• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.37B no.11
• /
• pp.984-992
• /
• 2012

In this paper, we discuss a new architecture of future Internet for mobile-oriented environments, named Mobile-Oriented Future Internet (MOFI). The MOFI architecture is designed with Host Identifier and Local Locator (HILL) for identifier and locator separation. Based on the HILL separation architecture, we propose a Dynamic and Distributed Mapping System (DDMS) for identifier-locator mapping control. In DDMS, the mapping control function is distributed onto each access router in the domain, which is different from the centralized approach using a central anchor. For validation of the proposed MOFI-DDMS architecture, we implemented the data delivery and mapping control functions using Linux platform. From the testbed experimental results, we see that the DDMS architecture can give better performance than the existing Proxy Mobile IP (PMIP) protocol in terms of data transmission throughput.

• Convergence Security Journal
• /
• v.23 no.4
• /
• pp.43-52
• /
• 2023

Many businesses and organizations use smartcard-based user authentication for remote access. In the meantime, through various studies, dynamic ID-based remote user authentication protocols for distributed multi-server environments have been proposed to protect the connection between users and servers. Among them, Qiu et al. proposed an efficient smart card-based remote user authentication system that provides mutual authentication and key agreement, user anonymity, and resistance to various types of attacks. Later, Andola et al. found various vulnerabilities in the authentication scheme proposed by Qiu et al., and overcame the flaws in their authentication scheme, and whenever the user wants to log in to the server, the user ID is dynamically changed before logging in. An improved authentication protocol is proposed. In this paper, by analyzing the operation process and vulnerabilities of the protocol proposed by Andola et al., it was revealed that the protocol proposed by Andola et al. was vulnerable to offline smart card attack, dos attack, lack of perfect forward secrecy, and session key attack.

• Journal of the Korea Society of Computer and Information
• /
• v.26 no.10
• /
• pp.101-108
• /
• 2021

In this paper, we analyze Shin's proposed dynamic ID-based user authentication scheme for TMIS(Telecare Medicine Information System), and Shin's authentication scheme is vulnerable to smart card loss attacks, allowing attackers to acquire user IDs, which enables user impersonation attack. In 2019, Shin's proposed authentication scheme attempted to generate a strong random number using ECC, claiming that it is safe to lose a smart card because it is impossible to calculate random number r'i due to the difficulty of the ECC algorithm without knowing random number ri. However, after analyzing Shin's authentication scheme in this paper, the use of transmission messages and smart cards makes it easy to calculate random numbers r'i, which also enables attackers to generate session keys. In addition, Shin's authentication scheme were analyzed to have significantly greater overhead than other authentication scheme, including vulnerabilities to safety analysis, the lack of a way to pass the server's ID to users, and the lack of biometric characteristics with slightly different templates.

• Journal of Digital Convergence
• /
• v.11 no.2
• /
• pp.309-316
• /
• 2013

Machine-to-machine (M2M) communication occurs when devices exchange information independent of human intervention. Prominent among the technical challenges to M2M communication are security issues, such as eavesdropping, spoofing, modification, and privacy violation. Hence, it is very important to establish secure communication. In this paper, we propose a remote authentication scheme, based on dynamic ID, which provides secure communication while avoiding exposure of data through authentication between the M2M domain and the network domain in the M2M architecture. We then prove the correctness and security of the proposed scheme using a logic-based formal method.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.13 no.1
• /
• pp.273-278
• /
• 2013

Recently, user authentication schemes using smart cards for multi-server environment have been proposed for practical applications. In 2009, Liao-Wang proposed a secure dynamic ID based remote user authentication scheme for multi-server environment that can withstand the various possible attacks and provide user anonymity. In this paper, we analyze the security of Liao-Wang's scheme, and we show that Liao-Wang's scheme is still insecure against the forgery attack, the password guessing attack, the session key attack, and the insider attack. In addition, Liao-Wang's scheme does not provide user anonymity between the user and the server.

