• Proceedings of the Korea Information Processing Society Conference
• /
• 2011.04a
• /
• pp.869-870
• /
• 2011

통신이 발달로 인터넷 망을 이용해 고용량의 데이터를 빠르게 주고받을 수 있게 되었으며, 이로 인하여 데이터를 원격 저장소에 저장하여 언제 어디서든 빠르게 접근할 수 있는 서비스가 발전하게 되었다. 하지만 데이터를 저장하는 서버의 보안 및 서버관리자의 신뢰 문재가 발생하게 되었고, 이를 해결하기위해 서버에 저장되는 데이터의 암호화 및 이를 검색할 수 있는 기술이 필요하게 되었다. 기존의 검색 가능 암호의 경우 이메일 서비스를 기반으로 구성이 되어 하나의 데이터에 많은 키워드를 저장하게 되는 원격 저장소 서비스에 적용하기 어렵다. 또한 필드 기반 검색기능을 제공해 검색이 유연하지 않고 결합 키워드 검색 시 연산의 효율성이 떨어지는 문제점이 존재한다. 따라서 본 논문은 블룸필터를 사용하여 대량의 키워드를 효율적으로 저장 및 검색 할 수 있으며 필드 프리한 결합키워드 검색을 지원하는 공개키 검색 가능 암호 시스템을 제안한다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2023.11a
• /
• pp.183-187
• /
• 2023

양자 컴퓨터가 빠르게 발전됨에 따라 기존의 공개키 암호들이 기반하고 있는 난제인 소인수분해, 이산로그 문제를 다항 시간 안에 풀 수 있는 Shor 알고리즘에 의해 기존 암호의 보안 강도 약화 및 무력화 시기가 다가오고 있다. NIST에서는 양자 컴퓨터 시대에 대비하여 양자 컴퓨터가 등장하더라도 안전한 암호인 양자내성암호에 관한 공모전을 개최하였다. 양자 컴퓨터 환경에서 암호 분석을 통해 암호의 보안 강도를 확인할 수 있는데, 이를 위해서는 암호를 양자회로로 구현해야한다. 본 논문에서는 NIST PQC 공모전의 4 라운드 후보 알고리즘인 HQC (Hamming Quasi-Cyclic)의 PKE (Public Key Encryption) 버전에 대한 키 생성 및 인코딩 연산 중 핵심 역할을 하는 바이너리 필드 산술과shortened Reed-Solomon 코드의 인코딩 연산에 대한 최적화된 양자회로 구현을 제안하고, 이를 위해 필요한 자원을 추정한다.

• Journal of Advanced Navigation Technology
• /
• v.16 no.6
• /
• pp.1014-1023
• /
• 2012

Recently with improvement of SMART Grid, AMI network security has been affecting the environment for Electric information and communication. The system and communication protection consists of steps taken to protect the AMI components and the communication links between system components from cyber intrusions. The addition of two way communications between SUN and HAN introduces additional risk for unauthorized access to the AMI system. In this paper, we propose new AMI device authentication infrastructure, key establishment and security algorithm based on public key encryption to solve AMI network security problems.

• Journal of the Korea Society of Computer and Information
• /
• v.25 no.1
• /
• pp.87-92
• /
• 2020

Various devices, which are powerful computer and low-performance sensors, is connected to IoT network. Accordingly, applying mutual authentication for devices and data encryption method are essential since illegal attacks are existing on the network. But cryptographic methods such as symmetric key and public key algorithms, hash function are not appropriate to low-performance devices. Therefore, this paper proposes blockchain-based lightweight IoT mutual authentication protocol for the low-performance devices.

• ETRI Journal
• /
• v.40 no.3
• /
• pp.396-409
• /
• 2018

Elliptic curve cryptography (ECC) can achieve relatively good security with a smaller key length, making it suitable for Internet of Things (IoT) devices. DNA-based encryption has also been proven to have good security. To develop a more secure and stable cryptography technique, we propose a new hybrid DNA-encoded ECC scheme that provides multilevel security. The DNA sequence is selected, and using a sorting algorithm, a unique set of nucleotide groups is assigned. These are directly converted to binary sequence and then encrypted using the ECC; thus giving double-fold security. Using several examples, this paper shows how this complete method can be realized on IoT devices. To verify the performance, we implement the complete system on the embedded platform of a Raspberry Pi 3 board, and utilize an active sensor data input to calculate the time and energy required for different data vector sizes. Connectivity and resilience analysis prove that DNA-mapped ECC can provide better security compared to ECC alone. The proposed method shows good potential for upcoming IoT technologies that require a smaller but effective security system.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.10 no.3
• /
• pp.1229-1248
• /
• 2016

