• KIPS Transactions on Computer and Communication Systems
• /
• v.2 no.12
• /
• pp.517-524
• /
• 2013

Although password-based authentication as known as knowledge-based authentication was commonly used but intrinsic problems such as dictionary attack remain unsolved. For that the study on possession-based authentication was required. User remote authentication using smartcard is proceeding actively since Lee et al. proposed user remote authentication using knowledge-based information(password) and possession-base information(smartcard) in 2002. in 2009, Xu et al. proposed a new protocol preserving user anonymity and Shin et al. proposed enhanced scheme with analysis of its vulnerabilities on user anonymity and masquerading attack in 2012. In this paper, we analyze Shin et al. scheme on forward secrecy and insider attack and present novel user authentication based on elliptic curve cryptosystem which is secure against forward secrecy, insider attack, user anonymity and masquerading attack.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2001.10b
• /
• pp.1237-1240
• /
• 2001

본 논문에서는 이동 통신 환경에서 사용자가 다양한 서비스 제공자와의 효율적인 인증과 키 교환 프로토콜을 수행할 수 있는 새로운 프로토콜을 제시한다. 사용자의 이동성을 지원하기 위하여 이동 사용자가 방문하고 있는 도메인에서 사용할 수 있는 임시적인 인증서 발급 과정을 제안하였다. 제안된 임시 이동 사용자 인증서는 사용자가 방문하고 있는 도메인에 위치한 TTP의 비밀키로 전자서명이 이루어져서 사용자에게 발급이 이루어진다. 이동 사용자는 자신에게 발급된 임시 이동 사용자 인증서를 이용하여 이동 통신에서의 AIP(Authenticationandlnitializationofrayment) 프로토콜을 효율적으로 수행할 수 있다.

• Journal of the Korea Society of Computer and Information
• /
• v.28 no.5
• /
• pp.67-74
• /
• 2023

In this paper, we analyze the authentication protocol for DRM proposed by Hussain et al. in 2022, and present an improved solution. Hussain et al. argued that their authentication protocol guarantees man-in-the-middle attack, replay attacks, and mutual authentication. However, as a result of analyzing Hussain et al.'s authentication protocol in this paper, Hussain et al.'s authentication protocol still has an insider attack problem, a problem with Yu et al.'s authentication protocol that they pointed out. For this reason, when an inside attacker acquires information on a mobile device, a user impersonation attack was also possible. In addition, there were problems with the user's lack of ID format verification and the problem of the secret key mismatch of the digital contents between the server and the user. Therefore, this paper proposes an improved solution to solve these problems. As a result of analysis in this paper, the improved solution is safe from various attacks such as smart card attack, insider attack, and password guessing attack and can safely authenticate users of DRM.

• Journal of Digital Convergence
• /
• v.10 no.3
• /
• pp.105-111
• /
• 2012

Internet Protocol Television (IPTV) through broadband cable network is a subscriber-based system which consists of software and set-top box. However, a weakness for the current IPTV system is the lack of security between users and CAS. This paper proposes a user authentication protocol at STB, which limits the service by the user-valued attribute to prevent illegal IPTV users. User attribute values change the order with bit form according to the certain rule, and apply to one-way hash function and Diffie-Hellman's elliptic curve key-exchange algorithm. The proposed protocol is able to improve on user authentication and computation. Also, each user generates an authentication message by smart card and receives various services based on the user-valued attribute.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.12 no.5
• /
• pp.2353-2359
• /
• 2011

The request of Green-IT technology and recommend of computer hardware resource are increasing explosively. So, necessity of Cloud computing is increasing rapidly. Berkeley Univ. announced teens constituent that threat Cloud computing in 2009 and problem for user authentication should be solved as is urgentest among them. So, We wish to propose effective user authentication protocol in Cloud computing environment. Secure safety for user quotation through Kerberos's ticket issue that is existent representative user authentication techniques, and defined authentication procedure of two steps that flow user authentication and service authentication through PKI's. Is uncomplicated structurally more than efficiency for certification protocol and examination result about safety, existent PKI that propose and simplify achievement procedure and system configuration more than Kerberos and reduced response time.

