Yi-Fan Tseng
National Sun Yat-sen University
Network
Latest external collaboration on country level. Dive into details by clicking on the dots.
Publication
Featured researches published by Yi-Fan Tseng.
international conference on mobile and ubiquitous systems: networking and services | 2016
Jheng-Jia Huang; Wen-Shenq Juang; Chun-I Fan; Yi-Fan Tseng; Hiroaki Kikuchi
In IoT environments, the user may have many devices to connect each other and share the data. Also, the device will not have the powerful computation and storage ability. Many studies have focused on the lightweight authentication between the cloud server and the client in this environment. They can use the cloud server to help sensors or proxies to finish the authentication. But in the client side, how to create the group session key without the cloud capability is the most important issue in IoT environments. The most popular application network of IoT environments is the wireless body area network (WBAN). In WBAN, the proxy usually needs to control and monitor users health data transmitted from the sensors. In this situation, the group authentication and group session key generation is needed. In this paper, in order to provide an efficient and robust group authentication and group session key generation in the client side of IoT environments, we propose a lightweight authentication scheme with dynamic group members in IoT environments. Our proposed scheme can satisfy the properties including the flexible generation of shared group keys, the dynamic participation, the active revocation, the low communication and computation cost, and no time synchronization problem. Also our scheme can achieve the security requirements including the mutual authentication, the group session key agreement, and prevent all various well-known attacks.
information security | 2015
Chun-I Fan; Chien-Nan Wu; Chun-Hung Chen; Yi-Fan Tseng; Cheng-Chun Feng
Cloud computing has been developed rapidly in recent years, and offers novel concepts and innovations in computer use. The applications of cloud computing are that people can put their data on cloud and also can designate a proxy to help them to execute a number of tasks in certain situations. The proxy re-encryption which is a cryptographic primitive has been proposed to solve this problem. In the proxy re-encryption system, when a user (e.g., Alice) wants to send a cipher text that is encrypted by her public key and stored in the cloud to another user (e.g., Bob), she can designate a proxy to transform the cipher text into a different cipher text that can be decrypted by Bobs private key. Recently, Fan et al. Proposed an attribute-based encryption scheme with dynamic membership. However, we found that their scheme may be flawed. In this paper we will modify Fan et al.s scheme to fix the flaw. Based on our modified scheme and the proxy re-encryption, we also propose an attribute-based proxy re-encryption under bilinear pairing. Furthermore, the proposed scheme has rich access policies and dynamic membership.
information security | 2014
Chun-I Fan; Chien-Nan Wu; Jen-Chun Hsu; Yi-Fan Tseng; Wen-Tsuen Chen
With the rapid development of electronic commerce, digital credentials are used with increasing frequency. Today users employing digital credentials not only complete the identity authentication process and obtain service, but also attach importance to their anonymity with the concept of privacy protection that is being rapidly developed. For this reason, anonymous credential mechanisms are being increasingly studied. However, while anonymous credentials provide privacy protection for users, the question of how to manage the credentials is a problem for issuers and service providers. In recent years, many literatures have proposed that the revocation list is a challenge to effectively implement, while users and credential consumers receive the corresponding revocation list with massive computational costs. In this paper, we present an improved anonymous credential revocation mechanism in which we examine how users not only provide passive revocation management but must spend considerable time in computational terms. We distribute the permission of revocation to the issuer and the service provider. The revocation phase can be executed only if both issuer and service provider permit, so users are not afraid that the issuer or service provider will access their private information. In addition, the issuer and the service provider can also manage illegal users. Consequently, online service systems can be more widely used. Further, we add a mechanism of time-revocation, which sets a time limit on the revocability of the anonymous credentials. This capability enables the issuer to more effectively manage the revocation phase.
International Conference on Internet and Distributed Computing Systems | 2018
Chun-I Fan; Yi-Fan Tseng; Jheng-Jia Huang; Yen-Hao Chen; Hsin-Nan Kuo
Smart grids have become a future trend due to the development of technology and increased energy demand and consumption. In smart grids, a user’s electricity consumption is recorded by their smart meters, and the smart meters submit the data to the operation center in each time unit for monitoring. The operation center analyzes the data it receives to estimate user’s electricity usage in the next time unit and to ensure dynamic energy distribution. Compared to traditional grids, the electricity can be flexibly controlled, and waste is decreased in smart grids. However, details of user’s daily lives may be leaked out through the frequent monitoring of user’s electricity usage, which causes the problem of privacy preserving. To solve the problem, data aggregation mechanisms are adopted in this environment. The power usage data in the same units are aggregated before being sent to the operation center. This aggregation prevents personal electricity usage data from being shared with the operation center. Thus, a user’s privacy is protected. Along with the increase in the number of research studies on smart grids, many studies on the privacy-preserving issues of power usage have been published. However, both power usage data and electricity payment data may jeopardize user’s privacy. The operation center is able to obtain user’s private information by analyzing a user’s electricity payments. Therefore, we propose a verifiable privacy-preserving payment mechanism for smart grids. In our scheme, users can submit electricity payments without revealing any private information and the operation center can verify the correctness of the payment.
