• Title/Summary/Keyword: One Time Authentication

Search Result 264, Processing Time 0.02 seconds

A Study on One-Time Password Authentication Scheme in Mobile Environment (모바일 환경에서 안전한 One-Time Password 인증 기법에 관한 연구)

  • Kim, Hong-Gi;Lee, Im-Yeong
    • Journal of Korea Multimedia Society
    • /
    • v.14 no.6
    • /
    • pp.785-793
    • /
    • 2011
  • Since then, with the advance of computing environment, various Internet services are emerging and the importance of user authentication technology is increasing for verifying users authorized to use such services. Along with the advance of authentication technology, research is being made actively on one time password, which is used once in a session and then discarded. In existing one time passwords, however, the values of one time passwords in a created table are stored in serial order, and therefore, if the seed value and the number of one time passwords used are disclosed, one may infer the value of the one time password to be used next. What is more, one time passwords of the S/Key type have the problem that the number of uses is fixed. In this paper, We analysis the existing one time password. Also, We propose one time password methods using elliptic curve cryptography scheme and using enhanced randomness with time value.

A Design and Implementation of User Authentication System using Biometric Information (바이오 정보를 이용한 사용자 인증 시스템 설계 및 구현)

  • Lee, Hyung-Woo;Park, Yeong-Joon
    • Journal of the Korea Academia-Industrial cooperation Society
    • /
    • v.11 no.9
    • /
    • pp.3548-3557
    • /
    • 2010
  • Security enhancement technologies are required to preventing phishing and pharming attacks on Internet banking. One-time password(OTP) should be used with certificate for enhancing user authentication and security performance. However, existing OTP technique is weak on MITM(Man-In-The-Middle) attack and synchnonization should be provided on OTP system. Therefore, more advanced mechanism such as combining biometic data with OTP can be suggested to enhancing security on authentication system. In this paper, we designed and implemented a multifactor authentication system using one-time biometric template to generate unique authentication data after adapting biometric transform on each user's biometric data.

Iris Ciphertext Authentication System Based on Fully Homomorphic Encryption

  • Song, Xinxia;Chen, Zhigang;Sun, Dechao
    • Journal of Information Processing Systems
    • /
    • v.16 no.3
    • /
    • pp.599-611
    • /
    • 2020
  • With the application and promotion of biometric technology, biometrics has become more and more important to identity authentication. In order to ensure the privacy of the user, the biometrics cannot be stored or manipulated in plaintext. Aiming at this problem, this paper analyzes and summarizes the scheme and performance of the existing biometric authentication system, and proposes an iris-based ciphertext authentication system based on fully homomorphic encryption using the FV scheme. The implementation of the system is partly powered by Microsoft's SEAL (Simple Encrypted Arithmetic Library). The entire system can complete iris authentication without decrypting the iris feature template, and the database stores the homomorphic ciphertext of the iris feature template. Thus, there is no need to worry about the leakage of the iris feature template. At the same time, the system does not require a trusted center for authentication, and the authentication is completed on the server side directly using the one-time MAC authentication method. Tests have shown that when the system adopts an iris algorithm with a low depth of calculation circuit such as the Hamming distance comparison algorithm, it has good performance, which basically meets the requirements of real application scenarios.

Improving an RFID Mutual Authentication Protocol using One-time Random Number (개선한 일회성 난수를 이용한 RFID 상호인증 프로토콜)

  • Yoon, Eun-Jun;Yoo, Kee-Young
    • Journal of KIISE:Information Networking
    • /
    • v.36 no.2
    • /
    • pp.90-97
    • /
    • 2009
  • In 2008, Kim-Jun proposed a RFID mutual authentication protocol using one-time random number that can withstand malicious attacks by the leakage of important information and resolve the criminal abuse problems. Through the security analysis, they claimed that the proposed protocol can withstand various security attacks including the replay attack. However, this paper demonstrates that Kim-Jun' s RFID authentication protocol still insecure to the replay attack. In addition, this paper also proposes a simply improved RFID mutual authentication protocol using one-time random number which not only provides same computational efficiency, but also withstands the replay attack.

Advanced WLAN Authentication Mechanism using One-time Session Key based on the Vulnerability Analysis in Nespot Wireless Lan System (Nespot 무선랜 사용자 인증 취약점 분석 및 일회용 세션키 기반 무선랜 인증 기법)

  • Lee, Hyung-Woo
    • Journal of Korea Multimedia Society
    • /
    • v.11 no.8
    • /
    • pp.1101-1110
    • /
    • 2008
  • Nespot provides a convenient wireless internet connection service. The existing IEEE 802.1X EAP-MD5 authentication mechanism can be achieved based on ID/password information for a wireless connection. The Nespot system offers an advanced accounting and authorization procedure for providing wireless user authentication mechanism. However, many problems were found on the existing Nespot EAP-MD5 mechanism such as a ill value exposure, a leakage of personal information on wireless authentication procedure and a weakness on Nespot mutual authentication mechanism. Therefore, we analyzed the limitation of the existing IEEE 802.1X EAP-MD5 certification system, and suggested a one-time session key based authentication mechanism. And then we offered a simplified encryption function on the Nespot certification process for providing secure mutual authentication process.

