• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.23 no.7
• /
• pp.1851-1859
• /
• 1998

We summarize the password-based authetication protocol K1P which was introduced in our easlier papers [1,2] and then propose three more extended protocols. These protocols preserve a design concept of K1P, i.e., security and efficiency, and canbe used for various purposes. They are a One-time key K1P, a Client public key K1P, and an Exponential key exchange K1P.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.19 no.1
• /
• pp.31-42
• /
• 2023

As computer performance is leveled upward, the use of IoT systems is gradually expanding. Although IoT systems are used in many fields, it is true that it is difficult to build a safe system due to performance limitations. To overcome these limitations, many researchers have proposed numerous protocols to improve security issues. Among them, Azrour et al. except. We proposed a new efficient and secure authentication protocol for remote healthcare systems in a cloud-based IoT environment, and claimed that the new protocol could solve the security vulnerabilities of the existing protocols and was more efficient. However, in this paper, through the security analysis of the remote healthcare system in the cloud-based IoT environment proposed by Azrour et al., the protocol of this system was found to be vulnerable to Masquerade attack, Lack of Perfect Forward Secrecy, Off-line password guessing attack, and Replay attack.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.22 no.12
• /
• pp.2860-2866
• /
• 1997

Kerberos is the most used example of authentication technology in distributed environment. In this paper, based on this method, a new authentication mechanism associated with X.509 protocol that authenticates services between regions is presented. Since any suggestions to regional services are not described in Kerberos, the authentication between regiona is performed via the connected chain obtained from x.509. These two protocols have distinguished key management systems -X.509 is designed using an asymmetric method, while Kerberos using a symmetric method. In order to provide regional services, X.509 is employed on connection part and Kerberos on actual authetication part.