• Title/Summary/Keyword: Shared Authentication

Search Result 100, Processing Time 0.028 seconds

The Analysis of the TETRA Authentication Protocol (TETRA 인증 프로토콜 분석)

  • Park Yong-Seok;Ahn Jae-Hwan;Jung Chang-Ho;Ahn Joung-Chul
    • Journal of the Korea Institute of Information and Communication Engineering
    • /
    • v.10 no.6
    • /
    • pp.1070-1075
    • /
    • 2006
  • TETRA system provides the radio authentication service which permits only authorized radio to access network. Radio authentication is the process which checks the sameness of authentication-key(K) shared between radio and authentication center by challenge-response protocol. TETRA standard authentication protocol can prevent the clone radio to copy ISSI from accessing network, but can't prevent the clone radio to copy ISSI & authentication-key. This paper analyzes authentication-key generation/delivery/infection model in TETRA authentication system and analyzes the threat of clone radio caused by authentication-key exposure. Finally we propose the new authentication protocol which prevent the clone radio to copy ISSI & authentication-key from accessing network.

Implementation of Cryptographic Hash Function for CDMA System Authentication (CDMA 시스템 인증을 위한 암호 해쉬 함수의 구현)

  • Hwang Jae-Jin;Chae Hyen-Seok;Choi Myung-Ryul
    • Proceedings of the IEEK Conference
    • /
    • 2004.06a
    • /
    • pp.297-300
    • /
    • 2004
  • In cellular communication, subscriber authentication is an essential technique. The mobile station should operate in conjunction with the base station to authenticate the identity. In CDMA system, authentication is the process by which information is exchanged between a mobile station and base station for the purpose of confirming the mobile station. A successful authentication process means that the mobile station and base station process identical sets of shared secret data(SSD). SSD can be generated by authentication algorithms. The cryptographic hash function is a practical way of authentication algorithms. In this paper, we propose and implement MD5 and SHA-1 with modified structure.

  • PDF

An efficient Broadcast Authentication Scheme for Wireless Sensor Networks (무선 센서 네트워크에서의 효율적 Broadcast Authentication 방안)

  • Moon Hyung-Seok;Lee Sung-Chang
    • Journal of the Institute of Electronics Engineers of Korea TC
    • /
    • v.43 no.6 s.348
    • /
    • pp.23-29
    • /
    • 2006
  • It is difficult to apply conventional security algorithms to the wireless sensor networks composed of nodes that have resource constraints such as memory, computing, power resources limitation. Generally, shared key based algorithms with low resource consumption and short key length are used for broadcast packets in authentication of base station. But it is not suitable that all the nodes hold the same shared key only for packet authentication. Recently, broadcast authentication algorithm for sensor network is proposed, which uses key chain generation by one-way hash function, Message Authentication Code generation by each keys of the key chains and delayed key disclosure. It provides suitable authentication method for wireless sensor networks but may leads to inefficient consequence with respect to network conditions such as broadcast ratio, key chain level, and so on. In this paper, we propose an improved broadcast authentication algorithm that uses key chain link and periodical key disclosure. We evaluated the performance of proposed algorithm using TOSSIM(TinyOS Simulator) in TinyOS. The results show that the proposed algorithm ensures low authentication delay, uses memory and computing resource of receiving nodes efficiently and reduces the amount of packet transmitting/receiving.

Integrated Authentication Protocol of Financial Sector that Modified OAuth2.0 (OAuth2.0을 변형한 금융권 통합인증 프로토콜)

  • Jung, Kyu-Won;Shin, Hye-seong;Park, Jong Hwan
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.27 no.2
    • /
    • pp.373-381
    • /
    • 2017
  • Currently, various types of user authentication methods based on public certificates are used in domestic financial transactions. Such an authorized certificate method has a problem that a different security module must be installed every time a user connects an individual financial company to a web server. Also, the financial company relying on this authentication method has a problem that a new security module should be additionally installed for each financial institution whenever a next generation authentication method such as biometric authentication is newly introduced. In order to solve these problems, we propose an integrated authentication system that handles user authentication on behalf of each financial institution in financial transactions, and proposes an integrated authentication protocol that handles secure user authentication between user and financial company web server. The new authentication protocol is a modified version of OAuth2.0 that increases security and efficiency. It is characterized by performing a challenge-response protocol with a pre-shared secret key between the authentication server and the financial company web server. This gives users a convenient and secure Single Sign-On (SSO) effect.

A Study on Authentication ID using Identifier in Ad-hoc Network (Ad-hoc 네트워크에서 식별자를 이용한 인증 아이디에 관한 연구)

  • Moon, Jong-Sik;Byeon, Sang-Gu;Lee, Im-Yeong
    • Journal of Korea Multimedia Society
    • /
    • v.13 no.8
    • /
    • pp.1202-1211
    • /
    • 2010
  • The connection between devices in Ad-hoc network a network based on trust. Because a temporary device frequently join or leave, the authentication and security technology should be prepared for malicious device of a third-party attacks. The authentication scheme with the existing certification and ID, and the security technology using symmetric key and the public key is used. Therefore, in this paper we proposed two devices not having shared information use to generate each other's authentication ID. The use of authentication ID can establish the mutual trust and, provide security and efficiency for communication uses to generate a symmetric key.

