• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.6
• /
• pp.1361-1373
• /
• 2016

Recently the need for user authentication with increasing, there are a variety of mechanisms, such as password, graphic authentication, token, biometrics and multiple authentication. in particular, the data of the 2-dimensional(2D) factors such as password, graphic authentication, biometrics is used because of the convenience. The stored information is problematic in that additional data recording needs to be performed whenever authentication data is updated. Furthermore, this storage method is problematic in that the time it takes to perform authentication increases because the time it takes to compare storage data with authentication data increases in proportion to an increase in the amount of the storage data. Accordingly, authentication through the rapid comparison of storage data with authentication data is a very important factor in data recording and authentication technology using memory. Using the three-dimensional(3D) optical memory by variously changing the recoding elements during recoding of data constitutes the way that multiple recoding different data storage. This enables high-density recoding in this way, and by applying the possible parallel processing at the time of recording and restoring method, provided that it is possible to quickly record and restore the data. In addition, each time to solve problems that require additional data recorded by a combination of the stored data record in the old data using a combination of the authentication. The proposed mechanism is proposed an authentication method using scheme after the recoding data in 3D optical memory to apply the conditions corresponding to the recoding condition when restoring the recorded data and through the experiment it was confirmed possible application as an authentication mechanism.

• KIPS Transactions on Computer and Communication Systems
• /
• v.1 no.2
• /
• pp.109-118
• /
• 2012

As a result of the prevalence of smartphone, various mobile services became faster by LTE networks. Because many mobile devices are used more wireless services, heavy signaling traffic for authentication could be generated. Authentication is an important factor in wireless networks to identify devices; it is the start of wireless networks. This paper analyzes previous patterns for more effective authentication in accessing of another external networks. We propose a fast authentication scheme for minimizing of signaling cost between the authentication server and external networks. And we calculate the rate of authentication occurrence in LTE networks using mathematical modeling as well as the change of signaling cost for authentication in various network environments. Finally, we calculate the optimized number of authentication data and show the effectiveness for authentication signaling costs.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.22 no.1
• /
• pp.75-82
• /
• 2018

As user of mobile device increases, various user authentication methods are actively researched. The user authentication methods includes a method of using a user ID and a password, a method of using user biometric feature, a method of using location based, and a method of authenticating secondary authentication such as OTP(One Time Password) method is used. In this paper, we propose a user system which improves the problem of existing authentication method and encryption can proceed in a way that user desires. The proposed authentication system is composed of an authentication factor collection module that collects authentication factors using a mobile device, a security key generation module that generates a security key by combining the collected authentication factors, and a module that performs authentication using the generated security key module.

• The Transactions of The Korean Institute of Electrical Engineers
• /
• v.66 no.12
• /
• pp.1899-1904
• /
• 2017

This paper presents a new one-time password approach generated based on $4{\times}4$ pattern schedule. It demonstrates generation of passkey from initial seed of random codes and mapping out in table pattern schedule which will produce a new form of OTP scheme in protecting information or data. The OTP-2FA has been recognized by many organizations as a landmark to authentication techniques. OTP is the solution to the shortcomings of the traditional user name/password authentication. With the application of OTP, some have benefited already while others have had second thoughts because of some considerations like cryptographic issue. This paper presents a new method of algorithmic approach based on table schedule (grid authentication). The generation of OTP will be based on the random parameters that will be mapped out in rows and columns allowing the user to form the XY values to get the appropriate values. The algorithm will capture the values and extract the predefined characters that produce the OTP codes. This scheme can work in any information verification system to enhance the security, trust and confidence of the user.

