• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.10 no.2
• /
• pp.881-896
• /
• 2016

Certificate-based cryptography is a useful public key cryptographic primitive that combines the merits of traditional public key cryptography and identity-based cryptography. It not only solves the key escrow problem inherent in identity-based cryptography, but also simplifies the cumbersome certificate management problem in traditional public key cryptography. In this paper, by giving a concrete attack, we first show that the certificate-based encryption scheme without bilinear pairings proposed by Yao et al. does not achieve either the chosen-ciphertext security or the weaker chosen-plaintext security. To overcome the security weakness in Yao et al.'s scheme, we propose an enhanced certificate-based encryption scheme that does not use the bilinear pairings. In the random oracle model, we formally prove it to be chosen-ciphertext secure under the computational Diffie-Hellman assumption. The experimental results show that the proposed scheme enjoys obvious advantage in the computation efficiency compared with the previous certificate-based encryption schemes. Without costly pairing operations, it is suitable to be employed on the computation-limited or power-constrained devices.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.20 no.6
• /
• pp.1109-1122
• /
• 2016

Certificateless public key cryptography is a technique that can solve the certificate management problem of a public key cryptosystem and clear the key escrow issue of ID-based cryptography using the public key in user ID. Although the studies were actively in progress, many existing schemes have been designed without taking into account the safety of the secret value with the decryption key exposure attacks. If previous secret values and decryption keys are exposed after replacing public key, a valid private key can be calculated by obtaining the partial private key corresponding to user's ID. In this paper, we propose a new security model which ensures the security against the key exposure attacks and show that several certificateless public key encryption schemes are insecure in the proposed security model. In addition, we design a certificateless public key encryption scheme to be secure in the proposed security model and prove it based on the DBDH(Decisional Bilinear Diffie-Hellman) assumption.

• Current Optics and Photonics
• /
• v.4 no.2
• /
• pp.103-114
• /
• 2020

A new optical asymmetric cryptosystem is proposed by modifying the asymmetric RSA public-key protocol required in a cryptosystem. The proposed asymmetric public-key algorithm can be optically implemented by combining a two-step quadrature phase-shifting digital holographic encryption method with the modified RSA public-key algorithm; then two pairs of public-private keys are used to encrypt and decrypt the plaintext. Public keys and ciphertexts are digital holograms that are Fourier-transform holograms, and are recorded on CCDs with 256-gray-level quantized intensities in the optical architecture. The plaintext can only be decrypted by the private keys, which are acquired by the corresponding asymmetric public-key-generation algorithm. Schematically, the proposed optical architecture has the advantage of producing a complicated, asymmetric public-key cryptosystem that can enhance security strength compared to the conventional electronic RSA public-key cryptosystem. Numerical simulations are carried out to demonstrate the validity and effectiveness of the proposed method, by evaluating decryption performance and analysis. The proposed method shows feasibility for application to an asymmetric public-key cryptosystem.

• The KIPS Transactions:PartC
• /
• v.11C no.7 s.96
• /
• pp.971-980
• /
• 2004

This paper describes the design and implementation of the video conferencing system using public key infrastructure which is used for user authentication and encryption. Public key infrastructure reinforces the authentication process for conference participant, and the symmetric key system blocks malicious access to information and protect conference control information. This paper shows the implementation of the trans portation layer secure protocol in conformity with Korea public key authentication algorithm standard and symmetric encryption algorithm (DES, 3DES and AES) for media stream encryption. In this paper, we deal with two ways of protecting information : transportation layer secure protocol secures user authentication process and the conference control information; while public key-based authentication system protects personal information of users when they connect to the network. When distributing the session keys for encryption, Internet Key Exchange is used for P2P communication, and secure protocol is employed for 1 : N multi-user communication in the way of distributing the public key-based en-cryption key.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.19 no.2
• /
• pp.31-38
• /
• 2009

To provide the privacy of a keyword, a public key encryption with keyword search(PEKS) firstly was propsed by Boneh et al. The PEKS scheme enables that an email sender sends an encrypted email with receiver's public key to an email server and a server can obtain the relation between the given encrypted email and an encrypted query generated by a receiver. In this email system, we easily consider the situation that a user sends the one identical encrypted email to multi-receiver like as group e-mail. Hwang and Lee proposed a searchable public key encryption considering multi-receivers. To reduce the size of transmission data and the server's computation is important issue in multi-receiver setting. In this paper, we propose an efficient searchable public key encryption for multi-receiver (mPEKS) which is more efficient and reduces the server's pairing computation.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.8 no.9
• /
• pp.3231-3249
• /
• 2014

