• International Journal of Internet, Broadcasting and Communication
• /
• v.8 no.3
• /
• pp.41-49
• /
• 2016

Recently, many biometrics-based user authentication schemes for telecare medicine information systems (TMIS) have been proposed to improve the security problems in user authentication system. In 2014, Mishra et al. proposed an improvement of Awasthi-Srivastava's biometric based authentication for TMIS which is secure against the various attacks and provide mutual authentication, efficient password change. In this paper, we discuss the security of Mishra et al.'s authentication scheme, and we have shown that Mishra et al.'s authentication scheme is still insecure against the various attacks. Also, we proposed the improved scheme to remove these security problems of Mishra et al.'s authentication scheme, even if the secret information stored in the smart card is revealed. As a result, we can see that the improved biometric based authentication scheme is secure against the insider attack, the password guessing attack, the user impersonation attack, the server masquerading attack and provides mutual authentication between the user and the telecare system.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2003.05a
• /
• pp.637-640
• /
• 2003

Authentication between Server and Client is necessary in most of Internet Service because of increasing of using of Internet. Unix-based Server upgraded security of user authentication using "Shadow Password" instead of "crypt" function. But "Shadow Password" most use same authentication method about all services. But we individually can set user authentication method using PAM(Pluggable Authentication Module). This paper will propose user authentication system using Linux-PAM that use SMART CARD as authentication token.

• Journal of Korean Institute of Industrial Engineers
• /
• v.42 no.4
• /
• pp.280-289
• /
• 2016

User authentication is an important issue on computer network systems. Most of the current computer network systems use the ID-password string match as the primary user authentication method. However, in password-based authentication, whoever acquires the password of a valid user can access the system without any restrictions. In this paper, we present a keystroke dynamics-based user authentication to resolve limitations of the password-based authentication. Since most previous studies employed a fixed-length text as an input data, we aims at enhancing the authentication performance by combining four different variable creation methods from a variable-length free text as an input data. As authentication algorithms, four one-class classifiers are employed. We verify the proposed approach through an experiment based on actual keystroke data collected from 100 participants who provided more than 17,000 keystrokes for both Korean and English. The experimental results show that our proposed method significantly improve the authentication performance compared to the existing approaches.

• Journal of Korea Society of Industrial Information Systems
• /
• v.10 no.2
• /
• pp.59-66
• /
• 2005

Recently, Ku and Chen(Ku-Chen) showed some problems in the password based remote user authentication scheme using smartcards proposed by Chien et al. and proposed an improvement from it. This paper shows some weaknesses in the Ku-Chen's scheme, especially the replay attacks, and proposes two authentication protocols to solve the problems in it. First of all, an authentication protocol using synchronized timestamps is proposed to solve the problem in the Ku-Chen's protocol. Then, a nonce-based authentication protocol is proposed to solve the inherent problems in the synchronized timestamp-based authentication protocols. The proposed authentication protocols support the advantages in the previous password-based authentication protocols and solve the problems in them effectively.

• The Journal of the Korea Contents Association
• /
• v.17 no.7
• /
• pp.276-282
• /
• 2017

Password-based authentication is vulnerable because of its low cost and convenience, but it is still widely used. In order to increase the security of the password-based user authentication method, the password is changed frequently, and it is recommended to use a combination of numbers, alphabets and special characters when generating the password. However, it is difficult for users to remember passwords that are difficult to create and it is not easy to change passwords periodically. Therefore, in this paper, we implemented a user authentication system that does not require a password by using the USB memory that is commonly used. Authentication data used for authentication is protected by USB data stored in USB memory using USB device information to improve security. Also, the authentication data is one-time and reusable.Based on this, it is possible to have the same security as the password authentication system and the security level such as certificate or fingerprint recognition.

• Convergence Security Journal
• /
• v.20 no.3
• /
• pp.29-37
• /
• 2020

Password based authentication technology is yet certain and id to provide a level of security being used in most systems, but already a myriad of personal information exposure to the accident. Above all, and once exposed, it is difficult to recover the password. Thus, the various authentication techniques - factor two was introduced, but they are expensive and discomfort to users, to lead. In this paper, the existing unique to users in such a single accreditation process / password id key - stroke, user authentication and cost effectively and at the same time. And not cause discomfort, suggested technologies that can also ensure high security exposure, password id. This paper's proposals and determine the effectiveness of the system to build model.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.13 no.1
• /
• pp.87-97
• /
• 2003

In this paper, we define two security concepts, “non-computable security” and “distribution security”, about authentication information committed to a authentication server without any trustee, and propose an authenticatied key exchange protocol based on password, satisfying “distribution security”. We call it MAP(Muti-Server Authentication Protocol based on Password) and show that SSSO(Secure Single Sign On) using MAP solves a problem of SSO(Single Sign On) using authentication protocol based on password with a trustee.

• Journal of KIISE:Computer Systems and Theory
• /
• v.29 no.5
• /
• pp.291-298
• /
• 2002

Mutual authentication is essential for key exchange protocols and password-based authentication scheme is used widely, which is convenient to users and executed on the cheap. Password-based protocol should be not only secure against attach but also efficient to reduce user's load. In this paper, we propose a new key exchange protocol, called OTP-EKE(One Time Password based Encrypted Key Exchange), to provide authentication and to share a session key between a server and a user. We choose a password-based scheme as a user authentication. Especially, we use a one-time-password verifier and server's public password to protect against attacks on server's directory. As for efficiency, we improve the performance by reducing the number of modular exponentiations and the number of rounds.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.11 no.7
• /
• pp.1367-1372
• /
• 2007

This paper suggests One-time Password key exchange authentication technique for a strong authentication based on MANET and through identify wireless environment security vulnerabilities, analyzes current authentication techniques. The suggested authentication technique consists of 3 steps: Routing, Registration, and Running. The Routing step sets a safe route using AODV protocol. The Registration and Running step apply the One-time password S/key and the DH-EKE based on the password, for source node authentication. In setting the Session key for safe packet transmission and data encryption, the suggested authentication technique encrypts message as H(pwd) verifiers, performs key exchange and utilizes One time password for the password possession verification and the efficiency enhancement. EKE sets end to end session key using the DH-EKE in which it expounds the identifier to hash function with the modula exponent. A safe session key exchange is possible through encryption of the H(pwd) verifier. The suggested authentication technique requires exponentiation and is applicable in the wireless network environment because it transmits data at a time for key sharing, which proves it is a strong and reliable authentication technique based on the complete MANET.

• Journal of Digital Convergence
• /
• v.11 no.12
• /
• pp.423-430
• /
• 2013

With the active Internet e-commerce and the financial sector, mutual authentication between users and service providers has become very important. Because ID- and password-based authentication is of low security, one-time password authentication methods are widely used. The existing one-time password authentication scheme of S/Key authentication method is fraught with a number of issues in addition to plain text transmission, and the method of Kim Gong-ki et al. does not offer suggestions for session key generation and distribution method. Proposed in this paper is a protocol that solves these problems.