• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.17 no.2
• /
• pp.145-185
• /
• 2007

A resident registration number is used to confirm and prove his/her identity in a government/non-governmental agency. It is a essential requirement to become the registered member on internet website in Korea. It is serious problem that the resident registration number and name are outflowed in internet and misused by others. So the MIC(Ministry of Information and Communication) in Korea plans and operates the identification system using I-PIN that integrate 5 alternative methods of resident registration number. In this paper, we analyze the problem about the method of 5 I-PIN services and show the security analysis on the implementation vulnerabilities of I-PIN services. we also analyze 17 websites that provides identification system using I-PIN. Finally, we analyze the overall problem of I-PIN service and propose the countermeasure about the problem.

• Journal of Practical Engineering Education
• /
• v.16 no.3_spc
• /
• pp.327-332
• /
• 2024

The spread of smart phones provides users with a variety of services, making their lives more convenient. In particular, financial transactions can be easily made online after user authentication using a smart phone. Users easily access the service by authenticating using a PIN, but this makes them vulnerable to social engineering attacks such as spying or recording. We aim to increase security against social engineering attacks by applying the authentication method including imaginary numbers when entering a password at the door lock to smart phones. Door locks perform PIN authentication within the terminal, but in smart phones, PIN authentication is handled by the server, so there is a problem in transmitting PIN information safely. Through the proposed technique, multiple PINs containing imaginary numbers are generated and transmitted as processed values such as hash values, thereby ensuring the stability of transmission and enabling safe user authentication through a technique that allows the PIN to be entered without exposure.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.4 no.3
• /
• pp.45-53
• /
• 2008

As internet is wide spread, the number of internet service provider is increased. Internet service providers gather the personnel information with inhabitants registration identification number for the user management and the adult authentication. The personnel information is spreaded thorough the Internet by the system hacking, mismanagement and malicious resale. And the personnel information is used for spam email, phishing scams, etc. by malicious others. So the Ministry of Information and Communication Republic of Korea developments I-PIN system of the personnel identification. But, I-PIN has some problem the guideline for it and the method of 5 I-PIN services. In this paper, we analyze the problem about the guideline for I-PIN and the method of 5 I-PIN services. And we propose the countermeasure about the problem.

• The Journal of Information Technology
• /
• v.2 no.2
• /
• pp.235-250
• /
• 1999

The test of digital VLSI devices is to insure that the device will perform all of its designed functions while in the worst-case environments. According to increasing the integration of the communication device, there are important consideration about the improvement of the reliability in the product. To improve the reliability of the device, the test parameters and test time are increased. There are basically three kinds of tests: functional, DC parametric, and AC parametric. There are no pin-to-pin short test and pin-to-pin leakage test in the present test items to analysis the characteristics and reliability of the device. The purpose of the paper is to model the pin-to-pin phenomenon and propose to modify the test method and to test the new pin-to-pin DC parameters. These modified and additive test items were applied to product test and confirmed to improve the reliability of product test.

• KIPS Transactions on Computer and Communication Systems
• /
• v.7 no.5
• /
• pp.127-136
• /
• 2018

In this paper, we propose a PIN entry method that combines with machine learning technique on smartphone. We use not only a PIN but also touch time intervals and locations as factors to identify whether the user is correct or not. In the user registration phase, a remote server was used to train/create a machine learning model using data that collected from end-user device (i.e. smartphone). In the user authentication phase, the pre-trained model and the saved PIN was used to decide the authentication success or failure. We examined that there is no big inconvenience to use this technique (FRR: 0%) and more secure than the previous PIN entry techniques (FAR : 0%), through usability and security experiments, as a result we could confirm that this technique can be used sufficiently. In addition, we examined that a security incident is unlikely to occur (FAR: 5%) even if the PIN is leaked through the shoulder surfing attack experiments.

