Kyung Hyune Rhee

A Group Key Management Architecture for Mobile Ad-hoc Wireless Networks *

In recent years, mobile ad-hoc networks have received a great deal of attention in both academia and industry because they provide anytime-anywhere networking services. As wireless networks are rapidly deployed in the future, secure wireless environment will be mandatory. In this paper, we describe a group key management architecture and key agreement protocols for secure communication in mobile ad-hoc wireless networks (MANETs) overseen by Unmanned Aerial Vehicles (UAVs). We use the Implicitly Certified Public Keys method, which reduces the overhead of the certificate validation checking process and improves computational efficiency. The architecture uses a two-layered key management approach, where a group of nodes is divided into: 1) cell groups consisting of ground nodes, and 2) control groups consisting of cell group managers. The chief benefit of this approach is that the effects of a membership change are restricted to the single cell group.

A Robust Conditional Privacy-Preserving Authentication Protocol in VANET

Recently, Lu et al. proposed an efficient conditional privacy preservation protocol, named ECPP, based on group signature scheme for secure vehicular communications. However, ECPP dose not provide unlinkability and traceability when multiple RSUs are compromised. In this paper, we make up for the limitations and propose a robust conditional privacy-preserving authentication protocol without loss of efficiency as compared with ECPP. Furthermore, in our protocol, RSUs can issue multiple anonymous certificates to an OBU to alleviate system overheads for validity check of RSUs. In order to achieve these goals, we consider a universal re-encryption scheme as our building block.

A Secrecy Scheme for MPEG Video Data Using the Joint of Compression and Encryption

We propose a fast encryption method for MPEG video which encrypts the sign bits of DC coefficients and uses a random scan instead of zig-zag one. The proposed algorithm is a method which combines an encryption with MPEG video compression. Furthermore, it has short processing times for the encryption and provides sufficient security from the viewpoint of visibility and signal to noise ratio values. Thus the proposed method is suitable for the protection of the moving pictures with minimizing the overhead of MPEG video codec system. Also, we consider an authentication method appropriate for stream data such as MPEG video.

A key-dependent secure image hashing scheme by using Radon transform

The perceptual image hashing is an emerging technique which can be used in image authentication and content-based image retrieval. Recently, several image hashing schemes based on Radon transform are proposed for image authentication and retrieval. These schemes have no random information to strengthen the security with image hashing. In this paper, we propose a simple key-based secure image hashing scheme by using radon transform and 1-D Discrete Cosine Transform (DCT). Particularly, we introduce a randomization on Radon transform and make the image hash more secure and more robust. Moreover, the discriminative capability is also confirmed in our experimental results.

An architecture for key management in hierarchical mobile ad-hoc networks

In recent years, mobile ad-hoc networks have received a great deal of attention in both academia and industry to provide anytime-anywhere networking services. As wireless networks are rapidly deployed, the security of wireless environment will be mandatory. In this paper, we describe a group key management architecture and key agreement protocols for secure communication in mobile ad-hoc wireless networks (MANETs) overseen by unmanned aerial vehicles (UAVs). We use implicitly certified public keys method, which alleviates the certificate overhead and improves computational efficiency. The architecture uses a two-layered key management approach where the group of nodes is divided into: 1) Cell groups consisting of ground nodes and 2) control groups consisting of cell group managers. The chief benefit of this approach is that the effects of a membership change are restricted to the single cell group.

Region-based selective encryption for medical imaging

The confidential access to medical images becomes significant in recent years. In this paper, we propose two types of region-based selective encryption schemes to achieve secure access for medical images. The first scheme randomly flips a subset of the bits belonging to the coefficients in a Region of Interest inside of several wavelet sub-bands, which is performed in compression domain but only incurs little loss on compression efficiency. The second scheme employs AES to encrypt a certain regions data in the code-stream. The size of encrypted bit-stream is not changed and there is no compression overhead generated in the second scheme. Moreover, both of two schemes support backward compatibility so that an encryption-unaware format-compliant player can play the encrypted bit-stream directly without any crash.

Chosen-Ciphertext secure certificateless proxy re-encryption

In this paper we introduce the notion of certificateless proxy re-encryption and also give precise definitions for secure certificateless proxy re-encryption schemes. We present a concrete scheme based on bilinear pairing, which enjoys the advantages of certificateless public key cryptography while providing the functionalities of proxy re-encryption. Moreover, the proposed scheme is unidirectional and compatible with current certificateless encryption deployments. Finally, we show that our scheme has chosen ciphertext security in the random oracle model.

An Efficient Anonymous Authentication Protocol for Secure Vehicular Communications

As vehicular communications bring the promise of improved road safety and optimized road traffic through cooperative systems applications, it becomes a prerequisite to make vehicular communications secure for the successful deployment of vehicular ad hoc networks. In this paper, we propose an efficient authentication protocol with anonymous public key certificates for secure vehicular communications. The proposed protocol follows a system model to issue on-the-fly anonymous public key certificates to vehicles by road-side units. In order to design an efficient authentication protocol, we consider a key-insulated signature scheme for certifying anonymous public keys of vehicles to the system model. We demonstrate experimental results to confirm that the proposed protocol has better performance than other protocols based on group signature schemes.

Certificate-Based Proxy Re-encryption for Public Cloud Storage

Recently cloud computing paradigm has increasingly become a new model in which a shared pool of configurable computing resources is provided as services over the Internet. Specially, this paradigm encourages an efficient model for data sharing among cloud users since data owners are able to outsource their data to public cloud storage which can provide access to the data as a service. Considering the useful data sharing model in the cloud, however, it brings new security challenges that make users apprehensive about data confidentiality for their sensitive data on public cloud storage. In this paper, we introduce the notion of certificate-based proxy re-encryption as a new cryptographic primitive to effectively support the data confidentiality on the outsourced data in public cloud storage. In particular, we give a formal security model for secure certificate-based proxy re-encryption schemes and present a concrete scheme based on bilinear pairing, which enjoys the advantages of certificate-based encryption while providing the functionalities of proxy re-encryption. Finally, we show that our scheme has chosen cipher text security in the random oracle model.

Pseudonymous authentication for secure V2I services in cloud-based vehicular networks

Vehicular cloud computing is a technological paradigm shifting which takes advantage of cloud computing to provide vehicles with useful computing resources and services on the roads. The advancement in smart vehicles and information technologies motivate researchers and industries to pay attention to the combination of vehicular network with cloud computing in recent. In order to make the emerging vehicular cloud computing viable, security issues must be considered. Especially, privacy is one of the critical security issues in vehicular cloud services as well as vehicular communications since a third-party entity may be involved in cloud management and operations. In this paper, we propose an anonymous vehicle-to-infrastructure cloud access management system in which identity and location privacy of service requesting vehicles are prevented from not only a global eavesdropper but also any single system management entity. We devise pseudonymous service access tokens for vehicles and RSU-local revocation mechanism to reduce the size of revocation list containing revoked pseudonyms in the proposed system.