With the feature of convenience and low cost, remote healthcare monitoring (RHM) has been extensively used in modern disease management to improve the quality of life. Due to the privacy of health data, it is of great importance to implement RHM based on a secure and dependable network. However, the network connectivity of existing RHM systems is unreliable in disaster area because of the unforeseeable damage to the communication infrastructure. To design a secure RHM system in disaster area, this paper presents a Secure VANET-Assisted Remote Healthcare Monitoring System (SVC) by utilizing the unique "store-carry-forward" transmission mode of vehicular ad hoc network (VANET). To improve the network performance, the VANET in SVC is designed to be a two-level network consisting of two kinds of vehicles. Specially, an innovative two-level key management model by mixing certificate-based cryptography and ID-based cryptography is customized to manage the trust of vehicles. In addition, the strong privacy of the health information including context privacy is taken into account in our scheme by combining searchable public-key encryption and broadcast techniques. Finally, comprehensive security and performance analysis demonstrate the scheme is secure and efficient.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.8 no.7
• /
• pp.2532-2553
• /
• 2014

In Asiacrypt 2003, Al-Riyami and Paterson proposed the notion of certificateless cryptography, a technique to remove key escrow from traditional identity-based cryptography as well as circumvent the certificate management problem of traditional public key cryptography. Subsequently much research has been done in the realm of certificateless encryption and signature schemes, but little to no work has been done for the identification primitive until 2013 when Chin et al. rigorously defined certificateless identification and proposed a concrete scheme. However Chin et al.'s scheme was proven in the random oracle model and Canetti et al. has shown that certain schemes provable secure in the random oracle model can be insecure when random oracles are replaced with actual hash functions. Therefore while having a proof in the random oracle model is better than having no proof at all, a scheme to be proven in the standard model would provide stronger security guarantees. In this paper, we propose the first certificateless identification scheme that is both efficient and show our proof of security in the standard model, that is without having to assume random oracles exist.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.12 no.2
• /
• pp.147-152
• /
• 2002

SFLASH, one of the asymmetric signature schemes in NESSIE project, was suggested and accepted in the fat phase. In the latest, results about attacking the affine parts of SFLASH was published. In this paper, we have that an attacker knowing one linear part and two affine parts can easily forge signatures for arbitrary messages without information of the other linear part and the secret suing. It follows that the security of SFLASH depends only on the linear par, which is used in the last step when a signature is being generated. Also, we show that an attacker can obtain partial information of the linear part by the forging method using hem public key and secret elements and we discuss the length of secret key.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.19 no.5
• /
• pp.35-44
• /
• 2009

To protect sensitive personal information, data will be stored in encrypted form. However in order to retrieve these encrypted data without decryption, there need efficient search methods to enable the retrieval of the encrypted data. Until now, a number of searchable encryption schemes have been proposed but these schemes are not suitable when dynamic users who have the permission to access the data share the encrypted data. Since, in previous searchable encryption schemes, only specific user who is the data owner in symmetric key settings or has the secret key corresponding to the public key for the encrypted data in asymmetric key settings can access to the encrypted data. To solve this problem, Stephen S. Yau et al. firstly proposed the controlled privacy preserving keyword search scheme which can control the search capabilities of users according to access policies of the data provider. However, this scheme has the problem that the privacy of the data retrievers can be breached. In this paper, we firstly analyze the weakness of Stephen S. Yau et al.'s scheme and propose privacy preserving keyword search with access control. Our proposed scheme preserves the privacy of data retrievers.

• Journal of Convergence for Information Technology
• /
• v.11 no.11
• /
• pp.66-74
• /
• 2021

With the development of the Internet, user authentication technology that proves me online is improving. Existing ID methods pose a threat of personal information leakage if the service provider manages personal information and security is weak, and the information subject is to the service provider. In this study, as online identification technology develops, we propose a DID-based self-authentication model to prevent the threat of leakage of personal information from a centralized format and strengthen sovereignty. The proposed model allows users to directly manage personal information and strengthen their sovereignty over information topics through VC issued by the issuing agency. As a research method, a self-authentication model that guarantees security and integrity is presented using a decentralized identifier method based on distributed ledger technology, and the security of the attack method is analyzed. Because it authenticates through DID Auth using public key encryption algorithms, it is safe from sniffing, man in the middle attack, and the proposed model can replace real identity card.