• The Journal of the Korea Contents Association
• /
• v.9 no.3
• /
• pp.28-38
• /
• 2009

Login process uses both ID and password information to authenticate someone and to permit its access privilege on system. However, an attacker can get those ID and password information by using existing packet sniffing or key logger programs. It cause privacy problem as those information can be used as a hacking and network attack on web server and web e-mail system. Therefore, a more secure and advanced authentication mechanism should be required to enhance the authentication process on existing system. In this paper, we propose a multi-factor authentication process by using software form of secure card system combined with existing ID/Password based login system. Proposed mechanism uses a random number generated from the his/her own handset with biometric information. Therefore, we can provide a one-time password function on web login system to authenticate the user using multi-factor form. Proposed scheme provide enhanced authentication function and security because it is a 'multi-factor authentication mechanism' combined with handset and biometric information on web login system.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.39B no.6
• /
• pp.333-340
• /
• 2014

Despite the security weakness of reusing passwords, many Internet users are likely to use a single ID and password on various sites to avoid the inconvenience of remembering multiple credentials. This paper proposes a scheme for securely storing, retrieving, and updating randomly chosen (ID, password) pairs by using smart cards as secure and portable storages. The scheme makes a user free from remembering her (ID, password) pairs for Internet accesses. By splitting and scattering the (ID, password) pairs of a user across the user's smart card memory and a remote server's storage, it can protect the logon credentials even from the theft or loss of the smart card. Also, a user, if deemed necessary, can issue and let the server to delete all information belonging to the user. Hence even an attacker who cracked the smart card memory would not be able to obtain any (ID, password) pair of the victim thereafter. The scheme requires a user to input a site information and pass-phrase to her smart card to obtain the logon credentials, but it should be an acceptable overhead considering the benefits of not remembering the freely chosen (ID, password) pairs at all.

• The KIPS Transactions:PartC
• /
• v.10C no.6
• /
• pp.747-754
• /
• 2003

Thia paper suggests a milti user-authentication system comprises that DNA biometric informatiom, owner's RFID(Radio Frequency Identification) smartcard of hardware token, and PKI digital signqture of software. This system improved items proposed in [1] as follows : this mechanism provides one RFID smartcard instead of two user-authentication smartcard(the biometric registered seal card and the DNA personal ID card), and solbers user information exposure as RFID of low proce when the card is lost. In addition, this can be perfect multi user-autentication system to enable identification even in cases such as identical twins, the DNA collected from the blood of patient who has undergone a medical procedure involving blood replacement and the DNA of the blood donor, mutation in the DNA base of cancer cells and other cells. Therefore, the proposed system is applied to terminal log-on with RFID smart card that stores accurate digital DNA biometric information instead of present biometric user-authentication system with the card is lost, which doesn't expose any personal DNA information. The security of PKI digital signature private key can be improved because secure pseudo random number generator can generate infinite one-time pseudo randon number corresponding to a user ID to keep private key of PKI digital signature securely whenever authenticated users access a system. Un addition, this user-authentication system can be used in credit card, resident card, passport, etc. acceletating the use of biometric RFID smart' card. The security of proposed system is shown by statistical anaysis.

• Journal of Korea Multimedia Society
• /
• v.18 no.12
• /
• pp.1483-1491
• /
• 2015

Applications of Internet of Things (IoT) supply various conveniences, however unsolved security problems such as personal privacy, data manipulation cause harm to persons, even nations and an limit the applicable areas of Internet of IoT technology. Therefore, study about secure and efficient security system on IoT are required. This paper proposes ID-based remote user authentication scheme in IoT environments. Proposed scheme provides untraceability of users by using different pseudonym identities in every session and reduces the number of variables. Our proposal is secure against inside attack, smart card loss attack, user impersonation attack, server masquerading attack, online/offline password guessing attack, and so on. Therefore, this can be applied to the lightweight IoT environments.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2007.05a
• /
• pp.977-980
• /
• 2007

