Browse > Article
http://dx.doi.org/10.9708/jksci.2016.21.10.063

A Robust Mutual Authentication between User Devices and Relaying Server(FIDO Server) using Certificate Authority in FIDO Environments  

Han, Seungjin (Dept. of Business Administration, Kyung-In Women's University)
Abstract
Recently, Biometrics is being magnified than ID or password about user authentication. However, unlike a PIN, password, and personal information there is no way to modify the exposure if it is exposed and used illegally. As FIDO(Fast IDentity Online) than existing server storing method, It stores a user's biometric information to the user device. And the user device authentication using the user's biometric information, the user equipment has been used a method to notify only the authentication result to the server FIDO. However, FIDO has no mutual authentication between the user device and the FIDO server. We use a Certificate Authority in order to mutually authenticate the user and the FIDO server. Thereby, we propose a more reliable method and compared this paper with existed methods about security analysis.
Keywords
FIDO(Fast IDentity Online); Mutual Authentication; User Device; Relaying Server; Certificate Authority;
Citations & Related Records
연도 인용수 순위
  • Reference
1 Jaejung Kim, "Study on the password-free certification system using the FIDO (Fast IDentity Online)," Communications of the Korea Information Science Society, KIISE, vol. 33, no. 5, May., 2015.
2 Tae Bong Kim, "SmartSIGN," Fintechforum June Annual Presentation, KTB Solution, 23rd, June, 2015.
3 Fido Alliance, https://fidoalliance.org/specs/fido-uaf-v1.0-ps-20141208/fido-uaf-protocol-v1.0-ps-20141208.pdf
4 NIST(National Institute of Standards and Technology), DRAFT NIST Special Publication 800-63-3 Digital Authentication Guideline, https://pages.nist.gov/800-63-3/sp800-63-3.html
5 ITU-T SG17 WG5 Q9, http://www.itu.int/itu-t/workprog/wp_item.aspx?isn=9429
6 SooHyung Kim, YeongSub Cho, and DaeSeon Choi, "FinTech Era: Needs for the innovation of user authentication technologies," Communications of the Korean Institute of Information Scientists and Engineers, KIISE, vol. 33, no. 5, pp17-22, May, 2015.
7 Korea Financial Telecommunications & Clearings Institute, "Standard for distributed management of biometrics," Korea Financial Telecommunications & Clearings Institute, Jun., 2015.