Papers by Woei-Jiunn Tsaur
Designing Secure Mobile Agent Networks
資訊安全通訊,10, Aug 1, 2004
A scheme for auditing causal relationships in group oriented distributed systems
... Distributed Systems Woei-Jiunn Tsaury Shi-Jinn Horngy Ruey-Chang Tsaiz yDepartment of Electri... more ... Distributed Systems Woei-Jiunn Tsaury Shi-Jinn Horngy Ruey-Chang Tsaiz yDepartment of Electrical Engineering, National Taiwan University of Science and Technology, Taipei, Taiwan, ROC E-mail: horng@mouse.ee.ntust.edu.tw zGiga Information Tech. ...
IEEE access, 2024
In the charity sector, fundraising and transparency have long been key issues. Charity NFT (Non-F... more In the charity sector, fundraising and transparency have long been key issues. Charity NFT (Non-Fungible Token) auctions, an emerging charity fundraising model integrating blockchain and NFT concepts, bring opportunities and challenges. Blockchain provides distributed data integrity and transparency via cryptography-linked data blocks, while NFTs enable unique digital ownership representation. This study designs a charity NFT auction platform on the Fisco Bcos blockchain, using multi-signature algorithms to ensure NFT authenticity, ECDSA (Elliptic Curve Digital Signature Algorithm) signatures for transaction integrity and traceability, NFTs and virtual currencies to reduce costs, and IPFS (InterPlanetary File System) for storage. The implemented system achieves 2104 TPS throughput with 492millisecond latency, increasing transaction processing with low latency. Overall, the platform aims to address charity issues like opaque fund flows, high costs, and fake initiatives through the strategic application of blockchain and NFT functionality.
Pattern Analysis for Covert Channel Features Based on Internet Protocols
Designing an Efficient Wireless Public Key Infrastructure in Mobile Internet Environments
A New Authentication Scheme for Protecting Mobile Agent Platforms Using Pairing-Based Cryptosystems
The eBooks, Dec 1, 2003
A Study on Security Schemes in Mobile E-Commerce Environments
Designing Key Recovery and Escrow Schemes in Electronic Commerce Environments
Journal of Internet Technology, 2004
A secure electronic payment system based on efficient public key infrastructure
Proceedings of the 2002 International Workshop for …, 2002
ABSTRACT
A Pairing-Based Proxy Authenticated Encryption Scheme for Protecting Mobile Agents
Nowadays, security is one of key issues for mobile agent technology while mobile agents are appli... more Nowadays, security is one of key issues for mobile agent technology while mobile agents are applied to the development of e-commerce. By using the proposed integrated public key cryptosystem, this paper presents a proxy authenticated encryption scheme based on a proxy signature scheme for protecting mobile agents against malicious attacks by hosts. The proposed cryptosystem is constructed using the pairing-based cryptosystems, and it also integrates the identity-based public key cryptosystems with the self-certified public key cryptosystems to provide higher security strength and meanwhile maintain a satisfactory performance. Based on the proposed cryptosystem, we first design a proxy signature scheme to protect a user's private key and keep the integrity of the contract which an agent signs. In addition, we further develop a proxy authenticated encryption scheme using the proposed proxy signature scheme such that the signatures of the contracts can not only satisfy users' constraints, but also achieve servers' non-repudiation. Furthermore, the confidentiality of the signed message is also guaranteed in the proposed scheme. Hence, the proposed schemes are able to fulfill the security requirements of confidentiality, integrity, authenticity, and non-repudiation to accomplish mobile agent security. Besides, the performance evaluation results also show the developed schemes are more efficient than other previously proposed schemes. In such a way, we affirm that the proposed schemes are very feasible for mobile agent protection.
Designing Intelligent Secure Electronic Payment Systems
Proceedings of the, 2001
An Efficient Fair Blind Signature Scheme with Message Recovery Using Pairing-based Cryptosystems with Provable Security
ABSTRACT
In this paper we have designed a partially blind signature scheme for the blinded e-cash based pa... more In this paper we have designed a partially blind signature scheme for the blinded e-cash based payment system using ECC-based self-certified public key cryptosystems. Using partially blind signatures to design the e-cash scheme can avoid the unlimited growth of the bank's database which keeps all spent e-cashes for preventing double spending, and also let the signer assure himself that the message contains accurate information such as the face value of the e-cash without seeing it. In addition, the proposed e-cash system is constructed using elliptic curve cryptosystems (ECC) under the limited-storage environment such as smart cards, and therefore able to efficiently use smart cards to store the coins. Furthermore, in order to avoid criminals to abuse the anonymity, the proposed electronic payment system is traceable by the trustee in the case of fraudulent transactions. We affirm the proposed efficient security schemes will make the electronic cash payment system securely workable for Internet consumers.
