• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.10 no.10
• /
• pp.2750-2759
• /
• 2009

In this paper, we analyze vulnerabilities in a remote authentication protocol using smartcards which was proposed by Bindu et al. and propose an improved scheme. The proposed scheme can prevent from restricted replay attack and denial of service attack by replacing time stamp with random number. In addition, this protocol can guarantee user anonymity by transmitting encrypted user's ID using AES cipher algorithm. The computational load in our protocol is decreased by removing heavy exponentiation operations and user efficiency is enhanced due to addition of password change phase in which a user can freely change his password. Furthermore, we really implement the proposed authentication protocol using a STM smartcard and authentication server. Then we prove the correctness and effectiveness of the proposed remote authentication system.

• Convergence Security Journal
• /
• v.19 no.3
• /
• pp.13-19
• /
• 2019

MANET has many security vulnerabilities because it consists of only mobile nodes using wireless. In particular, it is a very important factor determining network performance that excludes the participation of malicious nodes through accurate reliability measurements and authentication of nodes participating in the network. In this paper, we proposed a technique applied with blockchain technology in order to prevent forgery of authentication information for nodes participating in the network. And, an area-based hierarchical structure was applied to increase the efficiency of authentication for nodes and apply the optimal technique of block generation and exchange protocol. In addition, four data payloads were added to the block header in order to add authentication information for nodes in block. To improve the reliability by applying the blockchain technique to the hop-by-hop data transfer method between mobile nodes, blockchain exchange protocol through transaction creation, block packaging and verification processes were implemented. We performed the comparative experiment with the existing methods to evaluate the performance of the proposed method and confirmed the excellent performance by the experiment results.

• Journal of Internet Computing and Services
• /
• v.10 no.6
• /
• pp.229-239
• /
• 2009

To solve user authentication problem, many remote user authentication schemes using password and smart card at the same time have been proposed. Due to the increasing of interest in personal privacy, there were some recent researches to provide user anonymity. In 2004, Das et al. firstly proposed an authentication scheme that guarantees user anonymity using a dynamic ID. In 2005, Chien et al. pointed out that Das et al.'s scheme has a vulnerability for guaranteing user anonymity and proposed an improved scheme. However their authentication scheme was found some weaknesses about insider attack, DoS attack, and restricted replay attack. In this paper, we propose an enhanced scheme which can remove vulnerabilities of Chien et al.'s scheme. The proposed authentication protocol prevented insider attack by using user's Nonce value and removed the restricted replay attack by replacing time stamp with random number. Furthermore, we improved computational efficiency by eliminating the exponentiation operation.

• Journal of Advanced Navigation Technology
• /
• v.17 no.6
• /
• pp.736-748
• /
• 2013

In this paper, we analyse the vulnerabilities of KL scheme which is an ID-based authentication scheme for AMI network, and propose two kinds of authentication schemes which satisfy forward secrecy as well as security requirements introduced in the previous works. In the first scheme, we use MDMS which is the supervising system located in an electrical company for a time-synchronizing server, in order to synchronize smart grid devices in home, and we process device authentication with a new secret value generated by OTP function every session. In the second scheme, we use a secret hash-chain mechanism for authentication process, so we can use a new secret value every session. The proposed two schemes have strong points and weak points respectively and those depend on the services area and its environment, so we can select one of them efficiently considering real aspects of AMI environment.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.11 no.3
• /
• pp.69-77
• /
• 2015

MANET is composed of only the mobile nodes have a limited transmission range. The dynamic topology by the frequent movement of nodes makes routing difficult and is also cause exposed to security vulnerabilities. In this paper, we propose the security routing technique consisted of mechanism of two steps in order to respond effectively to attack by the modification of the routing information and transmit secure data. The hierarchical structure is used and the authentication node that issues the key of the nodes within each cluster is elected in this proposed method. The authentication node manages key issues and issued information for encrypting the routing information from the source node. The reliability value for each node is managed to routing trust table in order to secure data transmission. In the first step, the route discovery is performed using this after the routing information is encrypted using the key issued by the authentication node. In the second step, the average reliability value of the node in the found path is calculated. And the safety of the data transmission is improved after the average reliability value selects the highest path. The improved performance of the proposed method in this paper was confirmed through comparative experiments with CBSR and SEER. It was confirmed a better performance in the transmission delay, the amount of the control packet, and the packet transmission success ratio.

