• International Journal of Internet, Broadcasting and Communication
• /
• v.13 no.2
• /
• pp.67-75
• /
• 2021

As pass the three revised bills, the Personal Information Protection Act was revised to have a larger application for personal information. For an industrial development through an efficient and secure usage of personal information, there is a need to revise the existing anonymity processing method. This paper modifies the Zero Knowledge Proofs algorithm among the anonymity processing methods to modify the anonymity process calculations by taking into account the reliability of the used service company. More detail, the formula of ZKP (Zero Knowledge Proof) used by ZK-SNAKE is used to modify the personal information for pseudonymization processing. The core function of the proposed algorithm is the addition of user variables and adjustment of the difficulty level according to the reliability of the data user organization and the scope of use. Through Setup_p, the additional variable γ can be selectively applied according to the reliability of the user institution, and the degree of agreement of Witness is adjusted according to the reliability of the institution entered through Prove_p. The difficulty of the verification process is adjusted by considering the reliability of the institution entered through Verify_p. SimProve, a simulator, also refers to the scope of use and the reliability of the input authority. With this suggestion, it is possible to increase reliability and security of anonymity processing and distribution of personal information.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.18 no.8
• /
• pp.2417-2430
• /
• 2024

The need for secure user authentication in blockchain-based applications has been growing with the increased adoption of Decentralized Identity (DID) credentials in blockchain. Zokrates, a tool designed to protect user privacy within smart contracts, had a limitation in that it could not accept authenticated user information such as credentials, only allowing the use of manually inputted data. In this paper, we propose a smart contract system that securely validates DID credentials to overcome the limitations of traditional centralized authentication systems. This system ensures the safe identification of users within blockchain-based applications by authenticating their identities in a trusted manner within the blockchain. As the demand for user authentication in blockchain rises, this paper emphasizes the significance of a blockchain-based identity verification system that guarantees both privacy and security. Leveraging the Zero-Knowledge Proof method and utilizing the Zokrates tool, this innovative approach aims to provide solutions for the digital identity verification process, thereby expanding the scope of blockchain technology applications. Moreover, we also provide a CLI for each entity. We help anyone who wants to authenticate their identity using the tool to safely verify it on-chain.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.33 no.6C
• /
• pp.512-519
• /
• 2008

The proof of a cellular phone used to a crime important data of a criminal investigation and legal judgment become. A lot of on a process use the file format that do not become that is kind of various cellular phones and model pipe, and collect criminal proof, and to analyze be difficult. Also, standardization is not made, and can be adopted on procedures from confiscation search processes regarding a cellular phone to integrity extractions of Forensic data in courts in the confiscation criminal investigation spots. Standardize confiscation search procedures of a cellular phone at these papers. Use a radio waves interception envelope and radio waves interception device for a movement which a security does integrity of criminal on-site cellular phone confiscation search data by standard procedures, and was devoted to. Analyze corroborative facts of a cellular phone seized, and verify integrity, and present problems regarding cellular phone confiscation search procedures and measures, and will contribute in development of Mobile Forensic through integrity damage experiment.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.10 no.5
• /
• pp.2407-2426
• /
• 2016

A group signature scheme allows any member to sign on behalf of a group. It is applied to practical distributed security communication environments, such as privacy-preserving, data mining. In particular, the excellent features of group signatures, including membership joining and revocation, anonymity, traceability, non-frameability and controllable linkability, make group signature scheme more attractive. Among these features, non-frameability can guarantee that a member's signature cannot be forged by any other (including issuer), and controllable linkability supports to confirm whether or not two group signatures are created by the same signer while preserving anonymity. Until now, only Hwang et al.'s group schemes (proposed in 2013 and 2015) can support all of these features. In this paper, we present a new dynamic group signature scheme which can achieve all of the above excellent features. Compared with their schemes, our scheme has the following advantages. Firstly, our scheme achieves more efficient membership revocation, signing and verifying. The cost of update key in our scheme is two-thirds of them. Secondly, the tracing algorithm is simpler, since the signer can be determined without the judging step. Furthermore, in our scheme, the size of group public key and member's private key are shorter. Lastly, we also prove security features of our scheme, such as anonymity, traceability, non-frameability, under a random oracle model.

