• Journal of the Korea Society of Computer and Information
• /
• v.29 no.8
• /
• pp.103-112
• /
• 2024

This study was initiated with the aim of authenticating that inputs have not been tampered with without disclosing them in the case of computations where multiple inputs are entered by participants using the same key. In general, in the authentication stage, authentication is performed after the input value is disclosed, but we do not want to reveal the inputs until the end. This is a case of deviating from the traditional security model in which malicious participants exist in cryptography, but it is a malicious attack method that can actually occur enough. Privacy infringement or distortion of calculation results can occur due to malicious manipulation of input values. To prevent this, this study studied a method that can authenticate that the message is not a modified message without disclosing the message using the signature system, zero-knowledge proof, and commitment scheme. In particular, by modifying the ElGamal signature system and combining it with the commitment scheme and zero-knowledge proof, we designed and proved a verification protocol that the input data is not a modified data, and the efficiency was improved by applying batch verification between authentication.

• Journal of Information Processing Systems
• /
• v.9 no.3
• /
• pp.461-476
• /
• 2013

Recently, smart devices for various services have been developed using converged telecommunications, and the markets for near field communication mobile services is expected to grow rapidly. In particular, the realization of mobile NFC payment services is expected to go commercial, and it is widely attracting attention both on a domestic and global level. However, this realization would increase privacy infringement, as personal information is extensively used in the NFC technology. One example of such privacy infringement would be the case of the Google wallet service. In this paper, we propose an zero-knowledge proof scheme and ring signature based on NTRU for protecting user information in NFC mobile payment systems without directly using private financial information of the user.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.19 no.3
• /
• pp.37-44
• /
• 2023

In the future society, a means to verify the identity of the information owner is required at the beginning of most services that the information owner encounters, and the emergence and gradual spread of digital identification that proves the identity of the information owner is essential. In addition, as the utilization value of personal information increases, discussions on how to provide personal information are active. Therefore, there is a need for a personal information management method necessary for building a hyper-connected society that is safe from various hacking, forgery, alteration, and theft by allowing the owner to directly manage and provide personal information management. In this study, a decentralized identity information management model that overcomes the problems and limitations of the centralized identity management method of personal information and manages and selectively provides personal information by the information owner himself and implemented a smart personal information provision system(SPIPS: Smart Personal Information Provision System) using a smartphone.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2022.05a
• /
• pp.256-259
• /
• 2022

BaaS(Blockchain as a Service)는 블록체인의 사용이 어렵다는 단점을 유연한 자원운용이 가능하고 뛰어난 접근성의 특징을 가진 클라우드와 접목하여 쉽게 블록체인을 구축하고 사용할 수 있도록 해주는 클라우드 서비스이다. BaaS 의 등장으로 블록체인의 접근성은 큰 범위로 증가하였으며 다양한 도메인에 활용되고 있다. 하지만 클라우드 기반 서비스이기 때문에 클라우드 서비스의 문제점인 보안 이슈가 제기되었다. 본 논문에서는 BaaS 에 ZKP(Zero-Knowledge Proof)와 엣지 컴퓨팅 기술을 활용하여 보안성을 제공할 수 있는 새로운 BaaS 모델인 EBaaS 를 제안한다. EBaaS 는 엣지 컴퓨팅 기술을 적용하여 클라우드 서비스 공급업체에 대한 데이터 종속성을 제거하고 블록체인의 고가용성을 제공할 수 있으며 ZKP 를 활용하여 내부적으로 민감한 데이터에 대한 보안성도 제공할 수 있다.

• Proceedings of the Korean Society of Computer Information Conference
• /
• 2021.01a
• /
• pp.49-51
• /
• 2021

블록체인 기술은 데이터 공유를 통하여 투명한 데이터 관리가 가능하다. 하지만 데이터삭제의 비가역성 및 투명한 데이터 공개가 데이터 프라이버시 침해의 원인이 될 수 있다. 최근 블록체인 기술상의 데이터 프라이버시 보호를 위하여 영지식 증명이 활발하게 적용되고 있다. 본 논문에서는 블록체인 기술 적용 시 데이터 프라이버시를 보호하고 효율적인 데이터 증명 및 검증이 가능하도록 하기 위해 기존의 영지식 증명방법을 변형하여 증명자와 검증자의 신뢰도에 따른 상호 신뢰 기반의 차별화된 프로토콜 처리과정을 제안하였다. 해당 제안을 위하여 신뢰도 측정 변수가 필요하며 해당 변수를 통한 프로토콜 시퀀스의 차별적 적용을 통하여 증명 및 검증을 위한 경제적.시간적 효율성을 높일 수 있다.

