Chul Sur

A Robust Conditional Privacy-Preserving Authentication Protocol in VANET

Recently, Lu et al. proposed an efficient conditional privacy preservation protocol, named ECPP, based on group signature scheme for secure vehicular communications. However, ECPP dose not provide unlinkability and traceability when multiple RSUs are compromised. In this paper, we make up for the limitations and propose a robust conditional privacy-preserving authentication protocol without loss of efficiency as compared with ECPP. Furthermore, in our protocol, RSUs can issue multiple anonymous certificates to an OBU to alleviate system overheads for validity check of RSUs. In order to achieve these goals, we consider a universal re-encryption scheme as our building block.

Region-based selective encryption for medical imaging

The confidential access to medical images becomes significant in recent years. In this paper, we propose two types of region-based selective encryption schemes to achieve secure access for medical images. The first scheme randomly flips a subset of the bits belonging to the coefficients in a Region of Interest inside of several wavelet sub-bands, which is performed in compression domain but only incurs little loss on compression efficiency. The second scheme employs AES to encrypt a certain regions data in the code-stream. The size of encrypted bit-stream is not changed and there is no compression overhead generated in the second scheme. Moreover, both of two schemes support backward compatibility so that an encryption-unaware format-compliant player can play the encrypted bit-stream directly without any crash.

Chosen-Ciphertext secure certificateless proxy re-encryption

In this paper we introduce the notion of certificateless proxy re-encryption and also give precise definitions for secure certificateless proxy re-encryption schemes. We present a concrete scheme based on bilinear pairing, which enjoys the advantages of certificateless public key cryptography while providing the functionalities of proxy re-encryption. Moreover, the proposed scheme is unidirectional and compatible with current certificateless encryption deployments. Finally, we show that our scheme has chosen ciphertext security in the random oracle model.

Certificate-Based Proxy Re-encryption for Public Cloud Storage

Recently cloud computing paradigm has increasingly become a new model in which a shared pool of configurable computing resources is provided as services over the Internet. Specially, this paradigm encourages an efficient model for data sharing among cloud users since data owners are able to outsource their data to public cloud storage which can provide access to the data as a service. Considering the useful data sharing model in the cloud, however, it brings new security challenges that make users apprehensive about data confidentiality for their sensitive data on public cloud storage. In this paper, we introduce the notion of certificate-based proxy re-encryption as a new cryptographic primitive to effectively support the data confidentiality on the outsourced data in public cloud storage. In particular, we give a formal security model for secure certificate-based proxy re-encryption schemes and present a concrete scheme based on bilinear pairing, which enjoys the advantages of certificate-based encryption while providing the functionalities of proxy re-encryption. Finally, we show that our scheme has chosen cipher text security in the random oracle model.

A robust and efficient anonymous authentication protocol in VANETs

Recently, Lu et al. proposed an efficient conditional privacy preservation protocol, named ECPP, based on group signature scheme for generating anonymous certificates from roadside units (RSUs). However, ECPP does not provide unlinkability and traceability when multiple RSUs are compromised. In this paper, we make up for the limitations and propose a robust and efficient anonymous authentication protocol without loss of efficiency as compared with ECPP. Furthermore, in the proposed protocol, RSUs can issue multiple anonymous certificates to an OBU to alleviate system overheads for mutual authentication between OBUs and RSUs. In order to achieve these goals, we consider a universal re-encryption scheme and identity-based key establishment scheme as our building blocks. Several simulations are conducted to verify the efficiency and effectiveness of the proposed protocol by comparing with those of the existing ECPP.

A New DRM System Based on Graded Contents Sharing and Time-Block Distribution for Home Networks

Recently, one of the main objectives of DRM system is to develop a user-friendly DRM system. In this paper, we propose a new DRM system based on graded contents sharing and time-block distribution for home networks. In particular, we focus on supporting partial use of the contents and enabling a user to use his multiple devices freely in the home network. Moreover, our system enables a device to use contents in both on-line and off-line situation since contents or time-blocks can be exchanged among users multiple devices in home network without collaboration of a DRM server.

Multi-receiver Certificate-Based Encryption and Application to Public Key Broadcast Encryption

In this paper we firstly introduce the notion of multi- receiver certificate-based encryption that avoids the inherent key escrow problem while preserving the implicit certification of multi-receiver identity-based encryption. We also construct a highly efficient multi-receiver certificate-based encryption scheme which eliminates pairing computation to encrypt a message for multiple receivers. Moreover, the proposed scheme only needs one pairing computation for decrypting the ciphertext. We compare our scheme with the most efficient multi-receiver identity-based encryption scheme[2] in terms of the computational point of view, and show that our scheme provides better efficiency than [2]. Finally, we discuss how to properly transform our scheme into a new public key broadcast encryption scheme based on subset-cover framework, which enjoys the advantages of certificate-based encryption.

An efficient authentication and simplified certificate status management for personal area networks

Recently the concept of personal PKI was introduced to describe a public key infrastructure specifically designed to support the distribution of public keys in a personal area network. However, traditional public key signature schemes and certificate status management schemes used in the personal PKI concept cause formidable overheads to components in the personal area network since mobile devices constituting the personal area network have limited computational and communication capabilities. In this paper we propose an efficient authentication protocol that eliminates the traditional public key operations on mobile devices without any assistance of a signature server. Moreover, the proposed protocol provides a simplified procedure for certificate status management to alleviate communication and computational costs on mobile devices in the personal area network.

Practical modification of an efficient public-key framework

J. Zhou proposed a new public-key framework, in which the maximum lifetime of a certificate is divided into short periods and the certificate could expire at the end of any period under the control of the certificate owner (or his manager in a corporate environment). However, Zhous public-key framework is not suitable on implementation in real world. Therefore, we review some security parameters and change them into more suitable ones for implementation. Moreover, we remove an unnecessary trust party of Zhous public-key framework and propose an improved scheme for realistic solution.

Efficient Anonymous Authentication Protocol Using Key-Insulated Signature Scheme for Secure VANET

In this paper, we propose an efficient authentication protocol with conditional privacy preservation for secure vehicular communications. The proposed protocol follows the system model to issue on-the-fly anonymous public key certificates to vehicles by road-side units. In order to design an efficient message authentication protocol, we consider a key-insulated signature scheme for certifying anonymous public keys of vehicles to such a system model. We demonstrate experimental results to confirm that the proposed protocol has better performance than other protocols based on group signature schemes.