Kwangjo Kim

ID-Based Blind Signature and Ring Signature from Pairings

Recently the bilinear pairing such as Weil pairing or Tate pairing on elliptic curves and hyperelliptic curves have been found various applications in cryptography. Several identity-based (simply ID-based) cryptosystems using bilinear pairings of elliptic curves or hyperelliptic curves were presented. Blind signature and ring signature are very useful to provide the users anonymity and the signers privacy. They are playingan important role in buildinge-commerce. In this paper, we firstly propose an ID-based blind signature scheme and an ID-based ring signature scheme, both of which are based on the bilinear pairings. Also we analyze their security and efficiency.

Efficient ID-based blind signature and proxy signature from bilinear pairings

Blind signature and proxy signature are very important technologies in secure e-commerce. Identity-based (simply ID-based) public key cryptosystem can be a good alternative for certificate-based public key setting, especially when efficient key management and moderate security are required. In this paper, we propose a new ID-based blind signature scheme and an ID-based partial delegation proxy signature scheme with warrant based on the bilinear pairings. Also we analyze their security and efficiency. We claim that our new blind signature scheme is more efficient than Zhang and Kims scheme [27] in Asiacrypt2002.

Secure Mobile Agent Using Strong Non-designated Proxy Signature

It is expected that mobile agent will be widely used for electronic commerce as an important key technology. If a mobile agent can sign a message in a remote server on behalf of a customer without exposingh is/her private key, it can be used not only to search for special products or services, but also to make a contract with a remote server. To construct mobile agents, [KBC00] used an RSA-based undetachable signature scheme, but it does not provide servers non-repudiation because the undetachable signature does not contain servers signature.Mobile agent is a very good application example of proxy signature, and the undetachable signature can be considered as an example of proxy signature. In this paper we show that secure mobile agent can be constructed using strong non-designated proxy signature [LKK01] which represents both the original signers (customer) and the proxy signers (remote server) signatures. We provide RSA-based and Schnorr-based constructions of secure mobile agent, and moreover we show that the Schnorr-based scheme can be used very efficiently in multi-proxy mobile agent situation.

Fast and scalable secret key generation exploiting channel phase randomness in wireless networks

Recently, there has been great interest in physical layer security techniques that exploit the randomness of wireless channels for securely extracting cryptographic keys. Several interesting approaches have been developed and demonstrated for their feasibility. The state-of-the-art, however, still has much room for improving their practicality. This is because i) the key bit generation rate supported by most existing approaches is very low which significantly limits their practical usage given the intermittent connectivity in mobile environments; ii) existing approaches suffer from the scalability and flexibility issues, i.e., they cannot be directly extended to support efficient group key generation and do not suit for static environments. With these observations in mind, we present a new secret key generation approach that utilizes the uniformly distributed phase information of channel responses to extract shared cryptographic keys under narrowband multipath fading models. The proposed approach enjoys a high key bit generation rate due to its efficient introduction of multiple randomized phase information within a single coherence time interval as the keying sources. The proposed approach also provides scalability and flexibility because it relies only on the transmission of periodical extensions of unmodulated sinusoidal beacons, which allows effective accumulation of channel phases across multiple nodes. The proposed scheme is thoroughly evaluated through both analytical and simulation studies. Compared to existing work that focus on pairwise key generation, our approach is highly scalable and can improve the analytical key bit generation rate by a couple of orders of magnitude.

A novel privacy preserving authentication and access control scheme for pervasive computing environments

Privacy and security are two important but seemingly contradictory objectives in a pervasive computing environment (PCE). On one hand, service providers want to authenticate legitimate users and make sure they are accessing their authorized services in a legal way. On the other hand, users want to maintain the necessary privacy without being tracked down for wherever they are and whatever they are doing. In this paper, a novel privacy preserving authentication and access control scheme to secure the interactions between mobile users and services in PCEs is proposed. The proposed scheme seamlessly integrates two underlying cryptographic primitives, namely blind signature and hash chain, into a highly flexible and lightweight authentication and key establishment protocol. The scheme provides explicit mutual authentication between a user and a service while allowing the user to anonymously interact with the service. Differentiated service access control is also enabled in the proposed scheme by classifying mobile users into different service groups. The correctness of the proposed authentication and key establishment protocol is formally verified based on Burrows-Abadi-Needham logic

Hidden attribute-based signatures without anonymity revocation

We propose a new notion called hidden attribute-based signature, which is inspired by the recent developments in attribute-based cryptosystem. With this technique, users are able to sign messages with any subset of their attributes issued from an attribute center. In this notion, a signature attests not to the identity of the individual who endorsed a message, but instead to a claim regarding the attributes the underlying signer possesses. Users cannot forge signature with attributes which they have not been issued. Furthermore, signer remains anonymous without the fear of revocation, among all users with the attributes purported in the signature. After formalizing the security model, we propose two constructions of hidden attribute-based signature from pairings. The first construction supports a large universe of attributes and its security proof relies on the random oracle assumption, which can be removed in the second construction. Both constructions have proven to be secure under the standard computational Diffie-Hellman assumption.

Providing Receipt-Freeness In Mixnet-Based Voting Protocols

It had been thought that it is difficult to provide receipt-freeness in mixnet-based electronic voting schemes. Any kind of user chosen randomness can be used to construct a receipt, since a user can prove to a buyer how he had encrypted the ballot. In this paper we propose a simple and efficient method to incorporate receipt-freeness in mixnet-based electronic voting schemes by using the well known re-encryption technique and designated verifier re-encryption proof (DVRP). In our scheme a voter has to prepare his encrypted ballot through a randomization service provided by a tamper resistant randomizer (TRR), in such a way that he finally loses his knowledge on randomness. This method can be used in most mixnet-based electronic voting scheme to provide receipt-freeness.

Highly reliable trust establishment scheme in ad hoc networks

Securing ad hoc networks in a fully self-organized way is effective and light-weight, but fails to accomplish trust initialization in many trust deficient scenarios. To overcome this problem, this paper aims at building well established trust relationships in ad hoc networks without relying on any pre-defined assumption. We propose a probabilistic solution based on distributed trust model. A secret dealer is introduced only in the system bootstrapping phase to complement the assumption in trust initialization. With it, much shorter and more robust trust chains are able to be constructed with high probability. A fully self-organized trust establishment approach is then adopted to conform to the dynamic membership changes. The simulation results on both static and dynamic performances show that our scheme is highly resilient to dynamic membership changing and scales well. The lack of initial trust establishment mechanisms in most higher level security solutions (e.g. key management schemes, secure routing protocols) for ad hoc networks makes them benefit from our scheme.

Improved Impossible Differential Cryptanalysis of Rijndael and Crypton

Impossible differential attacks against Rijndael and Crypton have been proposed up to 5-round. In this paper we expand the impossible differential attacks to 6-round. Although we use the same 4-round impossible differential as in five round attacks, we put this impossible differential in the middle of 6-round. That is, we will consider one round before the impossible differential and one more round after. The complexity of the proposed attack is bigger than that of the Square attack, but still less than that of the exhaustive search.

Chameleon Hashing Without Key Exposure

Chameleon signatures are based on well established hash-and-sign paradigm, where a chameleon hash function is used to compute the cryptographic message digest. Chameleon signatures simultaneously provide the properties of non-repudiation and non-transferability for the signed message, i.e., the designated recipient is capable of verifying the validity of the signature, but cannot disclose the contents of the signed information to convince any third party without the signer’s consent.