• 한국정보통신설비학회:학술대회논문집
• /
• 2008.08a
• /
• pp.563-565
• /
• 2008

In this paper, we construct an efficient fuzzy identity-based encryption scheme in the random oracle model. The fuzzy identity-based encryption is an extension of identity-based encryption schemes where a user's public key is represented as his identity. Our construction requires constant number of bilinear map operations for decryption and the size of private key is small compared with the previous fuzzy identity-based encryption of Sahai-Waters. We also presents that our fuzzy identity-based encryption can be converted to attribute-based encryption schemes.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.9 no.11
• /
• pp.4680-4700
• /
• 2015

Broadcast encryption is an efficient way to distribute confidential information to a set of receivers using broadcast channel. It allows the broadcaster to dynamically choose the receiver set during each encryption. However, most broadcast encryption schemes in the literature haven't taken into consideration the receiver's privacy protection, and the scanty privacy preserving solutions are often less efficient, which are not suitable for practical scenarios. In this paper, we propose an efficient dynamic anonymous broadcast encryption scheme that has the shortest ciphertext length. The scheme is constructed over the composite order bilinear groups, and adopts the Lagrange interpolation polynomial to hide the receivers' identities, which yields efficient decryption algorithm. Security proofs show that, the proposed scheme is both secure and anonymous under the threat of adaptive adversaries in standard model.

• ETRI Journal
• /
• v.33 no.1
• /
• pp.60-70
• /
• 2011

Software is completely exposed to an attacker after it is distributed because reverse engineering is widely known. To protect software, techniques against reverse engineering are necessary. A code encryption scheme is one of the techniques. A code encryption scheme encrypts the binary executable code. Key management is the most important part of the code encryption scheme. However, previous schemes had problems with key management. In an effort to solve these problems in this paper, we survey the previous code encryption schemes and then propose a new code encryption scheme based on an indexed table. Our scheme provides secure and efficient key management for code encryption.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.9 no.7
• /
• pp.2703-2718
• /
• 2015

Nowadays, public cloud storage is gaining popularity and a growing number of users are beginning to use the public cloud storage for online data storing and sharing. However, how the encrypted data stored in public clouds can be effectively shared becomes a new challenge. Proxy re-encryption is a public-key primitive that can delegate the decryption right from one user to another. In a proxy re-encryption system, a semi-trusted proxy authorized by a data owner is allowed to transform an encrypted data under the data owner's public key into a re-encrypted data under an authorized recipient's public key without seeing the underlying plaintext. Hence, the paradigm of proxy re-encryption provides a promising solution to effectively share encrypted data. In this paper, we propose a new certificate-based proxy re-encryption scheme for encrypted data sharing in public clouds. In the random oracle model, we formally prove that the proposed scheme achieves chosen-ciphertext security. The simulation results show that it is more efficient than the previous certificate-based proxy re-encryption schemes.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.11 no.9
• /
• pp.4624-4640
• /
• 2017

This paper mainly presents a secure and efficient e-Medical Record System via searchable encryption scheme from asymmetric pairings, which could provide privacy data search and encrypt function for patients and doctors in public platform. The core technique of this system is an extension public key encryption system with keyword search, which the server could test whether or not the files stored in platform contain the keyword without leaking the information about the encrypted file. Compared with former e-medical record systems, the system proposed here has several superior features: (1)Users could search the data stored in cloud server contains some keywords without leaking anything about the origin data. (2) We apply asymmetric pairings to achieve shorter key size scheme in the standard model, and adopt the dual system encryption technique to reduce the scheme's secure problem to the hard Symmetric External Diffie-Hellman assumption, which could against the variety of attacks in the future complex network environment. (3) In the last of paper, we analyze the scheme's efficiency and point out that our scheme is more efficient and secure than some other classical searchable encryption models.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.4
• /
• pp.753-763
• /
• 2014

Recently financial institutions and large retailers have a large amount of personal information leakage accident occurred one after another, and the damage is a trend of increasing day by day. Regulation such as enforcing the encryption of the personal identification information are strengthened. Efficient technology to encrypt personal information is Format-preserving encryption. Typical encryption expand output data length than input data length and change a format. Format Preserving Encryption is an efficient method to minimize database and application modification, because it makes preserve length and format of input data. In this paper, to encrypt personal information efficiently, we propose newly Format Preserving Encryption using Block cipher mode of operation.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.15 no.5
• /
• pp.1847-1870
• /
• 2021

