• Convergence Security Journal
• /
• v.6 no.1
• /
• pp.45-53
• /
• 2006

It has been proposed that several RFID authentication protocols based on hash chain. Status based authentication protocol and challenge-response based authentication protocol are secured against location tracking attacks, spoofing attacks, replay attacks, traffic analysis attacks but are vulnerable to Dos attacks. RFID authentication protocol with strong resistance against traceability and denial of service attack is secured against location tracking attack, spoofing attacks, replay attacks, DoS attacks but are vulnerable to traffic analysis attacks. The present study suggests a more secure and lightweight RFID authentication protocol which is combining the advantages of hash-chain authentication protocol and RFID authentication protocol with strong resistance against traceability and denial of service attack. The results of the secure analysts for a proposed protocol are illustrated that it is secured against location tracking attacks, spoofing attacks, replay attacks, traffic analysis attacks, Dos attacks and is a lightweight operation between server and tag.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.11 no.6
• /
• pp.303-310
• /
• 2011

Recently, many user authentication schemes using smart cards have been proposed to improve the security weaknesses in user authentication process. In 2009, Wang et al. proposed a more effective and secure dynamic ID-based remote user authentication scheme to improve the security weakness of Das et al.'s scheme, and asserted that the improved scheme is secure against independent of password in authentication phase and provides mutual authentication between the user and the remote server. However, in this paper, we analyze the security of Wang et al. scheme and demonstrate that Wang et al.'s scheme is vulnerable to the man-in-the-middle attack and the off-line password guessing attack. In addition, we show that Wang et al. scheme also fails to provide mutual authentication. Accordingly, we propose an improved scheme to overcome these security weakness even if the secrete information stored in the smart card is revealed. Our proposed scheme can withstand the user impersonation attack, the server masquerading attack and off-line password guessing attack. Furthermore, this improved scheme provides the mutual authentication and is more effective than Wang et al.'s scheme in term of the computational complexities.

• Journal of Internet Computing and Services
• /
• v.5 no.1
• /
• pp.99-111
• /
• 2004

Two general security measures in computing networks are secure data transmission and user authentication, These problems are still critical in the wireless LAN environments. Thus security becomes most significant issue in personal network environments and ubiquitous networks based on wireless LANs. We purpose a new authentication system for these kind of environments, and coined it UPMA(Ubiquitous Personal Mutual Authen-tication) model. UPMA supports authenticating configurations which provides personal verification for each system. It guarantees secure communications through the session key setup, and provides mutual authentication by verifying each user and his/her station. UPMA solves security problems in ubiquitous networks without accessing authentication server, Instead it performs mutual authentication between terminals or between systems. It is a global authentication system which enables global roaming service through the Internet or other public networks, It can be used to guarantee safe and convenient access to a company Intranet or to a home network.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.37 no.2C
• /
• pp.140-156
• /
• 2012

Since most of recently launched smart devices support NFC(Near Field Communication), RFID applications are tend to be replaced. For instance, previous RFID application areas such as entrance control, mobile e-ticket, electronic payment and et. al are subject to change using NFC. Due to the limitation of passive communication in RFID, it is impossible to cover all security requirements of authentication and authorization mechanism that wide areas of applications demand. Therefore authentication and authorization mechanism based on NFC is very attractive to such applications because active communication methods make it possible to be highly secure in authentication and authorization. In this paper, authors propose a new approach of secure authentication and authorization mechanism using NFC smart devices based on EAP(Extensible Authentication Protocol) and AAA(Authentication, Authorization and Accounting) protocols.

• Journal of the Korea Society of Computer and Information
• /
• v.28 no.7
• /
• pp.77-84
• /
• 2023

This research originated from the need to enhance the security of secure multiparty computation by ensuring that participants involved in multiparty computations provide truthful inputs that have not been manipulated. While malicious participants can be involved, which goes beyond the traditional security models, malicious behaviors through input manipulation often occur in real-world scenarios, leading to privacy infringements or situations where the accuracy of multiparty computation results cannot be guaranteed. Therefore, in this study, we propose a signature scheme applicable to secure multiparty technologies, combining it with secret sharing to strengthen the accuracy of inputs using authentication techniques. We also investigate methods to enhance the efficiency of authentication through the use of batch authentication techniques. To this end, a scheme capable of input certification was designed by applying a commitment scheme and zero-knowledge proof of knowledge to the CL signature scheme, which is a lightweight signature scheme, and batch verification was applied to improve efficiency during authentication.