• Journal of Korea Multimedia Society
• /
• v.18 no.4
• /
• pp.499-505
• /
• 2015

Security supports are a significant factor in the design of mobile ad hoc networks. In the dynamic topology where the node changes frequently, private key generation and revocation for newly joining and leaving nodes must be considered. In addition, the identities of individual nodes must be protected as well in mobile networks to avoid personal privacy concerns. This paper proposes ID-based private key revocation scheme and non-interactive key agreement scheme in anonymous MANETs. The proposed scheme provides the user privacy using pseudonyms and private key generation and revocation schemes with consideration of dynamic user changes. Therefore, our schemes can be applied in dynamic and privacy-preserving MANETs which are helpful to share multimedia data.

• The KIPS Transactions:PartC
• /
• v.15C no.6
• /
• pp.469-480
• /
• 2008

The recently proposed RFID(Radio Frequency Identification) authentication protocol based on a hash function can be divided into two types according to the type of information used for authentication between a reader and a tag: either a value fixed or one updated dynamically in a tag memory. In this paper, we classify the protocols into a static ID-based and a dynamic-ID based protocol and then analyze their respective strengths and weaknesses. Also, we define a new security model including forward/backward traceability, synchronization, forgery attacks. Based on the model, we analyze the previous protocols and propose a new dynamic-ID based RFID mutual authentication protocol. Our protocol provide enhanced RFID user privacy compared to previous protocols and identify a tag efficiently in terms of the operation quantity of a tag and database.

• Proceedings of the KAIS Fall Conference
• /
• 2006.05a
• /
• pp.433-436
• /
• 2006

RFID(Radio Frequency Identification) 시스템은 유비쿼터스 사회를 만들어 가기 위한 핵심 기술로서 기초기반 기술 및 사회기반 기술의 정비가 진행되어 가고 있으며, 우리나라에서도 IT839 전략의 신성장 동력의 하나로 추진되고 있다. 하지만 RFID에 대한 보안 문제로 인하여 적용 범위와 시기에 대하여 논란이 일고 있다. RFID 시스템은 정보 유출의 위험성을 내포하고 있으며, 개인의 위치 추적이나, 비접근 권한자의 위장행세 등의 사용자 프라이버시 보호에 대한 많은 문제점들을 수반한다. 본 논문에서는 리더와 태그간의 통신에서 태그 고유 ID를 사용하지 않고 리더로부터 사용할 임의 ID를 할당받아 통신을 수행함으로써 프라이버시를 보호할 수 있는 보안 프로토콜을 제안하고 있다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2011.11a
• /
• pp.897-899
• /
• 2011

2010년 Sood 등은 Wang 등의 인증 스킴이 여러 가지 보안 취약점을 가지고 있는 것을 지적하며 안전한 동적 ID 기반 인증 스킴을 제안하였다. 그러나 Sood 등이 제안한 동적 ID 기반 인증 스킴은 공격자가 통신하고 있는 두 당사자 사이에 끼어들어 당사자들이 교환하는 공개정보를 바꿈으로써 정당치 않은 세션 키가 생성되기 때문에 중간자 공격에 대한 취약성을 가지고 있다. 따라서 본 논문에서는 Sood 등이 제안한 동적 ID 기반 인증 스킴을 분석하고, Sood 등의 인증 스킴이 중간자 공격에 안전하지 못함을 증명한다.

• Convergence Security Journal
• /
• v.15 no.5
• /
• pp.3-8
• /
• 2015

Most mobile cloud computing system use public key cryptography to provide data security and mutual authentication. A variant of traditional public key technologies called Identity-Based Cryptography(IBC) has recently received considerable attention. The certificate-free approach of IBC may well match the dynamic qualities of cloud environment. But, there is a need for a lightweight secure framework that provides security with minimum processing overhead on mobile devices. In this paper, we propose to use hierarchical ID-Based Encryption in mobile cloud computing. It is suitable for a mobile network since it can reduce the workload of root Public Key Generators by delegating the privilege of user authentication and private key generation. The Identity-Based Encryption and Identity-Based Signature are also proposed and an ID-Based Authentication scheme is presented to secure data processing. The proposed scheme is designed by one-way hash functions and XOR operations, thus has low computation costs for mobile users.