• Title/Summary/Keyword: S/Key Authentication

Search Result 444, Processing Time 0.021 seconds

The Development of a One-time Password Mechanism Improving on S/KEY (S/KEY를 개선한 일회용 패스워드 메커니즘 개발)

  • 박중길
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.9 no.2
    • /
    • pp.25-36
    • /
    • 1999
  • In this paper we propose a one-time password mechanism that solves the problems of the S/KEY: the limitation of a usage and the need of storage for keys. because of using a cryptographic algorithm the proposed mechanism has no the limitation of a usage. Also because of producing the key for an authentication from a user's password it is easy to manage the authentication key and is possible to share the session key between a client and a server after the authentication process. In addition the proposed mechanism is easy to protect and manage the authentication information because of using a smart card and is adopted by the system that needs a noe-way authentication from a client to a server without the challenge of a server.

A New Roaming Authentication Framework For Wireless Communication

  • Li, Xiaowei;Zhang, Yuqing;Liu, Xuefeng;Cao, Jin;Zhao, Qianqian
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.7 no.8
    • /
    • pp.2061-2080
    • /
    • 2013
  • Roaming authentication protocol is widely used in wireless network which can enable a seamless service for the mobile users. However, the classical approach requires the home server's participation during the authentication between the mobile user and the foreign server. So the more the roaming requests are performed the heavier burden will be on the home server. In this paper, we propose a new roaming authentication framework for wireless communication without the home server's participation. The new roaming authentication protocol in the new framework takes advantage of the ID-based cryptography and provides user anonymity. It has good performance compared with the roaming authentication protocols whose authentication do not need the home server's participation in terms of security and computation costs. Moreover, a new User-to-User authentication protocol in the new framework is also present. All the authentications proposed in this paper can be regarded as a common construction and can be applied to various kinds of wireless networks such as Cellular Networks, Wireless Mesh Networks and Vehicle Networks.

An Improved Smart Card-based User Authentication Scheme with Session Key Agreement for Telecare Medicine Information System

  • Yang, Hyungkyu
    • International Journal of Internet, Broadcasting and Communication
    • /
    • v.9 no.3
    • /
    • pp.35-43
    • /
    • 2017
  • In 2013, Lee-Lie proposed secure smart card based authentication scheme of Zhu's authentication for TMIS which is secure against the various attacks and efficient password change. In this paper, we discuss the security of Lee-Lie's smart card-based authentication scheme, and we have shown that Lee-Lie's authentication scheme is still insecure against the various attacks. Also, we proposed the improved scheme to overcome these security problems of Lee-Lie's authentication scheme, even if the secret information stored in the smart card is revealed. As a result, we can see that the improved smart card based user authentication scheme for TMIS is secure against the insider attack, the password guessing attack, the user impersonation attack, the server masquerading attack, the session key generation attack and provides mutual authentication between the user and the telecare system.

A S/KEY Based Secure Authentication Protocol Using Public Key Cryptography (공개키를 적용한 S/KEY 기반의 안전한 사용자 인증 프로토콜)

  • You, Il-Sun;Cho, Kyung-San
    • The KIPS Transactions:PartC
    • /
    • v.10C no.6
    • /
    • pp.763-768
    • /
    • 2003
  • In this paper, we propose a S/KEY based authentication protocol using smart cards to address the vulnerebilities of both the S/KEY authentication protocol and the secure one-time password protpcol which YEH, SHEN and HWANG proposed [1]. Because out protpcel is based on public key, it can authenticate the server and distribute a session key without any pre-shared secret. Also, it can prevent off-line dictionary attacks by using the randomly generated user is stored in the users smart card. More importantly, it can truly achieve the strength of the S/KEY scheme that no secret information need be stored on the server.

One time password key exchange Authentication technique based on MANET (MANET 기반 원타임 패스워드 키교환 인증기법)

  • Lee, Cheol-Seung;Lee, Joon
    • Journal of the Korea Institute of Information and Communication Engineering
    • /
    • v.11 no.7
    • /
    • pp.1367-1372
    • /
    • 2007
  • This paper suggests One-time Password key exchange authentication technique for a strong authentication based on MANET and through identify wireless environment security vulnerabilities, analyzes current authentication techniques. The suggested authentication technique consists of 3 steps: Routing, Registration, and Running. The Routing step sets a safe route using AODV protocol. The Registration and Running step apply the One-time password S/key and the DH-EKE based on the password, for source node authentication. In setting the Session key for safe packet transmission and data encryption, the suggested authentication technique encrypts message as H(pwd) verifiers, performs key exchange and utilizes One time password for the password possession verification and the efficiency enhancement. EKE sets end to end session key using the DH-EKE in which it expounds the identifier to hash function with the modula exponent. A safe session key exchange is possible through encryption of the H(pwd) verifier. The suggested authentication technique requires exponentiation and is applicable in the wireless network environment because it transmits data at a time for key sharing, which proves it is a strong and reliable authentication technique based on the complete MANET.