• Journal of the Korea Convergence Society
• /
• v.10 no.12
• /
• pp.63-69
• /
• 2019

Using a smartphone allows quick and easy authentication and payment. However, smartphone security threats are evolving into a variety of new hacking technologies, and are changing to attacks specific to the mobile environment. Therefore, there is a demand for an authentication method suitable for a mobile environment. In order to solve security weaknesses in knowledge-based authentication, many companies provide two-step authentication services such as OTP(One Time Password) to provide authentication services such as finance, games, and login. Although OTP service is easy to use, it is easy to duplicate random number table and has a disadvantage that can be reused because it is used as valid value within time limit. In this paper, we propose a mechanism that enables users to quickly and easily authenticate with high security using the authentication method that recognizes special characters through smartphone's dedicated application.

• International Journal of Internet, Broadcasting and Communication
• /
• v.8 no.2
• /
• pp.38-42
• /
• 2016

In this paper, we propose 3-factor mobile banking authentication scheme applied to face recognition techniques with existing certificate and OTP. An image of the user's face is captured by smart phone camera and its brightness processing of the contour of a face and background by n of X and Y points. Then, distance between the point of eyes, nose and mouth from captured user's face are compared with stored facial features. When the compared results corresponding to the data that stored in a face recognition DB, the user is authenticated.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.10 no.12
• /
• pp.3708-3714
• /
• 2009

Recently, most of information services are provided by the computer network, since the technology of computer communication is developing rapidly, and the worth of information over the network is also increasing with expensive cost. But various attacks to quietly intercept the informations is invoked with the technology of communication developed, and then most of the financial agency currently have used OTP, which is generated by a token at a number whenever a user authenticates to a server, rather than general static password for some services. A 2-factor OTP generating method using the OTP token is mostly used by the financial agency. However, the method is vulnerable to real attacks and therefore the OTP token could be robbed and disappeared. In this paper, we propose a 3-factor OTP way using HMAC to conquer the problems and analyze the security of the proposed scheme.

• Journal of KIISE
• /
• v.42 no.9
• /
• pp.1175-1184
• /
• 2015

Recently, there has been an explosive increase in the volume of multimedia data that is available as a result of the development of multimedia technologies. More and more data is becoming available on a variety of web sites, and it has become increasingly cost prohibitive to have a single data server store and process multimedia files locally. Therefore, many service providers have been likely to outsource data to cloud storage to reduce costs. Such behavior raises one serious concern: how can data users be authenticated in a secure and efficient way? The most widely used password-based authentication methods suffer from numerous disadvantages in terms of security. Multi-factor authentication protocols based on a variety of communication channels, such as SMS, biometric, or hardware tokens, may improve security but inevitably reduce usability. To this end, we present a data block-based authentication scheme that is secure and guarantees usability in such a manner where users do nothing more than enter a password. In addition, the proposed scheme can be effectively used to revoke user rights. To the best of our knowledge, our scheme is the first data block-based authentication scheme for outsourced data that is proven to be secure without degradation in usability. An experiment was conducted using the Amazon EC2 cloud service, and the results show that the proposed scheme guarantees a nearly constant time for user authentication.

• Convergence Security Journal
• /
• v.18 no.5_2
• /
• pp.21-27
• /
• 2018

Most of the Internet users in Korea are issued certificates and use them for various tasks. For this reason, it is recommended that accredited certification authorities and security related companies and use public certificates on USB memory and portable storage devices rather than on the user's desktop. Despite these efforts, the hacking of the certificate has been continuously occurring and the financial damage has been continuing. Also, for security reasons, our military has disabled USB to general military users. Therefore, this study proposes a two-factor method using the unique information of the USB memory and the PC which is owned by the user, and suggests a method of managing the private key file secure to the general user. Furthermore, it will be applied to national defense to contribute to the prevention of important data and prevention of access by unauthorized persons.

• Journal of Korea Society of Industrial Information Systems
• /
• v.12 no.2
• /
• pp.24-29
• /
• 2007

The essential factor of ubiquitous is security technology to properly prepare making possible network access, economic and convenient information exchange. This paper proposes an authentication protocol for RFID as one technology to realize such an ubiquitous. The proposed protocol used only the EXOR and the hash function operations reduces operations at RFID tag, which improves stability compared to existing protocols.