• Title/Summary/Keyword: Secure Authentication

Search Result 1,091, Processing Time 0.028 seconds

Design of Secure Internet Phone using Smart Card (스마트카드를 이용한 안전한 인터넷 전화 설계)

  • 박진호;정진욱
    • Convergence Security Journal
    • /
    • v.2 no.1
    • /
    • pp.59-68
    • /
    • 2002
  • The smart card including memory and processor is able to simple process such as privilege unauthorized access and used to Authentication System for security. In this paper, we propose using the smart card in the key exchange phase when secure Internet phones conversation, so certainly guarantee to mutual authentication and secret communication.

  • PDF

Problem Analysis and Enhancement of 'An Improved of Enhancements of a User Authentication Scheme'

  • Mi-Og Park
    • Journal of the Korea Society of Computer and Information
    • /
    • v.29 no.6
    • /
    • pp.53-60
    • /
    • 2024
  • In this paper, we analyze the authentication scheme of Hwang et al. proposed in 2023 and propose a new authentication scheme that improves its problems. Hwang et al. claimed that their authentication scheme was practical and secure, but as a result of analysis in this paper, it is possible to attack the password/ID guessing attack and session key disclosure attack due to insider attack and stolen smart card attack. In addition, Hwang et al.'s authentication scheme, which provides user anonymity, does not provide user untraceability due to its unstable design. The proposed authentication scheme, which improves these problems, not only provides user untraceability, but also is secure for stolen smart card attack, insider attack, session key disclosure attack, and replay attack. In addition, except for one fuzzy extraction operation, it shows the same complexity or very similar one as related authentication schemes. Therefore, the proposed authentication scheme can be said to be an authentication scheme with safety and practicality.

Design of Command Security Mechanism for the Satellite Using Message Authentication Code (메세지 인증 코드 기법을 이용한 위성명령 보안 메카니즘 설계)

  • Hong, K.Y.;Park, W.S.;Lee, H.J.;Kim, D.K.
    • Proceedings of the Korea Institutes of Information Security and Cryptology Conference
    • /
    • 1994.11a
    • /
    • pp.99-107
    • /
    • 1994
  • For the secure control of the communication satellite, security mechanisms should be employed on the ground station as well as on the spacecraft. In this paper, we present a security architecture fur the spacecraft command security of the communication satellite. An authentication mechanism is also proposed using message authentication code (MAC) based on the Data Encryption Standard (DES) cryptosystem.

  • PDF

Verification of Authentication Protocol for CDMA Mobile Communication Network

  • Hong, Ki-Yoong;Kim, Seok-Woo;Kim, Dong-Kyoo
    • Journal of Electrical Engineering and information Science
    • /
    • v.1 no.1
    • /
    • pp.82-90
    • /
    • 1996
  • In this paper, we present an analysis of the IS-95 authentication protocol for the Code Division Multiple Access(CDMA) mobile communication network. We propose a mutual authentication protocol, AP-6, to improve the security and correctness. Formal description and verification of the proposed AP-6 are also presented on the basis of the formal logic. It is shown that the proposed AP-6 is more secure and correct than the IS-95 authentication protocol.

  • PDF

A Study on the Secure Storage Device for Protecting Cryptographic Keys in Untrusted DRM Client Systems (신뢰할 수 없는 DRM 클라이언트 시스템 하에서 키 보호를 위한 Secure Storage Device의 연구)

  • 이기정;권태경;황성운;윤기송
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.14 no.2
    • /
    • pp.3-13
    • /
    • 2004
  • DRM is the ability to brand digital contents with features that ensure copy Protection and affect the way in which digital contents are played back. DRM is a technology that enables the secure distribution, promotion and sale of digital contents on the Internet. The DRM Client System that operates on the untrusted user environments has to meet the requirements of the contents owner, including copyright and contents protection. After the DRM Client System is installed on the untrusted user environments, it verifies and plays digital contents. With these procedures it cuties out user authentication, contents decryption, and license management. During these procedures, the sensitive data, including authentication information, decryption data and license data, must be secured against any illegal access from users. The goal of this thesis is to introduce the implementation of Secure Storage Device which can protect user's authentication key, cryptographic key, and license data in safe where the DRM Client System is running.

