• 제목/요약/키워드: Password System

Search Result 363, Processing Time 0.023 seconds

Secure Password System against Imposter (타인의 관찰에 의한 패스워드 노출로부터 안전한 패스워드 시스템)

  • Park, Sung-Bae;Park, Seung-Bae;Kang, Moon-Seol
    • The KIPS Transactions:PartC
    • /
    • v.10C no.2
    • /
    • pp.141-144
    • /
    • 2003
  • We present a new password system, called dual password system, with the user verification procedure. Dual password system is the first password system in the world preventing the exposure of secret information to imposter at the terminal. User of dual password system matches two alphabets at same location of first password and second password iteratively for inputting password. Therefore, the deriving method of first password and second password from the password is important in dual password system. Related to the deriving method of first password and second password from password, a new problem, called dual password derivation problem, is defined, and the evaluation factors for the solutions of the dual password derivation problem are presented.

Security Analysis of Partially Hidden Password Systems Resistant to Shoulder Surfing Attacks

  • Seong, Jin-Taek
    • The Journal of Korea Institute of Information, Electronics, and Communication Technology
    • /
    • v.13 no.1
    • /
    • pp.17-26
    • /
    • 2020
  • As more users use mobile devices, shoulder surfing attacks have emerged as an important issue in security. According to research report, in fact, the result showed that about 30% of smartphone users are hit by shoulder surfing attacks. To this end, in this paper, we consider a shoulder surfing attack and propose a partially hidden password system to resistant to its attack. In order to help readers understand, we describe the proposed password system in more detail using one simple example. The core idea behind the proposed system is to place the user's password randomly in the specified grid instead of entering a password directly. As a result, even if an attacker makes a shoulder surfing attack to observe the password, the user can hide the preset password and defend against the attack. We also show how the security of the password system proposed in this paper is improved. In addition, even if there are consecutive shoulder surfing attacks, the security of the proposed password system is robust.

Password System Enhancing the Security agains (타인의 관찰에서 안전한 패스워드 시스템)

  • Park Jong-Min;Kim Yong-Hun;Cho Beom-Joon
    • Journal of the Korea Institute of Information and Communication Engineering
    • /
    • v.8 no.8
    • /
    • pp.1790-1795
    • /
    • 2004
  • In this paper, the new password system called SPS(Secure Password System) in order to enhance the security of the system as well as to improve the weakness of the password which is very easy to be disclosed by other people, improving the methods which is identifying the users' legality using the computer system in the multi-users computer. SPS is adopting several strong points such as Easy Embodiment, Low Cost, and most of the good points of the traditional password system. In addition, it makes an easy introduction from the traditional password system. Above SPS has the high stable security in the practical experiments about both the literal attack of the online intruders and the exposure of Clients' password.

The Password base System for the safe and Efficient Identification (안전하고 효율적인 신원확인을 위한 암호기반 시스템)

  • Park, Jong-Min;Park, Byung-Jun
    • Journal of the Korea Institute of Information and Communication Engineering
    • /
    • v.13 no.1
    • /
    • pp.81-86
    • /
    • 2009
  • Almost all network systems provide an authentication mechanism based on user ID and password. In such system, it is easy to obtain the user password using a sniffer program with illegal eavesdropping. The one-time password and challenge-response method are useful authentication schemes that protect the user passwords against eavesdropping. In client/server environments, the one-time password scheme using time is especially useful because it solves the synchronization problem. In this paper, we propose a new identification scheme One Pass Identification. The security of Password base System is based on the square root problem, and Password base System is secure against the well known attacks including pre-play attack, off-line dictionary attack and server comprise. A number of pass of Password base System is one, and Password base System processes the password and does not need the key. We think that Password base System is excellent for the consuming time to verify the prover.

Multi-Factor Authentication System based on Software Secure Card-on-Matching For Secure Login (안전한 로그인을 위한 소프트 보안카드 기반 다중 인증 시스템)

  • Lee, Hyung-Woo
    • The Journal of the Korea Contents Association
    • /
    • v.9 no.3
    • /
    • pp.28-38
    • /
    • 2009
  • Login process uses both ID and password information to authenticate someone and to permit its access privilege on system. However, an attacker can get those ID and password information by using existing packet sniffing or key logger programs. It cause privacy problem as those information can be used as a hacking and network attack on web server and web e-mail system. Therefore, a more secure and advanced authentication mechanism should be required to enhance the authentication process on existing system. In this paper, we propose a multi-factor authentication process by using software form of secure card system combined with existing ID/Password based login system. Proposed mechanism uses a random number generated from the his/her own handset with biometric information. Therefore, we can provide a one-time password function on web login system to authenticate the user using multi-factor form. Proposed scheme provide enhanced authentication function and security because it is a 'multi-factor authentication mechanism' combined with handset and biometric information on web login system.

