• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 1994.11a
• /
• pp.51-66
• /
• 1994

A divisible off-line electronic cash system based on cut-and-choose has first been proposed by [OO91] and recently more efficient single term divisible cash system was presented in [EO94] which is based on Brand's scheme [Bra93]. In this paper, we present a different type of single term divisible electronic cash system which is more efficient than previously proposed systems such as [OO91], [YLR93], and [EO94] in the standpoint of the amount of communication, the number of modular multiplications required in the payment transactions, and the storage requirement in the withdrawal protocol. Our scheme is a modified version of [LL93], where the major improvement has been made in its withdrawal transaction to introduce untraceability and multi-spendability. We have borrowed the idea of the withdrawal protocol of our scheme from [EO94] with minor modifications. Transferability in our scheme allows only a finite number of transfer. Our scheme satisfies an the desirable properties of an electronic cash system such as untraceability, divisibility and transferability. In addition, we present a n-spendable cash. The basic idea of extension to multi-spendability has been borrowed from [Bra93] with minor modifications.

• Journal of KIISE:Information Networking
• /
• v.28 no.4
• /
• pp.570-577
• /
• 2001

In recent years, Internet-based application services on the mobile environment have been activated, and the developments of mobile internet application for user authentication and privacy have been required. Especially, the research for preventing disclosure of identity caused by user mobility is on the progress. In this paper, we introduce the study of an authentication protocol for anonymity and untraceability supporting the protection of user identity and the authenticated secure association mechanism between mobile hosts and remote domains. In this protocol use public cryptography.

• Journal of Korea Multimedia Society
• /
• v.18 no.12
• /
• pp.1483-1491
• /
• 2015

Applications of Internet of Things (IoT) supply various conveniences, however unsolved security problems such as personal privacy, data manipulation cause harm to persons, even nations and an limit the applicable areas of Internet of IoT technology. Therefore, study about secure and efficient security system on IoT are required. This paper proposes ID-based remote user authentication scheme in IoT environments. Proposed scheme provides untraceability of users by using different pseudonym identities in every session and reduces the number of variables. Our proposal is secure against inside attack, smart card loss attack, user impersonation attack, server masquerading attack, online/offline password guessing attack, and so on. Therefore, this can be applied to the lightweight IoT environments.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.9 no.1
• /
• pp.29-46
• /
• 1999

Most of the previous researches for the electronic cash system guarantee unconditional untraceability for the purpose of individual privacy. Such untraceable electronic cash system that only focuses on untraceability, however, has side effect such as money laundering, criminal activities. We present a escrow cash model using anonymous channel that supports not only untaceability but also crime prevention, and prove the efficiency of our scheme relative to previous escrow cash systems.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.17 no.5
• /
• pp.99-109
• /
• 2007

Lee et al. recently proposed an RFID mutual authentication scheme based on synchronized secret information. However, we found that their protocol is vulnerable to a spoofing attack in which an adversary can impersonate a legal tag to the reader by sending a malicious random number. To remedy this vulnerability, we propose two RFID authentication protocols which are secure against all possible threats including backward and forward traceability. Furthermore, one of the two proposed protocols requires only three hash operations(but, $[m/2]{\cdot}2+3$ operations in resynchronization state, m is the number of tags) in the database to authenticate a tag, hence it is well suitable fur large scale RFID systems.

• Journal of the Korea Society of Computer and Information
• /
• v.28 no.10
• /
• pp.93-101
• /
• 2023

In this paper, as a result of analyzing the TMIS authentication protocol using ECC and biometric information proposed by Chen-Chen in 2023, there were security problems such as user impersonation attack, man-in-the-middle attack, and user anonymity. Therefore, this paper proposes an improved authentication protocol that provides user anonymity to solve these problems. As a result of analyzing the security of the protocol proposed in this paper, it was analyzed to be secure for various attacks such as offline password guessing attack, user impersonation attack, smart-card loss attack, insider attack, perfect forward attack. It has also been shown to provided user privacy by guaranteeing user anonymity and untraceability, which must be guaranteed in TMIS. In addition, there was no significant increase in computational complexity, so the efficiency of execution time was achieved. Therefore, the proposed protocol in this paper is a suitable user authentication protocol for TMIS.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.9 no.2
• /
• pp.73-82
• /
• 1999

In an open network computing environment a host cannot to identity its users correctly to network services. In order to prevent this thing we present the design of a authentication scheme 솟 using the notion of rth -residuosity problem and discrete logarithm problem which is proposed by S. J. Park et al. The proposed scheme described here is efficient method for mutual authentication without leakage of users identity in mobile communication system that ensure user anonymity and untraceability.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2001.04b
• /
• pp.705-708
• /
• 2001

최근 이동 네트워크 상에서의 인터넷 서비스가 활성화되고 있으며, 이에 따른 이동 컴퓨터에 대한 인증 및 비밀성이 요구되고 있다. 따라서, 본 논문에서는 이동 컴퓨터가 도메인간을 이동하면서 노출될 수 있는 이동 컴퓨터의 Identity의 보호를 위해 사용자 Alias를 사용하였으며, 원격 도메인에도 Alias를 사용함으로 익명성 보장 및 불추적성을 지원한 안전한 인증 프로토콜을 제시한다. 또한, 본 논문에서는 안전성을 높이기 위해서 Alias 생성 시 공개키 암호 시스템을 이용하였다.

• Journal of information and communication convergence engineering
• /
• v.5 no.3
• /
• pp.265-268
• /
• 2007

In previous papers [1] and [2], we proposed two improved methods protecting mobile users from active attacks[3,4] of network providers in mobile communication environment. But they were the case that mobile users were located in only home domain. In [5], we proposed protocol extending the method of [1] in case of roaming from the home domain to the remote domain. The purpose of this paper is to propose new mobile terminated protocol extending the method of [2] and analyze its security.

• Journal of Digital Convergence
• /
• v.18 no.9
• /
• pp.57-62
• /
• 2020

Smart home based on Internet of things (IoT) is rapidly emerging as an exciting research and industry field. However, security and privacy have been critical issues due to the open feature of wireless communication channel. As a step towards this direction, Shuai et al. proposed an anonymous authentication scheme for smart home environment using Elliptic curve cryptosystem. They provided formal proof and heuristic analysis and argued that their scheme is secure against various attacks including de-synchronization attack, mobile device loss attack and so on, and provides user anonymity and untraceability. However, this paper shows that Shuai et al.'s scheme does not provide user anonymity nor untraceability, which are very important features for the contemporary IoT network environment.