• Journal of Korea Society of Industrial Information Systems
• /
• v.10 no.2
• /
• pp.59-66
• /
• 2005

Recently, Ku and Chen(Ku-Chen) showed some problems in the password based remote user authentication scheme using smartcards proposed by Chien et al. and proposed an improvement from it. This paper shows some weaknesses in the Ku-Chen's scheme, especially the replay attacks, and proposes two authentication protocols to solve the problems in it. First of all, an authentication protocol using synchronized timestamps is proposed to solve the problem in the Ku-Chen's protocol. Then, a nonce-based authentication protocol is proposed to solve the inherent problems in the synchronized timestamp-based authentication protocols. The proposed authentication protocols support the advantages in the previous password-based authentication protocols and solve the problems in them effectively.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2003.07a
• /
• pp.145-149
• /
• 2003

최근 인터넷 사용이 보편화되면서 웹을 통하여 다양한 서비스가 제공되면서 웹 보안에 대한 중요성이 증가하고 있으며 실제로 여러 방법들이 제안되고 구현되었다. 하지만 현재의 웹 보안 방식들은 벤더의 웹 브라우저나 프로토콜을 수정해야 하는 문제점이 존재한다. 본 논문에서는 사용자 인증과 안전한 통신을 수행하기 위하여 자바 애플릿을 사용함으로써 벤더의 웹 브라우저나 프로토콜을 수정하지 않으면서 사용자 인증 및 안전한 통신을 수행할 수 있도록 한다.

• Proceedings of the Korean Information Science Society Conference
• /
• 2002.10e
• /
• pp.115-117
• /
• 2002

UMTS와 같은 제 3세대 이동 통신 시스템에서 공개키 기반 구조의 이용이 가능해짐에 따라 공개키 인증서를 획득한 각 이동 단말들 사이의 암호 통신에 대한 연구가 활발해지고 있다. 본 논문에서는 이동 단말기를 소유한 사용자와 디지털 정보 서비스를 운영하는VASP 사이에서의 인증과 지불에 관련된 메커니즘을 제안한다. 이동 사용자는 브로커로부터 획득한 공개키 인증서를 사용하여 다른 도메인에서도 온라인 TTP(Trusted Third Party)의 통신을 거치지 않고도 효율적인 인증 서비스 및 디지털 정보 서비스를 받을 수 있다. 본 논문은 사용자 단말기의 제한된 성능과 이동 통신 환경이라는 제약적인 조건을 고려하여 이에 적합한 소액지불 프로토콜을 제시한다.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.31 no.6C
• /
• pp.645-650
• /
• 2006

GSM(Global System for Mobile communications) provides mobile users with portability and convenience as the most popular standard for mobile phones in the world. However, GSM system has the problem that can't normally authenticate a user by the exposure of IMSI(International Mobile Subscriber Identity) of Ms(Mobile station) during the user authentication procedure. In this paper, we propose secure user authentication by preventing the exposure if IMSI via transfer the encrypted IMSI from the HLR(Home Location Register) and making the only network entities verified from the HLR use the IMSI value, as the modified mechanism based on the original user authentication protocol to solve this authentication problem. Also the proposed mechanism provides fast user authentication without changing the architecture between new VLR and old VLR in the original GSM user authentication protocol as well as user's anonymity by using a temporary ID.

• Journal of the Korea Society of Computer and Information
• /
• v.9 no.2
• /
• pp.105-113
• /
• 2004

If the protocol has fast operations and short key length, it can be efficient user authentication protocol Lenstra and Verheul proposed XTR. XTR have short key length and fast computing speed. Therefore, this can be used usefully in complex arithmetic. In this paper, to design efficient user authentication protocol we used a subgroup of Galois Field to problem domain. Proposed protocol does not use GF($p^6$) that is existent finite field, and uses GF($p^2$) that is subgroup and solves problem. XTR-ElGamal based user authentication protocol reduced bit number that is required when exchange key by doing with upside. Also, Proposed protocol provided easy calculation and execution by reducing required overhead when calculate. In this paper, we designed authentication protocol that is required to do user authentication.