• Title/Summary/Keyword: authentication protocol

Search Result 1,123, Processing Time 0.026 seconds

An Inter-provider Roaming Authentication and Key Establishment Protocol Providing Anonymity in IEEE 802.16e Networks (IEEE 802.16e 네트워크에서 익명성을 제공하는 사업자간 로밍 인증 및 키 설정 프로토콜)

  • Park, Young-Man;Park, Sang-Kyu
    • The Journal of Korean Institute of Communications and Information Sciences
    • /
    • v.31 no.11C
    • /
    • pp.1023-1029
    • /
    • 2006
  • In this Paper, we present a novel authentication and key exchange(AKE) protocol for inter-NSP(provider) roaming in IEEE 802.16e networks. The proposed protocol allows performing both user and device authentication jointly by using two different authentication credentials and Provides user anonymity and session key establishment. Also, this protocol requires only two round number message exchange between foreign network and home network.

Attack and Solution on 3K-RFID Authentication Protocol (3K-RFID 인증 프로토콜에 대한 공격과 해결책)

  • Yoon, Eun-Jun;Bu, Ki-Dong;Ha, Kyeoung-Ju;Yoo, Kee-Young
    • The Journal of Korean Institute of Communications and Information Sciences
    • /
    • v.34 no.6C
    • /
    • pp.578-587
    • /
    • 2009
  • In 2005, Ko-Kim-Kwon pointed out Henrici-Muller's hash based RFID authentication protocol is insecure to location tracking attack, spoofing attack and Denial of Service attack. Then, they proposed a new RFID authentication protocol(3K-RFID) that can withstand these security problems. However, this paper shows that 3K-RFID authentication protocol is still not only vulnerable to spoofing attack and Denial of Service attack but also does not provide forward secrecy, and then proposes an improved secure I3K-RFID authentication protocol in order to resolve such problems.

Efficient and Security Enhanced Evolved Packet System Authentication and Key Agreement Protocol

  • Shi, Shanyu;Choi, Seungwon
    • Journal of Korea Society of Digital Industry and Information Management
    • /
    • v.13 no.1
    • /
    • pp.87-101
    • /
    • 2017
  • As people increasingly rely on mobile networks in modern society, mobile communication security is becoming more and more important. In the Long Term Evolution/System Architecture Evolution (LTE/SAE) architecture, the 3rd Generation Partnership (3GPP) team has also developed the improved Evolved Packet System Authentication and Key Agreement (EPS AKA) protocol based on the 3rd Generation Authentication and Key Agreement (3G AKA) protocol in order to provide mutual authentication and secure communication between the user and the network. Unfortunately, the EPS AKA also has several vulnerabilities such as sending the International Mobile Subscriber Identity (IMSI) in plain text (which leads to disclosure of user identity and further causes location and tracing of the user, Mobility Management Entity (MME) attack), man-in-middle attack, etc. Hence, in this paper, we analyze the EPS AKA protocol and point out its deficiencies and then propose an Efficient and Security Enhanced Authentication and Key agreement (ESE-EPS AKA) protocol based on hybrid of Dynamic Pseudonym Mechanism (DPM) and Public Key Infrastructure (PKI) retaining the original framework and the infrastructure of the LTE network. Then, our evaluation proves that the proposed new ESE-EPS AKA protocol is relatively more efficient, secure and satisfies some of the security requirements such as confidentiality, integrity and authentication.

Enhanced RFID Mutual Authentication Protocol on Efficient Supply Chain Management (효율적인 공급망 관리를 위한 강화된 RFID 상호 인증 프로토콜)

  • Jeon, Jun-Cheol
    • Journal of Advanced Navigation Technology
    • /
    • v.13 no.5
    • /
    • pp.691-698
    • /
    • 2009
  • Chen et al. proposed a RFID authentication protocol for anti-counterfeiting and privacy protection. A feasible security mechanism for anti-counterfeiting and privacy protection was proposed using XOR and random number shifting operations to enhance RFID tag's security providing a low cost. However, their authentication protocol has some drawbacks and security problems because they did not consider the surrounding environments. We conduct analysis on the protocol and identify problematic areas for improvement of the research. We also provide enhanced authentication and update scheme based on the comment for efficient supply chain management. The proposed protocol was analyzed and compared with typical XOR based RFID authentication protocols and it was confirmed that our protocol has high safety and low communication cost.

  • PDF

Improved An RFID Mutual Authentication Protocol Based on Hash Function (개선된 해시기반의 RFID 상호인증 프로토콜)

  • Shin, Ju-Seok;Oh, Se-Jin;Jeong, Cheol-Ho;Chung, Kyung-Ho;Ahn, Kwang-Seon
    • The Journal of Korean Institute of Communications and Information Sciences
    • /
    • v.37 no.3C
    • /
    • pp.241-250
    • /
    • 2012
  • In 2010, Jeon-Kim proposed HMAP(Hash-based Mutual Authentication Protocol for RFID Environment) to resolve a variety of problem related to security using Mutual authentication scheme, the hash function and secret key is used to update in RFID system. Jeon-Kim proved RMAP was safe for a variety of attacks including eavesdropping attacks through safety analysis. However, unlike the claims of the proposed protocol is vulnerable to next session of the secret key exposure due to eavesdropping. In this paper, we analyze the problem of RMAP and proves it through security analysis. And we also propose improved an RFID Mutual Authentication Protocol based on Hash Function to solve problems of HMAP.

