• The KIPS Transactions:PartC
• /
• v.12C no.5 s.101
• /
• pp.757-764
• /
• 2005

With the increasing service Qualify and security in the Mobile Internet Diameter technology based on the AAAv6 is being used in the user authentication. But there are some Problems on the authentication Procedures of the Diameter in which the security falls down from a loaming service or Internet transmission course. We combine it with the cipher algorithm like EAP-MD5 and accomplish a user authentication processing. If we want to supply the user authentication with the mobility among domains by AAAv6-based Diameter, we need the efficient capacity allocation among AAA attendent, AAAv, AhAb, AAAh, HA servers in the AAAv6. Therefore in this paper, we propose to make the authentication capacity index to carry out user authentication ability by analyzing an EAP-MD5S server capacity model of AAAv6 authentication models for users with mobility among domains, and to find the optimized condition for the AAAv6 capacity by the index.

• International Journal of Contents
• /
• v.2 no.4
• /
• pp.12-18
• /
• 2006

The number of wireless public network user is increasing rapidly. Security problem for user authentication has been increased on existing wireless network such as IEEE802.11 based Wireless LAN. As a solution, IEEE802.1x (EAP-MD5, EAP-TLS, EAP-TTLS), X.509, protocol or security system was suggested as a new disposal plan on this problem. In this study, we overview main problem on existing EAP-MD5 authentication mechanism on Wireless LAN and propose a SMS(Short Message Service) based secure authentication and accounting mechanism for providing security enhanced wireless network transactions.

• Journal of Korea Multimedia Society
• /
• v.11 no.8
• /
• pp.1101-1110
• /
• 2008

Nespot provides a convenient wireless internet connection service. The existing IEEE 802.1X EAP-MD5 authentication mechanism can be achieved based on ID/password information for a wireless connection. The Nespot system offers an advanced accounting and authorization procedure for providing wireless user authentication mechanism. However, many problems were found on the existing Nespot EAP-MD5 mechanism such as a ill value exposure, a leakage of personal information on wireless authentication procedure and a weakness on Nespot mutual authentication mechanism. Therefore, we analyzed the limitation of the existing IEEE 802.1X EAP-MD5 certification system, and suggested a one-time session key based authentication mechanism. And then we offered a simplified encryption function on the Nespot certification process for providing secure mutual authentication process.

• The KIPS Transactions:PartA
• /
• v.11A no.6
• /
• pp.451-458
• /
• 2004

The previous studies focussed on the security problem and the fast re-authentication mechanism during handoffs in a single wireless LAN system. When the multiple wireless LAN systems share their network infrastructure one another, we propose an authentication mechanism allowing the subscriber to Perform the authentication procedure with the authentication server of its own wireless LAN system even in areas of other wireless LAN systems as well as in areas of its own wireless LAN system. In the proposed mechanism, the access point or the authentication server of other wireless LAN systems plays a role of the authentication agent between the subscriber and the authentication server of the subscriber's wireless LAN system. The proposed authentication mechanism is designed on the basis of the 802.1X and EAP-MD5 protocols.

• The Journal of Korea Institute of Information, Electronics, and Communication Technology
• /
• v.1 no.1
• /
• pp.67-74
• /
• 2008

As wireless network market is increasing rapidly, the biggest issue is to transfer safe data and to authenticate users. This paper proposes ECbA(Elliptic Curve based Authentication) which consists of the mutual authentication mechanism that users can ascertain the identity of an authentication server and the user authentication mechanism that an authentication server can make sure users' identity, by using Elliptic Curve algorithms. The proposed ECbA system diminishes the message quantity and the execution time by using the small elliptic curve algorithm with the small key length in authentication. In addition, as this paper reduces the authentication steps of existing EAP_TLS into 6 authentication steps, the communication cost and mutual authentication time can be saved. As this paper distributes new keys, whenever authenticating users by using key exchange mechanism, it provides safe encryption communication and prevents DoS attack by controlling the users authentication request by authentication server.

• Information and Communications Magazine
• /
• v.19 no.8
• /
• pp.114-127
• /
• 2002

무선랜 기술은 사설망 내에서의 무선랜 기술을 기반으로 발전해 왔다. 최근 공중망을 기반으로 무선랜 기술이 발전하면서, IEEE 802.11b(1)에서 이루어지던 인증 및 보안 기술로는 안전성을 만족할 수 없게 되었고, 여기에 사용자의 이동성 보장은 필수사항으로 요구되고 있다. 본 논문에서는 지금까지 이루어지던 무선랜 인증 및 보안기술을 사용자의 이동성 보장을 위한 framework으로 발전시키기 위하여 필요한 인증 및 보안기술과, IEEE 802.11b 기반의 무선랜 망에서 필요한 향상된 인증 및 보안기술에 대하여 다양한 관점에서 기술한다. 802.11b 기반으로 이루어지는 보안 및 인증 기술을 보다 향상된 사용자 인증, 데이터 기밀성 향상을 위하여 802.1x(2)기반으로 실현하는 인증기술에 대하여 기술한다. 본 논문의 전개는 이동성을 요구하지 않는 경우의 기본적인 인증 메커니즘인 EAP-MD5(3)기반의 challenge/response 메커니즘과, 이동성을 필요로 하는 경우의 인증을 위한 MIP 인증 메커니즘(4-7)에 대하여 기술한다. 마지막으로 사용자의 증가 및 서비스 영역의 확대로 요구되는 새로운 framework에 대하여 기술한다.