Enhanced ID-based Authentication Scheme using Smartcards and Fingerprints (스마트카드와 지문을 이용한 강화된 ID기반의 인증 기법)

  • Jeon Il-Soo;Kim Hyun-Sung
    • The KIPS Transactions:PartC
    • /
    • v.12C no.7 s.103
    • /
    • pp.959-964
    • /
    • 2005
  • Recently, Kim et al. proposed ID-based authentication schemes using smartcards and fingerprints. However, Scott showed that they were vulnerable to the passive eavesdropping attack. Thereby, this paper proposes an enhanced ID-based authentication scheme to solve the problems in Kin et al. scheme. Especially, the proposed scheme solves the ID repairability problem commonly shared in the previous ID based Cryptosystems. The proposed ID-based authentication scheme supports the advantages in the previous ID-based authentication scheme and solves the problems in them effectively.

Symmetric key based user authentication between Grid Service and Portal (그리드서비스와 포털간의 대칭키 기반 사용자 단일인증에 관한 연구)

  • Hwang, Dae-Bok;Heo, Dae-Young;Hwang, Sun-Tae
    • Journal of the Korea Society of Computer and Information
    • /
    • v.12 no.3
    • /
    • pp.19-26
    • /
    • 2007
  • In recent rears. web portal system has received much attention as a user interface for the grid environment. Grid system uses symmetric key for authenticating user identity while the traditional portal system does a password-based authentication. Regarding this, many researches are progressing to integrate portal accounts with symmetric key. Specially. researches such as GAMA and PURSE are active and those focus on easy usability for users who familiar with password-based authentication. However the protection of data and resources is a critical issue in Grid environment, because those are shared through a wide-area network. In this paper, we suggest a new authentication mechanism which unify authentication mechanisms between portal system and grid service by using symmetric key. It will improve a security level in UI layer as much as in grid service.

  • PDF

AKA-PLA: Enhanced AKA Based on Physical Layer Authentication

  • Yang, Jing;Ji, Xinsheng;Huang, Kaizhi;Yi, Ming;Chen, Yajun
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.11 no.7
    • /
    • pp.3747-3765
    • /
    • 2017
  • Existing authentication mechanisms in cellular mobile communication networks are realized in the upper layer by employing cryptographic techniques. Authentication data are broadcasted over the air in plaintext, enabling attackers to completely eavesdrop on the authentication and get some information about the shared secret key between legitimate nodes. Therefore, reusing the same secret key to authenticate several times results in the secret key's information leakage and high attacking rate. In this paper, we consider the most representative authentication mechanism, Authentication and Key Agreement (AKA), in cellular communication networks and propose an enhanced AKA scheme based on Physical Layer Authentication (AKA-PLA). Authentication responses generated by AKA are no longer transmitted in plaintext but masked by wireless channel characteristics, which are not available to adversaries, to generate physical layer authentication responses by a fault-tolerant hash method. The authenticator sets the threshold according to the authentication requirement and channel condition, further verifies the identity of the requester based on the matching result of the physical layer authentication responses. The performance analyses show that the proposed scheme can achieve lower false alarm rate and missing rate, which are a pair of contradictions, than traditional AKA. Besides, it is well compatible with AKA.

Blockchain (A-PBFT) Based Authentication Method for Secure Lora Network (안전한 Lora 네트워크를 위한 블록체인(A-PBFT) 기반 인증 기법)

  • Kim, Sang-Geun
    • Journal of Industrial Convergence
    • /
    • v.20 no.10
    • /
    • pp.17-24
    • /
    • 2022
  • Lora, a non-band network technology of the long-distance wireless standard LPWAN standard, uses ABP and OTTA methods and AES-128-based encryption algorithm (shared key) for internal terminal authentication and integrity verification. Lora's recent firmware tampering vulnerability and shared-key encryption algorithm structure make it difficult to defend against MITM attacks. In this study, the consensus algorithm(PBFT) is applied to the Lora network to enhance safety. It performs authentication and PBFT block chain creation by searching for node groups using the GPS module. As a result of the performance analysis, we established a new Lora trust network and proved that the latency of the consensus algorithm was improved. This study is a 4th industry convergence study and is intended to help improve the security technology of Lora devices in the future.

Enhancement of Password-based Mutual Authentication Protocol against De-synchronization Attacks (비동기 공격에 안전한 패스워드기반 상호 인증 프로토콜)

  • Yuk, Hyeong-Jun;Yim, Kang-Bin
    • Journal of Advanced Navigation Technology
    • /
    • v.17 no.1
    • /
    • pp.24-32
    • /
    • 2013
  • Authentication is one of the necessary elements in the network environment. Many researches have detected security vulnerabilities to the existing authentication mechanisms and suggested secure mutual authentication protocols by resolving these vulnerabilities. The representative ones of them are SPMA(Strong Pass Mutual Authentication) and I-SPMA(Improved Strong Password Mutual Authentication). However, these protocols cause a critical problem when the shared secret information is de-synchronized between the server and the client. This paper proposes a revised protocol to resolve the de-synchronization problem. Based on a security assessment on the proposed protocol, we consider the proposed protocol is safer than the previous ones and possible to effectively make a user authentication system mre secure.