• Proceedings of the IEEK Conference
• /
• 2005.11a
• /
• pp.1011-1014
• /
• 2005

In this paper, we propose a method that extracts an invariant biometric key in order to apply this biometric key to the crypto-biometric system. This system is a new authentication architecture which can improve the security of current cryptographic system and solve the problem of stored template protection in conventional biometric system, also. To use biometric information as a cryptographic key in crypto-biometric system, same key should be generated from the same person. However, it is difficult to obtain such an invariant biometric key because biometric data is sensitive to surrounding environments. The proposed method solves this problem by clustering Iris Codes obtained by using independent component analysis (ICA).

• Journal of Advanced Navigation Technology
• /
• v.28 no.1
• /
• pp.142-148
• /
• 2024

It is difficult to apply authentication methods of existing wired or wireless networks to Internet of Things (IoT) devices due to their poor environment, low capacity, and low-performance processor. In particular, there are many problems in applying methods such as blockchain to the IoT environment. In this paper, edge computing is used to serve as a server that authenticates disposable templates among biometric information in an IoT environment. In this environment, we propose a lightweight and strong authentication procedure using the IoT-edge computing (IoT-EC) system based on elliptic curve cryptographic (ECC) and evaluate its safety.

• The Journal of The Korea Institute of Intelligent Transport Systems
• /
• v.9 no.2
• /
• pp.104-109
• /
• 2010

In this paper, we propose a user authentication technology to protect wiretapping and attacking from others in the telematics environment, which users in vehicle can use internet service in local area network via mobile device. In the proposed user authentication technology, the packet speech data is encrypted by speech-based biometric key, which is generated from the user's speech signal. Thereafter, the encrypted data packet is submitted to the information communication server(ICS). At the ICS, the speech feature of the user is reconstructed from the encrypted data packet and is compared with the preregistered speech-based biometric key for user authentication. Based on implementation of our proposed communication method, we confirm that our proposed method is secure from various attack methods.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.14 no.1
• /
• pp.147-153
• /
• 2014

The numerous improved schemes of remote user authentication based on password have been proposed in order to overcome the security weakness in user authentication process. Recently, some of biometric-based user authentication schemes to use personal biometric information have been introduced and they have shown the relatively higher security and the enhanced convenience as compared to traditional password-based schemes. These days wireless sensor network is a fundamental technology in face of the ubiquitous era. The wireless sensor networks to collect and process the data from sensor nodes in increasing high-tech applications require important security issues to prevent the data access from the unauthorized person. Accordingly, the research to apply to the user authentication to the wireless sensor networks has been under the progress. In 2010, Yuan et al. proposed a biometric-based user authentication scheme to be applicable for wireless sensor networks. Yuan et al. claimed that their scheme is effectively secure against the various security flaws including the stolen verifier attack. In this paper, author will prove that Yuan et al.'s scheme is still vulnerable to the password guessing attack, user impersonation attack and the replay attack, by analyzing their security weakness.

• Information and Communications Magazine
• /
• v.32 no.6
• /
• pp.39-49
• /
• 2015

In cryptographic applications, the key protection is either knowledge-based (passwords) or possession-based (tamper-proof device). Unfortunately, both approaches are easily forgotten or stolen, thus introducing various key management issues. By incorporating biometrics technologies which utilize the uniqueness of personal characteristics, the security of cryptosystems could be strengthened as authentication now requires the presence of the user. Biometric Cryptosystem (BC) encompasses the design of cryptographic keys protection methods by incorporating biometrics. BC involves either key-biometrics binding or direct key generation from biometrics. However, the wide acceptance and deployment of BC solutions are constrained by the fuzziness related with biometric data. Hence, error correction codes (ECCs) should be adopted to ensure that fuzziness of biometric data can be alleviated. In this overview paper, we present such ECC solutions used in various BCs. We also delineate on the important facts to be considered when choosing appropriate ECCs for a particular biometric based solution from accuracy performance and security perspectives.

