• East Asian mathematical journal
• /
• v.39 no.3
• /
• pp.291-298
• /
• 2023

Recently, a new type of encryption called Homomorphic Authenticated Encryption (HAE) has been proposed. This combines the functionality of homomorphic encryption with authentication. Several concrete HAE schemes have been developed and security results for homomorphic authenticated encryption, designed by combining a homomorphic message authentication scheme with a homomorphic secret-key encryption, have been partially reported. In this paper, we analyze the security of a design method that combines homomorphic message authentication and homomorphic encryption, with a focus on the encryption after authentication (EAA) type. The results of our analysis show that while non-forgeability and indistinguishability are maintained, strong non-forgeability is not.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.17 no.5
• /
• pp.3-14
• /
• 2007

In this paper, we observe that secure tweakable permutation families in the sense of strong pseudorandom permutation (SPRP) can be transformed to secure permutation families in the sense of SPRP against related-key attacks (SPRP-RKA). This fact allows us to construct a secure SPRP-RKA which is the most efficient to date. We also observe that secure function families of a certain form in the sense of a pseudorandom function (PRF) can be transformed to secure permutation families in the sense of PRP-RKA. We can exploit it to get various secure constructions against related-key attacks from known MAC algorithms. Furthermore, we define other security notions for related-key attacks, namely indistinguishability and non-malleability, and look into the relations between the security notions fur related-key attacks. We show that secure tweakable permutation families in the sense of indistinguishability (resp. non-malleability) can be transformed to secure permutation families in the sense of indistinguishability (resp. non-malleability) against related-key attacks.

• Journal of the Korea Society of Computer and Information
• /
• v.27 no.12
• /
• pp.161-169
• /
• 2022

With the development of mobile devices and global positioning systems, various location-based services can be utilized, which collects user's location information and provides services based on it. In this process, there is a risk of personal sensitive information being exposed to the outside, and thus Geo-indistinguishability (Geo-Ind), which protect location privacy of LBS users by perturbing their true location, is widely used. However, owing to the data perturbation mechanism of Geo-Ind, it is hard to accurately obtain the density distribution of LBS users from the collection of perturbed location data. Thus, in this paper, we aim to develop a novel method which enables to effectively compute the user density distribution from perturbed location dataset collected under Geo-Ind. In particular, the proposed method leverages Expectation-Maximization(EM) algorithm to precisely estimate the density disribution of LBS users from perturbed location dataset. Experimental results on real world datasets show that our proposed method achieves significantly better performance than a baseline approach.

• Korean Chemical Engineering Research
• /
• v.61 no.1
• /
• pp.116-122
• /
• 2023

We study the relationship of entropy with the properties of molecules and also with the macroscopic specifications of the system, i.e., component and phase. Understanding different viewpoints of classical mechanics and quantum mechanics for the indistinguishability of molecules belonging to the same component, we discuss a few thermodynamic systems in which the properties of molecules are to be consistent with the component as a macroscopic term of classifying the molecules. With a clear definition of thermodynamic microstate, the drawback of the Boltzmann statistics caused by the distinguishability of molecules is avoided, and the Gibbs paradox of entropy consequently disappears. Corresponding to the characteristics of fluid and solid phases, we investigated the effects of the indistinguishability and the symmetry number of molecules and the number of microstates realized in time on the partition function and the entropy. In particular, we show that crystalline solid can be regarded as a system which does not satisfy the ergodic hypothesis.

• The Journal of the Korea Contents Association
• /
• v.19 no.9
• /
• pp.637-645
• /
• 2019

The RFID group proof is an extension of the yoking proof proving that multiple tags are scanned by a reader simultaneously. Existing group proof schemes provide only delayed tag loss detection which detects loss of tag response in a verification phase. However, delayed tag loss detection is not suitable for real-time applications where tag loss must be detected immediately. In this study, I propose a tag response loss detection scheme which detects loss of tag response in the proof generation process quickly. In the proposed scheme, the tag responds with the sequence number assigned to the tag group, and the reader detects the loss of the tag response through the sequence number. Through an experiment for indistinguishability, I show that the sequence number is secure against an analyzing message attack to distinguish between specific tags and tag groups. In terms of efficiency, the proposed scheme requires fewer transmissions and database operations than existing techniques to determine which tags response is lost.

