[KSCI] Korea Science Citation Index Service

http://dx.doi.org/10.9708/jksci.2016.21.10.063

A Robust Mutual Authentication between User Devices and Relaying Server(FIDO Server) using Certificate Authority in FIDO Environments

Han, Seungjin (Dept. of Business Administration, Kyung-In Women's University)

Publication Information

Journal of the Korea Society of Computer and Information / v.21, no.10, 2016 , pp. 63-68 More about this Journal

Abstract

Recently, Biometrics is being magnified than ID or password about user authentication. However, unlike a PIN, password, and personal information there is no way to modify the exposure if it is exposed and used illegally. As FIDO(Fast IDentity Online) than existing server storing method, It stores a user's biometric information to the user device. And the user device authentication using the user's biometric information, the user equipment has been used a method to notify only the authentication result to the server FIDO. However, FIDO has no mutual authentication between the user device and the FIDO server. We use a Certificate Authority in order to mutually authenticate the user and the FIDO server. Thereby, we propose a more reliable method and compared this paper with existed methods about security analysis.

Keywords

FIDO(Fast IDentity Online); Mutual Authentication; User Device; Relaying Server; Certificate Authority;

Citations & Related Records

Reference

1	Jaejung Kim, "Study on the password-free certification system using the FIDO (Fast IDentity Online)," Communications of the Korea Information Science Society, KIISE, vol. 33, no. 5, May., 2015.
2	Tae Bong Kim, "SmartSIGN," Fintechforum June Annual Presentation, KTB Solution, 23rd, June, 2015.
3	Fido Alliance, https://fidoalliance.org/specs/fido-uaf-v1.0-ps-20141208/fido-uaf-protocol-v1.0-ps-20141208.pdf
4	NIST(National Institute of Standards and Technology), DRAFT NIST Special Publication 800-63-3 Digital Authentication Guideline, https://pages.nist.gov/800-63-3/sp800-63-3.html
5	ITU-T SG17 WG5 Q9, http://www.itu.int/itu-t/workprog/wp_item.aspx?isn=9429
6	SooHyung Kim, YeongSub Cho, and DaeSeon Choi, "FinTech Era: Needs for the innovation of user authentication technologies," Communications of the Korean Institute of Information Scientists and Engineers, KIISE, vol. 33, no. 5, pp17-22, May, 2015.
7	Korea Financial Telecommunications & Clearings Institute, "Standard for distributed management of biometrics," Korea Financial Telecommunications & Clearings Institute, Jun., 2015.