Abstract: A security method using an electronic signature, which improves the performance of an electronic signature authentication by generating and verifying an electronic signature using a mediator, and acquires a forward security in an electronic signature generation and verification by adding a forward secure signature of semi-trusted party (SEM) to a partial signature value generated based on a secret key piece of the SEM. A public key and an optional secret key composed of two kinds of pieces are generated by a certificate authority in response to a request from a user terminal device. The secret key pieces are issued to the user terminal device and a semi-trusted party not to be overlapped with each other. A first signature piece generated from the issued pieces of the private key is transmitted to the user terminal device from the semi-trusted party when a certificate of the user terminal device is still valid.

Abstract: A radio frequency identification (RFID) tag encryption method and system using a broadcast encryption (BE) scheme are provided by encrypting an ID of an RFID tag, storing the encrypted ID in a server and the RFID tag, and storing information relating to a reader authorized to read out the RFID tag in the server so that the reader can read out the RFID tag by decrypting the encrypted ID based on the encrypted ID information read from the RFID tag and the reader information. When readers read out ID data from the RFID tag, a privileged reader can read the data. Thus, it is possible to block unintended information leakage to the readers. In addition, user usability can be enhanced since an attacker cannot perform an access lock on the RFID tag.

Abstract: A radio frequency identification (RFID) tag, an RFID privacy protection system, and an RFID privacy protection method are provided. The RFID privacy protection method includes a pseudo identification (ID) used to authenticate the RFID reader and a key used to generate the pseudo ID are received; if the pseudo ID is received in response to an information request signal for reading information of the RFID tag comprising the pseudo ID, the key is transmitted; and if a pseudo ID generated using the key is equal to the pseudo ID received in response to the information request signal, an RFID of the RFID tag to read the information of the RFID tag is received.

Abstract: A method of managing a user key for a broadcast encryption. The method includes assigning numbers to respective users and arranging the users on a ring-shaped structure in order to map hash chains onto the respective nodes of a ring-shaped structure. The method further includes making random node keys correspond to the respective nodes, one by one, constructing the hash chains from the corresponding node keys using a hash function, and successively mapping the constructed hash chains onto the nodes of the ring-shaped structure.

Abstract: A personal information providing method and apparatus is provided. The personal information providing apparatus may extract personal information about at least one characteristic corresponding to a predetermined standard from a database storing personal information of a plurality of characteristics, embed the personal information about the at least one characteristic in a predetermined image, generate a personal information image, generate a watermark having trace information embedded, and embed the watermark in the personal information image.

Abstract: Disclosed are methods and apparatus to protect private information in a distributed network. In the distributed network, a service request terminal may receive, from a service providing terminal, trust information related to a level of trust of the service providing terminal with respect to a desired service. Also, the service request terminal may verify whether to be provided with the desired service from the service providing terminal based on the trust information, thereby preventing private information of the service request terminal from being leaked. In addition, the service request terminal may easily verify the identity of the service providing terminal when the service request terminal re-visits the service providing terminal.

Abstract: A radio frequency identification (RFID) tag encryption method and system using a broadcast encryption (BE) scheme are provided by encrypting an ID of an RFID tag, storing the encrypted ID in a server and the RFID tag, and storing information relating to a reader authorized to read out the RFID tag in the server so that the reader can read out the RFID tag by decrypting the encrypted ID based on the encrypted ID information read from the RFID tag and the reader information. When readers read out ID data from the RFID tag, a privileged reader can read the data. Thus, it is possible to block unintended information leakage to the readers. In addition, user usability can be enhanced since an attacker cannot perform an access lock on the RFID tag.

Abstract: A mutual exclusion method and DRM device is provided. The mutual exclusion method includes receiving an instruction associated with a predetermined stored file from the CE device, checking whether a performing instruction being performed associated with the predetermined stored file exists, and generating a collision error message informing that a collision error has occurred due to the inputted instruction when the performing instruction being performed associated with the predetermined stored file exists.

Abstract: A radio frequency identification (RFID) tag encryption method and system using a broadcast encryption (BE) scheme are provided by encrypting an ID of an RFID tag, storing the encrypted ID in a server and the RFID tag, and storing information relating to a reader authorized to read out the RFID tag in the server so that the reader can read out the RFID tag by decrypting the encrypted ID based on the encrypted ID information read from the RFID tag and the reader information. When readers read out ID data from the RFID tag, a privileged reader can read the data. Thus, it is possible to block unintended information leakage to the readers. In addition, user usability can be enhanced since an attacker cannot perform an access lock on the RFID tag.

