Taek-g Youn

Efficient three-party key exchange protocols with round efficiency

Recently, Guo et al. discovered some security flaws of the simple three-party key exchange protocol proposed by Lu and Cao, and proposed an improved protocol. Independently, Chung and Ku also showed some weaknesses of Lu and Cao’s protocol, and provided an improved protocol. In this paper, we review some insecurity of Lu and Cao’s protocol and analyze two improved protocols proposed by Guo et al. and Chung and Ku. Then we show that the protocols are still insecure. They are vulnerable to an adversary who performs an off-line password guessing attack. We provide a countermeasure by performing detailed analysis on the security flaws in two improved protocols. We also propose a secure three-party password-authenticated key exchange protocol which requires three rounds.

Signcryption with fast online signing and short signcryptext for secure and private mobile communication

Signcryption scheme is one of the useful tools for secure communication where authenticity and confidentiality are simultaneously required. Now, mobile devices are more and more widely used for communication, and thus it is desirable to design a scheme suitable to mobile applications. In this paper, we propose a signcryption scheme which is efficient enough to be implemented on mobile devices. In our scheme, we need only one multiplication in an online phase, and thus a signcryptor can generate a signcryptext very efficiently in the online phase. Moreover, the size of signcryptext is very short compared with exsiting schemes, and thus our scheme is very efficient in terms of communication overhead. The security of our signcryption scheme is proven in the random oracle model.

Design of additive homomorphic encryption with multiple message spaces for secure and practical storage services over encrypted data

Homomorphic encryption scheme is one of the useful tools for handling encrypted information in storage services. However, most of existing schemes have not been used in practical applications due to their inefficiency or lack of functionalities. For example, fully homomorphic encryption, which can provide arbitrary operations, is inefficient. On the other hand, other homomorphic encryptions, including additive homomorphic encryptions, which are efficient enough to be used in practice, are limited in operations for practical applications. In this paper, we devise a message-encoding technique which can split a message space of an additive homomorphic encryption into multiple sub-spaces for different messages. Our technique guarantees that we can deal with multiple sets of data (each data set is assigned to each sub-space), so that multiple data can be computed at once in an additive manner. Using our new technique, we construct two additive homomorphic encryptions with valuable properties. The first one is an additive homomorphic encryption scheme which can be used for evaluating some statistical information, such as the mean and the variance. To give a concrete scheme, we apply our technique to Paillier’s scheme which supports the additive homomorphism. Note that our scheme is the first additive homomorphic encryption which supports the evaluation of both the mean and the variance of encrypted data. We also give two modifications of the first application to improve its practicality. As the second application of our technique, we propose an additive homomorphic encryption scheme which can support the functionality of error detection in homomorphic operations. The second scheme is also designed based on Paillier’s scheme. Note that one of the remarkable advantages of our technique is that it can be applied to any additive homomorphic encryption for supporting the above-mentioned functionalities.

Smart Contract-Based Review System for an IoT Data Marketplace

Internet of Things (IoT)-based devices, especially those used for home automation, consist of their own sensors and generate many logs during a process. Enterprises producing IoT devices convert these log data into more useful data through secondary processing; thus, they require data from the device users. Recently, a platform for data sharing has been developed because the demand for IoT data increases. Several IoT data marketplaces are based on peer-to-peer (P2P) networks, and in this type of marketplace, it is difficult for an enterprise to trust a data owner or the data they want to trade. Therefore, in this study, we propose a review system that can confirm the reputation of a data owner or the data traded in the P2P data marketplace. The traditional server-client review systems have many drawbacks, such as security vulnerability or server administrator’s malicious behavior. However, the review system developed in this study is based on Ethereum smart contracts; thus, this system is running on the P2P network and is more flexible for the network problem. Moreover, the integrity and immutability of the registered reviews are assured because of the blockchain public ledger. In addition, a certain amount of gas is essential for all functions to be processed by Ethereum transactions. Accordingly, we tested and analyzed the performance of our proposed model in terms of gas required.

