Sokjoon Lee

Group signatures with controllable linkability for dynamic membership

In this paper we present a novel group signature scheme for dynamic membership which enables fine-grained control over the release of user information. This scheme could be widely used for various anonymity-based applications such as privacy-preserving data mining and customized anonymous authentication owing to a useful property called controllable linkability. A valid signer is able to create signatures that hide his or her identity as normal group signatures but can be anonymously linked regardless of changes to the membership status of the signer and without exposure of the history of the joining and revocation. From signatures, only linkage information can be disclosed, with a special linking key. Using this controllable linkability and the controllable anonymity of a group signature, anonymity may be flexibly or elaborately controlled according to a desired level. To begin construction of our scheme, we first introduce the Decision Linear Combination (DLC) assumption in a so-called gap Diffie-Hellman group where the DDH problem is tractable but the CDH problem is hard, and we prove that this assumption can be guaranteed in generic bilinear groups. To identify security requirements more precisely, we formally present definitions of anonymity, traceability, non-frameabilty, and linkability. We then prove that our scheme achieves all these security properties in the random oracle model. Our scheme supporting controllable linkability yields a short signature that is only 33.3% longer than the best-known normal group signature. Furthermore, we show that our scheme is comparable to the group signature scheme in terms of the amount of computation for basic operations such as signing, verification, and the key update caused by revocation. Finally, using the linkability for dynamic membership, computation overhead in opening signers identity can be significantly reduced or minimized.

Anonymous Authentication System Using Group Signature

As the internet has been widely spread, it becomes big issues that an excessive demand of unnecessary private information at web servers and invasion of privacy. Anonymous authentication technology is a solution of this problem. It can protect the personal information and guarantees the convenience which an internet gives in our life. Anonymous authentication is an authentication method based on a digital signature scheme offering anonymity such as blind signature, group signature, ring signature, traceable signature, etc. The digital signature scheme that providing anonymity had been being mainly studied for an application including an e-cash and electronic voting system, etc. But recently the digital signature method is studied in the internet environment with one of the anonymous authentication method for the protecting personal information. In this paper, we introduce a group signature scheme which is one of the signature schemes supplying anonymity and propose the anonymous authentication system structure using the group signature scheme.

SVM을 이용한 중계 로그 AP 탐지 기법

스마트기기가 보편화되고 있고 무선랜의 사용량이 증가함에 따라 로그 AP를 이용한 공격 가능성도 높아지고 있다. 로그 AP에 접속할 경우, 로그 AP는 중간자 공격(Man-in-the-middle attack)을 수행할 수 있으므로, 매우 쉽게 개인 정보를 획득할 수 있게 된다. 다양한 종류의 로그 AP를 탐지하는 방법에 관해 많은 연구가 이루어지고 있고, 이 논문에서는 그 중, 정상 AP에 무선으로 연결하고 이를 중계해서 자신은 정상 AP의 SSID를 보여줌으로써 정상 AP인 것처럼 하여 사용자를 속이는 로그 AP를 탐지하는 방법을 제안한다. 이런 로그 AP를 탐지하는 데 있어서 기계학습 알고리즘의 일종인 SVM(Support Vector Machine)을 사용하여, 사용자의 환경에 따라 자동으로 탐지 기준을 설정하여 로그 AP를 90% 이상의 확률로 탐지하는 알고리즘을 제안하고, 이의 성능을 실험을 통해 입증한다.

Secure Data Encryption for Cloud-Based Human Care Services

Sensor network services utilize sensor data from low-end IoT devices of the types widely deployed over long distances. After the collection of sensor data, the data is delivered to the cloud server, which processes it to extract useful information. Given that the data may contain sensitive and private information, it should be encrypted and exchanged through the network to ensure integrity and confidentiality. Under these circumstances, a cloud server should provide high-speed data encryption without a loss of availability. In this paper, we propose efficient parallel implementations of Simeck family block ciphers on modern 64-bit Intel processors. In order to accelerate the performance, an adaptive encryption technique is also exploited for load balancing of the resulting big data. Finally, the proposed implementations achieved 3.5 cycles/byte and 4.6 cycles/byte for Simeck32/64 and Simeck64/128 encryption, respectively.

Secure Number Theoretic Transform and Speed Record for Ring-LWE Encryption on Embedded Processors.

Compact implementations of the ring variant of the Learning with Errors (Ring-LWE) on the embedded processors have been actively studied due to potential quantum threats. Various Ring-LWE implementation works mainly focused on optimization techniques to reduce the execution timing and memory consumptions for high availability. For this reason, they failed to provide secure implementations against general side channel attacks, such as timing attack. In this paper, we present secure and fastest Ring-LWE encryption implementation on low-end 8-bit AVR processors. We targeted the most expensive operation, i.e. Number Theoretic Transform (NTT) based polynomial multiplication, to provide countermeasures against timing attacks and best performance among similar implementations till now. Our contributions for optimizations are concluded as follows: (1) we propose the Look-Up Table (LUT) based fast reduction techniques for speeding up the modular coefficient multiplication in regular fashion, (2) we use the modular addition and subtraction operations, which are performed in constant timing. With these optimization techniques, the proposed NTT implementation enhances the performance by 18.3–22% than previous works. Finally, our Ring-LWE encryption implementations require only 680,796 and 1,754,064 clock cycles for 128-bit and 256-bit security levels, respectively.

Attacks about Channel Bonding on WLAN

As an WLAN is widely accepted, the attacks on the WLAN are diversified. At the first moment, the attacks about information leakage, such as leakage password or private information, are concerned. But as the users expectation about the Quality Of Service for WLAN is increased, the concern for the attacks related with QoS is also increased. In this paper, we suggest attacks which affects QoS of WLAN. More specifically, Our suggested attacks are targeting the channel bonding which is used for increased throughput of WLAN.