A Secure Quantum-Resistant Authentication and Key Distribution Protocol for NFC Payment Environments (NFC 결제 환경에서 양자 컴퓨팅에 안전한 인증 및 키 분배 프로토콜)

  • Kim, JongHyun;Park, KiSung;Park, YoungHo
    • Journal of Korea Multimedia Society
    • /
    • v.21 no.4
    • /
    • pp.485-492
    • /
    • 2018
  • Recently, the numerous authentication and key distribution protocol for NFC payment environment have been proposed using public key cryptosystems. However, these protocol are vulnerable to quantum computing attack because quantum computing can solve factoring and discrete logarithm problem effectively using Grover and Shor's algorithm. For these reason, the secure authentication and key distribution have become a very important security issue in order to prevent quantum computing attacks. Therefore, to ensure user's payment information and privacy, we propose a secure quantum resistant authentication and key distribution protocol for NFC payment environments.

An Improved Biometrics-based Password Authentication Scheme with Session Key Agreement

  • Yang, Hyungkyu
    • International Journal of Internet, Broadcasting and Communication
    • /
    • v.8 no.3
    • /
    • pp.50-57
    • /
    • 2016
  • In 2013, Li et al. proposed an improved smart card-based remote user password authentication scheme, and claimed that their scheme not only overcomes security weaknesses of the Chen et al.'s scheme but also is a more user friendly scheme compared with other schemes. In this paper, we analyze the security of Li et al.'s authentication scheme and we show that Li et al.'s authentication scheme is still insecure against the various attacks, such as the off-line password guessing attack, the forgery attack, and the session key generation attack etc. Also, we propose an improved scheme that can resist these security drawbacks of Li et al.'s authentication, even if the secret information stored in the smart card is revealed. As a result of security analysis, the improved scheme is relatively more secure against several attacks than other related schemes in terms of the security.

A Study on the Secure Authentication Method using SIP in the VoIP System (VoIP 시스템에서 SIP를 이용한 보안 인증기법에 관한 연구)

  • Lee, Young Gu;Kim, Jeong Jai;Park, Chan Kil
    • Journal of Korea Society of Digital Industry and Information Management
    • /
    • v.7 no.1
    • /
    • pp.31-39
    • /
    • 2011
  • VoIP service uses packet network of ip-based because that has eavesdropping, interception, illegal user as vulnerable elements. In addition, PSTN of existing telephone network is subordinate line but VoIP service using the ip packet provide mobility. so The user authentication and VoIP user's account service using VoIP has emerged as a problem. To solve the vulnerability of SIP, when you use VoIP services with SIP, this paper has made it possible to authenticate user's terminal by using proxy server and proxy server by using authentication server. In conclusion, sender and receiver are mutually authenticated. In the mutual authentication process, the new session key is distributed after exchanging for the key between sender and receiver. It is proposed to minimize of service delay while the additional authentication. The new session key is able to authenticate about abnormal messages on the phone. This paper has made it possible to solve the vulnerability of existing SIP authentication by using mutual authentication between user and proxy server and suggest efficient VoIP service which simplify authentication procedures through key distribution after authentication.

Power Support Device (PSD) Based Authentication Protocol for Secure WiBro Services (안전한 WiBro 서비스를 위한 PSD(Power Support Device) 기반 인증 프로토콜)

  • Lee, Gi-Sung
    • Journal of the Korea Academia-Industrial cooperation Society
    • /
    • v.9 no.3
    • /
    • pp.727-733
    • /
    • 2008
  • An authentication between a user's terminal and a Access Control Router (ACR) is preceded so that a user receives secure WiBro services. Otherwise they can be exposed from many attack risks. So the Telecommunications Technology Association (TTA) constituted a mechanism of the mutual authentication for WiBro service. In mechanism a user executes the mutual authentication between a Portable Equipment (PE) and the ACR by using Portable Internet Subscriber Identity Module (PISIM). But this standard needs many message to authenticate the ACR and the users cann't use wireless Internet service. Therefore in this paper we propose the key agreement protocol between the PSS and the ACR to authenticate the PSS to ACR. At this time Power Support Device (PSD) fer supporting the calculated quantity of the PSS is participated in the key agreement protocol. The ACR sends a generated key to Key Authentication Server (KAS) via secure IPsec tunnel and then it preserves the identity of the PSS and the value of key after it enciphered them. In conclusion we analyze the security and efficiency of the proposed protocol.

Password-Based Key Exchange Protocols for Cross-Realm (Cross-Realm 환경에서 패스워드기반 키교환 프로토콜)

  • Lee, Young Sook
    • Journal of Korea Society of Digital Industry and Information Management
    • /
    • v.5 no.4
    • /
    • pp.139-150
    • /
    • 2009
  • Authentication and key exchange are fundamental for establishing secure communication channels over public insecure networks. Password-based protocols for authenticated key exchange are designed to work even when user authentication is done via the use of passwords drawn from a small known set of values. There have been many protocols proposed over the years for password authenticated key exchange in the three-party scenario, in which two clients attempt to establish a secret key interacting with one same authentication server. However, little has been done for password authenticated key exchange in the more general and realistic four-party setting, where two clients trying to establish a secret key are registered with different authentication servers. In fact, the recent protocol by Yeh and Sun seems to be the only password authenticated key exchange protocol in the four-party setting. But, the Yeh-Sun protocol adopts the so called "hybrid model", in which each client needs not only to remember a password shared with the server but also to store and manage the server's public key. In some sense, this hybrid approach obviates the reason for considering password authenticated protocols in the first place; it is difficult for humans to securely manage long cryptographic keys. In this work, we introduce a key agreement protocol and a key distribution protocol, respectively, that requires each client only to remember a password shared with its authentication server.