Abstract: A user terminal apparatus with a security function and a security-control method are provided, which may prevent unauthorized use of the user terminal apparatus without requiring a user to lock up the user terminal apparatus. The user terminal apparatus includes an input sensing unit which senses a user's input to the user terminal apparatus, an information collecting unit which collects information regarding an input state, which is determined based on the user's input, and a transition of the determined state, and a security-control unit which determines whether the user is valid based on the collected information and controls a security function.

Abstract: A method and apparatus to square an element A when a defining polynomial of a finite field GF(2n) is expressed as f ? ( x ) = x n + ? i = 1 t ? ? x k i + 1 , and the element A contained in the finite field is expressed as A=(a0,a1,a2, . . . ,an?1)?GF(2n).

Abstract: A method of obtaining C=(c0, . . . , cn?1) of a product of two elements A and B of a finite field GF(2n). The method includes permuting the last d coefficients (an?1, . . . , an?d) of a multiplier A with predetermined variables (sn?1, . . . , sn?d); operating C:C=?(bi+j?A) for (I+j)th coefficient of a multiplicand B to update coefficients of C, where i and j are integers, and A:=(s, . . . ,?x?2)?(0,xn?1?j?f1, . . . ,sx?1?j?fx?d,0, . . . ,0) repeatedly for j=0 to (d?1) to update coefficients of A, where ? represents an XOR operation and ? represents an AND operation; and repeatedly performing the permuting and operating by increasing i from 0 to (n?1) by d.

Abstract: An RFID tag used to purchase service related to the RFID tag containing purchase information, a service purchase system using the RFID tag, and a service purchase method thereof. The RFID tag provides content information, right information, and purchase information. Therefore, when purchasing service products such as contents, user convenience can be increased and reliability can be guaranteed.

Abstract: A security system using an RSA algorithm that includes a key input section for receiving a secret key and a public key used in one of encryption and decryption of a message, a random coefficient generating section for generating a random coefficient r having a bit of a predetermined size, a first calculation section for dividing the secret key into a first secret key and a second secret key by using the value of r, and performing an exponentiation of RSA algorithm by using the respective secret keys and the public key, and a second calculation section for performing one of the encryption and the decryption by combining results of exponentiation calculated respectively by using the first and the second secret keys.

Abstract: A digital rights management (DRM) function performing method and system using a DRM device are provided, in which a DRM device connected to a second communication device decodes encoded contents when a first communication device requests to play the contents, the DRM device re-encodes the contents using a session key, and the DRM device transmits the re-encoded contents to the first communication device via the second communication device.

Abstract: A method and system for updating time information of a digital rights management (DRM) includes a time server transmitting a time information message to a consumer electronics (CE) device, the CE device transmitting the time information message to a digital rights management DRM device when the CE device receives the time information message from the time server, and the DRM device updating a present time of the DRM device based on the time information message when the DRM device successfully performs authentication with respect to the time information message which has been transmitted from the CE device.

Abstract: An encryption apparatus and method is provided. The encryption apparatus includes a first block cipher which block-encrypts an N-bit input into an M-bit output in which M is greater than N; a parallel processor which divides the M-bit output into at least two N-bit inputs, and block-encrypts each of the N-bit inputs into each of M-bit outputs by a parallel process which uses second block ciphers corresponding to a number of the divided N-bit inputs; and a converter which converts a plaintext into a ciphertext based on the block-encrypted M-bit output.

Abstract: A mutual exclusion method and DRM device is provided. The mutual exclusion method includes receiving an instruction associated with a predetermined stored file from the CE device, checking whether a performing instruction being performed associated with the predetermined stored file exists, and generating a collision error message informing that a collision error has occurred due to the inputted instruction when the performing instruction being performed associated with the predetermined stored file exists.

Abstract: A method and system of Digital Rights Management (DRM) in a consumer environment where the DRM agent and the rendering application are implemented on separate devices is provided. A first control message is transmitted from the rendering application to notify the DRM agent about the details of a content consumption pattern. The DRM agent receives the first control message, and determines whether the consumption operation detailed in the first control message is a permitted operation. The DRM agent responds with a second control message that either indicates that the operation is permitted or indicates that the operation is not permitted. The rendering application in response to the second control message either halts the consumption operation or if the operation is allowed, performs the consumption operation.

Abstract: A broadcast encryption method and a broadcast decryption method. The broadcast encryption method includes generating a message encryption key using a public key and a secret key generated by using a Strong Diffie-Hellman tuple; encrypting a message by the message encryption key; and generating a message header using a sum of a plurality of Strong Diffie-Hellman tuples corresponding to an authorized user group. Accordingly, a transmission amount and a storage amount can be reduced when a broadcast encryption message is transmitted.