• Journal of Industrial Technology
• /
• v.27 no.B
• /
• pp.43-51
• /
• 2007

In mobile multi-hop wireless networks, the authentication between a base station and a mobile multi-hop node, between multi-hop nodes, and between user a station and a multi-hop node is needed for the reliable and secure network operation. In this paper, we survey various authentication schemes which can be considered to be adopted in mobile multi-hop wireless networks and propose a concept of novel mutual authentication scheme applicable to mobile multi-hop network architecture. The scheme should resolve the initial trust gain problem of a multi-hop node at its entry to the network, the problem of rogue mobile multi-hop node and the problem of hop-by-hop authentication between multi-hop nodes. Effectively, the scheme is a hybrid scheme of the distributed authentication method and the centralized authentication method which are considered to be deployed in the wireless ad-hoc network and the wireless network connected to wired authentication servers, respectively.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.16 no.6
• /
• pp.83-94
• /
• 2016

Recent cloud, big data, there is a problem for the architectural security vulnerability to the server platforms of various fields such as artificial intelligence occurs consistently, but using the virtualization technology. In addition, most secure virtualization technology is known to be dependent on the type is limited and the platform provider. This paper presents a method for mutual authentication for secure data between multiple instances of a shared virtualized environment. The proposed method was designing a security architecture in consideration of the mutual authentication between multiple independent instances, and enhance the safety of a security protocol for sharing data by applying a key chain techniques. Performance analysis results and the existing security architecture demonstrated that protect each virtualized instances of the session and the other way, a compliance effectiveness for each instance of the mutual authentication process.

• Convergence Security Journal
• /
• v.14 no.2
• /
• pp.11-16
• /
• 2014

Recently, request of IPTV was increase. It is a multi-screen service by used TV, PC, and smart-phones. Especially, IPTV and smart-phone linked multi-screen service are very growth by user's recommends. Now, IPTV have a security service partial and multi-screen service. But smart-phone and multi-screen service don't have security service. And authentication service for smart-phone and IPTV linked multi-screen service is don't.. Therefore, We propose that user authentication system for multi-screen service with IPTV and multi-device linked authentcation services. Our proposed system base on Kerberos, so proposal is easy and fast about user authentication. This have simple procedures and more secure services against of PKI. So, our system can support secure multi-screen services against various security threats in multi-screen environments.

• Convergence Security Journal
• /
• v.19 no.4
• /
• pp.43-53
• /
• 2019

Recently, a number of military intranet infiltrations suspected of North Korea have been discovered. There was a problem that a vulnerability could occur due to the modification of user authentication data that can access existing military information systems. In this paper, we applied mutual verification technique and API (Application Programming Interface) forgery / forgery blocking and obfuscation to solve the authentication weakness in web browsers that comply with FIDO (Fast IDentity Online) standard. In addition, user convenience is improved by implementing No-Plugin that does not require separate program installation. Performance tests show that most browsers perform about 0.1ms based on the RSA key generation rate. In addition, it proved that it can be used for commercialization by showing performance of less than 0.1 second even in the digital signature verification speed of the server. The service is expected to be useful for improving military information system security as an alternative to browser authentication by building a web secure storage.

• Journal of information and communication convergence engineering
• /
• v.8 no.4
• /
• pp.437-442
• /
• 2010

Ubiquitous mobile computing is becoming easier and more attractive in this ambient technological Internet world. However, some portable devices such as Personal Digital Assistant (PDAs) and smart phones are still encountering inherent constraints of limited storages and computing resources. To alleviate this problem, we develop a cost-effective protocol, iATA to transfer ATA commands and data over TCP/IP network between mobile appliances and stationary servers. It provides mobile users a virtual storage platform which is physically resided at remote home or office. As communications are made through insecure Internet connections, security risks of adopting this service become a concern. There are many reported cases in the history where attackers masquerade as legitimate users, illegally access to network-based applications or systems by breaking through the poor authentication gates. In this paper, we propose a mutual authentication and secure session termination scheme as the first and last defense steps to combat identity thief and fraud threat in particular for iATA services. Random validation factors, large prime numbers, current timestamps, one-way hash functions and one-time session key are deployed accordingly in the scheme. Moreover, we employ the concept of hard factorization problem (HFP) in the termination phase to against fraud termination requests. Theoretical security analysis discussed in later section indicates the scheme supports mutual authentication and is robust against several attacks such as verifiers' impersonation, replay attack, denial-of-services (DoS) attack and so on.