• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.12 no.1
• /
• pp.231-237
• /
• 2012

In 2011, Das proposed an effective biometrics-based remote user authentication scheme using smart cards that can provide strong authentication and mutual authentication, while eliminating the security drawbacks of Li-Hwang's scheme. In this paper, we have shown that Das's scheme is still insecure against several attacks and does not provide mutual authentication. Also, we proposed the enhanced scheme to overcome these security weaknesses, even if the secret information stored in the smart card is revealed. As a result of security analysis, the enhanced scheme is secure against user impersonation attack, server masquerading attack, off-line password guessing attack, and insider attack. And we can see that the enhanced scheme provides mutual authentication between the user and the server.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.13 no.5
• /
• pp.107-119
• /
• 2013

This paper reinforced security under the network evaluation of wire wireless integration of NEMO (NEwork MObility) supporting mobility and network-based PMIPv6 (Proxy Mobile IPv6). It also proposes $SK-L^2AS$ (Symmetric Key-Based Local-Lighted Authentication Scheme) based on simple key which reduces code calculation and authentication delay costs. Moreover, fast handover technique was also adopted to reduce handover delay time in PMIPv6 and X-FPMIPv6 (eXtension of Fast Handover for PMIPv6) was used to support global mobility. In addition, AX-FPMIPv6 (Authentication eXtension of Fast Handover for PMIPv6) is proposed which integrated $SK-L^2AS$ and X-FPMIPv6 by applying Piggybacks method to reduce the overhead of authentication and signaling. The AX-FPMIPv6 technique suggested in this paper shows that this technique is better than the existing schemes in authentication and handover delay according to the performance analysis.

• The KIPS Transactions:PartC
• /
• v.16C no.2
• /
• pp.257-266
• /
• 2009

Now a days, as increased the use of mobile units like a laptop computer and PDA, the demand for high speed internet service is increasing. On the other hand, PKMv2 which is provided from IEEE 802.16e cannot support fully on the security of high speed internet service. This paper proposes light-weight mutual authentication protocol which solved security problem of PKMv2 related to integrity of mobile node for transmission of safe high speed data of mobile node operating in mobile WiMAX environment. Proposed mutual authentication protocol increases the efficiency as the user in network can move in network safely without additional procedure of authentication between subscriber and base station after user's initial authentication. Also, the proposed mutual authentication protocol is safe from the security attack (the man-in-the-middle attack and reply attack) between subscriber and base station by generating a key adopt to PRF() function using random number and secret value in order to secure certification.

• Journal of Internet of Things and Convergence
• /
• v.7 no.3
• /
• pp.69-74
• /
• 2021

With the recent development of biometric authentication technology, the user authentication techniques using biometric authentication are increasing. Various problems arised in certification techniques that use various existing methods such as ID/PW. Therefore, recently, a method of improving security by introducing biometric authentication as secondary authentication has been used. In this thesis, proposal of the user authentication system that can detect user identification and anomalies using ECGs that are extremely difficult to falsify through the electrical biometric signals from the heart among various biometric authentication devices is studied. The system detects user anomalies by comparing ECG data received from a wrist-mounted wearable device-type ECG measurement tool with identification and ECG data stored in blockchain form on the database and identifying the user's location through a beacon system.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.3
• /
• pp.525-536
• /
• 2012

This paper proposes methods of securing Smart Grid system against various types of cyber threats by separating AMI networks from the public network, the Internet, and providing an AMI specific authentication framework. Due to the fact that thousands and millions of AMI devices to be deployed would be directly or indirectly connected to the public network without any authentication procedures for access control, currently being developed AMI architectures could be widely exposed to considerable number of penetrating attacks. Furthermore, there have not been a sufficient number of researches on authentication frameworks with basis on the specific circumstances of AMI networking that should support varied authentication protocols among security associations and AMI linking devices. This work makes a proposal of isolating smart meters from HAN devices and the Internet and integrating network/application level authentication frameworks with an EAP-based authentication architecture. These approaches are beneficial to deploy AMI with security and efficiency.

• Journal of Digital Convergence
• /
• v.11 no.12
• /
• pp.423-430
• /
• 2013

With the active Internet e-commerce and the financial sector, mutual authentication between users and service providers has become very important. Because ID- and password-based authentication is of low security, one-time password authentication methods are widely used. The existing one-time password authentication scheme of S/Key authentication method is fraught with a number of issues in addition to plain text transmission, and the method of Kim Gong-ki et al. does not offer suggestions for session key generation and distribution method. Proposed in this paper is a protocol that solves these problems.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.9 no.1
• /
• pp.3-14
• /
• 1999

In this paper, the Client-Server authentication system is proposed and implemented using the smart card on the internet. Based on the MPCOS-3DES smart card manufactured by GEMPLUS, three phases of authentication using the challenge-response mechanism are performed, which includes user-card authentication, client-server authentication, and card-server authentication.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.14 no.4
• /
• pp.125-134
• /
• 2018

Lamport firstly suggested password base authentication scheme and then, similar authentication schemes have been studied. Due to the development of Internet network technology, remote user authentication using smart card has been studied. Li et al. analyzed authentication scheme of Chen et al. and then, Li et al. found out the security weakness of Chen et al.'s scheme such forward secrecy and the wrong password login problem, and proposed an a new smart card based user password authentication scheme. But Liu et al. found out that Li et al.'s scheme still had security problems such an insider attack and man-in-the-middle attack and then Liu et al. proposed an efficient and secure smart card based password authentication scheme. This paper analyzed Liu et al.'s authentication and found out that Liu et al.'s authentication has security weakness such as no perfect forward secrecy, off-line password guessing attack, smart-card loss attack, and no anonymity. And then, this paper proposed security enhanced efficient smart card based password authentication scheme using fuzzy extraction technology.

• Proceedings of the Korea Information Assurance Society Conference
• /
• 2004.05a
• /
• pp.303-308
• /
• 2004

As developed wireless internet and performance of wireless terminal, E-commerce of wire internet move to wireless internet. This I-commerce in wireless internet environment called M-Commerce, recognized user authentication and data security as very important technology such as E-commerce in environment of wire internet. So authentication technology such as WPKI and Hermes system and XML digital signature was studied. But WPKI is difficulty to implement system, if authentication system that consisted in WPKI environment was heterogeneous. And Hermes system is not interoperate to XML digital signature system. So, our paper suggested XML digital signature system based java card to interoperate among the digital signature system, to apply XML digital signature used in wire internet. Our system offer XML digital signature in wireless internet, can interoperate among the XML digital signature systems.

• Journal of the Korea Society of Computer and Information
• /
• v.11 no.2 s.40
• /
• pp.223-230
• /
• 2006

Portable Internet is a new service providing a high-speed wireless Internet service. The high-speed wireless Internet service guarantees terminal mobility. Portable Internet is expected to commercialize in 2005. Network expansion and terminal mobility should be guaranteed in of order to efficiently introduce and distribute portable Internet service. Accordingly, the thesis suggests a mechanism which applies mobile IPv6 technology and supports inter-domain authorization In order to guarantee expansion and mobility of portable Internet. The suggested mechanism applies diameter protocol to the mobile IPv6 to improve securities. Also, The suggested mechanism safely transmits data at the minimal signal number, to guarantee the data secrecy.