An Extended Multi-Server-Based User Authentication and Key Agreement Scheme with User Anonymity

  • Li, Chun-Ta;Lee, Cheng-Chi;Weng, Chi-Yao;Fan, Chun-I
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.7 no.1
    • /
    • pp.119-131
    • /
    • 2013
  • With the explosive growth of computer networks, many remote service providing servers and multi-server network architecture are provided and it is extremely inconvenient for users to remember numerous different identities and passwords. Therefore, it is important to provide a mechanism for a remote user to use single identity and password to access multi-server network architecture without repetitive registration and various multi-server authentication schemes have been proposed in recent years. Recently, Tsaur et al. proposed an efficient and secure smart card based user authentication and key agreement scheme for multi-server environments. They claimed that their scheme satisfies all of the requirements needed for achieving secure password authentication in multi-server environments and gives the formal proof on the execution of the proposed authenticated key agreement scheme. However, we find that Tsaur et al.'s scheme is still vulnerable to impersonation attack and many logged-in users' attack. We propose an extended scheme that not only removes the aforementioned weaknesses on their scheme but also achieves user anonymity for hiding login user's real identity. Compared with other previous related schemes, our proposed scheme keeps the efficiency and security and is more suitable for the practical applications.

A Study on Strong Minutiae Extraction for Secure and Rapid Fingerprint Authentication

  • Han, Jin-Ho
    • International journal of advanced smart convergence
    • /
    • v.6 no.2
    • /
    • pp.65-71
    • /
    • 2017
  • Fingerprints are increasingly used for user authentication in small devices such as mobile phones. Therefore, it is important for Fingerprint authentication systems in personal devices to protect the user's fingerprint information while performing efficiently with a lightweight matching algorithm. In this paper, we propose a new method to extract strong minutiae with unique numbers from fingerprint images. Strong minutiae are at all times obtained from fingerprint images, and can be useful for secure and rapid fingerprint authentication. The binary information of strong minutiae of a fingerprint can be transformed securely and can create cancelable fingerprint templates. Also the bit-strings of strong minutiae decrease computing time necessary for the matching procedure between two fingerprints due to the simplicity of bitwise operations. First, we enroll several fingerprints images of a finger. From these images we select a reference fingerprint and put a number on each minutia. Following this procedure, we search for mated-minutiae between the reference fingerprint and other fingerprints one by one. Finally we derive unique numbers of strong minutiae of the finger. In the experiment with the FVC2004 fingerprint database, we show that using the proposed method, strong minutiae can be extracted successfully.

Design of Authentication Protocol for IMT-2000 (IMT-2000 인증 프로토콜 설계)

  • Gang, Hyeong-U;Yun, Lee-Jung;Lee, Su-Yeon;Park, Chang-Seop;Lee, Dong-Hun
    • The Transactions of the Korea Information Processing Society
    • /
    • v.6 no.8
    • /
    • pp.2133-2144
    • /
    • 1999
  • IMT-2000 system is expected to start its service at the beginning of 2000 on the purpose of providing with the highest qualitative service through one mobile terminal. In this paper, we investigate some of the important issues which need to be addresses in designing an authentication protocol for IMT-2000. Also proposed is an authentication protocol which addresses the above issues, and we design a correct and efficient authentication protocol to establish secure communication channel. Our protocol provides an authentication of the communication entities, location privacy, and secure messaging as well as global roaming service.

  • PDF

Secure User Authentication Scheme Based on Facial Recognition for Smartwork Environment (스마트워크 환경에 적합한 얼굴인식 기반 사용자 인증 기법)

  • Byun, Yun-Sang;Kwak, Jin
    • Journal of Advanced Navigation Technology
    • /
    • v.17 no.3
    • /
    • pp.314-325
    • /
    • 2013
  • Smartwork is future-oriented work-environment to bring swift business transaction and convenient for users. In domestic and foreign various countries, It's already prompting introduction of smartwork. Users process work to access frequently from the outside in smartwork that's a similar client/server environment to existing Cloud Computing environment. Necessary of user authentication is increasing to be solvable to security vulnerability because there is possibility that malware flows in and leaks company's confidential information by unauthorized users especially in smartwork environment. Therefore we propose User Authentication scheme based face recognition is applicable to smartwork environment to analyze established User Authentication scheme. environment.

Design and Implementation of Web Service System for secure Message Transmission in Electronic Commerce (전자상거래 환경에서의 안전한 메시지 전송을 위한 웹 서비스 시스템 설계 및 구현)

  • Park, Jong-Hoon;Kim, Chul-Won
    • Journal of the Korea Institute of Information and Communication Engineering
    • /
    • v.14 no.8
    • /
    • pp.1855-1860
    • /
    • 2010
  • This paper describes construction of web services system for secure message transmission appling web services standards. This system composes single sign on module, SSL module and secure message module. We applied these modules to price comparison site. Single sign on module used SAML standards. This module was designed, in order to provide authentication and authorization. As SSL module processes message encryption among end to end, messages of this system are secure. Secure message module is designed according to WS-Security standards and processes authentication, XML signature and XML encryption.