• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2003.12a
• /
• pp.611-614
• /
• 2003

S.S.Al-Riyami와 K.G.Paterson에 의해 제안된 Certificate-less 공개키 암호 시스템은 기존 공개키 암호 시스템이 가지는 인증서 관리의 불편함과 ID-based 암호 시스템이 가지는 Key Escrow문제를 동시에 해결해 주었다. 하지만 대부분의 공개키 암호 시스템 과 마찬가지로 Certificate-less 공개키 암호 시스템 역시 비공개키의 노출에 대한 문제를 가지고 있다. 따라서 본 논문에서는 기존 Certificate-less 공개키 암호 시스템에 Strong Key Insulation을 제공함으로써 보다 안전한 암호 시스템을 제안한다. 또한 이 시스템은 기존 Key Insulated 공개키 암호 시스템에 비해 계산량을 줄임으로써 보다 효율적인 암호 시스템을 구축할 수 있다.

• Journal of Information Processing Systems
• /
• v.13 no.4
• /
• pp.970-986
• /
• 2017

Certificateless public key cryptography (CL-PKC) is a new benchmark in modern cryptography. It not only simplifies the certificate management problem of PKC, but also avoids the key escrow problem of the identity based cryptosystem (ID-PKC). In this article, we propose a certificateless blind signature protocol which is based on elliptic curve cryptography (CLB-ECC). The scheme is suitable for the wireless communication environment because of smaller parameter size. The proposed scheme is proven to be secure against attacks by two different kinds of adversaries. CLB-ECC is efficient in terms of computation compared to the other existing conventional schemes. CLB-ECC can withstand forgery attack, key only attack, and known message attack. An e-cash framework, which is based on CLB-ECC, has also been proposed. As a result, the proposed CLB-ECC scheme seems to be more effective for applying to real life applications like e-shopping, e-voting, etc., in handheld devices.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.10 no.10
• /
• pp.5190-5208
• /
• 2016

Because of the advantages of certificateless and no escrow feature over the regular signature and identity-based signature, certificateless signature has been widely applied in e-business, e-government and software security since it was proposed in 2003. Although a number of certificateless signature schemes have been proposed, there is only one lattice-based certificateless signature scheme which is still secure in the quantum era. But its efficiency is not very satisfactory. In this paper, the first certificateless signature scheme on NTRU lattice is proposed, which is proven to be secure in random oracle model. Moreover, the efficiency of the new scheme is higher than that of the only one lattice-based certificateless signature.

• 한국IT서비스학회:학술대회논문집
• /
• 2003.11a
• /
• pp.124-132
• /
• 2003

최근 급증하고 있는 전자상거래에서의 소비자피해를 줄이고 거래의 신뢰성을 높이기 위한 수단으로 온라인 에스크로 서비스가 이용되고 있으며, 관련 법제의 개정을 통한 제도 도입이 추진되고 있다. 매매당사자간 물품과 대금의 지급을 보장하는 에스크로 서비스는 전자상거래 소비자피해를 예방하고 사후적 피해를 실질적으로 구제할 수 있는 효과적인 거래안전장치임에 틀림없다. 하지만 소비자보호 측면뿐만 아니라 전자상거래의 지속적인 발전을 위해서는 관련된 제도적 보완이 필요하다. 우선, 현재 추진 중에 있는 전자상거래소보법의 개정 또는 기타 법률의 형태로 에스크로 서비스의 제도적 가이드라인을 제시하기 위한 입법화가 요구되며, 둘째, 온라인 거래의 당사자들이 누구라도 언제든지 에스크로 서비스를 이용할 수 있도록 에스크로 제도의 도입을 강제하되 그 이용 여부는 거래당사자간 교섭에 의해 결정토록 하는 방안을 고려해 볼 수 있다. 셋째, 안전한 대금지급을 위한 정보제공의 차원에서 에스크로 서비스의 이용에 관한 사항을 소비자가 알기 쉽도록 의무적으로 표시토록 하고, 넷째, 에스크로 서비스의 공신력 제고를 위해 에스크로 사업자의 자격에 관한 별도의 기준을 마련하여 규제하는 것이 바람직하다.

• Journal of Korea Multimedia Society
• /
• v.14 no.6
• /
• pp.775-784
• /
• 2011

In this paper we introduce the notion of multi-receiver certificateless encryption that avoids the inherent key escrow problem of multi-receiver identity-based encryption, and also present a highly efficient multi-receiver certificateless encryption scheme which eliminates pairing computation to encrypt a message for multiple receivers, Moreover, the proposed scheme only needs one pairing computation to decrypt the ciphertext. Finally, we discuss how to properly transform our scheme into a new public key broadcast encryption scheme for stateless receivers based on the subset-cover framework, which enjoys the advantages of certificateless cryptography.

