• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.1
• /
• pp.77-87
• /
• 2008

Recently, many hash-based authentication protocols were presented to guarantee mutual authentication between tag and DB in RFID system. To be suitable for distributed DB environment, one generally uses fixed constant value as a tag ID. However, some existing protocols have security flaws or heavy computational loads in DB in order to search a tag ID. We propose a secure authentication protocol which is suitable for distributed DB environment by using unchangeable tag ID. The storage method of pre-synchronized information in DB at previous session is core idea of our proposal which gives low-cost ID search of DB at next session. In normal synchronization state, our protocol only requires 3 hash operations in tag and DB respectively.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.12 no.6
• /
• pp.71-80
• /
• 2002

To provide the confidentiality of messages transmitted over the network, the use of cryptographic system is increasing gradually and the hybrid cryptosystem, which combines the advantages of the symmetric cryptosystem and the public key cryptosystem is widely used. In this paper, we proposes a new hybrid cryptosystem capable of providing implicit authentication for the sender of the ciphertext by means of the 1-pass key distribution protocol that offers implicit key authentication, hash function and symmetric cryptosystem. Also, we describe some examples such as the Diffie-Hellman based system and the Nyberg-Ruppel based system. The proposed hybrid cryptosystem is an efficient more than general public key cryptosystems in the aspect of computation work and provides implicit authentication for the sender without additional increase of the communication overhead.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2011.10a
• /
• pp.253-254
• /
• 2011

Most of existing RFID authentication protocols either suffer from some security weaknesses or require costly operations that are not available on low-cost tags. In this paper, we analyzed the security mechanism of a lightweight authentication protocol.

• Journal of the Korea Society of Computer and Information
• /
• v.24 no.12
• /
• pp.59-65
• /
• 2019

Hospital Information System includes a wide range of information in the medical profession, from the overall administrative work of the hospital to the medical work of doctors. In this paper, we proposed a Vision-based Authentication and Registration of Facial Identity in Hospital Information System using OpenCV. By using the proposed security module program a Vision-based Authentication and Registration of Facial Identity, the hospital information system was designed to enhance the security through registration of the face in the hospital personnel and to process the receipt, treatment, and prescription process without any secondary leakage of personal information. The implemented security module program eliminates the need for printing, exposing and recognizing the existing sticker paper tags and wristband type personal information that can be checked by the nurse in the hospital information system. In contrast to the original, the security module program is inputted with ID and password instead to improve privacy and recognition rate.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.38B no.5
• /
• pp.377-384
• /
• 2013

In order to improve the security strength in the password based user authentication, in which the security vulnerability is increased while the same password is repeatedly used, the OTP(One-Time Password) system has been introduced. In the OTP systems, however, the user account information and OTP value may be hacked if the user PC is infected by the malicious codes, because the user types the OTP value, which is generated by the mobile device synchronized with the server, directly onto the user PC. In this paper, we propose a new method, called DTOTP(Dual Transmission OTP), to solve this security problem. The DTOTP system is an improved two-factor authentication method by using the dual transmission, in which the user performs the server authentication by typing the user account and password information onto the PC, and then for the OTP authentication the mobile device scans the QR code displayed on the PC and the OTP value is sent to the server directly. The proposed system provides more improved security strength than that of the existing OTP system, and also can adopt the existing OTP algorithm without any modification. As a result, the proposed system can be safely applied to various security services such like banking, portal, and game services.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.12 no.5
• /
• pp.2353-2359
• /
• 2011

The request of Green-IT technology and recommend of computer hardware resource are increasing explosively. So, necessity of Cloud computing is increasing rapidly. Berkeley Univ. announced teens constituent that threat Cloud computing in 2009 and problem for user authentication should be solved as is urgentest among them. So, We wish to propose effective user authentication protocol in Cloud computing environment. Secure safety for user quotation through Kerberos's ticket issue that is existent representative user authentication techniques, and defined authentication procedure of two steps that flow user authentication and service authentication through PKI's. Is uncomplicated structurally more than efficiency for certification protocol and examination result about safety, existent PKI that propose and simplify achievement procedure and system configuration more than Kerberos and reduced response time.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.9 no.1
• /
• pp.102-107
• /
• 2005

With the advancement which development and information communication of the computer is quick about lower with multimedia technical diffusion of network base the necessity the use of the digital image technique which is various regarding the protection of sharp increasing multimedia contents raised its head in the social whole. the copyright protection against a multimedia data hazard the authentication techniques it will be able to confirm the content authentication, ownership authentication, illegal copy of the image which stands is demanded. confronts to the water marking technique of existing and the researches the fact that against a picture is most. In this paper, It does not damage the video data which is a multimedia contents not to be, it inserts copyright information and it protects the right of ownership. It is with a copyright protection which leads the wavelet transform which is a watermark of frequency base from visual system viewpoint in the human being center with it proposes the watermarking technique against a forgery prevention.

• Journal of Digital Convergence
• /
• v.18 no.11
• /
• pp.227-232
• /
• 2020

The one of the biggest challenges in using e-mail is that it is difficult to filter out unconfirmed senders. Therefore, in this study, an email group authentication API was designed using blockchain technology, which has been widely used as an authentication method. As the proposed model, the node-node weighting index was obtained through the relationship association network, and after designing the email reliability model, the reliability calculation model of the Rotten Tomato method was obtained. Based on this, the system structure was designed, chain code methods were defined, and API was developed. Through this study, it is expected that it will be used in various fields requiring authentication as well as email user authentication, and it is expected that the relationship of group authentication can be proved by allowing a large number of users to use the API in the future.

• Convergence Security Journal
• /
• v.16 no.6_2
• /
• pp.83-88
• /
• 2016

Over recent years there has been considerable growth in interest in the use of biometric systems for personal authentication. Biometrics is a field of technology which has been and is being used in the identification of individuals based on some physical attribute. By using biometrics, authentication is directly linked to the person, rather than their token or password. Biometric authentication is a type of system that relies on the unique biological characteristics of individuals to verify identity for secure access to electronic systems. In 2013, Althobati et al. proposed an efficient remote user authentication protocol using biometric information. However, we uncovered Althobati et al.'s protocol does not guarantee its main security goal of mutual authentication. We showed this by mounting threat of data integrity and bypassing the gateway node attack on Althobati et al.'s protocol. In this paper, we propose an improved scheme to overcome these security weaknesses by storing secret data in device. In addition, our proposed scheme should provide not only security, but also efficiency since sensors in WSN(Wireless Sensor Networks) operate with resource constraints such as limited power, computation, and storage space.

• Journal of Biomedical Engineering Research
• /
• v.39 no.1
• /
• pp.43-47
• /
• 2018

Traditional electroencephalography (EEG)-based authentication systems generally use external stimuli that require user attention and relatively long time for authentication. The aim of this study is to investigate the feasibility of biometric authentication based on EEG without using any external stimuli. Seventeen subjects took part in the experiment and their EEGs were measured while repetitively closing and opening their eyes. For identifying each subject, we calculated inter- and intra-subject cross-correlation using changes in alpha activity (8-13 Hz) during eyes closed as compared to eyes open. In order to optimize the number of recording electrodes, we calculated authentication accuracy by progressively reducing the number of electrodes used in the analysis. Significant increase in alpha activity was observed for all subjects during eyes closed, focusing on occipital areas, and spatial patterns of changed alpha activity were considerably different between the subjects. A mean authentication accuracy of 92.45% was obtained, which was retained over 75% when using only 8 electrodes placed around occipital areas. Our results could demonstrate the feasibility of the proposed novel authentication method based on resting state EEGs.