• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 1995.11a
• /
• pp.307-313
• /
• 1995

본 논문에서는 기존에 제안된 이동통신용 키분배 방식의 문제점을 분석하고, Girault가 제안한 자체인증 공개키(Self-certified public keys) 개념을 이용한, 인증자에 기반을 둔(Certification-based) 방식이 아닌 개인식별정보에 기반을 둔(Identity-based) 방식이면서도 사용자가 자신의 비밀키를 선택할수 있는, 이동 퉁신망에 적용가능한 "역설적인" ID-based 키분배 방식을 제안한다. 제안한 방식의 안전성은 고차 잉여류 문제(${\gamma}$$^{th}$ -residuosity problem)와 이산대수(discrete logarithm) 문제에 근거한다. 문제에 근거한다.

• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.43 no.7 s.349
• /
• pp.104-114
• /
• 2006

In order to use an Internet service, it is a general procedure that user subscribes to the service and then registers her or his id(identifier). As Internet has been more widely used, however, user has more and more ids than ever before. In this environments, whenever user uses an Internet service, she or he must authenticate to the service provider, which makes her or him inconvenient. As user's data is scattered and unmanaged on various web sites, user privacy has been revealed more often. This paper specifies e-IDMS which ETRI has been developing to solve such problems. e-IDMS is an Internet ID(IDentity) management system based on ID Federation Mechanism e-IDMS provides ID Federation-based facilities such as composite authentication, Internet SSG, ID information management, privacy protection and interactive query. e-IDMS is used in establishing integrated ill management system for public institutions.

• Journal of Advanced Navigation Technology
• /
• v.15 no.4
• /
• pp.664-671
• /
• 2011

The development of IT technology and breakthrough of the network and the wired network, wireless network boundaries disappear and wired and wireless integrated service environment is the advent in online game environment. However, the wired and wireless integrated service environment appropriate security technology is still inactive, wired and wireless integration environment due to the characteristic as well as security threats wired network and security threats in wireless networks should be considered. Therefore, This wired and wireless integrated environment has been considering studied various, Among them wired and wireless environment considering the lightweight of ID-based authentication and key management has been in progress. In recent, Moon et al. pervasive environment in authentication and ID-based key management protocol is proposed. However, Moon et al.'s scheme is use the ID-based public-key approach to decreased the amount of computation. However, pairing by using a technique similar to the existing public key scheme can represent the amount of computation. Therefore, In this paper the way of Moon etc in security vulnerability analysis.

• Journal of Digital Convergence
• /
• v.11 no.2
• /
• pp.309-316
• /
• 2013

Machine-to-machine (M2M) communication occurs when devices exchange information independent of human intervention. Prominent among the technical challenges to M2M communication are security issues, such as eavesdropping, spoofing, modification, and privacy violation. Hence, it is very important to establish secure communication. In this paper, we propose a remote authentication scheme, based on dynamic ID, which provides secure communication while avoiding exposure of data through authentication between the M2M domain and the network domain in the M2M architecture. We then prove the correctness and security of the proposed scheme using a logic-based formal method.

• Journal of the Korea Society of Computer and Information
• /
• v.15 no.10
• /
• pp.121-128
• /
• 2010

In this paper, we proposed a new secure RFID(Radio Frequency IDentification) mutual authentication protocol on insecure communication channel which assumed that all communication channels between the database, the reader and the tag are insecure communication channels. The proposed protocol used a secure one-way hash function and the goal is to improve search time of a tag ID and overload of hash calculational load in DB. In addition, the proposed protocol supports not only basic security requirements to be provided by RFID mutual authentication protocol but also forward secrecy, and the tag does not generate a random number to reduce overload of processing capacity in it.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2014.10a
• /
• pp.211-212
• /
• 2014