로그인 과정은 사용자의 ID와 Password를 기반으로 시스템에 대한 사용권한을 부여한다. 로그인 과정에서 입력된 ID와 Password 정보는 패킷 스니핑 또는 Keylogger 프로그램 등을 이용하여 악의적인 공격자에 의해 노출될 수 있다는 취약점이 있다. 웹서버 또는 웹메일 시스템 등에 등록된 ID와 Password가 노출된다면 이는 개인 프라이버시 문제와도 연결되어 매우 심각한 문제이기도 하다. 현재 대부분의 시스템에서는 ID와 Password 만을 가지고 사용자에 대한 인증 및 로그인 과정을 수행하기 때문에 더욱더 강력한 복합 로그인 메카니즘이 제시되어야 한다. 본 연구에서는 기존의 ID/Password 기반 로그인 기법과 더불어 소프트웨어 형태의 보안카드를 핸드폰에 설치하여 유무선망을 통한 이중 인증(Two factor authentication) 기법을 제시한다. 제안한 소프트웨어 형태의 보안카드 기반 로그인 기법은 ID/Password와 함께 부가적 정보로써 사용자의 핸드폰에 발급받은 보안카드내 난수 형태로 생성된 번호를 사용한다. 따라서 제안한 시스템을 사용할 경우 기존의 ID와 Password와 연계되어 일회용 패스워드 형태로 제공되는 보안카드 정보를 사용하여 로그인 과정을 수행하기 때문에 보다 안전한 인증 시스템을 구축할 수 있다.

• Journal of the Korea Society of Computer and Information
• /
• v.28 no.7
• /
• pp.67-75
• /
• 2023

In this paper, we analyze the problem of the user authentication scheme that provides dynamic ID in a multi-server environment proposed by Andola et al. and propose an improved authentication one to solve this problem. As a result of analyzing the authentication scheme of Andrea et al. in this paper, it is not safe for smart card loss attack, and this attack allows users to guess passwords, and eventually, the attacker was able to generate session key. This paper proposed an improved authentication scheme to solve these problems, and as a result of safety analysis, it was safe from various attacks such as smart card loss attack, password guess attack, and user impersonation attack. Also the improved authentication scheme not only provides a secure dynamic ID, but is also effective in terms of the computational complexity of the hash function. In addition, the improved authentication scheme does not significantly increase the amount of transmission, so it can be said to be an efficient authentication scheme in terms of transmission cost.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.10 no.3
• /
• pp.1289-1310
• /
• 2016

Dynamic ID-based authentication solves the ID-theft problem by changing the ID in each session instead of using a fixed ID while performing authenticated key exchanges between communicating parties. User anonymity is expected to be maintained and the exchanged key kept secret even if one of the long-term keys is compromised in the future. However, in the conventional dynamic ID-based authentication scheme, if the server's long-term key is compromised, user anonymity can be broken or the identities of the users can be traced. In addition, these schemes are vulnerable to replay attacks, in which any adversary who captures the authentication message can retransmit it, and eventually cause the legitimate user to be denied service. This paper proposes a novel dynamic ID-based authentication scheme that preserves forward anonymity as well as forward secrecy and obviates replay attacks.

• Proceedings of the CALSEC Conference
• /
• 2001.08a
• /
• pp.165-176
• /
• 2001

* Extension of EC(Electronic Commerce) * Standard of Message -EDI : UN/EDIFACT, ANSI X12, etc -XML : ebXML, CML, MathML, WIDL, etc * Various of Information -Business Transaction Data -Private Data : ID, Password, Personal Information -Charge Data : Accounts, Card, etc * Message Level Security(omitted)

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.38B no.3
• /
• pp.190-198
• /
• 2013

Since the facilities for the remote users tend to be deployed in distributed manner, authentication schemes for multi-server communication settings, which provide various web services, are required for real-world applications. A typical way to authenticate a remote user relies on password authentication mostly. However, this method is vulnerable to attacks and inconvenient as the system requires users to maintain different identities and corresponding passwords. On the other hand, the user can make use of a single password for all servers, but she may be exposed to variants of malicious attacks. In this paper, we propose an efficient and secure authentication scheme based on a brokered authentication along with smart-cards in multi-server environment. Further we show that our scheme is secure against possible attacks and analyze its performance with respect to communication and computational cost.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.13 no.2
• /
• pp.849-855
• /
• 2012

In this paper, a proposed system can be ensured safety using scrambling technique in order to protect personal information which identifies visually from the existing e-passport. This system inserts ID card number and photograph into e-passport using scrambling technique. In this system, we need user private key and CA private key to encrypt and decrypt which make it secure. And It show better performance in throughput by not encrypting or decrypting the whole e-passport.