With the development of information and communication technologies, especially wireless networks and cell phones, the e-voting system becomes popular as its cost-effectiveness, swiftness, scalability, and ecological sustainability. However, the current e-voting schemes are faced with the problem of privacy leakage and further cause worse vote-buying and voter-coercion problems. Moreover, in large-scale voting, some previous e-voting system encryption scheme with pairing operation also brings huge overhead pressure to the voting system. Thus, it is a vital problem to design a protocol that can protect voter privacy and simultaneously has high efficiency to guarantee the effective implementation of e-voting. To address these problems, our paper proposes an efficient unidirectional proxy re-encryption scheme that provides the re-encryption of vote content and the verification of users' identity. This function can be exactly applied in the e-voting system to protect the content of vote and preserve the privacy of the voter. Our proposal is proven to be CCA secure and collusion resistant. The detailed analysis also shows that our scheme achieves higher efficiency in computation cost and ciphertext size than the schemes in related fields.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.13 no.3
• /
• pp.1523-1545
• /
• 2019

Cloud computing is now a widespread and economical option when data owners need to outsource or share their data. Designing secure and efficient data access control mechanism is one of the most challenging issues in cloud storage service. Anonymous broadcast encryption is a promising solution for its advantages in the respects of computation cost and communication overload. We bring forward an efficient anonymous identity-based broadcast encryption construction combined its application to the data access control mechanism in cloud storage service. The lengths for public parameters, user private key and ciphertext in the proposed scheme are all constant. Compared with the existing schemes, in terms of encrypting and decrypting computation cost, the construction of our scheme is more efficient. Furthermore, the proposed scheme is proved to achieve adaptive security against chosen-ciphertext attack adversaries in the standard model. Therefore, the proposed scheme is feasible for the system of data access control in cloud storage service.

• International Journal of Contents
• /
• v.11 no.4
• /
• pp.56-69
• /
• 2015

This paper proposes an efficient image encryption scheme based on quintuple encryption using two chaotic maps. The encryption process is realized with quintuple encryption by calling the encrypt(E) and decrypt(D) functions five times with five different keys in the form EDEEE. The decryption process is accomplished in the reverse direction by invoking the encrypt and decrypt functions in the form DDDED. The keys for the quintuple encryption/decryption processes are generated by using a Tent map. The chaotic values for the encrypt/decrypt operations are generated by using a Gumowski-Mira map. The encrypt function E is composed of three stages: permutation, pixel value rotation and diffusion. The permutation stage scrambles all the rows and columns to chaotically generated positions. This stage reduces the correlation radically among the neighboring pixels. The pixel value rotation stage circularly rotates all the pixels either left or right, and the amount of rotation is based on chaotic values. The last stage performs the diffusion four times by scanning the image in four different directions: Horizontally, Vertically, Principal diagonally and Secondary diagonally. Each of the four diffusion steps performs the diffusion in two directions (forward and backward) with two previously diffused pixels and two chaotic values. This stage ensures the resistance against the differential attacks. The security and performance of the proposed method is investigated thoroughly by using key space, statistical, differential, entropy and performance analysis. The experimental results confirm that the proposed scheme is computationally fast with security intact.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.14 no.5
• /
• pp.153-164
• /
• 2004

Under a large-scale client-server service environment, e.g., online games, encrypting data for acquiring information security often causes overload to the server and hence degradation of the service itself. Therefore, for reducing encryption payload, it is necessary to use adequately an efficient encryption scheme with respect to the security requirements of transmission data. In this paper, we propose a packet encryption scheme using multiple cryptosystems to realize such capability, which assigns a different cryptosystem according to the security requirements level. The proposed encryption scheme is applicable to internet services with heavy traffic ratios in which different kinds of data packets are incessantly transmitted between clients and servers. To show its effectiveness and superiority, the performance of the proposed encryption scheme is verified by experiments.