Sang Uk Shin

A Secrecy Scheme for MPEG Video Data Using the Joint of Compression and Encryption

We propose a fast encryption method for MPEG video which encrypts the sign bits of DC coefficients and uses a random scan instead of zig-zag one. The proposed algorithm is a method which combines an encryption with MPEG video compression. Furthermore, it has short processing times for the encryption and provides sufficient security from the viewpoint of visibility and signal to noise ratio values. Thus the proposed method is suitable for the protection of the moving pictures with minimizing the overhead of MPEG video codec system. Also, we consider an authentication method appropriate for stream data such as MPEG video.

Certificate-Based Proxy Re-encryption for Public Cloud Storage

Recently cloud computing paradigm has increasingly become a new model in which a shared pool of configurable computing resources is provided as services over the Internet. Specially, this paradigm encourages an efficient model for data sharing among cloud users since data owners are able to outsource their data to public cloud storage which can provide access to the data as a service. Considering the useful data sharing model in the cloud, however, it brings new security challenges that make users apprehensive about data confidentiality for their sensitive data on public cloud storage. In this paper, we introduce the notion of certificate-based proxy re-encryption as a new cryptographic primitive to effectively support the data confidentiality on the outsourced data in public cloud storage. In particular, we give a formal security model for secure certificate-based proxy re-encryption schemes and present a concrete scheme based on bilinear pairing, which enjoys the advantages of certificate-based encryption while providing the functionalities of proxy re-encryption. Finally, we show that our scheme has chosen cipher text security in the random oracle model.

Hash Functions and the MAC Using All-or-Nothing Property

All-or-nothing property is a new encryption mode proposed by Rivest and has the property that one must decrypt the entire ciphertext to determine any plaintext block. In this paper, we propose a hash function with all-or-nothing property. The proposed scheme can use the existing hash functions without changing their structures, and it is secure against all of known attacks. Moreover, the proposed method can be easily extended to the MAC(Message Authentication Code) and provide message confidentiality as well as authentication.

A New Hash Function Based on MDx-Family and Its Application to MAC

Several fast software hash functions have been proposed since the hash function MD4 was introduced by R. Rivest in 1990. At the moment, SHA-1, RIPEMD-160, and HAVAL are known as secure dedicated hash functions in MDx-family hash functions. In this paper, we propose a new hash function based on advantages of these three hash functions, which keeps the maximum security of them and is more efficient in performance. The proposed hash function processes an arbitrary finite message by 512-bit block and outputs 160 bits digest. The key feature of the proposed hash function is data-dependent rotation. This feature guarantees the strength against existing known attacks. Moreover, we propose a new keyed MAC(Message Authentication Code) constructed using the proposed hash function. The proposed MAC uses a maximum keys of 160 bits and has a bitlength less than equal to the hash result. From the viewpoint of performance, the proposed MAC is only reduced about 10% comparing to the underlying hash function.

A simplified approach to user controllable threshold signatures

A threshold signature scheme typically assumes that the shared signing function can only be activated by a quorum number of servers. Therefore, it is inappropriate for settings where an organization employs some servers for a threshold protection of its private signing function. That is, if anyone has the power to activate the signing function of servers, they can easily compute valid signatures for a specific organization without knowing the secret private key. In this paper, we present a model of the threshold signature scheme in which the user possesses the controllability to activate his private signing functions and the secret private key is shared among several servers. Moreover, our scheme is applicable to both discrete-log based threshold signatures and RSA based threshold signatures.

Analysis of Accountability for Trust DRM Cloud Service and Design of Monitoring Tool

Abstract The accountability of cloud service which provides the cloud users with accountable services applies various technologies such as the compliance of service policy, monitoring and auditing, logging, and others. It ultimately intends to provide trustworthy cloud service by determining who is accountable for various problems happened during data processing and service offering. In this paper, we propose a cloud ecosystem formed from the chain of content and DRM Cloud service in order to offer secure and trust DRM cloud service when providing high value-added content service. Besides this, we analyse the requirements of cloud services for content owners and users and then propose some logging information to be recorded for trace of accountability and a structure of tool for monitoring. Key Words : Cloud computing, Accountability, Digital rights management, Content Service, Monitoring * 이 논문은 2011년도 정부(미래창조과학부)의 재원으로 한국연구재단-차세대정보ㆍ컴퓨팅기술개발사업의 지원을 받아 수행된 연구임(No. 2011-0029927)Received 13 October 2014, Revised 17 November 2014Accepted 20 December 2014Corresponding Author: Sang Uk Shin(Pukyong National University) Email: shinsu@pknu.ac.krⒸ The Society of Digital Policy & Management. All rights reserved. This is an open-access article distributed under the terms of the Creative Commons Attribution Non-Commercial License (http://creativecommons.org/licenses/by-nc/3.0), which permits unrestricted non-commercial use, distribution, and reproduction in any medium, provided the original work is ISSN: 1738-1916 properly cited.

All-or-Nothing Transform and Remotely Keyed Encription Protocols

We propose two new Remotely Keyed Encryption protocols; a length-increasing RKE and a length-preserving RKE. The proposed protocols have smaller computations than the existing schemes and provide sufficient security. In proposed protocols, we use the cryptographic transform with all-or-nothing properties proposed by Rivest as encryption operation in the host. By using all-or-nothing transform(AONT), RKE can be more dependent on the entire input and all encryption operation can be implemented only by using hash functions in the host. Moreover, we provide a length-preserving RKE protocol requires only one interaction between the host and the card.