An Ultra-Lightweight RFID Authentication Protocol Using Index (인덱스를 사용한 초경량 RFID 인증 프로토콜)

  • Lee, Jae-Kang;Oh, Se-Jin;Yun, Tae-Jin;Chung, Kyung-Ho;Ahn, Kwang-Seon
    • The Journal of Korean Institute of Communications and Information Sciences
    • /
    • v.37 no.1C
    • /
    • pp.24-33
    • /
    • 2012
  • Recently, the ultra-lightweight authentication RFID protocol that can actually implement on the RFID Tag is one among authentication protocols getting a concern, but recently many problems were clarified of the feature becase of the protocol which doesn't use the security algorithm. In this paper, we analyzed the problem of the ultra-lightweight authentication protocols and propose the design of ultra-lightweight RFID authentic ation protocols improving the index processing techniques. Because of improving the index processing technique in the method sending the Server authentication message to the authenticated tag, the proposed protocol is strong against the active attack which Li presents. Besides, the proposed protocol has the buffer storage of the keys and index and is strong against the asynchronous attack.

New Password based Remote User Authentication Protocols using Smartcards (스마트카드를 이용한 새로운 패스워드 기반의 원격 사용자 인증 프로토콜)

  • Jeon Il-Soo
    • Journal of Korea Society of Industrial Information Systems
    • /
    • v.10 no.2
    • /
    • pp.59-66
    • /
    • 2005
  • Recently, Ku and Chen(Ku-Chen) showed some problems in the password based remote user authentication scheme using smartcards proposed by Chien et al. and proposed an improvement from it. This paper shows some weaknesses in the Ku-Chen's scheme, especially the replay attacks, and proposes two authentication protocols to solve the problems in it. First of all, an authentication protocol using synchronized timestamps is proposed to solve the problem in the Ku-Chen's protocol. Then, a nonce-based authentication protocol is proposed to solve the inherent problems in the synchronized timestamp-based authentication protocols. The proposed authentication protocols support the advantages in the previous password-based authentication protocols and solve the problems in them effectively.

  • PDF

MAC Layer Based Certificate Authentication for Multiple Certification Authority in MANET

  • Sekhar, J. Chandra;Prasad, Ramineni Sivarama
    • IEIE Transactions on Smart Processing and Computing
    • /
    • v.3 no.5
    • /
    • pp.298-305
    • /
    • 2014
  • In this study, a novel Randomly Shifted Certification Authority Authentication protocol was used in ad hoc networks to provide authentication by considering the MAC layer characteristics. The nodes achieve authentication through the use of public key certificates issued by a CA, which assures the certificate's ownership. As a part of providing key management, the active CA node transfers the image of the stored public keys to other idle CA nodes. Finally the current active CA randomly selects the ID of the available idle CA and shifts the CA ownership by transferring it. Revoking is done if any counterfeit or duplicate non CA node ID is found. Authentication and integrity is provided by preventing MAC control packets, and Enhanced Hash Message Authentication Code (EHMAC) can be used. Here EHMAC with various outputs is introduced in all control packets. When a node transmits a packet to a node with EHMAC, verification is conducted and the node replies with the transmitter address and EHMAC in the acknowledgement.

Security Analysis to an Biometric Authentication Protocol for Wireless Sensor Networks (WSN 환경에서 Biometric 정보를 이용한 사용자 인증 스킴의 안전성 분석)

  • Lee, Youngsook
    • Journal of Korea Society of Digital Industry and Information Management
    • /
    • v.11 no.1
    • /
    • pp.59-67
    • /
    • 2015
  • A novel authentication mechanism is biometric authentication where users are identified by their measurable human characteristics, such as fingerprint, voiceprint, and iris scan. The technology of biometrics is becoming a popular method for engineers to design a more secure user authentication scheme. In terms of physiological and behavioral human characteristics, biometrics is used as a form of identity access management and access control, and it services to identity individuals in groups that are under surveillance. In this article, we review the biometric-based authentication protocol by Althobati et al. and provide a security analysis on the scheme. Our analysis shows that Althobati et al.'s scheme does not guarantee server-to-user authentication. The contribution of the current work is to demonstrate this by mounting threat of data integrity and bypassing the gateway node on Althobati et al.'s scheme. In addition, we analysis the security vulnerabilities of Althobati et al.'s protocol.

Design of an Efficient User Authentication Protocol Using subgroup of Galois Field (유한체의 부분군을 이용한 효율적인 사용자 인증 프로로콜 설계)

  • 정경숙
    • Journal of the Korea Society of Computer and Information
    • /
    • v.9 no.2
    • /
    • pp.105-113
    • /
    • 2004
  • If the protocol has fast operations and short key length, it can be efficient user authentication protocol Lenstra and Verheul proposed XTR. XTR have short key length and fast computing speed. Therefore, this can be used usefully in complex arithmetic. In this paper, to design efficient user authentication protocol we used a subgroup of Galois Field to problem domain. Proposed protocol does not use GF($p^6$) that is existent finite field, and uses GF($p^2$) that is subgroup and solves problem. XTR-ElGamal based user authentication protocol reduced bit number that is required when exchange key by doing with upside. Also, Proposed protocol provided easy calculation and execution by reducing required overhead when calculate. In this paper, we designed authentication protocol that is required to do user authentication.

  • PDF