international conference telecommunications and communication engineering | 2017
Yi-Fan Tseng; Chun-I Fan; Ting-Chuan Kung; Jheng-Jia Huang; Hsin-Nan Kuo
Homomorphic encryption is a form of encryption that allows computations to be carried out on ciphertext and generate an encrypted result which, when decrypted, matches the result of operations performed on the plaintexts. The feature of homomorphic encryption is used in modern communication system architectures and cryptosystems. In view of the previous works, most of homomorphic encryptions support additive or multiplicative homomorphism. There is few homomorphic encryption schemes tailored for logical operations. In this paper, we propose a homomorphic encryption scheme that supports logical operations. Additionally, our proposed scheme can be applied to 2-DNF and k-CNF. Furthermore, the security of the proposed scheme is based on the subgroup decision assumption.
ieee transactions on signal and information processing over networks | 2017
Chun-I Fan; Yi-Fan Tseng; Jheng-Jia Huang; Shih-Fen Chen; Hiroaki Kikuchi
Among the applications of the internet and cloud computing, online social network (OSN) is a very popular service. Since a lot of personal information is stored on the OSN platform, privacy protection on such an application has become a critical issue. Apart from this, OSN platforms need advertisement revenue to enable continued operations. However, if the users encrypt their messages, then OSN providers cannot generate accurate advertisement to users. Thus, how to achieve both privacy preserving and accurate advertisement is a worth-discussing issue. Unfortunately, none of the works on OSNs can achieve both privacy preserving and accurate advertisement simultaneously. In view of this, we propose the first multireceiver predicate encryption scheme for OSN platforms. Not only does the proposed scheme protects the users’ privacy but it achieves customized advertisement as well. Compared with other predicate encryptions deployed in OSN platforms, the proposed scheme gains much shorter ciphertext. The semantic security and attribute hiding of the proposed scheme are proved under the standard model.
International Conference on Applied Computing and Information Technology | 2017
Chien-Nan Wu; Chun-I Fan; Jheng-Jia Huang; Yi-Fan Tseng; Hiroaki Kikuchi
After Chaum introduced the concept of anonymous credential systems, a number of similar systems have been proposed; however, these systems use zero-knowledge protocols to authenticate users resulting in inefficient authentication in the possession of credential proving stage. In order to overcome this drawback of anonymous credential systems, we use partially blind signatures and chameleon hash functions to propose a signature scheme such that both the prover and the verifier achieve efficient authentication. In addition to giving a computational cost comparison table to show that the proposed signature scheme achieves more efficient possession proving than others, we provide concrete security proofs under the random oracle model to demonstrate that the proposed scheme satisfies the properties of anonymous credentials.
international conference on it convergence and security, icitcs | 2016
Chun-I Fan; Jian-Sheng Wang; Jheng-Jia Huang; Yi-Fan Tseng; Wen-Shenq Juang; Hiroaki Kikuchi
Wireless body area network (WBAN) plays an important part in mobile healthcare. WBAN can be imagined as a small wireless local area network around our body. In WBAN, there exist three roles: sensors, gateway, and healthcare center. However, the communication distance between sensors and gateway is only 1-2 meters. If the gateway is lost or leaves the range of WBAN consisting of the sensors, the sensed data will not be aggregated and forwarded. Furthermore, the original gateway holds the long-term key shared with the healthcare center, but the users devices which may serve as the backup gateway do not hold the long-term key. In order to deal with the problems, we propose a key reconstruction protocol for WBAN. In the proposed protocol, the original gateway enables the backup gateway to reconstruct a temporary token, and the backup gateway will use the temporary token to establish a secure channel with the healthcare center without using the long-term key of the original gateway.
information security | 2013
Chun-I Fan; Pei-Hsiu Ho; Jheng-Jia Huang; Yi-Fan Tseng
In this paper, we propose a secure certificate less signature scheme supporting batch verification, which makes it possible for a verifier to verify a set of signatures more efficiently than verifying them one by one. In our proposed scheme, it is impossible for PKG to produce a signature which is indistinguishable from any signature produced by a user. Compared with existing signature schemes with batch verification, although our proposed scheme is not the most efficient one, it achieves Giraults Level-3 security, while the others have Giraults Level-1 or Level-2 security only.
information security | 2018
Chun-I Fan; Yi-Fan Tseng; Cheng-Yuan E; Jheng-Jia Huang
Collaboration
Dive into the Yi-Fan Tseng's collaboration.
National Kaohsiung First University of Science and Technology
View shared research outputs