• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.13 no.1
• /
• pp.273-278
• /
• 2013

Recently, user authentication schemes using smart cards for multi-server environment have been proposed for practical applications. In 2009, Liao-Wang proposed a secure dynamic ID based remote user authentication scheme for multi-server environment that can withstand the various possible attacks and provide user anonymity. In this paper, we analyze the security of Liao-Wang's scheme, and we show that Liao-Wang's scheme is still insecure against the forgery attack, the password guessing attack, the session key attack, and the insider attack. In addition, Liao-Wang's scheme does not provide user anonymity between the user and the server.

• The Journal of Information Technology
• /
• v.3 no.1
• /
• pp.73-88
• /
• 2000

Dramatic changes are beginning to occur in plastic card technologies today in the fields of banking, health care, id-cards and more. Advanced card technologies such as IC-card are playing an increasingly important role in new and innovation system. The merit of IC-card are more capacity, more secure, more reliable, quick and easy to update, secure offline processing, enabling technology etc than magnetic stripe card. And so many countries began using experiment of IC- card and our country began October 13 in Cheju island. Then there are three types using-experiment (K-cash, VISA-cash, MONDEX) in Korea. There are some problems such as standards, widely using, high cost, double investment etc. I think that important things in IC-card using is an international- standardizations and issuing corporation.

• The Journal of the Korea Contents Association
• /
• v.19 no.7
• /
• pp.421-426
• /
• 2019

Nowadays, various type of technologies are used for user authentication, such as knowledge based(ID/PW, etc.) authentication, biometric based(Iris/fingerprint/vein recognition) authentication, ownership based(OTP, security card, etc.) authentication. ID/PW authentication technology, a knowledge based authentication, despite the advantages of low in implementation and maintenance costs and being familiar to users, there are disadvantages of vulnerable to hacking attacks, Other authentication methods solve the vulnerability in ID/PW authentication technology, but they have high initial investment cost and maintenance cost and troublesome problem of reissuance. In this paper, we proposed to improve security and convenience over existing ID/PW based authentication technology, and to secure user authentication without restriction on the devices used for authentication.

• Journal of Digital Convergence
• /
• v.11 no.7
• /
• pp.141-148
• /
• 2013

Smart grid can two-way communication using ICT(Information & Communication Technology). Also, smart grid can supply to dynamic power that grafted to electric vehicle can activate to electric vehicle charging infrastructure and used to storage battery of home. Storage battery of home can resale to power provider. These electric vehicle charging infrastructure locate fixed on home, apartment, building, etc charging infrastructure that used fluid on user. If don't authentication for user of fluid user use to charging infrastructure, electric charging service can occurred to illegal use, electric charges and leakgage of electric information. In this paper, we propose smartcard and dynamic ID based user authentication scheme for used secure to electric vehicle service in smart grid environment.

• Journal of the Korea Society of Computer and Information
• /
• v.29 no.6
• /
• pp.53-60
• /
• 2024

In this paper, we analyze the authentication scheme of Hwang et al. proposed in 2023 and propose a new authentication scheme that improves its problems. Hwang et al. claimed that their authentication scheme was practical and secure, but as a result of analysis in this paper, it is possible to attack the password/ID guessing attack and session key disclosure attack due to insider attack and stolen smart card attack. In addition, Hwang et al.'s authentication scheme, which provides user anonymity, does not provide user untraceability due to its unstable design. The proposed authentication scheme, which improves these problems, not only provides user untraceability, but also is secure for stolen smart card attack, insider attack, session key disclosure attack, and replay attack. In addition, except for one fuzzy extraction operation, it shows the same complexity or very similar one as related authentication schemes. Therefore, the proposed authentication scheme can be said to be an authentication scheme with safety and practicality.

• Journal of Digital Convergence
• /
• v.12 no.6
• /
• pp.317-323
• /
• 2014

The registration cards that are currently used to identify the people of Korea may cause secondary damage once stolen because they contain very specifically expressed fingerprint information. In order to solve this problem, in ID is required that can utilize the state-owned fingerprint DB, while while maintaining confidentiality of the identification information and satisfying the cost as well. At this point accordingly, a secure form of ID, which uses the encrypted QR code and fingerprint information, is proposed.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2003.10a
• /
• pp.215-218
• /
• 2003

In this paper, we propose a protocol both allow a End-to-End security between user and service provider and independent in mobile Internet platform in AIP. In particular, our proposed protocol generates a session key using Weil pairing by ID-based public key system. We analysis a security and efficient of protocol when on-line certification authority participates in authentication process.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2013.05a
• /
• pp.679-682
• /
• 2013

스마트카드는 편리성과 안전성의 특성으로 인해 원격 시스템 인증에 다양하게 사용된다. 카드를 사용해서 통신하는 분야에서는 스마트카드에 대한 보안과 카드 소지자의 인증이 매우 중요하다. 기존 패스워드와 스마트카드를 이용한 원격 사용자 인증 기법은 공격자에 의해서 정당한 아이디와 패스워드 쌍을 쉽게 만들 수 있게 됨으로써 위장 공격이 가능한 취약점이 존재한다. 본 연구에서는 카드 보안 기술의 특징을 기반으로 하여 안전하고 편리한 사용자 인증 서비스를 제공하기 위해 키 생성 알고리즘인 ID-based Bilinear Pairing 암호방식을 이용해서 스마트카드 사용자와 서버 사이에 인증 스킴을 제안한다.

• KIPS Transactions on Computer and Communication Systems
• /
• v.2 no.11
• /
• pp.503-510
• /
• 2013

Recently, the rapid development of network technology has enabled people to use various services on the internet. However, the existing password-based user authentication system used in the internet environment requires a password table, which is a potential security threat as it could be leaked by an insider. To solve this issue, remote user authentication methods that do not require a user password table have been proposed. Regarding remote user authentication using a smart card in particular, various methods have been suggested to reduce expenses and to improve stability and efficiency, but the possibility of impersonation attacks and password-guessing attacks using information saved in a user's smart card still exist. Therefore, this study proposes a remote user authentication method that can safeguard against impersonation attacks and password guessing attacks, by analyzing weak points of conventional methods and creating a smart card's ID and password that are based on the user's ID and password.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2012.05a
• /
• pp.451-455
• /
• 2012

In this paper, Nateon, MSN Messenger, including how to hack into the most intimate acquaintance formed as follows, for hacking (keyloggers, remote monitoring, etc.) by sending a bank and ID, PW, certificate, security card, etc. personal financial information obtained after the withdrawal of the account balance to have a personal financial analysis infringement attack vulnerable elements found in internet banking, the vulnerabilities and countermeasures concerning the prevention of accidents, including violations by seeking a more secure Internet banking personal Internet Banking is to devise a deal.