• Convergence Security Journal
• /
• v.14 no.7
• /
• pp.91-99
• /
• 2014

NFC(Near Field Communication) is a wireless data exchange technology in 13.56MHz frequency band between devices. The NFC Forum defines the NDEF(NFC Data Exchange Format) exchanging data format between NFC devices and NFC Tags, the NFC RTD(Record Type Definition) defining the record types in the NDEF messages, the Smart Poster RTD in order to replace current paper posters and the Signature RTD to ensure the authenticity and integrity for NDEF records. But the previous smart poster authentication scheme have the weaknesses of using the PKI(Public Key Infrastructure) with certificates to verify the public key for the smart poster authentication and requiring the additional storage capacity of NFC tags for the authentication path. Therefore in this paper we propose a smart poster authentication scheme and implementation based on the authentication URL, a digital signature and a public key without the PKI and certificates for the smart poster authentication.

• Journal of Korea Multimedia Society
• /
• v.12 no.6
• /
• pp.833-841
• /
• 2009

In this paper we propose a flexible video authentication scheme based on aggregate signature, which provides authenticity of a digital video by means of cryptographic signature to guarantee right of users. In contrast to previous works, the proposed scheme provides flexible usages on content distribution system, and it allows addition of new contents to the signed contents and deletion of some parts of the signed contents. A modification can be done by content owner or others. Although contents are modified by one or more users, our scheme can guarantee each user's right by aggregation of the each user's signatures. Moreover, proposed scheme has half size of Digital Signature Algorithm (DSA) with comparable security.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.5 no.11
• /
• pp.2221-2234
• /
• 2011

The fuzzy vault scheme has emerged as a promising solution to user privacy and fingerprint template security problems. Recently, however, the fuzzy vault scheme has been shown to be susceptible to a correlation attack. This paper proposes a novel scheme for one-time templates for fingerprint authentication based on the fuzzy vault scheme. As in one-time passwords, the suggested method changes templates after each completion of authentication, and thus the compromised templates cannot be reused. Furthermore, a huge number of chaff minutiae can be added by expanding the size of the fingerprint image. Therefore, the proposed method can protect a user's fingerprint minutiae against the correlation attack. In our experiments, the proposed approach can improve the security level of a typical approach against brute-force attack by the factor of $10^{34}$.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.5 no.11
• /
• pp.2204-2220
• /
• 2011

Without providing a proper security measure to the handover procedure in Mobile WiMAX, several security attacks can be mounted. Even though security schemes have been previously proposed for this purpose, they are still vulnerable to several security attacks due to fatal design flaws. A newly proposed security scheme in this paper is based on the framework of authentication domain and concept of handover ticket. A method of establishing security associations within the authentication domain is proposed, and a lightweight security measure to protect the management messages associated with the handover is also proposed. Especially, using the handover ticket, the new security scheme can defend against a Redirection Attack arising from a compromised base station. The new security scheme is comparatively analyzed with the previous security schemes in terms of Replay, Session Hijacking, Man-In-The-Middle, and Redirection attacks.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.7 no.3
• /
• pp.75-83
• /
• 2011

Cognitive radio (CR) technology is to maximize the spectrum utilization by allocating the unused spectrums to the unlicensed users. This technology enables the sharing of channels among secondary (unlicensed) and primary (licensed) users on a non-interference basis after sensing the vacant channel and as a result, it is possible to harness wireless frequency more efficiently. To enhance the accuracy of sensing, RDSS was suggested. It is a fusion mechanism based on the reputation of sensing nodes and WSPRT (weighted sequential probability ratio test). However, in RDSS, the execution number of WSPRT could increase according to the order of inputted sensing values, and the fast defense against the forged values is difficult. In this paper, we propose a transaction signing-based authentication scheme for secure distributed spectrum sensing to response the forged values. The validity of proposed scheme is provided by BAN logic.

• Journal of information and communication convergence engineering
• /
• v.9 no.4
• /
• pp.431-434
• /
• 2011

Password-based user-authentication schemes have been widely used when users access a server to avail internet services. Multiserver password-authentication schemes enable remote users to obtain service from multiple servers without separately registering with each server. In 2008, Jia-Lun Tsai proposed an improved and efficient password-authenticated key agreement scheme for a multiserver architecture based on Chang-Lee's scheme proposed in 2004. However, we found that Tsai's scheme does not provide forward secrecy and is weak to insider impersonation and denial of service attacks. In this article, we describe the drawbacks of Tsai's scheme and provide a countermeasure to satisfy the forward secrecy property.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.15 no.6
• /
• pp.2255-2281
• /
• 2021

Channel characteristic-based physical layer authentication is one potential identity authentication scheme in wireless communication, such as used in a fog computing environment. While existing channel characteristic-based physical layer authentication schemes may be efficient when deployed in the conventional wireless network environment, they may be less efficient and practical for the industrial wireless communication environment due to the varying requirements. We observe that this is a topic that is understudied, and therefore in this paper, we review the constructions and performance of several commonly used test statistics and analyze their performance in typical industrial wireless networks using simulation experiments. The findings from the simulations show a number of limitations in existing channel characteristic-based physical layer authentication schemes. Therefore, we believe that it is a good idea to combine machine learning and multiple test statistics for identity authentication in future industrial wireless network deployment. Four machine learning methods prove that the scheme significantly improves the authentication accuracy and solves the challenge of choosing a threshold.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.13 no.6
• /
• pp.107-112
• /
• 2003

Handover in IEEE 802.11 requires repeated authentication and key exchange procedures, which are an obstacle to seamless services of wireless LAM. We propose a fast authentication and key exchange mechanism using IEEE 802.11f. Especially, by proposing a modified version of the 4-way handshake of IEEE 802.11i, we solve the perfect forward secrecy problem that arises when the pre-authentication is adopted. The scheme can be implemented only using the Context Block of IEEE 802.11f and the 4-way handshake of IEEE 802.11i without involving authentications server's interaction or non-standard behavior between access points. Our scheme is applicable to devices not supporting the us-authentication of IEEE 802.11i and also, it can substitute the pre-authentication when the pre-authentication is failed.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.11 no.5
• /
• pp.2762-2777
• /
• 2017

A fuzzy identity based signature (FIBS) scheme allows a signer with identity ${\omega}$ to generate a signature which could be verified under identity ${\omega}^{\prime}$ if and only if ${\omega}$ and ${\omega}^{\prime}$ are within a certain distance of each other as judged by some metric. In this paper, we propose an efficient FIBS scheme from lattice assumption, which can resist quantum-computer attacks. Without using the Bonsai Tree technique, we utilize the lattice basis delegation technique to generate the private key, which has the advantage of keeping the lattice dimension invariant. We also prove that our proposed scheme is existentially unforgeable under an adaptive chosen message and identity attack in the random oracle model. Compared with existing scheme, our proposed scheme is much more efficient, especially in terms of communication overhead. Since our FIBS scheme possesses similar error-tolerance property, it can be well applied in post-quantum communication biometric authentication environments, where biometric identifiers such as fingerprints, voice, iris and gait are used in human identification.

• Proceedings of the Korean Institute of Intelligent Systems Conference
• /
• 2003.09a
• /
• pp.256-259
• /
• 2003

This paper presents mutual authentication scheme between user and network on mobile communications using public key scheme based on counter, and simultaneously shows key agreement between user and user using random number for secure communications. This is also a range of possible solutions to authentication and key agreement problem-authentication and key agreement protocol based on nonce and count, and secure end-to-end protocol based on the function Y=f(.)$\^$1/, C$\^$i/ is count of user I, and f(.) is one way function.