TLDA: An Efficient Two-Layered Data Authentication Mechanism for Content-Centric Networking

Content-Centric Networking (CCN) is a new networking paradigm for the future Internet, which shifts the communication paradigm from host-centric to data-centric. In CCN, contents are routed by their unique names and they are stored in network nodes by units of segment during transmission for future usage. Since contents are stored in network nodes in a distributed manner, security is built into CCN data packets by embedding a public key signature to enable any content requesters to verify authenticity and integrity of contents. However, the use of public key signatures for authenticating CCN data packets incurs significant overhead regarding computation and communication, which limits universal utilization of CCN. Furthermore, this can lead to a new kind of DDoS attacks. Even though CCN adopts an aggregate signature method based on Merkle Hash Tree (MHT) in its reference implementation, it still incurs large amount of overhead. This paper presents TLDA, an efficient Two-Layered Data Authentication mechanism, which can considerably reduce overhead of computation and communication for authenticating data segments in CCN. For efficiency of computation and communication, TLDA newly introduces the concept of authentication Meta part consisting of data segments’ hash values. To a great extent TLDA not only reduces the computation and communication overhead compared with CCN’s basic authentication method, but also provides robustness against transmission loss and out-of-order transmission. We have implemented TLDA and demonstrated that it provides 74.3% improved throughput and 36.557% reduced communication overhead compared to those of the original CCNx library developed by PARC when transmitting a 128Mbyte content in units of 1Kbyte segment with RSA-2048 and SHA-256 as its signature algorithm and hash algorithm, respectively.

Bi-directional and concurrent proof of ownership for stronger storage services with de-duplication

In storage service, data de-duplication is a specialized technique for eliminating duplicate copies of repeating data in storage. Especially, client-side de-duplication has more merits than server-side de- duplication since they can improve both the space efficiency and the communication bandwidth. For secure client-side de-duplication, we need a way to prove the ownership of a file to be stored. In the upload step, the server should verify the ownership of a client to give the right of the file without uploading it. On the contrary, the client also want to verify the retrievability for the file since he will delete it from his storage after protocol execution. Existing proof of ownership techniques have been designed for server’s need. In this paper, we first point out that we need the second property in client’s view point, and give a very simple and practical solution which can support the server and the client to prove that they have the same file. We first describe a generic strategy which can help us to construction a bi-directional and concurrent proof of ownership technique from an ordinary proof of ownership technique, and then give an efficient hash-based scheme with security proof in the random oracle model.

New User Management Technique in Storage Services for Stronger Privacy

Until now, online services including storage services have revealed their clients’ private information in various ways. Regardless of the reason of exposure, the damage caused by such accident is very serious. To support user-specific services, service providers maintain user-related information and the information can be harmful for the privacy of clients when the information is revealed to an adversary. To get rid of the source of the problem, in this work, we will introduce a new technique which permits service providers to support their clients without maintaining user-related information. The basic idea of our work to support the service provider has a set of parameters which are used for verifying the proof generated by a client as an evidence of his right regarding a service. To embody the idea, we will use a group signature scheme which is widely used as a tool for verifying someone’s membership instead of his specific identity. For the security of our scheme, we give provable security of our scheme under formal security models.

A Solution for Reducing Redistribution Costs of HAIL

The Proof of Retrievability (PoR) is a useful tool for securing data by monitoring the retrievability of a file stored in remote servers. But they are not secure if the full data stored in the storage server is attacked. HAIL has been proposed to solve this problem. It enables a client to verify that files stored in independent storage servers are intact and retrievable. If some servers are attacked, a client can reconstruct the original data using the data stored in remaining servers. Unfortunately, in HAIL, expensive redistribution costs occur if we need to reconstruct the original data, which was not considered in existing works. In this paper, we propose a solution for reducing redistribution costs by grouping file segments and applying HAIL to each group. It is unnecessary for clients to download all files in all servers when some files stored in a specific server are corrupted. Finally, we analyze the performance of our scheme.

Necessity of Incentive System for the First Uploader in Client-Side Deduplication

Client-side deduplication technique is a useful tool for efficient storage management in DB-related services. The technique permits a server to save his storage and a client to store his data without actually uploading it. In this paper, we review client-side deduplication and show that selfish clients can make the technique useless if there is no incentive system by examining some possible scenarios where selfish clients do not follow pre-defined procedure for client-side deduplication. We also give a simple example of incentive system which can be the beginning of the research for the above described issue.

Bucket Index Ordering Problem in Range Queries

In this paper, we first point out a weakness in range queries, which we have named the index ordering problem, where an adversary can recover actual randomized bucket indexes. At first, we define the index ordering problem and examine the security of existing bucket-based encrypted DB management techniques for range queries. We also provide simple countermeasures that enhance the security of bucketing techniques against the bucket index ordering problem.