  • PDF

Design of RFID Mutual Authentication Protocol using One Time Random Number (일회성 난수를 이용한 안전한 RFID 상호인증 프로토콜 설계)

  • Kim, Dae-Jung;Jun, Moon-Seog
    • Journal of KIISE:Information Networking
    • /
    • v.35 no.3
    • /
    • pp.243-250
    • /
    • 2008
  • Recently, researched RFID authentication protocols still have vulnerability of attack, such as location tracking attack, replay attack. spoofing attack etc. This paper designed method of making one time random number in DB server side unlike previously researched protocols, and it protects RFID communication from location tracking, replay attack and spoofing attack.

Improved Multi-layer Authentication Scheme by Merging One-time Password with Voice Biometric Factor

  • ALRUWAILI, Amal;Hendaoui, Saloua
    • International Journal of Computer Science & Network Security
    • /
    • v.21 no.9
    • /
    • pp.346-353
    • /
    • 2021
  • In this proposal, we aim to enhance the security of systems accounts by improving the authentication techniques. We mainly intend to enhance the accuracy of the one-time passwords via including voice biometric and recognition techniques. The recognition will be performed on the server to avoid redirecting voice signatures by hackers. Further, to enhance the privacy of data and to ensure that the active user is legitimate, we propose to periodically update the activated sessions using a user-selected biometric factor. Finally, we recommend adding a pre-transaction re-authentication which will guarantee enhanced security for sensitive operations. The main novelty of this proposal is the use of the voice factor in the verification of the one-time password and the various levels of authentications for a full-security guarantee. The improvement provided by this proposal is mainly designed for sensitive applications. From conducted simulations, findings prove the efficiency of the proposed scheme in reducing the probability of hacking users' sessions.

The Development of a One-time Password Mechanism Improving on S/KEY (S/KEY를 개선한 일회용 패스워드 메커니즘 개발)

  • 박중길
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.9 no.2
    • /
    • pp.25-36
    • /
    • 1999
  • In this paper we propose a one-time password mechanism that solves the problems of the S/KEY: the limitation of a usage and the need of storage for keys. because of using a cryptographic algorithm the proposed mechanism has no the limitation of a usage. Also because of producing the key for an authentication from a user's password it is easy to manage the authentication key and is possible to share the session key between a client and a server after the authentication process. In addition the proposed mechanism is easy to protect and manage the authentication information because of using a smart card and is adopted by the system that needs a noe-way authentication from a client to a server without the challenge of a server.

Quantum Authentication and Key Distribution protocol based on one-time ID (일회용 ID 기반 양자 인증 및 키 분배 프로토롤)

  • Lee Hwa-Yean;Hong Chang-Ho;Lim Jong-in;Yang Hyung-Jin
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.15 no.2
    • /
    • pp.73-80
    • /
    • 2005
  • We propose a Quantum Authentication and Key distribution protocol based on one-time n using one-way Hash function. The designated users can authenticate each other and the arbitrator using their one-time ID and distribute a quantum secret key using remained GHZ states after authentication procedure. Though the help of the arbitrator is needed in the process of authentication and key distribution, our protocol prevents the arbitrator from finding out the shared secret key even if the arbitrator becomes an active attacker. Unconditional security can be proved in our protocol as the other QKD protocols.

Design and Implementation of Facial Biometric Data based User Authentication System using One-Time Password Generation Mechanism (얼굴 정보 기반 일회용 패스워드 생성 메커니즘을 이용한 사용자 인증 시스템 설계 및 구현)

  • Jang, Won-Jun;Lee, Hyung-Woo
    • Journal of the Korea Academia-Industrial cooperation Society
    • /
    • v.12 no.4
    • /
    • pp.1911-1918
    • /
    • 2011
  • Internet banking, electronic financial services and internet telephony service can be available on smart phone recently. In this case, more robust authentication mechanisms should be provided for enhancing security on it. In this study, a facial biometric ID based one-time password generation mechanism is designed and implemented for enhancing user authentication on smart phone. After capturing a facial biometric data using camera module on smart phone, it is sent to server to generate one-time biometric ID. Finally one-time password will be generated by client module after receiving the one time biometric ID based challenge token from the server. Using proposed biometric ID based one-time password mechanism, it is possible for us to provide more secure user authentication service on smart phone for SIP protocol.