Protocols for designing a fast and perfect group-oriented secret key sharing in distributed systems
ABSTRACT
Journal of Medical Internet Research, Jan 6, 2022
Background: During the COVID-19 pandemic, personal health records (PHRs) have enabled patients to... more Background: During the COVID-19 pandemic, personal health records (PHRs) have enabled patients to monitor and manage their medical data without visiting hospitals and, consequently, minimize their infection risk. Taiwan's National Health Insurance Administration (NHIA) launched the My Health Bank (MHB) service, a national PHR system through which insured individuals to access their cross-hospital medical data. Furthermore, in 2019, the NHIA released the MHB software development kit (SDK), which enables development of mobile apps with which insured individuals can retrieve their MHB data. However, the NHIA MHB service has its limitations, and the participation rate among insured individuals is low. Objective: We aimed to integrate the MHB SDK with our developed blockchain-enabled PHR mobile app, which enables patients to access, store, and manage their cross-hospital PHR data. We also collected and analyzed the app's log data to examine patients' MHB use during the COVID-19 pandemic. Methods: We integrated our existing blockchain-enabled mobile app with the MHB SDK to enable NHIA MHB data retrieval. The app utilizes blockchain technology to encrypt the downloaded NHIA MHB data. Existing and new indexes can be synchronized between the app and blockchain nodes, and high security can be achieved for PHR management. Finally, we analyzed the app's access logs to compare patients' activities during high and low COVID-19 infection periods. Results: We successfully integrated the MHB SDK into our mobile app, thereby enabling patients to retrieve their cross-hospital medical data, particularly those related to COVID-19 rapid and polymerase chain reaction testing and vaccination information and progress. We retrospectively collected the app's log data for the period of July 2019 to June 2021. From January 2020, the preliminary results revealed a steady increase in the number of people who applied to create a blockchain account for access to their medical data and the number of app subscribers among patients who visited the outpatient department (OPD) and emergency department (ED). Notably, for patients who visited the OPD and ED, the peak proportions with respect to the use of the app for OPD and ED notes and laboratory test results also increased year by year. The highest proportions were 52.40% for ED notes in
Dynamic key management schemes for secure group communication based on hierarchical clustering in mobile ad hoc networks
IEEE International Conference on High Performance Computing, Data, and Analytics, Aug 29, 2007
ABSTRACT
IEEE Systems Journal, Jun 1, 2019
The vision of Internet of Vehicles (IoV) is to make the dream of zero traffic accident come true.... more The vision of Internet of Vehicles (IoV) is to make the dream of zero traffic accident come true. However, the problems of drivers' poor fitness and distraction go from bad to worse on account of the increase of chronical patients and the prosperity of mobile phones. Most of the security-related literatures aimed to offer a better efficiency, protection, or scalability on safety-related message verification, but few security protocols were suitable for the transmission of the drivers' abnormal reports because of low latency requirement. In this paper, we propose a secure notification scheme [driver-abnormal notification scheme (DANS)] based on edge-fog computing to offer real-time response. After passing twofactor authentication, vehicles serve as the edge nodes to download and to real-time compare the sensing parameter for reducing the long-distance communication latency. By means of hash-chainbased public key cryptosystem, DANS can omit the certificate overhead to keep short latency, and also holds the benefits of driver authentication, mutual authentication, integrity for abnormal reports, conditional privacy preservation, non-repudiation, fast verification, and good scalability. Performance evaluations and simulation demonstrate that DANS earns outstanding results in terms of verification delay and communication overhead. To the best of our knowledge, this paper is the first attempt to design a notification scheme to real-time detect the driver-abnormal issues over IoV.
A new security scheme for on-demand source routing in mobile ad hoc networks
Mobile ad hoc networks (MANETs) are a collection of wireless mobile nodes dynamically forming a l... more Mobile ad hoc networks (MANETs) are a collection of wireless mobile nodes dynamically forming a local area network or other temporary network without using any existing network infrastructure or centralized administration. Because all of the nodes communicate each other based on the routing protocol, and an attacker could manipulate a lower-level protocol to interrupt a security mechanism in a higher-level
An IoT and blockchain based logistics application of UAV
Multimedia Tools and Applications, May 22, 2023
This paper proposes a geometric approach for an authentication-combined access control scheme bas... more This paper proposes a geometric approach for an authentication-combined access control scheme based on a dynamic secret key sharing scheme in distributed systems. The authenticationcombined access control scheme can avoid exponential operations and save much computation time. The main aim of this paper is to improve the security problem of the centralized access control and user authentication. It is designed so that any izltruslon into a part of these distributed security administrators running all security operations will not endanger the security of the whole distributed system. This approach is very suitable for practical distributed systems, since the distribution of the duty of the security makes the intruder be hard of access to a file server. After running the authentication protocol, each authenticated user will obtain all components of a session key, where the number of components is dependent on the number of the Iron-faulty distributed security adminlstrators. So, it can tolerate the occurrence of faults of some distributed security administrators. Then, the session key components of each authenticated user will be efficiently used in access control protocols for a single authenticated user of a specific secret grade or a group of authenticated users of the identical secret grade, where a dynamic secret key sharing scheme is adopted.
Uploads
Papers by Woei-Jiunn Tsaur