• Journal of Internet Computing and Services
• /
• v.9 no.3
• /
• pp.43-50
• /
• 2008

Authenticated Encryption scheme in RFID system is the important issue for ID security. But, implementing authenticated Encryption scheme in RFID systems is not an easy proposition and systems are often delivered for reasons of complexity, limited resources, or implementation, fail to deliver required levels of security. RFID system is so frequently limited by memory, performance (or required number of gates) and by power drain, that lower levels of security are installed than required to protect the information. In this paper, we design a new authenticated encryption scheme based on the EC(Elliptic Curve)'s x-coordinates and scalar operation. Our scheme will be offers enhanced security feature in RFID system with respect to user privacy against illegal attack allowing a ECC point addition and doubling operation.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.4
• /
• pp.11-26
• /
• 2011

The existing anonymous authentication schemes based on group signatures for protecting privacy do not provide anonymous authorization which is required in the practical environments. In this paper, we propose an anonymous authentication and authorization scheme that enables a service provider both to authenticate anonymously its users and to provide different service according to their authorization. In the proposed scheme, a user's real identity, anonymity and authorization are managed distinctly through the separation of group manager's capabilities and an authorization authority. It is also possible for the proposed scheme to apply various access control models.

• Journal of Internet Computing and Services
• /
• v.19 no.6
• /
• pp.31-40
• /
• 2018

With the development of IT technology recently, medical information systems are being constructed in an integrated u-health environment through cloud services, IoT technologies, and mobile applications. These kinds of medical information systems should provide the medical staff with authorities to access patients' medical information for emergency status treatments or therapeutic purposes. Therefore, in the medical information systems, the reliable and prompt authentication processes are necessary to access the biometric information and the medical information of the patients in charge of the medical staff. However, medical information systems are accessing with simple and static user authentication mechanism using only medical ID / PWD in the present system environment. For this reason, in this paper, we suggest a dynamic situation authentication mechanism that provides transparency of medical information access including various authentication factors considering patient's emergency status condition and dynamic situation authentication system supporting it. Our dynamic Situation Authentication is a combination of user authentication and mobile device authentication, which includes various authentication factor attributes such as emergency status, role of medical staff, their working hours, and their working positions and so forth. We designed and implemented a dynamic situation authentication system including emergency status decision, dynamic situation authentication, and authentication support DB construction. Finally, in order to verify the serviceability of the suggested dynamic situation authentication system, the medical staffs download the mobile application from the medical information server to the medical staff's own mobile device together with the dynamic situation authentication process and the permission to access medical information to the patient and showed access to medical information.

• Journal of the Institute of Electronics and Information Engineers
• /
• v.50 no.6
• /
• pp.159-166
• /
• 2013

Recently, because the interest and needs in privacy protection are growing, smartcard-based remote user authentication schemes have been actively studied to provide the user anonymity. In 2008, Kim et al. first proposed an authentication scheme in order to ensure the user anonymity against both external attackers and the remote server and track malicious users with the help of a trusted trace sever. However, in 2010, Lee et al. showed that Kim et al.'s scheme cannot provide the user anonymity against remote server, which is because the server can trace users without any help of the trace server, and then proposed a improved scheme. On the other hand, in 2010, Horng et al. proposed an authentication scheme with non-tamper resistant smart cards, in which the non-tamper resistant smart card means that an attacker may find out secret information stored in the smart card through special data analysis techniques such as monitoring power consumption, to be secure against a variety of attacks and to provide the user anonymity against external attackers. In this paper, we will propose a remote user authentication scheme with non-tamper resistant smart cards not only to ensure the user anonymity against both external attackers and the remote server but also to track malicious users with only the help of a trusted trace sever.