• Journal of the Korean Operations Research and Management Science Society
• /
• v.32 no.2
• /
• pp.53-69
• /
• 2007

Internet shopping websites have offered comfort to consumers in shopping and built trust relationships with them by providing electronic agents for recommendation, escrow services, and customer centers etc. But as there is little big difference among the shopping websites in terms of technical competence, website design, operational policy, they recognize online feedback (reviews or recommendation of consumers or experts) and online feedback mechanism as important marketing tools. Based on online feedback related studies, this study explores antecedents (consensus, vividness of reviews, interactions in review boards) of the perceived effectiveness of review boards which are text-based feedback mechanisms and its consequences such as trust, satisfaction, and intention to use. The results show that the perceived effectiveness of review boards is significantly affected by vividness of reviews and interactions in review boards, and the impact of interaction in review boards on the perceived effectiveness of review boards is stronger than that of vividness of reviews. The results also show that the perceived effectiveness of review boards has a significant influence on trust and satisfaction with the shopping websites, and intention to use is influenced by both trust and satisfaction.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.8 no.7
• /
• pp.2532-2553
• /
• 2014

In Asiacrypt 2003, Al-Riyami and Paterson proposed the notion of certificateless cryptography, a technique to remove key escrow from traditional identity-based cryptography as well as circumvent the certificate management problem of traditional public key cryptography. Subsequently much research has been done in the realm of certificateless encryption and signature schemes, but little to no work has been done for the identification primitive until 2013 when Chin et al. rigorously defined certificateless identification and proposed a concrete scheme. However Chin et al.'s scheme was proven in the random oracle model and Canetti et al. has shown that certain schemes provable secure in the random oracle model can be insecure when random oracles are replaced with actual hash functions. Therefore while having a proof in the random oracle model is better than having no proof at all, a scheme to be proven in the standard model would provide stronger security guarantees. In this paper, we propose the first certificateless identification scheme that is both efficient and show our proof of security in the standard model, that is without having to assume random oracles exist.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.11 no.7
• /
• pp.3629-3647
• /
• 2017

Certificate-based cryptography is a useful public key cryptographic primitive that combines the merits of traditional public key cryptography and identity-based cryptography. It not only solves the key escrow problem inherent in identity-based cryptography, but also simplifies the cumbersome certificate management problem in traditional public key cryptography. So far, four short certificate-based signature schemes have been proposed. However, three of them fail in achieving the existential unforgeability under adaptive chosen-message attacks and the remaining one was not constructed in the normal framework of certificate-based signature. In this paper, we put forward a new short certificate-based signature scheme. The proposed scheme is devised in the normal framework of certificate-based signature and overcomes the security weaknesses in the previous short certificate-based signature schemes. In the random oracle model, we formally prove that it achieves the existential unforgeability against adaptive chosen-message attacks. Performance comparison shows that it is efficient and practical.

• Journal of the Korea Computer Industry Society
• /
• v.3 no.8
• /
• pp.1105-1116
• /
• 2002

This paper has presented three types of key recovery methods, which are known as key escrow, key encapsulation, and trusted third party scheme. we have analyzed the existing key recovery products, which have been developed by the advanced nations for electronic commerce and electronic government. we have also analyzed the key recovery policies proposed by the advanced nations, such as The United States of America, Great Britain, and Japan. In this paper, several key recovery policies are proposed for the e-commerce and e-government system. And we have proposed key recovery scheme for the e-commerce system utilizing the on-line secret sharing scheme based on the Internet and public bulletin board.

• Knowledge Management Research
• /
• v.20 no.4
• /
• pp.131-148
• /
• 2019

E-commerce in Korea has grown steadily in recent years. E-commerce has provided firms with an effective method to approach potential customers by overcoming geographical and physical barriers. However, despite the rapid growth, many e-commerce businesses closed their businesses and were not able to survive. This study aims to empirically examine the factors that determine the survival of e-commerce businesses in Korea. In particular, this study focuses on the factors related to the notion of institution-based trust that includes delivery, privacy, and security management. This research used the data set about 31,295 e-commerce businesses that have been registered in Seoul. We found that the e-commerce business that does not require extra personal information beyond the standard terms and conditions or provides a feedback mechanism by having an online board to submit a complaint has a higher chance of survival. In addition, the e-commerce business that has a secured web server, shows the specific information about the date of delivery, or provides escrow services is likely to survive longer than others. The research has extended the extant literature on the importance of trust in e-commerce by empirically examining the effects of the institution-based trust factors on the actual survival of e-commerce businesses.