• International Journal of Computer Science & Network Security
• /
• v.21 no.9
• /
• pp.303-316
• /
• 2021

Digital content protection has recently become an important requirement in biometrics-based authentication systems due to the challenges involved in designing a feasible and effective user authentication method. Biometric approaches are more effective than traditional methods, and simultaneously, they cannot be considered entirely reliable. This study develops a reliable and trustworthy method for verifying that the owner of the biometric traits is the actual user and not an impostor. Watermarking-based approaches are developed using a combination of a color face image of the user and a mobile equipment identifier (MEID). Employing watermark techniques that cannot be easily removed or destroyed, a blind image watermarking scheme based on fast discrete curvelet transform (FDCuT) and discrete cosine transform (DCT) is proposed. FDCuT is applied to the color face image to obtain various frequency coefficients of the image curvelet decomposition, and for high frequency curvelet coefficients DCT is applied to obtain various frequency coefficients. Furthermore, mid-band frequency coefficients are modified using two uncorrelated noise sequences with the MEID watermark bits to obtain a watermarked image. An analysis is carried out to verify the performance of the proposed schema using conventional performance metrics. Compared with an existing approach, the proposed approach is better able to protect multimedia data from unauthorized access and will effectively prevent anyone other than the actual user from using the identity or images.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.9 no.12
• /
• pp.4987-5014
• /
• 2015

The bilinear pairing, also known as Weil pairing or Tate pairing, is widely used in cryptography and its properties help to construct cryptographic schemes for different applications in which the security of the transmitted data is a major concern. In remote login authentication schemes, there are two major requirements: i) proving the identity of a user and the server for legitimacy without exposing their private keys and ii) freedom for a user to choose and change his password (private key) efficiently. Most of the existing methods based on the bilinear property have some security breaches due to the lack of features and the design issues. In this paper, we develop a new scheme using the bilinear property of an elliptic point and the biometric characteristics. Our method provides many features along with three major goals. a) Checking the correctness of the password before sending the authentication message, which prevents the wastage of communication cost; b) Efficient password change phase in which the user is asked to give a new password after checking the correctness of the current password without involving the server; c) User anonymity - enforcing the suitability of our scheme for applications in which a user does not want to disclose his identity. We use BAN logic to ensure the mutual authentication and session key agreement properties. The paper provides informal security analysis to illustrate that our scheme resists all the security attacks. Furthermore, we use the AVISPA tool for formal security verification of our scheme.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.22 no.4
• /
• pp.700-707
• /
• 2018

Vehicles are used in daily life as convenient transport, it is important to authenticate driver because vehicles are controlled by driver. Especially, in these days, there is a discussion on introduction of Driving Under the Influence car-starting locking device installation for preventing accidents caused by Driving Under the Influence of alcohol, these car-starting locking device installation requires a lot of money and time. Suitable user authentication for solving user's inconvenience during the disabled and men of national merit to receive discount benefits is needed. In this paper, For solving these problems, we propose the efficient vehicle control and user authentication system for preventing driving under the influence and providing the disabled and men of national merit benefit based on driver authentication by using user's smartphone NFC communication and user's biometric information.

• Journal of Digital Convergence
• /
• v.18 no.7
• /
• pp.123-133
• /
• 2020

The aim of this study is to scrutinize acceptance intentions of Korean users and influences of information security related factors on mobile payment services based on biometric authentication methods, like finger print authentication or face recognition authentication, by focusing on ApplePay. Unlike previous studies on user acceptance of mobile payment which lack considerations on information security related factors, this study employs the UTAUT with detailed information security factors to create a research model and PLS(Partial Least Squares) method to analyze the model. Based on the analysis, gaining trust on service through company's efforts on information protection, personal characteristics and trust on applied security technologies are important factors to Korean users along with social awareness and service infrastructures. The result of this study would be helpful to companies or organizations, which provide biometric-based mobile payment services, to understand needs of Korean consumers. Based on this study, further analysis is expected to find impacts of user experiences on same company's or competitors' products to acceptance intentions.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.2
• /
• pp.201-212
• /
• 2017

As services using mobile devices increase, exposure of personal information, and secure threats increase. In this paper, we propose a location-based user authentication system used in mobile device for tightening security. Our authentication system is performed to authenticate two steps. The first authentication is location authentication to ensure that the user accesses an application in trustable space. This authentication method uses an Access Point's information. The second authentication is trustable space authentication to confirm the normal user. This method is carried out the authentication by using biometric information from the user.