• Convergence Security Journal
• /
• v.21 no.1
• /
• pp.33-44
• /
• 2021

Data outsourcing utilizing the Cloud faces a problem of the third-party exposure, modulation, and reliability for the provided computational delegation results. In order to solve those problematic security issues, homomorphic encryption(HE) which executes calculation and analysis on encrypted data becomes popular. By extension, a new type of HE with a authentication functionality, homomorphic authenticated encryption(HAE) is suggested. However, a research on the HAE is on the initial stage. Furthermore, based on a message authenticated scheme with HE, the method and analysis to design is still absent. This paper aims to analyze an HAE, with a generic combination of a message authenticated scheme and a HE, known as "Encrypt with Authentication". Following a series of analysis, we show that by adopting a unforgeable message authenticated scheme, the generically constructed HAE demonstrated an unforgeability as well. Though, a strong unforgeability is not the case. This paper concludes that although indistinguishable HE can be applied to design the HAE, a security issue on the possibility of indistinguishability is still not satisfied.

• Journal of the Korea Society of Computer and Information
• /
• v.29 no.6
• /
• pp.69-76
• /
• 2024

Recent advances in sensor and mobile technologies have made it possible to collect user location data. This location information is used as a valuable asset in various industries, resulting in increased demand for location data collection and sharing. However, because location data contains sensitive user information, indiscriminate collection can lead to privacy issues. Recently, geo-indistinguishability (Geo-I), a method of differential privacy, has been widely used to protect the privacy of location data. While Geo-I is powerful in effectively protecting users' locations, it poses a problem because the utility of the collected location data decreases due to data perturbation. Therefore, this paper proposes a method using Geo-I technology to effectively collect user location data while maintaining its data utility. The proposed method utilizes the prior distribution of users to improve the overall data utility, while protecting accurate location information. Experimental results using real data show that the proposed method significantly improves the usefulness of the collected data compared to existing methods.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.7 no.11
• /
• pp.2928-2940
• /
• 2013

Key exposure is a major threat to secure cryptosystems. To mitigate the impact caused by key-compromise attacks, a key-insulated cryptographic mechanism is a better alternative. For securing the large message communication in peer-to-peer networks, in this paper, we propose the first novel identity-based key-insulated encryption (IB-KIE) scheme with message linkages. Our scheme has the properties of unbounded time periods and random-access key-updates. In the proposed scheme, each client can periodically update his private key while the corresponding public one remains unchanged. The essential security assumption of our proposed scheme is based on the well-known bilinear Diffie-Hellman problem (BDHP). To ensure the practical feasibility, we also formally prove that the proposed scheme achieves the security requirement of confidentiality against indistinguishability under adaptive chosen-ciphertext attacks (IND-CCA2) in the random oracle model.

• Journal of Communications and Networks
• /
• v.16 no.3
• /
• pp.258-263
• /
• 2014

A hierarchical identity-based broadcast encryption (H-IBBE) scheme is an identity-based broadcast encryption (IBBE) scheme in a hierarchical environment. In order to obtain secure H-IBBE schemes in the quantum era, we propose an H-IBBE scheme based on the learning with errors problemassumption.Our scheme achieves indistinguishability from random under adaptive chosen-plaintext and chosen-identity attacks in the random oracle model.

• ETRI Journal
• /
• v.38 no.1
• /
• pp.123-132
• /
• 2016

The Boneh, Goh, and Nissim (BGN) cryptosytem is the first homomorphic encryption scheme that allows additions and multiplications of plaintexts on encrypted data. BGN-type cryptosystems permit very small plaintext sizes. The best-known approach for the expansion of a message size by t times is one that requires t implementations of an initial scheme; however, such an approach becomes impractical when t is large. In this paper, we present a method of message expansion of BGN-type homomorphic encryption using composite product pairing, which is practical for relatively large t. In addition, we prove that the indistinguishability under chosen plaintext attack security of our construction relies on the decisional Diffie-Hellman assumption for all subgroups of prime order of the underlying composite pairing group.