Journal of Korea Society of Digital Industry and Information Management (디지털산업정보학회논문지)

Korea Society of Digital Industry and Information Management (디지털산업정보학회)
권호 표지
DOI QR코드

DOI QR Code

The Design of User-Authentication technique using QR-Code recognition

스마트폰의 QR-Code의 인식 기법을 이용한 사용자 인증 기법 설계

  • 이용재 (숭실대학교 IT정책경영학과) ;
  • 김영곤 (숭실대학교 컴퓨터학과) ;
  • 박태성 (숭실대학교 컴퓨터학과) ;
  • 전문석 (숭실대학교 컴퓨터학과)
  • Received : 2011.08.05
  • Accepted : 2011.09.05
  • Published : 2011.09.30
Download PDF
⟨ Previous Next ⟩

Abstract

Smart phones, greatly expanding in the recent mobile market, are equipped with various features compared to existing feature phones and provide the conveniences to in several ways. The camera, one of the features of a smartphone, creates the digital contents, such photos and videos, and plays a role for the media which transmits information, such as video calls and bar code reader. QR-Code recognition is also one of the camera features. It contains a variety of information in two-dimensional bar code type in matrix format, and makes it possible to obtain the information by using smart phones. This paper analyzes the method of QR-Code recognition, password method-the existing user-authentication technique, smart card, biometrics and voice recognition and so on and thenn designs a new user-authentication technique. The proposed user-authentication technique is the technique in which QR-Code, which can be simply granted is read by smart phones and transmitted to a server, for authentication. It has the advantages in view that it will simply the process of authentication and conteract the disadvantages, such as brute force attack, man-inthe-middle attack, and keyboard hacking, which may occur in other authentication techniques.

Keywords

References

  1. 방송통신위원회, "이동통신요금인하방안발표자료," 보고서, 06, 2011.
  2. Denso-Wave, About 2D Code I QR-Code.com Retrieved 2009-04-23.
  3. ISO/IEC 13888-1 : General model
  4. 윤승구, 박재표, "OTP를 이용한 인터넷뱅킹 시스템의 다중 채널 인증 기법," 디지털산업정보학회지, 제6권, 제4호, 2010, pp.131-142.
  5. ISO/IEC 13888-2 : Mechanism using symmetric techniques
  6. 이영숙, 김지연, "스마트폰 보안 기술 분석," 디지털산업정보학회지, 제6권, 제2호, 2010, pp.91-105.
  7. Forouzan, "Cryptography and Network Security," McGraw-Hill, 2007.
  8. PWDUMP6 Version1. 7. 2, 2008., "URL source :http://www.foofus.net/fizzgig/pwdump/downloads.htm/"
  9. Bugtraq: ANNOUNCE : NTCrack v2.0., "URL source: http://seclists.org/bugtraq/1997/Mar/0103.html/"
  10. Solar Designer. John the ripper, "URL source : http://www.Openwall.com/john/"
  11. 박왕성, 정종필, 박창섭, 이동훈, "패스워드를 이용한 인증 프로토콜들에 대한 고찰," 한국정보보호학술학회지, 제9권, 제4호, 1999, pp.51-63.
  12. ISO7816 Standard Smart-Card Interface
  13. ISO14443 Type A/B Comportable., Read&Writer API Header in C
  14. 김지홍, "인증기술," 정보통신망 정보보호워크샵 발표지, 제5집, 1999, pp.187-252.
  15. 최은정, 김찬오, 송주석, "공개키 암호 기법을 이용한 패스워드 기반의 원거리 사용자 인증 프로토콜," 한국정보과학회논문지, 정보통신 제30권 제1호, 2003, pp.75-80.
  16. Radia Perlman, "An Overview of PKI Trust Models, IEEE Network," Vol. 13, No. 6, pp. 38-43, November/December 1999. https://doi.org/10.1109/65.806987