and push messages, meanwhile undertake some calculations for IoT devices with limited computing power. The legalities of subscription services are guaranteed by verifying subscription tags on the smart contract. Lastly, the analysis indicates that the scheme is reliable, and the proposed encryption algorithm is safe and efficient.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.21 no.8
• /
• pp.1471-1479
• /
• 2017

This paper describes a design of RSA public-key cryptography processor supporting key length of 2,048 bits. A modular multiplier that is core arithmetic function in RSA cryptography was designed using word-based Montgomery multiplication algorithm, and a modular exponentiation was implemented by using Left-to-Right (LR) binary exponentiation algorithm. A computation of a modular multiplication takes 8,386 clock cycles, and RSA encryption and decryption requires 185,724 and 25,561,076 clock cycles, respectively. The RSA processor was verified by FPGA implementation using Virtex5 device. The RSA cryptographic processor synthesized with 100 MHz clock frequency using a 0.18 um CMOS cell library occupies 12,540 gate equivalents (GEs) and 12 kbits memory. It was estimated that the RSA processor can operate up to 165 MHz, and the estimated time for RSA encryption and decryption operations are 1.12 ms and 154.91 ms, respectively.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.19 no.2
• /
• pp.9-17
• /
• 2019

In this paper, we propose an attribute-based broadcast encryption algorithm that can be applied to satellite broadcasting network. The encryption algorithm is a cryptographic method by which a carrier(sender) can transmit contents efficiently and securely to a plurality of legitimate users through satellites. An attribute-based encryption algorithm encrypts contents according to property of contents or a user, In this paper, we combine effectively two algorithms to improve the safety and operability of satellite broadcasting network. That is, it can efficiently transmit ciphertexts to a large number of users, and has an advantage in that decoding can be controlled by combining various attributes. The proposed algorithm reduces the network load by greatly reducing the size of the public key, the private key and the cipher text in terms of efficiency, and the decryption operation amount is reduced by half to enable fast decryption, thereby enhancing the operability of the user.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.19 no.5
• /
• pp.33-38
• /
• 2019

In this paper, we propose a new blockchain technology that could comply with GDPR. The proposed model can prevent illegal access by controlling access to the personal information according to a access policy. For example, it can control access to the information on a role-basis and information validation period. The core mechanism of the proposed model is to encrypt the personal information with public key which is associated with users attributes policy, and then decrypt it with a private key and users attributes based on a Attribute-based Encryption scheme. It can reduce a trusted third-part risk by replacing it with a number of nodes selected from the blockchain. And also the private key is generated in the form of one-time token to improve key management efficiency. We proved the feasibility by simulating the proposed model using the chaincode of the Hyperledger Fabric and evaluate the security.

• The KIPS Transactions:PartA
• /
• v.11A no.2
• /
• pp.175-180
• /
• 2004

Generally, as for the multimedia high quality contents, an illegality facsimile is possible without a damage of a quality. Also a distribution of contents duplicated illegality in an Internet is giving a great economic loss to digital contents provider. Therefore, a study for security and efficient distribution of digital contents is required. The most important issues in a design of digital contents distribution system are a user convenience, an execution speed and a security. In this study, we designed digital contents distribution system that used a web caching technology and an encryption/decryption technique on hierarchical structure. The proposed system was the digital contents distribution system that improved a security and execution speed, a convenience of a user. Also it verified performance superiority of a proposed system by an examination.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.14 no.3
• /
• pp.49-61
• /
• 2004

In broadcast encryption schemes, traceability is a useful property to trace authorized subscribers, called traitors, who collude for manufacturing a pirate decoder. Unfortunately, this is usually achieved with a sacrifice of a privacy. Most traitor tracing schemes in the literature have been developed without considering a subscriber's anonymity, which is one of important requirements for electronic marketplaces to offer similar privacy as current marketplace. It would be unsatisfactory for the subscriber to reveal his/her identity to purchase multimedia contents. In this paper we propose an anonymous broadcast encryption scheme, where a user can subscribe anonymously and one purchases multimedia contents without giving a lot of information about his lifestyle, habits, and etc, but anonymity control is provided, i.e., a data supplier can date traitors.

• Proceedings of the KIEE Conference
• /
• 2003.11b
• /
• pp.143-146
• /
• 2003

In mobile Internet banking service through wireless local area network, security is a most important factor to consider. We describe the development of mobile banking service using Personal Digatal Assistant (PDA). In order to increase the strength of encryption, we adopted hybrid approach where both of the public key algorithm and the secret key algorithm are used during the transaction among PDA, banking server and authentication server.

• Review of KIISC
• /
• v.2 no.2
• /
• pp.64-80
• /
• 1992

전화망을 통과하는 음성신호에 대하여, 실시간에 공개열쇠방식의 암호화/복호화를 하기 위한 반도체 IC제조공정평가를 실시하였다. 초당 64k bit의 정보에 대하여 256 bit이상의 key를 갖는 RSA 방식 암호화를 위하여 modular multiplication 환경과 redundant number system을 채택하여 algori-multiple input shift register 를 사용하는 회로로 충족시키는 과정에서, 1.0 $이하의 CMOS공정이 요구된다는 결론에 도달하였으며, 이들 회로의 타당성은 저속 RSA chip의 분석 결과와 비교하여 확인하였다.