• Journal of IKEEE
• /
• v.20 no.3
• /
• pp.291-294
• /
• 2016

A new optical one-time pattern password(OTPT) mutual authentication method is proposed, which presents a two-factor authentication by 2-step phase-shifting digital holography and performs a two-way authentication by a challenge-response handshake of the optical OTPT in both directions. Because a client and a server use OTPT once as a random number and encrypt it for mutual authentication, it protects against a replay or a man-in-the middle attack and results in higher security level.

• Journal of Advanced Navigation Technology
• /
• v.11 no.3
• /
• pp.329-336
• /
• 2007

The use of digital imaging technique and digital contents based on internet has grown rapidly for last several years, and the needs of digital image protection become more important. For the purpose of copyright protection on digital image, the verification of authentication techniques like content authentication, ownership authentication, illegal copy and etc are needed. Digital watermarking, the invisible encryption technique to insert digital watermark into image, the sophisticated perceptual information should be used for providing transparency and robustness of images on watermarking process. In this paper, we implement the digital watermarking algorithm for preventing forged attack, ownership protection and authentication by transforming the wavelet algorithms in frequency domain in terms of human visual system.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.7 no.3
• /
• pp.85-95
• /
• 2011

Smart phones, greatly expanding in the recent mobile market, are equipped with various features compared to existing feature phones and provide the conveniences to in several ways. The camera, one of the features of a smartphone, creates the digital contents, such photos and videos, and plays a role for the media which transmits information, such as video calls and bar code reader. QR-Code recognition is also one of the camera features. It contains a variety of information in two-dimensional bar code type in matrix format, and makes it possible to obtain the information by using smart phones. This paper analyzes the method of QR-Code recognition, password method-the existing user-authentication technique, smart card, biometrics and voice recognition and so on and thenn designs a new user-authentication technique. The proposed user-authentication technique is the technique in which QR-Code, which can be simply granted is read by smart phones and transmitted to a server, for authentication. It has the advantages in view that it will simply the process of authentication and conteract the disadvantages, such as brute force attack, man-inthe-middle attack, and keyboard hacking, which may occur in other authentication techniques.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.11 no.1
• /
• pp.59-67
• /
• 2015

A novel authentication mechanism is biometric authentication where users are identified by their measurable human characteristics, such as fingerprint, voiceprint, and iris scan. The technology of biometrics is becoming a popular method for engineers to design a more secure user authentication scheme. In terms of physiological and behavioral human characteristics, biometrics is used as a form of identity access management and access control, and it services to identity individuals in groups that are under surveillance. In this article, we review the biometric-based authentication protocol by Althobati et al. and provide a security analysis on the scheme. Our analysis shows that Althobati et al.'s scheme does not guarantee server-to-user authentication. The contribution of the current work is to demonstrate this by mounting threat of data integrity and bypassing the gateway node on Althobati et al.'s scheme. In addition, we analysis the security vulnerabilities of Althobati et al.'s protocol.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.14 no.2
• /
• pp.27-33
• /
• 2018

User authentication scheme is a method for controlling unauthorized users' access to securely share the services and resources provided by the server and for verifying users with access rights. Initial user authentication scheme was based on passwords. Nowadays, various authentication schemes such as ID based, smart-card based, and attribute based are being researched. The study of Lee et al. suggested a user authentication scheme that provides forward secrecy and protects anonymity of users. However, it is vulnerable to attacks by outsiders and attackers who have acquired smart-cards. In this paper, we propose a modified smart-card authentication scheme to complement the weakness of the previous studies. The proposed user authentication scheme provides the security for the ID guessing attack and the password guessing attacks of the attacker who obtained the login request message and the user's smart-card.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.10 no.1
• /
• pp.81-87
• /
• 2014

Password-based authentication using smart card provides two factor authentications, namely a successful login requires the client to have a valid smart card and a correct password. While it provides stronger security guarantees than only password authentication, it could also fail if both authentication factors are compromised ((1) the user's smart card was stolen and (2) the user's password was exposed). In this case, there is no way to prevent the adversary from impersonating the user. Now, the new technology of biometrics is becoming a popular method for designing a more secure authentication scheme. In terms of physiological and behavior human characteristics, biometric information is used as a form of authentication factor. Biometric information, such as fingerprints, faces, voice, irises, hand geometry, and palmprints can be used to verify their identities. In this article, we review the biometric-based authentication scheme by Cheng et al. and provide a security analysis on the scheme. Our analysis shows that Cheng et al.'s scheme does not guarantee any kind of authentication, either server-to-user authentication or user-to-server authentication. The contribution of the current work is to demonstrate these by mounting two attacks, a server impersonation attack and a user impersonation attack, on Cheng et al.'s scheme. In addition, we propose the enhanced authentication scheme that eliminates the security vulnerabilities of Cheng et al.'s scheme.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.6 no.6
• /
• pp.937-942
• /
• 2002

The use of digital imaging technique and digital contents based on internet has grown rapidly for last several years, and the needs of digital image protection become more important. For the purpose of copyright protection on digital image, the verification of authentication techniques like content authentication, ownership authentication, illegal copy and etc are needed. Digital watermarking, the invisible encryption technique to insert digital watermark into image the sophisticated perceptual information should be used for providing transparency and robustness of images on watermarking process. In this paper, we implement the algorithm for preventing forged attack, ownership protection and authentication by transforming the wavelet algorithms in frequency domain in terms of human visual system.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.2
• /
• pp.345-358
• /
• 2016

In this paper, we present a security tool which called Digital Legal Seal. The Digital Legal Seal scans a barcode on a paper and print it with the tag generated by Hash-based Message Authentication Code(HMAC) in text format on a display device. The result of HMAC can be used for user authentication or secure message transmission on both online and offline. We examine not only how the Digital Legal Seal can make up the weak points of security card and OTP (One Time Password), but also the possibility of reducing the forgery of promissory note on offline.

• Journal of The Korean Digital Architecture Interior Association
• /
• v.6 no.1
• /
• pp.1-4
• /
• 2006

This research studied necessary digital Interior Design education and certification formality for Dept. of Interior Design students' percentage of employment raising and competitive power elevation of industry by the support of 2005 junior college finance support business from the Ministry of Education & Human Resources Development. Contents of this research is built from joint research by vender of software, which has the highest distribution and preference rate of digital Interior Design related software in industry, and The Korea Digital Architecture and Interior Association, and Daeduk college. The necessary certification standard and course-ware for employment of graduates were developed. There are descriptions for students' needs on digital Interior Design related practical application ability that can receive authentication, And made out education schedule as well as contents so that execution of authentication and education may be possible.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.6 no.2
• /
• pp.55-69
• /
• 2010

This article proposed the authentication protocol for peer-to-peer resource sharing community. The proposed protocol does not require a priori information for generating and exchanging authentication key. Also this protocol can provide the delicate access control by allowing the user(authenticator) to assign the trust level to the authentication supplicant, which can be used to decide if the resource providing node will accept the resource sharing request from a resource requesting node. Trust Relationship Chaining provides the environment where trust levels (included in the trust table) of nodes in the resource sharing community are propagated among nodes when trust tables are exchanged between two nodes engaged in mutual authentication process and authentication refresh so that any two nodes which are not directly mutual-authenticated can assign the trust level each other for the access control for resource sharing. In the proposed protocol a node can implements the authentication refresh continuously to verify the effectiveness of authentication after mutual authentication so that the authentication of new node or authentication revocation(effectiveness cancellation) of the departed node can be propagated to the all the nodes in RSC and eventually safe resource sharing community is configured.