Automatic Fortified Password Generator System Using Special Characters

  • Jeong, Junho;Kim, Jung-Sook
    • International Journal of Fuzzy Logic and Intelligent Systems
    • /
    • v.15 no.4
    • /
    • pp.295-299
    • /
    • 2015
  • The developed security scheme for user authentication, which uses both a password and the various devices, is always open by malicious user. In order to solve that problem, a keystroke dynamics is introduced. A person's keystroke has a unique pattern. That allows the use of keystroke dynamics to authenticate users. However, it has a problem to authenticate users because it has an accuracy problem. And many people use passwords, for which most of them use a simple word such as "password" or numbers such as "1234." Despite people already perceive that a simple password is not secure enough, they still use simple password because it is easy to use and to remember. And they have to use a secure password that includes special characters such as "#!($^*$)^". In this paper, we propose the automatic fortified password generator system which uses special characters and keystroke feature. At first, the keystroke feature is measured while user key in the password. After that, the feature of user's keystroke is classified. We measure the longest or the shortest interval time as user's keystroke feature. As that result, it is possible to change a simple password to a secure one simply by adding a special character to it according to the classified feature. This system is effective even when the cyber attacker knows the password.

Designing Password Input System Resistant on Shoulder Surfing Attack with Statistical Analysis (Shoulder Surfing 공격을 고려한 패스워드 입력 시스템 구현 및 통계적 검증)

  • Lim, Soo Min;Kim, Hyoung Joong;Kim, Seong Kee
    • Journal of the Institute of Electronics and Information Engineers
    • /
    • v.49 no.9
    • /
    • pp.215-224
    • /
    • 2012
  • Using password on system is easy to build and shorten the access time to authorize user, which is high in use for vary system that requires users' authorization. Many input device are able to perform the password system easily, such as PC, smart-phone, tablet PC, etc. Beside the high usability of password, physical attack occurs when user put their password on the device, known as Shoulder Surfing attack. It used to be formed in numbers, characters or mix of different kinds, but new kind of password arose. Exploiting image or making scenarios are those kinds which are able to reflect users' intentions. Not many estimation exists for new password, so there's need to be standard for those new password for highlighting usability and accessability. In this paper, we propose password system with simple image and switching key-board to test statistical method to estimate usability on the password.

A study on User Authentication Technology of Numeric based Pattern Password (숫자기반의 패턴 형식 패스워드 사용자인증 기술)

  • Ju, Seung-Hwan;Seo, Hee-Suk
    • Journal of the Korea Society of Computer and Information
    • /
    • v.17 no.9
    • /
    • pp.65-73
    • /
    • 2012
  • The traditional text-based password is vulnerable guessing, dictionary attacks, keyloggers, social engineering, stole view, etc. these vulnerability effect more serious problem in a mobile environment. In this study, By using the pattern number to enter the password of an existing four-digit numeric password, User easily use to new password system. The technology on pattern based numerical password authorization proposed in this paper would intensify the security of password which holds existing 10 numbers of cases by authorizing a user and would not invade convenience of use by providing high security and making users memorize only four numbers like old method. Making users not have inconvenience and raising complexity, it would have a strength to an shoulder surfing attack of an attacker. So I study password system that represents the shape-based of number. I propose the new password system to prevent peeking attacks and Brute-force attack, and this proposal is to review the security and usability.

Implementing Onetime Password based Access Control System for Secure Sharing Service

  • Kang, Namhi
    • International Journal of Internet, Broadcasting and Communication
    • /
    • v.13 no.3
    • /
    • pp.1-11
    • /
    • 2021
  • Development of ICT technologies leads exponential growth of various sharing economy over the last couple of years. The intuitive advantage of the sharing economy is efficient utilization of idle goods and services, but there are safety and security concerns. In this paper, we propose a onetime password based access control system to support secure accommodation sharing service and show the implementation results. To provide a secure service to both the provider and the user, the proposed system issues a onetime access password that is valid only during the sharing period reserved by the user, thereafter access returns to the accommodation owner. Especially, our system provides secure user access by merging the two elements of speaker recognition using voice and a one-time password to open and close the door lock. In this paper, we propose a secure system for accommodation sharing services as a use-case, but the proposed system can be applicable to various sharing services utilizing security-sensitive facilities.

Implementation of OTP Detection System using Imaging Processing (영상처리를 이용한 비밀번호 인식시스템 개발)

  • Choe, Yeong-Been;Kim, Ji-Hye;Kim, Jin-Wook;Moon, Byung-Hyun
    • Journal of Korea Society of Industrial Information Systems
    • /
    • v.22 no.6
    • /
    • pp.17-22
    • /
    • 2017
  • In this paper, a password recognition system that can overcome a shoulder-surfing attack is developed. During the time period of password insertion, the developed system can prevent the attack and enhance the safety of the password. In order to raise the detection rate of the password image, the mopology technique is utilized. By adapting 4 times of the expansion and dilation, the niose from the binary image of the password is removed. Finally, the mobile phone application is also developed to recognize the one time password and the detection rate is measured. It is shown that the detection rate of 90% is achieved under the dark light condition.