Recently,with the advancement of Information and Communications Technology(ICT),Internet of Things(IoT)has been connected to the cloud and used in industrial sectors,medical environments,and smart grids.However,if dat...Recently,with the advancement of Information and Communications Technology(ICT),Internet of Things(IoT)has been connected to the cloud and used in industrial sectors,medical environments,and smart grids.However,if data is transmitted in plain text when collecting data in an IoTcloud environment,it can be exposed to various security threats such as replay attacks and data forgery.Thus,digital signatures are required.Data integrity is ensured when a user(or a device)transmits data using a signature.In addition,the concept of data aggregation is important to efficiently collect data transmitted from multiple users(or a devices)in an industrial IoT environment.However,signatures based on pairing during aggregation compromise efficiency as the number of signatories increases.Aggregate signature methods(e.g.,identity-based and certificateless cryptography)have been studied.Both methods pose key escrow and key distribution problems.In order to solve these problems,the use of aggregate signatures in certificate-based cryptography is being studied,and studies to satisfy the prevention of forgery of signatures and other security problems are being conducted.In this paper,we propose a new lightweight signature scheme that uses a certificate-based aggregate signature and can generate and verify signed messages from IoT devices in an IoT-cloud environment.In this proposed method,by providing key insulation,security threats that occur when keys are exposed due to physical attacks such as side channels can be solved.This can be applied to create an environment in which data is collected safely and efficiently in IoT-cloud is environments.展开更多
Blockchain technology provides transparency and reliability by sharing transactions and maintaining the same information through consensus among all participants.However,single-signature applications in transactions c...Blockchain technology provides transparency and reliability by sharing transactions and maintaining the same information through consensus among all participants.However,single-signature applications in transactions can lead to user identification issues due to the reuse of public keys.To address this issue,group signatures can be used,where the same group public key is used to verify signatures from group members to provide anonymity to users.However,in dynamic groups where membership may change,an attack can occur where a user who has left the group can disguise themselves as a group member by leaking a partial key.This problem cannot be traced back to the partial key leaker.In this paper,we propose assigning different partial keys to group members to trace partial key leakers and partially alleviate the damage caused by partial key leaks.Exist schemes have shown that arbitrary tracing issues occurred when a single administrator had exclusive key generation and tracing authority.This paper proposes a group signature scheme that solves the synchronization problem by involving a threshold number of TMs while preventing arbitrary tracing by distributing authority among multiple TMs.展开更多
基金This research was supported by Basic Science Research Program through the National Research Foundation of Korea(NRF)funded by the Ministry of Education(NRF2019R1A2C1085718)was supported by the Soonchunhyang University Research Fund.
文摘Recently,with the advancement of Information and Communications Technology(ICT),Internet of Things(IoT)has been connected to the cloud and used in industrial sectors,medical environments,and smart grids.However,if data is transmitted in plain text when collecting data in an IoTcloud environment,it can be exposed to various security threats such as replay attacks and data forgery.Thus,digital signatures are required.Data integrity is ensured when a user(or a device)transmits data using a signature.In addition,the concept of data aggregation is important to efficiently collect data transmitted from multiple users(or a devices)in an industrial IoT environment.However,signatures based on pairing during aggregation compromise efficiency as the number of signatories increases.Aggregate signature methods(e.g.,identity-based and certificateless cryptography)have been studied.Both methods pose key escrow and key distribution problems.In order to solve these problems,the use of aggregate signatures in certificate-based cryptography is being studied,and studies to satisfy the prevention of forgery of signatures and other security problems are being conducted.In this paper,we propose a new lightweight signature scheme that uses a certificate-based aggregate signature and can generate and verify signed messages from IoT devices in an IoT-cloud environment.In this proposed method,by providing key insulation,security threats that occur when keys are exposed due to physical attacks such as side channels can be solved.This can be applied to create an environment in which data is collected safely and efficiently in IoT-cloud is environments.
基金supported by Institute of Information&communications Technology Planning&Evaluation(IITP)grant funded by the Korea government(MSIT)(RS-2022-00167197,Development of Intelligent 5G/6G Infrastructure Technology for The Smart City)and this work was funded by BK21 FOUR(Fostering Outstanding Universities for Research)(5199990914048)supported by the National Research Foundation of Korea(NRF)grant funded by the Korea government(MSIT)(2022R1A2B5B01002490)the Soonchunhyang University Research Fund.
文摘Blockchain technology provides transparency and reliability by sharing transactions and maintaining the same information through consensus among all participants.However,single-signature applications in transactions can lead to user identification issues due to the reuse of public keys.To address this issue,group signatures can be used,where the same group public key is used to verify signatures from group members to provide anonymity to users.However,in dynamic groups where membership may change,an attack can occur where a user who has left the group can disguise themselves as a group member by leaking a partial key.This problem cannot be traced back to the partial key leaker.In this paper,we propose assigning different partial keys to group members to trace partial key leakers and partially alleviate the damage caused by partial key leaks.Exist schemes have shown that arbitrary tracing issues occurred when a single administrator had exclusive key generation and tracing authority.This paper proposes a group signature scheme that solves the synchronization problem by involving a threshold number of TMs while preventing arbitrary tracing by distributing authority among multiple TMs.