• Journal of the Institute of Electronics and Information Engineers
• /
• v.50 no.3
• /
• pp.23-32
• /
• 2013

As the mobile communication technology is developed, the services for communication between the mobile devices are provided, and the amount of usage is increasing tremendously. For the device-to-device communication, the device should be verified if it is a service member. The existing verification schemes include interactions with the third party, while this may cause the problems that the bandwidth is dissipated and the devices which are out of the communication range of the base station cannot communicate with other devices. To solve such problems, we propose a new scheme for verification between mobile devices without interaction of third party. For the proposed scheme, we develop and employ a new zero-knowledge proof protocol, which verifies the device's membership and its expiration time. Furthermore, the scheme guarantees privacy of the mobile device since it checks the encrypted verification message without decrypting, and protects replaying attack since it uses challenge-response method.

• Journal of Digital Convergence
• /
• v.19 no.8
• /
• pp.205-217
• /
• 2021

Decentralized SSI(Self Sovereign Identity) has become an alternative to a new digital identity solution, but an efficient de-identification technique has not been proposed due to the unique algorithmic characteristics of data transactions. In this study, to ensure the decentralized operation of SSI, we propose a de-identification technique that does not remove identifiers by restructuring the verification results of ZKP (Zero Knowledge Proof) into a form that can be provided to the outside by the verifier. In addition, it is possible to provide restructured de-identification data without the consent of data subject by proposing the concept of differential sovereignty management for each entity participating in verification. As a result, the proposed model satisfies the domestic personal information protection law in a decnetralized SSI, in addition provides secure and efficient de-identification processing and sovereignty management.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.34 no.2
• /
• pp.289-299
• /
• 2024

Blockchains are not efficient for real-time processing because the growing number of transactions and users delays many computations and network communications. This study proposes a cloud proxy server, so that legitimate users can use blockchain as well as reduce network latency. To proceed with a blockchain transaction, the blockchain copy server verifies all transaction-related data, but the cloud proxy server verifies legitimate users with a simple zero-knowledge proof algorithm, enabling efficient blockchain real-time processing. The cloud proxy server can support blockchain anonymity, security, and scalability that can verify legitimate users with the proposed zero-knowledge proof by receiving the registered key pair of the blockchain user. In the proposed research analysis, blockchain-based cloud proxy server reduces network latency compared to previous studies and key processing on cloud proxy servers reduces the cost of key computation compared to previous studies.

• Advanced Industrial SCIence
• /
• v.3 no.3
• /
• pp.8-13
• /
• 2024

Zero Knowledge Proof (ZKP) is an innovative decentralized technology designed to enhance the privacy and security of virtual currency transactions. By ensuring that only the necessary information is disclosed by the transaction provider, ZKP protects the confidentiality of all parties involved. This ensures that both the identity of the transacting parties and the transaction value remain confidential.ZKP not only provides a robust privacy function by concealing the identities and values involved in blockchain transactions but also facilitates the exchange of money between parties without the need to verify each other's identity. This anonymity feature is crucial in promoting trust and security in financial transactions, making ZKP a pivotal technology in the realm of virtual currencies. In the context of the Fourth Industrial Revolution, the application of ZKP contributes significantly to the comprehensive and stable development of financial services. It fosters a trustworthy user environment by ensuring that transaction privacy is maintained, thereby encouraging broader adoption of virtual currencies. By integrating ZKP, financial services can achieve a higher level of security and trust, essential for the continued growth and innovation within the sector.

• Journal of Digital Convergence
• /
• v.19 no.6
• /
• pp.233-238
• /
• 2021

Recently, blockchain technology accumulates and stores all transactions. Therefore, in order to verify the contents of all transactions, the data itself is compressed, but the scalability is limited. In addition, since a separate verification algorithm is used for each type of transaction, the verification burden increases as the size of the transaction increases. Existing blockchain cannot participate in the network because it does not become a block sink by using a server with a low specification. Due to this problem, as the time passes, the data size of the blockchain network becomes larger and it becomes impossible to participate in the network except for users with abundant resources. Therefore, in this paper, we are improved transaction as studied the zero knowledge proof algorithm for general operation verification. In this system, the design of zero-knowledge circuit generator capable of general operation verification and optimization of verifier and prover were also conducted.