Browse > Article

Design of COS for smart card user authentication using signature  

송영상 (단국대학교 대학원 전자컴퓨터공학과)
신인철 (단국대학교 전기전자컴퓨터공학부)
Publication Information
Journal of the Institute of Electronics Engineers of Korea CI / v.41, no.4, 2004 , pp. 103-112 More about this Journal
Abstract
This paper suggests the way to realize smart card security system by using handwritten signature instead of a password which is traditionally used for user authentication. Because of the familiarity of signature we don't need to try to remember the password and signature is difficult to be used by guess or illegal forced situation. The feature data of handwritten signature is large, so we designed COS which is consist of special commands for processing user's handwritten signature data, user authentication, and basic commands based on ISO 7816-3. Also protocol among user, smart card terminal and DB server is designed. In registration process, the feature data of user signature is saved in both a DB server and a smart card. User authentication is processed by comparing the user signature and the saved feature data in a smart card and in a DB server. And the authentication result and hash value of signature data in DB server are transferred to smart card. During this process the authentication between DB server and user is finished. The proposed security system has more higher level of security in user authentication of smart card and it will Provide safer and more convenient security services.
Keywords
Smart card; Signature; User Authentication; COS(card operating system);
Citations & Related Records
Times Cited By KSCI : 1  (Citation Analysis)
연도 인용수 순위
1 A. Frier, P. Karlton, and P. Kocher, 'The SSL 3.0 Protocol', Netscape Communications Corp, Nov 18, 1996
2 김진형, '온라인 서명 검증의 현황 및 방법론 소개', KAIST, 2001
3 원지연 외4, 'IC 카드를 이용한 생체인식 기술 개발 동향', 한국전자통신연구원
4 SoftForum, '암호화 보안 프로토콜', http://www.softforum.com
5 A. Sorkin, 'LUCIFER, A Cryptographic Algorithm', Cryptologia, Vol.8, No.1, pp.22-24, 1973   DOI   ScienceOn
6 Luca Bechelli, Stefano Bistarelli, Anna Vaccarelli, 'Biometrics authentication with smart card', http://www.iat.cnr.it/attivita/progetti/parametri_biomedici.html
7 박명수, 김성훈, 김재희, '온라인 서명 검증에서 특징 집합에 대한 각 서명별 가중치 설정 방법', 전자정보통신 논문집, 제2권 제1호, pp.62-70, 1995
8 Gael Hachez, Francois Koeune, Jean- Jacques Quisquater 'Biometrics, Access Control, smart card : A Not so simple combination', http://citeseer.nj.nec.com/cs
9 C.P. Schnorr, 'Efficient identification and signatures for smart card', Advances in Cryptology Crypto'89, Lecture Notes in Computer Science, G. Brassard(ed.), Berlin Springer-Verlag, vol.435, pp.239-252, 1990   DOI
10 Giampaolo Bella, 'Modelling Security Protocols Based on Smart Cards', http://citeseer.nj.nec.com/cs
11 Cheol-han Park, Dae-wha Seo, 'A Design of Expandable IC Card Operating System', 통신정보보호학회 논문지 제9권, 제2호, 1999   과학기술학회마을
12 W.Rankl, 'Smart Card Handbook' 2ed, John Wiley & Sons, 1999
13 Jurgensen, Guthery, 'Smart Cards The Developer's, Toolkit', PHPTR, 1999
14 주학수, 현진수, 성재철, 임선각, 'IC카드의 안전성 관련 기능 및 공격기법', 정보보호학회지 제13권 제4호, pp.88- 101, 2003년 8월
15 윤석창 '스마트카드를 이용한 키 분배방식에 관한 연구', 세명논총 제6집, pp. 257-266
16 이장원, 홍깅융, 조현숙, '스마트카드를 이용한 네트워크 가입자 신분 확인', 한국정보처리학회 논문지 제3권 제5호, pp.1170-1178, 1996
17 이경호, 차영태, 심주걸, 원동호, '직접적 인증을 제공하는 안전하고 휴율적인 키동의 프로토콜', 한국정보처리학회 논문지, 제6권 제12호, pp.3613-3621, 1999   과학기술학회마을
18 GEMPLUS, GPK4 Reference Manual, GEMPLUS, 1999
19 이민섭, '현대 암호학', 교우사
20 임영이, 이윤철, 강희일, 이동일, '스마트카드 시스템의 보안 기술', 전자통신동향분석 제14권 제5호, pp.88-101, 2003년 8월
21 Smart Cards and Security Overview, http://www.smartcardbasic.com
22 CHAN, Siu-cheung Charles, 'An Overview of Smart Card Security'
23 D. Pinkas and R. Housley, 'Delegated Path Validation and Delegated Path Discovery Protocol Requirements', RFC 3379, February 2001