ON MULTI-AUTHORITY CIPHERTEXT-POLICY ATTRIBUTE-BASED ENCRYPTION

Muller, Sascha,Katzenbeisser, Stefan,Eckert, Claudia Korean Mathematical Society 2009 대한수학회보 Vol.46 No.4

In classical encryption schemes, data is encrypted under a single key that is associated with a user or group. In Ciphertext-Policy Attribute-Based Encryption(CP-ABE) keys are associated with attributes of users, given to them by a central trusted authority, and data is encrypted under a logical formula over these attributes. We extend this idea to the case where an arbitrary number of independent parties can be present to maintain attributes and their corresponding secret keys. We present a scheme for multi-authority CP-ABE, propose the first two constructions that fully implement the scheme, and prove their security against chosen plaintext attacks.

On multi-authority ciphertext-policy attribute-based encryption

Sascha Müller,Stefan Katzenbeisser,Claudia Eckert 대한수학회 2009 대한수학회보 Vol.46 No.4

In classical encryption schemes, data is encrypted under a single key that is associated with a user or group. In Ciphertext-Policy Attribute-Based Encryption(CP-ABE) keys are associated with attributes of users, given to them by a central trusted authority, and data is encrypted under a logical formula over these attributes. We extend this idea to the case where an arbitrary number of independent parties can be present to maintain attributes and their corresponding secret keys. We present a scheme for multi-authority CP-ABE, propose the first two constructions that fully implement the scheme, and prove their security against chosen plaintext attacks. In classical encryption schemes, data is encrypted under a single key that is associated with a user or group. In Ciphertext-Policy Attribute-Based Encryption(CP-ABE) keys are associated with attributes of users, given to them by a central trusted authority, and data is encrypted under a logical formula over these attributes. We extend this idea to the case where an arbitrary number of independent parties can be present to maintain attributes and their corresponding secret keys. We present a scheme for multi-authority CP-ABE, propose the first two constructions that fully implement the scheme, and prove their security against chosen plaintext attacks.

효율성을 개선한 속성기반 암호전송 알고리즘

이문식(MoonSik LEE),강순부(SunBu KANG),박석봉(SukBong PARK) 육군사관학교 화랑대연구소 2014 한국군사학논집 Vol.70 No.3

본 논문에서는 효율성을 개선한 속성기반 암호전송 알고리즘을 제안한 논문이다. 초기의 속성기반 암호 알고리즘은 여러 가지 속성(Attributes)을 사용하여 접근을 제어할 수 있는 암호 알고리즘이다. 이를 더욱 확장하여 ABE 알고리즘에 다수의 사용자에게 디지털 콘텐츠를 효율적으로 전송하는 암호전송 알고리즘 기능을 추가한 것을 속성기반 암호전송 알고리즘이라 한다. ABBE는 다수의 사용자에게 암호문을 효율적으로 전송할 수 있으며 상황에 따라 특정 사용자를 제외시킬 수 있는 제외 기능이 포함된 알고리즘이다. 제안하는 알고리즘은 안전성과 효율성이 입증된 공모자 추적 및 제외 알고리즘을 안전성이 유지된 속성기반 알고리즘으로 변형시키면서 공개키, 암호문 크기를 개선하였으며, 특히 개인키의 크기를 상당히 줄여 군 환경에서 적용한다면 매우 빠른 전송과 암호장비의 프로그램 크기를 줄일 수 있다. 궁극적으로 미래 우리군의 전장 환경 하에서의 자료 전송 및 저장 시스템은 고전적인 시스템에서 벗어나 제안하는 알고리즘을 활용한 적극적인 시스템으로 변화해야하고 이를 통해서 군의 정보보호 역량을 강화하고자 한다. In this paper, we present an improved attribute-based broadcast encryption(ABBE) algorithm. Attribute-based encryption(ABE) algorithm enables an access control mechanism over an encrypted data by specifying access policies among private keys and ciphertexts. ABBE algorithm can be used to construct ABE with supporting revocation phase. The characteristic of the proposed algorithm is based on the traitor trace and revoke algorithm which makes use of composite order bilinear groups. This allows our scheme to be much more efficient than existing schemes in terms of the public key size, ciphertext size. In particular, we reduce the size of a public key and ciphertext by sublinear in the number of users. Therefore, our algorithm can be an option to applications where public key size and ciphertext size are a top priority and can be applied to military technologies in the near future.

