• Journal of the Institute of Electronics Engineers of Korea SD
• /
• v.45 no.6
• /
• pp.80-88
• /
• 2008

In this paper, the block cipher algorithms, 3-DES(Triple Data Encryption Standard), AES(Advanced Encryption Standard), SEED, HASH(SHA-1), which are domestic and international standards, have been implemented as an integrated cryptographic engine for smart card applications. For small area and low power design which are essential requirements for portable devices, arithmetic resources are shared for iteration steps in each algorithm, and a two-level clock gating technique was used to reduce the dynamic power consumption. The integrated cryptographic engine was verified with ALTERA Excalbur EPXA10F1020C device, requiring 7,729 LEs(Logic Elements) and 512 Bytes ROM, and its maximum clock speed was 24.83 MHz. When designed by using Samsung 0.18 um STD130 standard cell library, the engine consisted of 44,452 gates and had up to 50 MHz operation clock speed. It was estimated to consume 2.96 mW, 3.03 mW, 2.63 mW, 7.06 mW power at 3-DES, AES, SEED, SHA-1 modes respectively when operating at 25 MHz clock. We found that it has better area-power optimized structure than other existing designs for smart cards and various embedded security systems.

• JSTS:Journal of Semiconductor Technology and Science
• /
• v.4 no.4
• /
• pp.251-257
• /
• 2004

Nonvolatile FRAMs with a design rule of 0.18 ${\mu}m$ were developed for the high performance smart card. A 1Mb FRAM was embedded in place of an EEPROM and a 64Kb FRAM was embedded in place of a. SRAM. It was confirmed that the FRAMs performed the roles of the EEPROM and SRAM successfully using the asynchronous write/read operation method and the one time programming (OTP) scheme. The cycle time of the FRAM was 10 MHz, which remarkably improved the write performance of the smart card in comparison with that of the conventional smart card with an EEPROM. Additionally, a simple and smart bit-line reference scheme for the future FRAM device having a 1T1C cell type was proposed.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.5
• /
• pp.993-999
• /
• 2015

OTP(One time password) is widely used as an authentication method for financial and other security-sensitive transactions. OTP provides strong security since each password is used only one time while normal password-based authentications use passwords as long term secrets. However, OTP-based authentications relatively lack usability since they require users to hold an OTP card or generator. To overcome such a problem, smartphones start replacing OTP cards and such a method is called smart OTP. However, smart OTP inherits security vulnerabilities that smartphones have. In this paper, we propose a smart OTP authentication based on an extremely light authentication protocol called HB+. HB+ protocol is developed for low-cost devices and has small communication and computation costs. We present our solution and discuss its security, efficiency and practicality. Our contribution is providing a method to securely use smart OTP without losing its efficiency and usability.

• The Journal of Korea Institute of Information, Electronics, and Communication Technology
• /
• v.4 no.3
• /
• pp.182-188
• /
• 2011

Recently Yoon et al. proposed the remote user authentication scheme using smart cards. But their scheme has not satisfied security requirements which should be considered in the user authentication scheme using the password based smart card. In this paper, we prove that Yoon et al.'s scheme is vulnerable to a password guessing attack in case that the attacker steals the user's smart card and extracts the information from the smart card. Accordingly, this paper proposes the improved user authentication scheme based on the hash functin and random nonce that can withstand various possible attacks including a password guessing attack. The result of comparative analysis demonstrates that the proposed scheme is more secure and efficient than Yoon et al.'s scheme, with a trivial trade-off to require just a few more exclusive-OR operations.

• Quality Improvement in Health Care
• /
• v.12 no.2
• /
• pp.113-123
• /
• 2006

Objective : This research is focused on understanding the current status of the Health Smart Card already in use in other advanced countries. This research will analyze the current status of the medical institutions Health Smart Card system adoption process and its effects, and provide a basis for future policy decisions for the effective adoption and diffusion of a Health Smart Card system, in the medical field, through the completed research and analysis. Method : This research surveys the domestic, and foreign, status of Health Smart Card usage. The research also presents up-to-date methodology for the evaluation of the effects of medical and health care technology. The research also conducts a survey of the domestic medical institutions that have implemented a Health Smart Card system, and then analyzes the results of the survey. Additionally, the research carried out a survey and analysis of medical institutions with no Health Smart Card system implemented, and considered the factors affecting the diffusion of Health Smart Card systems in considering an effective policy for the introduction and diffusion of such a system. Research Results : Through the study of the methodology of medical and health care information technology in advanced countries, the methodology for assessing Health Smart Card technology has been established, and focuses on 6 aspects. The study on the status of foreign implementation has shown a model for the Health Smart Card system. A survey was conducted on the current status of medical institutions with an implemented Health Smart Card system, and the survey results have been analyzed. Also, factors influencing the adoption of Health Smart Card systems have been analyzed through the survey on those medical institutions that have not implemented a Health Smart Card system. Conclusion : The government must provide institutional measures for sharing medical records by constructing an IT infrastructure at the national level to enable the adoption and diffusion of a Health Smart Card system. Such a network will make connections between medical institutions possible, thus making the diffusion of the Health Smart Card system nationwide. For the successful adoption and diffusion of a Health Smart Card system, a model system development, under a medical record sharing system, should be conducted. Additionally, a regional unit based model should be developed for the model project, as is done in advanced countries, along with the application of such results.