• Journal of Industrial Convergence
• /
• v.20 no.11
• /
• pp.191-196
• /
• 2022

In the fintech field, financial transactions with smart phones are actively conducted. User authentication technology is essential for safe financial transactions. PIN authentication through the existing security keypads is convenient to input but has weaknesses in security and others. The biometric authentication technique is secure, but there is a possibility of false positive and false negative authentication. To compensate for this, two-factor authentication is used. In this paper, we propose the 1.5-factor authentication that can increase convenience and security through PIN input with biometric authentication. It provides the stability of fingerprint authentication and convenience of two or three PIN inputs, and this makes safe financial transaction possible. Since biometric authentication is performed at the same time when entering PIN, while security is required by applying fingerprint authentication to the area touched while entering PIN. The User authentication is performed while ensuring convenience to input through additional PIN input in situations where high safety is required, and Safe financial transactions are possible.

• The Journal of the Convergence on Culture Technology
• /
• v.1 no.3
• /
• pp.83-85
• /
• 2015

It has been increased that communicate each other things such as consumer electronics, mobile equipments and wearable computer with serial communication protocol. The conventional method of SPI and I2C high speed serial communication is widely used with 2 pin of clock and data pin. It has been more important than the speed of data transfer to simplify the hardware structure because the IoT components is reduced the hardware complexity. In this paper, we describe the protocol and implementation of serial data transfer with only one pin. The proposed protocol is suitable for the mobile products that send and receive the small amount of data with low speed and low power consumption.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.23 no.5
• /
• pp.622-629
• /
• 2019

VR(Virtual Reality), which provides realistic services in virtual reality, provides a similar experience using a Head Mounted Display(HMD) device. When the HMD device is worn, it can not recognize the surrounding environment and it is easy to analyze the input pattern of the user with the Shoulder Surfing Attack(SSA) when entering the Personal Identification Number(PIN). In this paper, we propose a method to safeguard the user's password even if the hacker analyzes the input pattern while maintaining the user's convenience. For the first time, we implemented a new type of virtual keypad that deviates from the existing rectangle shape according to the VR characteristics and implemented the lock object for intuitive interaction with the user. In addition, a smart glove using the same sensor as the existing input devices of the VR and a PIN input method suitable for the rotary type are implemented and the safety of the SSA is verified through experiments.

• Journal of information and communication convergence engineering
• /
• v.15 no.2
• /
• pp.91-96
• /
• 2017

PIN-entry interfaces have high risks to leak secret values if the malicious attackers perform shoulder-surfing attacks with advanced monitoring and observation devices. To make the PIN-entry secure, many studies have considered invisible radio channels as a secure medium to deliver private information. However, the methods are also vulnerable if the malicious adversaries find a hint of secret values from user's $na{\ddot{i}}ve$ gestures. In this paper, we revisit the state-of-art radio channel based bimodal PIN-entry method and analyze the information leakage from the previous method by exploiting the sight tracking attacks. The proposed sight tracking attack technique significantly reduces the original password complexities by 93.8% after post-processing. To keep the security level strong, we introduce the advanced bimodal PIN-entry technique. The new technique delivers the secret indicator information through a secure radio channel and the smartphone screen only displays the multiple indicator options without corresponding numbers. Afterwards, the users select the target value by following the circular layout. The method completely hides the password and is secure against the advanced shoulder-surfing attacks.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.19 no.7
• /
• pp.1-8
• /
• 2018

This paper describes new communication methods for transmitting torque commands between the vehicle controller that determines the amount of power generation in a range-extended electric vehicle and the engine controller that performs it. Generally, vehicles use CAN communication, but in this case, the hardware and software of the existing engine controller must be modified. For this reason, it is not easy to apply CAN communication to small and medium sized automotive reorganize companies. Therefore, this research presents a pin-pin communication method for applying the existing mass produced engine controller to range-extended electric vehicles. The pin-pin communication method converts the driver's demand torque control map inside an mass produced engine controller into a virtual accelerator opening position according to the target speed and target torque of the engine, and converts this to a voltage signal for the existing mass produced engine controller to recognize it. The virtual accelerator opening positions are mounted in the form of a control map in the vehicle controller through the reverse conversion process in an offline environment and are determined by the engine generating power requirements and engine optimal operating point algorithm. These algorithms and signal conversion circuits for engine torque transmission have been mounted on the vehicle controller to conduct the virtual accelerator opening position conversion process according to the engine target torque and to establish the virtual accelerator voltage signal using the signal converter.