• Journal of Internet Computing and Services
• /
• v.9 no.6
• /
• pp.73-79
• /
• 2008

Nowadays, all over the world's banks use internet banking through various authentication methods. Although there are strong authentication methods using OTP (One Time Password), there still has vulnerability from sophisticated attacks such as MITM (Man In The Middle). This letter proposes signing-based authentication protocol that copes with attacks, such as MITB (Man In The Browser), and provides non-repudiation function. The protocol shows generic method to prevent the sophisticated attacks through connecting advantages from OTP and PKI (Public Key Infrastructure) certificate, and that can be deployed to various extended form in internet banking.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 1998.12a
• /
• pp.289-301
• /
• 1998

이동통신에서의 사용자 인증 서비스는 통화도용 방지와 신뢰성 있는 과금을 위한 중요한 보호 서비스이다. 본 논문에서는 IS-95A 인증 시스템에 적용 가능한 안전한 인증 알고리듬과 인증 키 생성 알고리듬을 제안한다. 특히 인증 알고리듬을 활용하여 인증 키 생성알고리듬을 Oracle 해쉬함수의 형태로 구현함으로써 인증 시스템의 높은 안전성과 간결성을 동시에 성취하였다. 그리고 통계적 분석 기법을 사용하여 개발된 알고리듬의 출력 특성을 분석한다.

• The KIPS Transactions:PartB
• /
• v.19B no.1
• /
• pp.9-18
• /
• 2012

Many audio watermarking researches which have been adapted to authenticate contents can not recover the original media after watermark removal. Therefore, reversible watermarking can be regarded as an effective method to ensure the integrity of audio data in the applications requiring high-confidential audio contents. Reversible watermarking inserts watermark into digital media in such a way that perceptual transparency is preserved, which enables the restoration of the original media from the watermarked one without any loss of media quality. This paper presents a new interval-based audio integrity authentication algorithm which can detect malicious tampering. To provide complete reversibility, we used differential histogram-based reversible watermarking. To authenticate audio in parts, not the entire audio at once, the proposed algorithm processes audio by dividing into intervals and the confirmation of the authentication is carried out in each interval. Through experiments using multiple kinds of test data, we prove that the presented algorithm provides over 99% authenticating rate, complete reversibility, and higher perceptual quality, while maintaining the induced-distortion low.

• Convergence Security Journal
• /
• v.14 no.7
• /
• pp.91-99
• /
• 2014

NFC(Near Field Communication) is a wireless data exchange technology in 13.56MHz frequency band between devices. The NFC Forum defines the NDEF(NFC Data Exchange Format) exchanging data format between NFC devices and NFC Tags, the NFC RTD(Record Type Definition) defining the record types in the NDEF messages, the Smart Poster RTD in order to replace current paper posters and the Signature RTD to ensure the authenticity and integrity for NDEF records. But the previous smart poster authentication scheme have the weaknesses of using the PKI(Public Key Infrastructure) with certificates to verify the public key for the smart poster authentication and requiring the additional storage capacity of NFC tags for the authentication path. Therefore in this paper we propose a smart poster authentication scheme and implementation based on the authentication URL, a digital signature and a public key without the PKI and certificates for the smart poster authentication.

• Journal of Internet of Things and Convergence
• /
• v.7 no.3
• /
• pp.69-74
• /
• 2021

With the recent development of biometric authentication technology, the user authentication techniques using biometric authentication are increasing. Various problems arised in certification techniques that use various existing methods such as ID/PW. Therefore, recently, a method of improving security by introducing biometric authentication as secondary authentication has been used. In this thesis, proposal of the user authentication system that can detect user identification and anomalies using ECGs that are extremely difficult to falsify through the electrical biometric signals from the heart among various biometric authentication devices is studied. The system detects user anomalies by comparing ECG data received from a wrist-mounted wearable device-type ECG measurement tool with identification and ECG data stored in blockchain form on the database and identifying the user's location through a beacon system.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.19 no.2
• /
• pp.93-103
• /
• 2009

In this paper, we propose a USIM-based Authentication Scheme for 3GPP Network Access. The proposed scheme improves the problems of existing authentication protocol in 3GPP Network such as sequence number synchronization problem, the storage overhead of authentication data, and bandwidth consumption between Serving Network and Home Network. Our proposal is based on the USIM-based Authentication and Key Agreement Protocol that is defined in 3GPP Specification. In our scheme, mobile nodes share a SK with Serving Network and use a time stamp when mobile nodes are performing an authentication procedure with Serving Network. By using time stamp, there is no reason for using sequence number to match the authentication vector between mobile nodes and networks. So, synchronization problem can be solved in our scheme. As well as our scheme uses an authentication vector, the storage overhead of authentication data in Serving Network and bandwidth consumption between networks can be improved.