On the Security of a Group Key Agreement Protocol and Its Improvement with Pairings

Xiangjun Xin,Chaoyang Li,Dongsheng Chen,Fagen Li 보안공학연구지원센터 2016 International Journal of Hybrid Information Techno Vol.9 No.2

In the paper, we analyze the security vulnerability of the key agreement protocol proposed by Lee et al.'s. We present a forgery attack to their protocol. In this attack, the adversary can modify the signed message and forge a new signature, which can pass the verification. Then, we propose a new group key agreement protocol, which overcomes this security drawback. The new protocol can be proved to be secure under Elliptic Curve Discrete Logarithm Problem, Bilinear Computational Diffie–Hellman Problem and Square-Exponent Problem. On the other hand, in the new protocol, only three pairing operations are used, so it is more efficient. Our protocol is also a contributory group key agreement protocol.

Efficient Certificateless Authenticated Asymmetric Group Key Agreement Protocol

( Guiyi Wei ),( Xianbo Yang ),( Jun Shao ) 한국인터넷정보학회 2012 KSII Transactions on Internet and Information Syst Vol.6 No.12

Group key agreement (GKA) is a cryptographic primitive allowing two or more users to negotiate a shared session key over public networks. Wu et al. recently introduced the concept of asymmetric GKA that allows a group of users to negotiate a common public key, while each user only needs to hold his/her respective private key. However, Wu et al.`s protocol can not resist active attacks, such as fabrication. To solve this problem, Zhang et al. proposed an authenticated asymmetric GKA protocol, where each user is authenticated during the negotiation process, so it can resist active attacks. Whereas, Zhang et al.`s protocol needs a partially trusted certificate authority to issue certificates, which brings a heavy certificate management burden. To eliminate such cost, Zhang et al. constructed another protocol in identity-based setting. Unfortunately, it suffers from the so-called key escrow problem. In this paper, we propose the certificateless authenticated asymmetric group key agreement protocol which does not have certificate management burden and key escrow problem. Besides, our protocol achieves known-key security, unknown key-share security, key-compromise impersonation security, and key control security. Our simulation based on the pairing-based cryptography (PBC) library shows that this protocol is efficient and practical.

THE CHARACTERISATION OF BMO VIA COMMUTATORS IN VARIABLE LEBESGUE SPACES ON STRATIFIED GROUPS

Liu, Dongli,Tan, Jian,Zhao, Jiman Korean Mathematical Society 2022 대한수학회보 Vol.59 No.3

Let T be a bilinear Calderón-Zygmund operator, $b{\in}U_q>_1L^q_{loc}(G)$. We firstly obtain a constructive proof of the weak factorisation of Hardy spaces. Then we establish the characterization of BMO spaces by the boundedness of the commutator [b, T]_j in variable Lebesgue spaces.

그룹 사용자간 안전한 콘텐츠 전송을 위한 Zhou의 ID-기반의 인증된 그룹 키 교환 프로토콜 분석

최재탁(Jae Tark Choi),권정옥(Jeong Ok Kwon),윤석구(Seok Koo Yoon) 한국방송·미디어공학회 2008 방송공학회논문지 Vol.13 No.1

An authenticated group key agreement protocol allows a group of parties communicating over an insecure network to share a common secret key. In this paper, we show that Zhou et al.’s ID-based authenticated group key agreement schemes do not provide forward secrecy.

Inter-domain Alliance Authentication Protocol Based on Blind Signature

Zhang Jie,Zhang Qi-kun,Gan Yong,Yin Yifeng,Tan Yu-an 보안공학연구지원센터 2015 International Journal of Security and Its Applicat Vol.9 No.12

In large distributed networks, many computers must be mutual coordination to complete some works under the certain conditions, these computers may come from different domains. For ensuring secure cross domains to access resources among these computers in different domains, this paper proposes a multi-domain union authentication protocol. The protocol adopts blind signature to achieve mutual authentication among entities in different domains. This scheme overcomes the complexity of certificate transmission and the network bottlenecks in the scheme of PKI-based. It can trace the entity identity and supports two-way entities anonymous authentication, which avoid the authority counterfeiting its member to access other domain’s resources. Analysis shows that its advantages on security and communication-consumption.