This paper is to suggest the security requirements for identification and authentication in analysis step. Firstly, individual ID should be uniquely identified. The second element is to apply the length limitations, combination and periodic changes of passwords. The third should require the more reinforced authentication methods besides ID and passwords and satisfy the defined security elements on authentication process.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2012.11a
• /
• pp.853-856
• /
• 2012

모바일 디바이스의 대중화와 SNS(Social Networking Service)의 발전은 각 개인이 데이터와 정보를 생성하는 Web 2.0 의 페러다임을 앞당겼으며 최근 SNS 서비스를 통하여 새로운 형태의 커뮤니케이션 형태가 생성되었다. 이러한 커뮤니케이션 도구를 이용하는 유저는 대부분 ID 와 Password를 기반으로 사용자를 인증하여 서비스를 제공받는다. 이와 같은 서비스에서는 각 사용자의 정보자체보다 사용자의 사회적 위치와 사용자간의 관계를 이용한 보안사고가 우려된다. 근래의 ID/Password로 인증하는 방식의 웹서비스 또는 정보서비스들은 대부분 개인 PC, 스마트폰, 업무 PC 등에서 접근하는 추세이며, 임의적 장소에서 임의의 기기로 해당 서비스에 접근하는 양상은 과거에 비하여 감소하는 추세다. 이 같은 추세에 따라, 주로 사용하는 기기에 HTML5의 keygen과 Web-Storage 기능을 사용하여 암호화된 Key를 생성하고 저장하여 ID 와 Password가 노출되어도 해당 기기가 아니면 인증되지 않는 시스템을 구현 할 수 있으며 타 기기의 경우 일회성을 갖는 인증 방식을 사용하여, 기존 보다 안전한 인증 시스템을 적은 비용으로 구축 할 수 있다.

• Journal of the Korea Society of Computer and Information
• /
• v.19 no.10
• /
• pp.99-106
• /
• 2014

In this paper, we analyze weaknesses of the biometrics-based user authentication scheme proposed by An. The result of analysis An's authentication scheme by the login success scenario proposed in this paper, if the attacker successes to get user's random number, he/she can pass user authentication phase of the legal server. Also the biometrics guessing scenario proposed in this paper shows the legal user's the biometric information is revealed in lost smart card. Since An's authentication scheme submit user ID and biometrics in plain text to the server, it is very vulnerable to inner attack and it is not provide the user anonymity to the server as well as the one to the third by user ID in plain text. Besides An's authentication scheme is contextual error too, due to this, it has weakness and so on that it did not check the validity of the smart card holder.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.11 no.6
• /
• pp.303-310
• /
• 2011

Recently, many user authentication schemes using smart cards have been proposed to improve the security weaknesses in user authentication process. In 2009, Wang et al. proposed a more effective and secure dynamic ID-based remote user authentication scheme to improve the security weakness of Das et al.'s scheme, and asserted that the improved scheme is secure against independent of password in authentication phase and provides mutual authentication between the user and the remote server. However, in this paper, we analyze the security of Wang et al. scheme and demonstrate that Wang et al.'s scheme is vulnerable to the man-in-the-middle attack and the off-line password guessing attack. In addition, we show that Wang et al. scheme also fails to provide mutual authentication. Accordingly, we propose an improved scheme to overcome these security weakness even if the secrete information stored in the smart card is revealed. Our proposed scheme can withstand the user impersonation attack, the server masquerading attack and off-line password guessing attack. Furthermore, this improved scheme provides the mutual authentication and is more effective than Wang et al.'s scheme in term of the computational complexities.

• Journal of Digital Convergence
• /
• v.11 no.12
• /
• pp.423-430
• /
• 2013

With the active Internet e-commerce and the financial sector, mutual authentication between users and service providers has become very important. Because ID- and password-based authentication is of low security, one-time password authentication methods are widely used. The existing one-time password authentication scheme of S/Key authentication method is fraught with a number of issues in addition to plain text transmission, and the method of Kim Gong-ki et al. does not offer suggestions for session key generation and distribution method. Proposed in this paper is a protocol that solves these problems.