• The Transactions of The Korean Institute of Electrical Engineers
• /
• v.65 no.12
• /
• pp.2167-2176
• /
• 2016

In the multi-server environment, remote user authentication has a very critical issue because it provides the authorization that enables users to access their resource or services. For this reason, numerous remote user authentication schemes have been proposed over recent years. Recently, Lin et al. have shown that the weaknesses of Baruah et al.'s three factors user authentication scheme for multi-server environment, and proposed an enhanced biometric-based remote user authentication scheme. They claimed that their scheme has many security features and can resist various well-known attacks; however, we found that Lin et al.'s scheme is still insecure. In this paper, we demonstrate that Lin et al.'s scheme is vulnerable against the outsider attack and user impersonation attack, and propose a new biometric-based scheme for authentication and key agreement that can be used in the multi-server environment. Lastly, we show that the proposed scheme is more secure and can support the security properties.

• Journal of the Korea Society of Computer and Information
• /
• v.21 no.1
• /
• pp.107-113
• /
• 2016

In this paper, by managing the biometric data is changed with the passage of time, a systematic and scientifically propose a framework to increase the bio-vector generation efficiency of the smart health care. Increasing the development of human life as a medicine and has emerged smart health care according to this. Organic and efficient health management becomes possible to generate a vector when the biological domain to the wireless communication infrastructure based on the measurement of the health status and to take action in accordance with the change of the physical condition. In this paper, we propose a framework to create a bio-vector that contains information about the current state of health of the person. In the proposed framework, Bio vectors may be generated by collecting the biometric data such as blood pressure, pulse, body weight. Biometric data is the raw data from the bio-vector. The scope of the primary data can be set to active. As the collecting biometric data from multiple items of the bio-recognition vectors may increase. The resulting bio-vector is used as a measure to determine the current health of the person. Bio-vector generating the proposed framework, it can aid in the efficiency and systemic health of healthcare for the individual.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.4
• /
• pp.879-888
• /
• 2018

Along with the recent worldwide development of fintech, FIDO (Fast IDentity Online) using biometric technology is rapidly growing in the mobile payment market, replacing the existing password system. This FIDO authentication must be processed in a reliable environment that requires high level of security, as sensitive biometrics is being processed. However, this environment is currently dependent on the manufacturer as it is supported by certain hardware on the smartphone. Therefore, this thesis proposes a server-based authentication model using distributed management of compliance based biometric information that can be used universally safely without the need for specific hardware in mobile environments.

• Convergence Security Journal
• /
• v.18 no.3
• /
• pp.87-94
• /
• 2018

Privacy means the right not to interfere with the private life of an individual. Bio data is the most private personal information about the person itself, and according to advancement of technology, it is possible to analyze and judge individual as well as identify individual. The Personal Information Protection Act is based on global privacy principles, but the legislation for the protection of bio information has yet to be enacted. Therefore, it is time to protect biometric data as more sensitive information than general personal information. We will review the global privacy discussions for protecting biometric information and propose additional privacy principles and measures for utilization that should be defined in the biometric information protection guideline.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.15 no.4
• /
• pp.93-100
• /
• 2005

In this paper, we describe biometric watermarking techniques for secure user verification on the remote, multimodal biometric system employing both fingerprint and face information, and compare their effects on verification accuracy quantitatively. To hide biometric data with watermarking techniques, we first consider possible two scenarios. In the scenario 1, we use a fingerprint image as a cover work and hide facial features into it. On the contrary, we hide fingerprint features into a facial image in the Scenario 2. Based on the experimental results, we confirm that the Scenario 2 is superior to the Scenario 1 in terms of the verification accuracy of the watermarking image.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.16 no.1
• /
• pp.13-21
• /
• 2006

Though authentication using biometric techniques has conveniences for people, security problems like the leakage of personal bio-information would be serious. Even if cancelable biometric is a good solution for the problems, only a few biometric authentication scheme with cancelable feature has been published. In this paper, we suggest a face authentication scheme with two security factors: password and face image. Using matching algorithm in the permuted domain, our scheme is designed to be cancelable in the sense that templates that is composed of permutation and weight vector can be changed freely.