Deniable encryption, introduced in 1997 by Canetti, Dwork, Naor, and Ostrovsky, guarantees that the sender or the receiver of a secret message is able to "fake" the message encrypted in a specific ciphertext in the presence of a coercing adversary, without the adversary detecting that he was not given the real message. Sender - side deniable encryption scheme is considered to be one of the classification of deniable encryption technique which defined as resilient against coercing the sender. M. H. Ibrahim presented a sender - side deniable encryption scheme which based on public key and uncertainty of Jacobi Symbol [6]. This scheme has several problems; (1) it can't be able to derive the fake message $M_f$ that belongs to a valid message set, (2) it is not secure against Quadratic Residue Problem (QRP), and (3) the decryption process is very slow because it is based dramatically on square root computation until reach the message as a Quadratic Non Residue (QNR). The first problem is solved by J. Howlader and S. Basu's scheme [7]; they presented a sender side encryption scheme that allows the sender to present a fake message $M_f$ from a valid message set, but it still suffers from the last two mentioned problems. In this paper we present a new sender-side deniable public-key encryption scheme with fast decryption by which the sender is able to lie about the encrypted message to a coercer and hence escape coercion. While the receiver is able to decrypt for the true message, the sender has the ability to open a fake message of his choice to the coercer which, when verified, gives the same ciphertext as the true message. Compared with both Ibrahim's scheme and J. Howlader and S. Basu's scheme, our scheme enjoys nice two features which solved the mentioned problems: (1) It is semantically secure against Quadratic Residue Problem; (2) It is as fast, in the decryption process, as other schemes. Finally, applying the proposed deniable encryption, we originally give a coercion resistant internet voting model without physical assumptions.

• ETRI Journal
• /
• v.38 no.4
• /
• pp.724-734
• /
• 2016

To achieve confidentiality, integrity, authentication, and non-repudiation simultaneously, the concept of signcryption was introduced by combining encryption and a signature in a single scheme. Certificate-based encryption schemes are designed to resolve the key escrow problem of identity-based encryption, as well as to simplify the certificate management problem in traditional public key cryptosystems. In this paper, we propose a new certificate-based signcryption scheme that has been proved to be secure against adaptive chosen ciphertext attacks and existentially unforgeable against chosen-message attacks in the random oracle model. Our scheme is not based on pairing and thus is efficient and practical. Furthermore, it allows a signcrypted message to be immediately verified by the public key of the sender. This means that verification and decryption of the signcrypted message are decoupled. To the best of our knowledge, this is the first signcryption scheme without pairing to have this feature.

• Journal of the Institute of Electronics Engineers of Korea CI
• /
• v.46 no.1
• /
• pp.20-34
• /
• 2009

We newly propose a multiple and unlinkable identity-based public key encryption scheme which allows the use of a various number of identity-based public keys in different groups or applications while keeping a single decryption key so that the decryption key can decrypt every ciphertexts encrypted with those public keys. Also our scheme removes the use of certificates as well as the key escrow problem so it is functional and practical. Since our public keys are unlinkable, the user's privacy can be protected from attackers who collect and trace the user information and behavior using the known public keys. Furthermore, we suggest a decryption key renewal protocol to strengthen the security of the single decryption key. Finally, we prove the security of our scheme against the adaptive chosen-ciphertext attack under the random oracle model.

• Journal of Korea Multimedia Society
• /
• v.7 no.12
• /
• pp.1719-1728
• /
• 2004

The fusion of Internet technology and applications with wireless communication provides a new business model and promises to extend the possibilities of commerce to what is popularly called mobile commerce, or m-commerce. In mobile Internet banking service through wireless local area network, security is a most important factor to consider. We describe the development of security service for mobile Internet banking on Personal Digital Assistants (PDAs). Banking Server and Authentication Server were developed to simulate banking business and to support certificate management of authorized clients, respectively. To increase security, we took hybrid approach in implementation: symmetric block encryption and public-key encryption. Hash function and random number generation were exploited to generate a secret key. The data regarding banking service were encrypted with symmetric block encryption, RC4, and the random number sequence was done with public-key encryption. PDAs communicate through IEEE 802.IIb wireless LAN (Local Area Network) to access banking service. Several banking services and graphic user interfaces, which emulatedthe services of real bank, were developed to verity the working of each security service in PDA, the Banking Server, and the Authentication Server.

• 한국정보통신설비학회:학술대회논문집
• /
• 2008.08a
• /
• pp.563-565
• /
• 2008

In this paper, we construct an efficient fuzzy identity-based encryption scheme in the random oracle model. The fuzzy identity-based encryption is an extension of identity-based encryption schemes where a user's public key is represented as his identity. Our construction requires constant number of bilinear map operations for decryption and the size of private key is small compared with the previous fuzzy identity-based encryption of Sahai-Waters. We also presents that our fuzzy identity-based encryption can be converted to attribute-based encryption schemes.