• The Journal of the Korea Contents Association
• /
• v.8 no.6
• /
• pp.66-73
• /
• 2008

The concept of u-Vehicle is a technological model that people try to build the ubiquitous world in the car which moves, by using the RFID technology as well as the telematics service based on the location. RFID is weak on the point of information security because RFID has possibility for being abused such as chasing, counterfeiting, and invading personal privacy. RFID's tags use a weak cryptographic algorithm. This paper presents the vulnerabilities of information security under u-Vehicle environments. To solve that, we propose a mechanism enhancing RFID tag's security but with low cost by reducing the number of mutual authentication stages and using the hash function.

• 한국IT서비스학회:학술대회논문집
• /
• 2008.05a
• /
• pp.582-585
• /
• 2008

Nate-on is one of the most widely used messenger system in Korea. A recent research, however, shows that Nate-on messenger has some security vulnerabilities in its mechanism for user authentication. From the present paper found on which the certify method of nate-on messenger program and its weakness. This paper aims to propose new certified protocol and find a solution to the problems that it has by reviewing the way to authenticate the nate-on messenger program and its weak points. In this work, we present a new authentication protocol designed to resolve the security problem with the Nate-on system.

• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.47 no.1
• /
• pp.25-34
• /
• 2010

The IEEE 802.16-2004 standard has a security sub-layer in the MAC layer called, Privacy Key Management (PKM). However, several researches have been published to address the security vulnerabilities of IEEE 802.16-2004. After the IEEE 802.16-2004 standard, a new advanced and revised standard was released as the IEEE 802.16e-2005 amendment which is foundation of Mobile WiMAX network supporting handoffs and roaming capabilities. PKMv2 in Mobile WiMAX includes EAP authentication, AES-based authenticated encryption, and CMAC or HMAC message protection. However, Mobile WiMAX still has a problem of security architecture such as a disclosure of security context in network entry, a lack of secure communication in network domain, and a necessity of efficient handover supporting mutual authentication because Mobile WiMAX security has mainly concentrated on between SS and BS communication. Based on the investigation results, we propose a novel mobile WiMAX security architecture, called RObust and Secure MobilE WiMAX (ROSMEX), to prevent the new security vulnerabilities.

• The KIPS Transactions:PartC
• /
• v.17C no.4
• /
• pp.361-370
• /
• 2010

OTP(One Time Password) is a user authentication using secure mechanism to authenticate each other in a way to generate a password, an attacker could intercept the password to masquerade as legitimate users is a way to prevent attacks. The OTP can be implemented as H/W or S/W. Token and card type OTP, implemented as H/W, is difficult to popularize because of having problem with deployment and usability. As a way to replace it implemented as S/W on Mobile or PC is introduced. However, S/W products can be target of malicious attacks if S/W products have vulnerability of implementation. In fact, FSA said the OTP implemented on a mobile have vulnerability of implementation. However, the OTP implemented on a PC have no case about analysis of vulnerability. So, in this paper derive security review and vulnerabilities analysis of implemented on a PC.

• The KIPS Transactions:PartC
• /
• v.12C no.3 s.99
• /
• pp.369-378
• /
• 2005

War simulation system is a virtual space that my tactical simulation exercise is held. The data used in this system are considered sensitive and needs to be protected. But suity vulnerabilities and possible security loopholes were not considered when designing the war game simulation system. So currently the systemis highly vulnerable against hackers and data leakages. This paper proposed a security system for war game simulation system based on considering the currently vulunerabilities and possible suity leakages. The proposed security system supports security patches. In this paper, we analyze vulunerabilities of the running environment of current system and we design and implement the security system that is consisted of three components : Authentication System, Encryption System and Network Security System. The security patches are safe and there are no negative effects on the system's performance. The patches are proved to be effective and very reliable towards solving the security vulnerabilities.