• Journal of the Korea Society of Computer and Information
• /
• v.28 no.3
• /
• pp.59-65
• /
• 2023

As research on blockchain applications in various fields is actively increasing, management of private keys that prove users of blockchain has become important. If you lose your private key, you lose all your data. In order to solve this problem, previously, blockchain wallets, private key recovery using partial information, and private key recovery through distributed storage have been proposed. In this paper, we propose a safe private key backup and recovery method using Shamir's Secrete Sharing (SSS) scheme and biometric information, and evaluate its safety. In this paper, we propose a safe private key backup and recovery method using Shamir's Secrete Sharing (SSS) scheme and biometric information, and evaluate its safety against robustness during message exchange, replay attack, man-in-the-middle attack and forgery and tampering attack.

• Advances in environmental research
• /
• v.12 no.2
• /
• pp.113-122
• /
• 2023

Biometric authentication has become an essential part of modern-day security systems, especially in financial institutions like banks. A face recognition-based ATM is a biometric authentication system, that uses facial recognition technology to verify the identity of bank account holders during ATM transactions. This technology offers a secure and convenient alternative to traditional ATM transactions that rely on PIN numbers for verification. The proposed system captures users' pictures and compares it with the stored image in the bank's database to authenticate the transaction. The technology also offers additional benefits such as reducing the risk of fraud and theft, as well as speeding up the transaction process. However, privacy and data security concerns remain, and it is important for the banking sector to instrument solid security actions to protect customers' personal information. The proposed system consists of two stages: the first stage captures the user's facial image using a camera and performs pre-processing, including face detection and alignment. In the second stage, machine learning algorithms compare the pre-processed image with the stored image in the database. The results demonstrate the feasibility and effectiveness of using face recognition for ATM authentication, which can enhance the security of ATMs and reduce the risk of fraud.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.7 no.1
• /
• pp.166-183
• /
• 2013

It requires a lot of costs and manpower to manage an election. The electronic voting scheme can make the election system economic and trustful. The widespread use of smart phones causes mobile voting to be a major issue. The smart phone can be used as a mobile voting platform since it can carry out many services in addition to basic telephone service. To make mobile voting practical and trustful, we analyzed two subjects of study. Firstly, the way to make a biometric based mobile ID, which has legal binding forces. In mobile voting, user identification is accomplished on line since the voter should be able to vote wherever they go. The digital ID conducts a similar role to the need for a resident card. The user's identity is bound to the resident card legally. To bind the user's identity to the smart phone, we use USIM. Biometric recognition is also needed to authenticate the user, since the user cannot prove him or her on line face-to-face. The proposed mobile ID can be reissued by means of introducing a random secret value. Secondly, the mobile voting scheme is proposed where candidates can accept election results without doubt. The goal of an election is to select a leader among two or more candidates. Existing electronic voting schemes mainly focus on the study of ballot verification accomplished by voters. These approaches are not safe against collusion attacks where candidates and the election administration center are able to collude to fabricate election results. Therefore, a new type of voting and counting method is needed where candidates can directly take part in voting and counting stages. The biometric based multi-signature scheme is used to make the undeniable multi-signed ballot. The ballot cannot be verified without the help of all candidates. If candidates accept election results without a doubt, the fairness of the election is satisfied.

• Journal of the Korea Convergence Society
• /
• v.8 no.2
• /
• pp.9-14
• /
• 2017

A fingerprint is unique to each person and can be represented as a digital form. As the fingerprint is the part of human body, fingerprint recognition is much more easy to use and secure rather than using password or resident card for user authentication. In addition, as the newly released smart phones have built-in camera and fingerprint sensors, the demand for biometric authentication is increasing rapidly. But, the drawback is that the fingerprint can be counterfeited easily and if it's exposed to the hacker, it cannot be reused. Thus, the original fingerprint template should be transformed for registration and authentication purposes. Existing transformation functions use passcode to transform the original template to the cancelable form. Additional module is needed to input the passcode, so it requires more cost and lowers the usability. In this paper, we propose biometric authentication scheme that is economic and easy to use. The proposed scheme is consisted of cancelable biometric template creation, registration and user authentication protocols, and can control several security levels by configuring the number of fingerprints and scan times. We also analyzed that our scheme is secure against the brute-force attack and the active attacks.