• Journal of the Korea Convergence Society
• /
• v.11 no.5
• /
• pp.19-25
• /
• 2020

As the number of mobile device users increases, research on various user authentication methods has been actively conducted to protect sensitive personal information. Knowledge-based techniques have the disadvantage that security is deteriorated due to easy exposure of authentication means, and proprietary-based techniques have a problem of increasing construction cost and low user convenience to use the service. In order to solve this problem, a FIDO authentication system, which is a user authentication method using a smart device, has been proposed. Since the FIDO authentication system performs authentication based on the biometric information of the user, the risk of the authentication means being leaked is low, and since the authentication information is stored in the user's smart device, the user information due to server hacking is solved. Through this, it is possible to select and utilize user authentication technology suitable for the security level of the service. In this paper, we introduce the FIDO authentication system, explain the main parts required for FIDO UAF client-server development, and show examples of implementation using UAF open source provided by ebay.

• Journal of Internet Computing and Services
• /
• v.10 no.2
• /
• pp.53-63
• /
• 2009

e-Passport system is new type of emigration and immigration control system and it is a research to introduce the e-Passport Authentication Protocol with Improved Efficiency is lively proceeded over the entire world. The e-Passport's chip has a biometric information and personal identification information, Radio Frequency Identification(RFID) technology is used for communication with the Inspection System(IS). However, the feature of the RFID system may bring about various security threats such as eavesdropping, data forgeries, data alternation, cloning, biometric data-leakage. Therefore, in this paper, we analyse the e-Passport system's authentication protocol to protect vulnerability and proposed e-Passport system's authentication protocol reduce computation. Also, we compared their efficiency.

• Proceedings of the IEEK Conference
• /
• 2002.07a
• /
• pp.242-245
• /
• 2002

Authentication protocol as a part of security system has been growth rapidly since it was known that sending clear text password in the network is unsecured. Many protocols could be noted proposed to strengthen the authentication process. In 1985 an attempt to safeguard network services within Athena project resulting on the born of Kerberos 〔1〕〔8〕, one of the protocol that has a lot of attention from the research community. Several years later researchers were discovered some weaknesses carried by this protocol 〔2〕〔21〕. In 1992. EKE was introduced by Bellovin and Merrit. Since that time, many protocols introduced could be considered as its variant 〔5〕〔9〕〔13〕〔14〕. Some other protocols such as OKE〔5〕 and SRP〔18〕 although claimed different from EKE, they have the same basic mechanism in holding authentication process. Here, we explain the mechanism of those protocols, their strength and their weaknesses and shortcomings. Due to the limitations of the number of paper pages, only two types of authentication protocol can be explained here i.e EKE and SRP.

• Journal of the Korea Computer Industry Society
• /
• v.2 no.10
• /
• pp.1329-1338
• /
• 2001

This paper describes the biometrics system for user authentication in electronic commerce. At present, social demands are increasing for information security techniques against the information wiretapping in open communications network. For this, these techniques such as anti-virus, firewall, VPN, authentication, cryptography, public key based systems and security management systems have been developed. This Paper discusses the user authentication for the implementation of efficient electronic payment systems. In particular. user authentication system has keen developed using biometrics techniques and the effectiveness of this paper is demonstrated by several experiments.

• Journal of Positioning, Navigation, and Timing
• /
• v.7 no.3
• /
• pp.139-146
• /
• 2018

In recent years, a satellite navigation signal authentication technique has been introduced to determine the spoofing of commercial C/A code using the cross-correlation mode of GPS P(Y) code received at two receivers. This paper discusses the technical considerations in the implementation and application of authentication system simulator hardware to achieve the above technique. The configuration of the simulator consists of authentication system and user receiver. The synchronization of GPS signals received at two devices, data transmission and reception, and codeless correlation of P(Y) code were implemented. The simulation test result verified that spoofing detection using P(Y) codeless correlation could be achieved.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.34 no.4B
• /
• pp.419-427
• /
• 2009

This paper propose DA-UDC(Double Authentication User, Device, Cross) Module which solves the cost problem and the appropriation of Certificate using User Authentication, Device Authentication and Cross Authentication with OTA(One Time Authentication) Key, and which is designed not to subscribe to the service of Home network business. Home Server transmits its public key which is needed to create OTA to the user which passed the first step of authentication which verifies User ID, Device ID and Session Key. And it performs the second step of authentication process which verifies the OTA key created by a user. Whenever the OTA key of DA-UDC module is generated, the key is designed to be changed. Therefore, DA-UDC Module prevents the exposure of User and Device ID by performing the two steps of authentication and enhances the authentication security of Home Network from malicious user with OTA key. Also, DA-UDC Module is faster than the existing authentication system in processing speed because it performs authentication calculation only once. Though DA-UDC Module increases data traffic slightly because of the extra authentication key, it enhances the security more than the existing technique.

• Proceedings of the IEEK Conference
• /
• 2004.06a
• /
• pp.297-300
• /
• 2004

In cellular communication, subscriber authentication is an essential technique. The mobile station should operate in conjunction with the base station to authenticate the identity. In CDMA system, authentication is the process by which information is exchanged between a mobile station and base station for the purpose of confirming the mobile station. A successful authentication process means that the mobile station and base station process identical sets of shared secret data(SSD). SSD can be generated by authentication algorithms. The cryptographic hash function is a practical way of authentication algorithms. In this paper, we propose and implement MD5 and SHA-1 with modified structure.

• Electronics and Telecommunications Trends
• /
• v.33 no.1
• /
• pp.34-44
• /
• 2018

In this paper, we describe a FIDO universal authentication system based on a Blockchain that can share the user's FIDO authentication information between the application services of multiple domains without the use of a server. In addition we provide a method to query the FIDO authentication information of the user recorded in the Blockchain using only the user's service ID. Therefore, even if the user executes the FIDO registration process only once, the user can use the FIDO authentication service of another application service without repeating an additional FIDO registration procedure, and the service provider can securely share and utilize the FIDO authentication information of the user without the use of a trusted third party, thereby lowering the deployment and maintenance costs of the FIDO server.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2012.10a
• /
• pp.800-803
• /
• 2012

Recently, research on security of RFID system has been conducted actively in order to utilize RFID system in various fields including distribution and logistics. This paper suggests an authentication protocol which supplement the flaws of previous RFID authentication protocols and we improved its performance using matrix-based authentication. The suggested authentication protocol provides mutual authentication, protects from wiretapping attack, replay attack, spoofing attack, and traffic analysis attack and so on, and reduces overload of back-end database so that has efficient performance.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.14 no.5
• /
• pp.1171-1177
• /
• 2010

Recently RFID system is used in various fields such as distribution industry, medical industry and military service. The technology for protecting individual privacy is necessary to adapt RFID system in several applications. This paper proposes an authentication protocol which conducts mutual authentication between back-end database and tag using hash function. The proposed protocol satisfies various RFID security requirements : mutual authentication, anonymity, confidentiality, integrity, replay attack, location trace. This protocol reduces the time for authentication minimizing the number of hash operation in back-end database.