• Journal of the Korea Society of Computer and Information
• /
• v.29 no.8
• /
• pp.103-112
• /
• 2024

This study was initiated with the aim of authenticating that inputs have not been tampered with without disclosing them in the case of computations where multiple inputs are entered by participants using the same key. In general, in the authentication stage, authentication is performed after the input value is disclosed, but we do not want to reveal the inputs until the end. This is a case of deviating from the traditional security model in which malicious participants exist in cryptography, but it is a malicious attack method that can actually occur enough. Privacy infringement or distortion of calculation results can occur due to malicious manipulation of input values. To prevent this, this study studied a method that can authenticate that the message is not a modified message without disclosing the message using the signature system, zero-knowledge proof, and commitment scheme. In particular, by modifying the ElGamal signature system and combining it with the commitment scheme and zero-knowledge proof, we designed and proved a verification protocol that the input data is not a modified data, and the efficiency was improved by applying batch verification between authentication.

• Journal of the Korea Society of Computer and Information
• /
• v.11 no.2 s.40
• /
• pp.239-251
• /
• 2006

Zheng's signcryption scheme is a new encryptical scheme of which can save more expense than those of the current signature encryption by using digital signature and symmetric key encryption logically. The current signcryption schemes have a problem that is to be exposed the secret key of the receiver in the case of checking repudiation of origin by the third party. To solve this problem, a solution suggested in this paper is to use multi-purpose ID-based signcryption scheme with anonymity and unlinkability. This solution is safe and more efficient than current signcryption schemes because the suggested scheme keeps the security of the random oracle model as using Weil-pairing in encryption. and follows a formal proof of semantic security of the decisional Diffie-Hellman problem.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.4
• /
• pp.633-646
• /
• 2023

The increases in UAVs(Unman Aerial Vehicle) such as drone result in safety issues and the threat of illegal drone as well. Recognizing the need for Drone forensics, domestic and foreign organizations and agencies are trying to establish drone forensic guidelines. The definition of Drone forensic artifacts and examination of forensic tools must be provided, in order to establish a practical drone forensic framework on security sites and also the concept of drone live forensic which provides meaningful data that can be extracted in a live state. In this study, the drone forensic methodology covering various types of drones is explained, and the practical forensic methodology with live forensic PoC(Proof Of Concept) tools; LiPFo(Live-PX4-Forenensic) is proposed.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.6 no.10
• /
• pp.2708-2730
• /
• 2012

The growing concern for the protection of personal information has made it critical to implement effective technologies for privacy and data management. By observing the limitations of existing approaches, we found that there is an urgent need for a flexible, privacy-aware system that is able to meet the privacy preservation needs at both the role levels and the personal levels. We proposed a conceptual system that considered these two requirements: a graph-based, access control model to safeguard patient privacy. We present a case study of the healthcare field in this paper. While our model was tested in the field of healthcare, it is generic and can be adapted to use in other fields. The proof-of-concept demos were also provided with the aim of valuating the efficacy of our system. In the end, based on the hospital scenarios, we present the experimental results to demonstrate the performance of our system, and we also compared those results to existing privacy-aware systems. As a result, we ensured a high quality of medical care service by preserving patient privacy.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.42 no.1
• /
• pp.241-249
• /
• 2017

Recently, as a vehicle black box device has propagated, it has been increasingly used as a legal proof and there are the needs to verify an integrity of the video data. However, since the black box classified as the embedded system has a small capacity and low processing speed, there are limitations to the storage of video files and the integrity verification processing. In this paper, we propose a novel method for video files integrity in the black box environment with limited resources by using lightweight hash function LSH and the security of HMAC. We also present the test results of CPU idle rate at integrity verification in vehicle black box device by implementing this method, and verify the effectiveness and practicality of the proposed method.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.5
• /
• pp.959-974
• /
• 2012

Group signature schemes were made for serving anonymities of signers, but the group signature schemes have been seldomly adapted to the real-world applications because of their low computation and space (i.e. signature length) efficiency, complicated construction, limited user management, and so on. Kang, Hwang, etc. performed the study about the local linkability that is for helping group signature schemes to be adapted more easily to the real world. In this paper, we investigate the nature of local linkability, which did not deal with well in the previous studies, in detail and perform the formal proof for the security of special entities who hold the local linkability.