• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2006.06a
• /
• pp.574-578
• /
• 2006

유비쿼터스 컴퓨팅 환경에서는 센서를 통하여 실시간의 상황인식 서비스를 제공하며, 이를 위해 사용자의 위치 정보 수집이 필요하다. NTT에서는 RFID에 대한 익명화를 통한 프라이버시보호 메커니즘을 제안하였다. 그러나, 불법적으로 접근하는 리더가 존재할 경우 i값의 비동기화를 통한 태그에 대한 Random Tampering공격이 가능하다. 본 논문에서는 NTT 연구소의 RFID 익명화 방법을 개선하여 태그의 Random Tampering 공격 방지가 가능하고, 태그와 리더 상호간 인증이 가능하며, 연산 과정을 절감시킨 새로운 RFID 익명화 프로토콜을 제안한다. 제안한 방법을 통하여 보다 안전하고 효율적으로 RFID기반 센서 네트워크 환경에서 사용자의 프라이버시를 보호할 수 있다.

• The Journal of The Korea Institute of Intelligent Transport Systems
• /
• v.8 no.6
• /
• pp.112-120
• /
• 2009

Both security enhancement in wireless and fast access for mobility are required to employ wireless LAN in ITS (Intelligent Transportation Systems). However, for the case of employing IEEE 802.11i security standard, it is known that the user authentication procedure of IEEE 802.1x and 4-way handshake procedure for stronger security enforcement may not be suitable for ITS due to its large delay. In this paper, we propose fast authentication method to resolve the above authentication delay problem, and verify its performance via simulation analysis.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.17 no.1
• /
• pp.67-80
• /
• 2007

Nateon Messenger, which has the most number of users in Korea, supports many services such as E-mail, note, Cyworld, SMS, etc. In this paper, we will analyse the authentication traffic which is transmitted and received by the Nateon Messenger. Through performing the replay attack with the authentication information, we will show that an attacker can be authenticated illegally. Furthermore, we will show that other domestic messengers have similar security problems.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2006.06a
• /
• pp.185-189
• /
• 2006

최근 ESN과 IMSI 불법복제에 의해 IS-95/cdma2000 이동통신 서비스 정상가입 사용자와 단말의 피해가 확인되고 있다. 이는 정상 가입자의 요금증가, SMS를 통한 휴대폰 결재, 정상단말의 착발신 장애 등의 문제를 일으키고 있다. 이러한 불법복제 단말의 서비스 접근과 정상단말 신원확인을 위해 이동통신 사업자는 파워온 등록, 착신, 발신시에 인증 메커니즘을 적용하지만, 여전히 CDMA/cdma2000 시스템에는 취약점이 존재하는 것으로 분석되고 이의 대응책이 요구된다. 이에 본 논문에서는 파워온 인증, 발신인증, 착신인증이 도입된 이동통신 시스템에서 정상단말과 불법복제 단말이 동일 기지국내에 위치할 때와 서로다른 기지국에 위치할 때, 각각 불법복제 단말에 의해 발생할 수 있는 취약점과 대응방안을 분석하고자 한다.

• The Journal of the Korea Contents Association
• /
• v.6 no.5
• /
• pp.9-13
• /
• 2006

Due to the miniaturization and the network supporting functions of home appliances, there is growing need for mobile environment home network system which provides flexibility, mobility and convenience to users. In this environment, a interactive authentication between mobile devices is important but the related works have no enough convenience to users. This paper proposes a interactive device authentication mechanism using Home Robot and also shows its design and implementation.

• Journal of Digital Convergence
• /
• v.19 no.4
• /
• pp.133-139
• /
• 2021

Due to the rapid progress in network technology, many research on content security technologies is also being conducted in the mobile digital content sector. In the meantime, content protection has been immersed in preventing illegal copying, certifying, and issuance/management certificates, but still have many vulnerabilities in managing or authenticating confidential information. This study aims to strengthen confidential information about content based on dual management of content download rights through mobile phone numbers or device numbers. It also protect replay-attack by building a secure mobile DRM system where digital content is safely distributed based on a three-stage user authentication process. In addition, blockchain-based content security enhancements were studied during the primary/secondary process for user authentication for the prevention of piracy and copyright protection. In addition, the client authentication process was further improved through three final stages of authorization in the use of illegal content, considering that legitimate users redistributed their content to third-party.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.5
• /
• pp.769-780
• /
• 2014

In general, internet users need to remember several IDs and passwords when they use diverse web sites. From an effective management perspective, SSO system was suggested to reduce user inconvenience. Kerberos authentication, which uses centralized system management, is a typical example of a broker-based SSO authentication model. However, further research is required, because the existing Kerberos authentication system has security vulnerability problems of password and replay attacks. In SSO authentication systems, a major security vulnerability is the replay attack. When user credentials are seized by attackers, an authorized session can be obtained through a replay attack. In this paper, an improved SSO authentication model based on the broker-based model and a secure lightweight SSO mechanism against credential replay attack is proposed.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.34 no.4B
• /
• pp.435-441
• /
• 2009

The one-time password system solves the problem concerning password reuse caused by the repeated utilization of an identical password. The password reuse problem occurs due to the cyclic repetition at the time of password creation, and authentication failure can occur due to time deviation or non-synchronization of the number of authentication. In this study, the password is created asynchronously and exchanged with the user, who then signs using a digital signature in exchange for the password and a valid verification is requested along with the certificate to ensure non-repudiation. Besides this, a verification system for one-time password is proposed and designed to improve security by utilizing the validity verification that is divided into certificate verification and password verification. Comparative analysis shows that the mechanism proposed in this study is better than the existing methods in terms of replay attack, non-repudiation and synchronization failure.

• The Journal of the Korea Contents Association
• /
• v.9 no.1
• /
• pp.53-60
• /
• 2009

In home network environments, the user authentication and authorization associated user's information and usability may be important security issue. The OSGi service platform, a well-known home network gateway already specifies the mechanism of that. The traditional authority method provided OSGi implements simple RBAC(Role Based Access Control) model. This is difficult to support efficient access control. In this paper, we propose the dynamic RBAC model based on OSGi. The proposed method describes the extended framework that manage two roles named as absolute role and relative role, extend existed framework with relative role and propose programming model to enable dynamic access control. Finally, we implement the proposed framework using AspectJ and Java annotation.

• The KIPS Transactions:PartC
• /
• v.11C no.3
• /
• pp.277-286
• /
• 2004

Password-based mechanism is widely used methods for user authentication. Password-based mechanisms are using memorable passwords(weak ferrets), therefore Password-based mechanism are vulnerable to the password guessing attack. To overcome this problem, man password-based authenticated key exchange protocols have been proposed to resist password guessing attacks. Recently, Seo-Sweeny proposed password-based Simple Authenticated Key Agreement(SAKA) protocol. In this paper, first, we will examine the SAKA and authenticated key agreement protocols, and then we will show that the proposed simple authenticated key agreement protocols are still insecure against Advanced Modification Attack. And we propose a password-based Simple Authenticated Key Agreement Protocol secure against Advanced Modification Attack.