• Journal of the Korean Institute of Intelligent Systems
• /
• v.24 no.4
• /
• pp.349-354
• /
• 2014

PIN(Personal Identification Number)-based identification method has been used to identify the user of smart cards. However, this type of identification method has several problems. Firstly, PIN can be forgotten by owners of the card. Secondly, PIN can be used by others illegally. Furthermore, the possibility of hacking PIN can be high because this PIN type matching process is performed on terminal. Thus, in this paper we suggest a new identification method which is performed on smart card using face feature information. The proposed identification method uses low-sized face feature vectors and simple matching algorithm in order to get around the limits in computing capability and memory size of smart card.

• Journal of the Korea Society of Computer and Information
• /
• v.16 no.2
• /
• pp.183-191
• /
• 2011

Recently Wang-Li proposed the remote user authentication scheme using smart cards. But the proposed scheme has not been satisfied security requirements considering in the user authentication scheme using the password based smart card. In this paper, we described the Wang-Li and Yoon et al.'s authentication scheme simply, and we prove that the Wang-Li's scheme is vulnerable to a password guessing attack and impersonation attack in case that the attacker steals the user's smart card and extracts the information in the smart card. Accordingly, we propose the improved user authentication scheme based on the hash function and generalized ElGamal signature scheme that can withstand many possible attacks including a password guessing attack, impersonation attack and replay attack, and that can offer the function of forward secrecy. The result of comparative analysis, the our proposed scheme is much more secure and efficient than the Wang-Li and Yoon et al.'s scheme.

• Journal of the Korea Society of Computer and Information
• /
• v.15 no.2
• /
• pp.119-125
• /
• 2010

Recently Hsiang-Shih proposed the user authentication scheme to improve Yoon et al's scheme. But the proposed scheme has not been satisfied security requirements considering in the user authentication scheme using the password based smart card. In this paper, we proved that Hsiang-Shih's scheme is vulnerable to the off-line password guessing attack. In other words, the attacker can get the user's password using the off-line password guessing attack on the scheme when the attacker steals the user's smart card and extracts the information in the smart card. Also, the improved scheme based on the hash function and random number was introduced, thus preventing the attacks, such as password guessing attack, forgery attack and impersonation attack etc. And we suggested the effective mutual authentication scheme that can authenticate each other at the same time between the user and server.

• Journal of the Korea Society of Computer and Information
• /
• v.15 no.3
• /
• pp.91-97
• /
• 2010

Recently Hu-Niu-Yang proposed the user authentication scheme to improve Liu et al's scheme. But the Hu-Niu-Yang's scheme has not been satisfied security requirements considering in the user authentication scheme using the password based smart card. In this paper, we proved that Hu-Niu-Yang's scheme is vulnerable to the off-line password guessing attack in case that the attacker steals the user's smart card and extracts the information in the smart card. Also, the improved user authentication scheme solving the security vulnerability was introduced, thus preventing the attacks, such as password guessing attack, forgery attack impersonation attack, and replay attack. For preventing those attacks, the our proposed scheme need more hash functions and exclusive-OR operations than Hu-Niu-Yang's scheme.

• Journal of the Korea Society of Computer and Information
• /
• v.25 no.2
• /
• pp.93-103
• /
• 2020

The telecare medical information system (TMIS) supports convenient and rapid health-care services. A secure and efficient authentication and key agreement scheme for TMIS provides safeguarding electronic patient records (EPRs) and helps health care workers and medical personnel to rapidly making correct clinical decisions. Giri et al. proposed an RSA-based remote user authentication scheme using smart cards for TMIS and claimed that their scheme could resist various malicious attacks. In this paper, we point out that their scheme is still vulnerable to lost smart card attacks and replay attacks and propose an improved scheme to prevent the shortcomings. As compared with the previous authentication schemes for TMIS, the proposed scheme is more secure and practical.